CISA makes its "Malware Next-Gen" analysis system publicly available

It was originally designed to allow U.S. federal, state, local, tribal, and territorial government agencies to submit suspicious files and receive automated malware analysis through static and dynamic analysis tools.
Yesterday, CISA released a new version of the system that allows any organization or person to submit files to the system.
Malware Next-Gen is designed to handle the growing workload of cyber-threat analysis by offering advanced and reliable analysis on a scalable platform featuring multilevel containment capabilities for automatic analysis of potentially malicious files or URLs.
CISA's Executive Assistant Director for Cybersecurity, Eric Goldstein, sees this new platform as a contributor to the national cybersecurity and critical infrastructure bolstering efforts.
Goldstein hopes that Malware Next-Gen will streamline processes that allow the agency to hunt for new threats and analyze, correlate, and enrich data that's valuable in cyber-threat response operations.
Malware Next-Gen was made available to a limited number of government organizations since November 2023, leading to the identification of 200 suspicious or malicious files and URLs from 1,600 submissions.
CISA encourages all organizations, security researchers, and individuals to register and submit suspicious files to the platform for analysis, which requires registration with a login.
Submitted files are analyzed in a secure environment employing a combination of static and dynamic analysis tools, and the results are provided in PDF and STIX 2.1 formats.
For those who wish to remain anonymous, there's also an option to submit malware samples through this portal for unregistered users, though analysis results won't be made available to them.
Only CISA analysts and other vetted people will have access to the malware analysis reports generated by the system.
If you wish to receive an immediate analysis of a suspicious file, VirusTotal remains an excellent option.
Finally, CISA warns users to refrain from attempting to misuse the system, waive any privacy expectations, and ensure that the information they submit on the platform does not contain classified data.
CISA orders agencies impacted by Microsoft hack to mitigate risks.
US govt shares cyberattack defense tips for water utilities.
CISA warns of Microsoft Streaming bug exploited in malware attacks.
Russian hackers shift to cloud attacks, US and allies warn.
Microsoft expands free logging capabilities after May breach.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 11 Apr 2024 22:30:37 +0000


Cyber News related to CISA makes its "Malware Next-Gen" analysis system publicly available

CISA makes its "Malware Next-Gen" analysis system publicly available - It was originally designed to allow U.S. federal, state, local, tribal, and territorial government agencies to submit suspicious files and receive automated malware analysis through static and dynamic analysis tools. Yesterday, CISA released a new ...
8 months ago Bleepingcomputer.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
6 months ago Securityaffairs.com
The Exploration of Static vs Dynamic Code Analysis - Two essential methodologies employed for this purpose are Static Code Analysis and Dynamic Code Analysis. Static Code Analysis involves the examination of source code without its execution. In this exploration of Static vs Dynamic Code Analysis, ...
11 months ago Feeds.dzone.com
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
2 months ago Therecord.media
Lookback Analysis in ERP Audit - This article explores the interdependence between lookback analysis and access governance and how it can transform modern ERP audits. From a Segregation of Duties perspective, Lookback Analysis is a critical tool in ensuring control effectiveness and ...
7 months ago Securityboulevard.com
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
9 months ago Securityweek.com
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
1 year ago Cisa.gov
EuroTel ETL3100 Radio Transmitter - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to gain full access to the system, disclose sensitive information, or access hidden resources. EuroTel ETL3100 versions v01c01 and v01x37 does ...
1 year ago Cisa.gov
Why Is an Australian Footballer Collecting My Passwords? The Various Ways Malicious JavaScript Can Steal Your Secrets - Unit 42 researchers have observed threat actors using malicious JavaScript samples to steal sensitive information by abusing popular survey sites, low-quality hosting and web chat APIs. In this article, we'll describe some of the tactics used by ...
1 year ago Unit42.paloaltonetworks.com
Rockwell Automation FactoryTalk Activation - RISK EVALUATION. Successful exploitation of these vulnerabilities could result in a buffer overflow and allow the attacker to gain full access to the system. Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the ...
11 months ago Cisa.gov
Optigo Networks ONS-S8 Spectra Aggregation Switch | CISA - CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial ...
2 months ago Cisa.gov
Siemens SCALANCE and RUGGEDCOM M-800/S615 Family - As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT ...
1 year ago Cisa.gov
Delta Electronics InfraSuite Device Master - RISK EVALUATION. Successful exploitation of this vulnerability could allow remote code execution. Delta Electronics InfraSuite Device Master contains a deserialization of untrusted data vulnerability because it runs a version of Apache ActiveMQ which ...
7 months ago Cisa.gov
Securing Tomorrow: A Recap of CISA's Cyber Resilient 911 Symposium - CISA's Emergency Communications Division spearheaded the Cyber Resilient 911 Program's fourth regional symposium, which included CISA Regions 5 and 7. Among the attendees were state 911 administrators, representatives from 911 centers, IT/cyber ...
7 months ago Cisa.gov
CISA reveals how fed agency succumbed to ColdFusion attacks The Register - CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability. The vulnerability, tracked as CVE-2023-26360, was disclosed in March ...
1 year ago Go.theregister.com
Franklin Electric Fueling Systems Colibri - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to obtain login credentials for other users. The discontinued FFS Colibri product allows a remote user to access files on the system including files containing ...
1 year ago Cisa.gov
Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk - In October 2022, CISA released the Cybersecurity Performance Goals to help organizations of all sizes and at all levels of cyber maturity become confident in their cybersecurity posture and reduce business risk. Earlier this summer, CISA outlined ...
1 year ago Cisa.gov
Franklin Fueling System EVO 550/5000 - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to read arbitrary files on the system. Franklin Fueling System EVO 550 and EVO 5000 are vulnerable to a Path Traversal vulnerability that could allow an attacker ...
9 months ago Cisa.gov
Rockwell Automation FactoryTalk Historian SE - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. FactoryTalk Historian SE utilizes the AVEVA PI Server, which contains a vulnerability that could allow an ...
7 months ago Cisa.gov
Commend WS203VICM - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive information or force the system to restart. A remote, unauthenticated attacker may be able to send crafted messages to the web server of the ...
10 months ago Cisa.gov
Johnson Controls Kantech Door Controllers - EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION: Exploitable via adjacent network. RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information. Under certain circumstances, when the ...
5 months ago Cisa.gov
Delta Electronics DOPSoft - RISK EVALUATION. Successful exploitation of this vulnerability could lead to remote code execution. The affected product is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate ...
1 year ago Cisa.gov
Mitsubishi Electric FA Engineering Software Products - RISK EVALUATION. Successful exploitation of this vulnerability could allow a malicious attacker to execute malicious code by tricking legitimate users to open a specially crafted project file, which could result in information disclosure, tampering ...
1 year ago Cisa.gov
WAGO PFC200 Series - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker with administrative privileges to access sensitive files in an unintended, undocumented way. Compact Controller CC100: Versions later than FW19, up to and ...
1 year ago Cisa.gov
Mitsubishi Electric Electrical Discharge Machines - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to disclose, tamper with, destroy or delete information in the products, or cause a denial-of-service condition on the products. Remote code execution ...
10 months ago Cisa.gov

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)