Security Alert! CISA Reports Refund Scam Targeting Federal Agencies Through Remote Management Software

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert to federal agencies about a refund scam targeting them through remote management software. According to the alert, hackers have been using the remote software to gain access to the agencies’ networks, steal money, and commit other cyber crimes. In response, CISA recommends that federal agencies in the United States review their networks and strengthen their security measures to prevent similar attacks in the future. This scam is part of a larger ongoing pattern of cyber criminals using remote management software to gain access to networks and commit crimes. This specific attack could have allowed hackers to access sensitive financial information, steal money, or commit other cybercrimes. In response, CISA recommends that federal agencies review their networks to determine if they have been affected by this scam and make any appropriate changes to their security solutions. CISA also recommends that federal agencies implement strong cybersecurity measures to protect their networks from similar attacks. These measures include deploying malware protection, reviewing data security risks, and strengthening their threat intelligence. Additionally, CISA encourages agencies to consider security solutions that protect against both external and internal threats, such as firewalls and secure remote access tools. The alert from CISA serves as a reminder that cyber security threats are constantly evolving and that federal agencies should remain vigilant in defending their networks from both external and internal threats. By taking appropriate security measures, agencies can help protect themselves from cybercrime and reduce the risks associated with damaging cyber attacks.

This Cyber News was published on therecord.media. Publication date: Thu, 26 Jan 2023 01:05:03 +0000


Cyber News related to Security Alert! CISA Reports Refund Scam Targeting Federal Agencies Through Remote Management Software

Security Alert! CISA Reports Refund Scam Targeting Federal Agencies Through Remote Management Software - The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert to federal agencies about a refund scam targeting them through remote management software. According to the alert, hackers have been using the remote software to ...
1 year ago Therecord.media
Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo - We appreciate the opportunity to comment on the proposed Memo on Agency Use of Artificial Intelligence. Ensuring agencies have access to adequate IT infrastructure,. We base our remarks on our experience helping US Federal agencies transform their ...
11 months ago Securityboulevard.com
Amazon sues REKK fraud gang that stole millions in illicit refunds - Amazon's Customer Protection and Enforcement team has taken legal action against an underground store refund scheme that has resulted in the theft of millions of dollars worth of products from Amazon's online platforms. This lawsuit targets 20 ...
11 months ago Bleepingcomputer.com
CISA Seeks Public Comment on Newly Developed Secure Configuration Baselines for Google Workspace - As federal civilian agencies continue to modernize IT enterprises, increased reliance on cloud services, platform services, and external providers has introduced new types of risks. Recent threat activity from groups such as Storm-0558 have ...
11 months ago Cisa.gov
Majority of Gao's Cybersecurity Recommendations Not Implemented by Federal Agencies - The Government Accountability Office has recently reported that federal agencies have been slow to implement a majority of the recommendations it made for improving the cybersecurity of federal agencies. Despite the implementation progress at some ...
1 year ago Securityweek.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
6 months ago Securityaffairs.com
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
2 months ago Therecord.media
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat - WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency publicly issued Emergency Directive 24-02 in response to a recent campaign by Russian state-sponsored cyber actor Midnight Blizzard targeting Microsoft corporate email accounts ...
7 months ago Cisa.gov
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
6 months ago Cisa.gov
How Cloud Solutions Can Lead to Stronger, More Secure IT Operations - Cloud services, which offer tools such as networks, servers, and data storage, can help federal agencies deliver better IT services while minimizing costs. Without adequate security measures, these services can expose agencies to cyberattacks. The ...
8 months ago Cyberdefensemagazine.com
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
8 months ago Securityweek.com
CISA Reports Federal Agencies Hacked Using Legitimate Remote Desktop Tools - The Cybersecurity and Infrastructure Security Agency (CISA), the agency in charge of overseeing the security of the United States government’s networks and critical infrastructure, has issued an alert warning federal agencies to beware of hackers ...
1 year ago Bleepingcomputer.com
McCaffrey Joins 'ASTORS' Champion SIMS Software Board of Advisors - SIMS Software, the leading provider of security information management software to the government and defense industries - and the 2023 Platinum 'ASTORS' Award Champion for Best Security Workforce Management Solution, is delighted to announce that ...
10 months ago Americansecuritytoday.com
CISA: Thousands of bugs remediated in second year of vulnerability disclosure program - With 11 new agency programs onboarding in 2023, the VDP Platform drew heightened researcher attention and engagement, which facilitated a marked increase in the volume of vulnerability submissions received, valid vulnerabilities identified and ...
2 months ago Therecord.media
CISA orders federal agencies to patch Looney Tunables Linux bug - Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions. Dubbed 'Looney Tunables' by Qualys' Threat Research Unit and ...
1 year ago Bleepingcomputer.com
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam - Sophisticated Scam Targeting Token Holders: Over 100 popular projects' token holders targeted with fake NFT airdrops appearing from reputable sources. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims to fraudulent websites ...
10 months ago Blog.checkpoint.com
Best Strategies for Avoiding Security Breaches in the U.S. Federal Agencies - U.S. federal agencies are an appealing target for malicious actors and hackers, so it is important for them to be equipped with the best tactics to prevent security breaches and data losses. In this article, we will cover how hackers use legitimate ...
1 year ago Heimdalsecurity.com
CISA warns of actively exploited Juniper pre-auth RCE exploit chain - CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain. The alert comes one week after Juniper updated its ...
1 year ago Bleepingcomputer.com
US Federal Agencies Miss Deadline for Incident Response Requirements - Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required by law, according to the US Government Accountability ...
11 months ago Infosecurity-magazine.com
CISA Issues Emergency Directive Requiring Federal Agencies to Mitigate Ivanti Connect Secure and Policy Secure Vulnerabilities - WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency issued Emergency Directive 24-01 in response to observed widespread and active exploitation of vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure appliances by ...
10 months ago Cisa.gov
GAO: Federal Agencies Yet to Fully Implement Incident Response Capabilities - US federal agencies have made progress in implementing mature incident response plans, but many are still steps away from fully achieving this goal, a new report from the Government Accountability Office shows. According to GAO's report, out of 23 ...
11 months ago Securityweek.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
7 months ago Securityboulevard.com
How Government Agencies Can Leverage Grants to Shore Up Cybersecurity - COMMENTARY. Since the pandemic forced unprecedented adoption of remote access and delivery of government services, telehealth, and education, cybersecurity has rapidly shot to the top of priority lists for IT leaders. What was once a shiny object ...
6 months ago Darkreading.com
Cybercriminals Utilizing Official Remote Surveillance for Viruses - A warning has been issued by the Cybersecurity and Infrastructure Security Agency, National Security Agency, and Multi-State Information Sharing and Analysis Center to alert network defenders about the malicious use of legitimate remote monitoring ...
1 year ago Cybersecuritynews.com
Tech upgrades for first responders are a necessity, not a luxury - Public safety professionals want technology upgrades and adoption of federal standards for first responder IT security, reporting and efficiency, according to Mark43. First responders face growing concerns amidst cybersecurity surge. The ...
11 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)