Cyber/Data Security News
October is National Cyber Security Month Wisconsin DPI will again participate in the Cyber Security & Infrastructure Security Agency's (CISA) Cyber security awareness month. This years theme, "Do Your Part, Be Cyber Smart" Stop back for weekly challenges for video conversations
Week One Challenge: Be Cyber Smart
Have a conversation with your stakeholders around the simple things you can do to improve your cyber posture
Check out, The STOP. THINK. CONNECT.™ Campaign is a national public awareness campaign offering free resources to help increase the understanding of cyber threats and empowering the American public to be safer and more secure online.
Check out, CISA’s Cyber Essentials is a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
June, 01 2021 The Federal Bureau of Investigation (FBI) has released an FBI FLASH, APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity, which describes advanced persistent threat (APT) actors exploiting known Fortinet FortiOS vulnerabilities. APT actors may exploit these vulnerabilities to gain initial access to multiple government, commercial, and technology services to conduct future attacks. This is a follow up to the FBI-CISA Joint Cybersecurity Advisory AA21-092A: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attack, originally published April 2, and provides indicators of compromise (IOCs) and additional recommended mitigations. CISA encourages users and administrators to review the IOCs and updated mitigations in FBI FLASH MI-000148-MW and refer back to AA21-092A for additional information.
March 03, 2021 CISA has issued Emergency Directive (ED) 21-02 and Alert AA21-062A addressing critical vulnerabilities in Microsoft Exchange products. Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange servers, enabling them to gain persistent system access and control of an enterprise network. CISA strongly recommends organizations examine their systems to detect any malicious activity detailed in Alert AA21-062A. Review the following resources