Infrastructure Security | Breaking Cybersecurity News | The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. GeoServer is an open-source software server written in Java that allows users to share and edit geospatial data. It is the reference implementation of the Open Geospatial Consortium (OGC) Web Feature Service (WFS) and Web Coverage Service (WCS) standards. The vulnerability, tracked as CVE-2024-36401 (CVSS score: 9.8), concerns a case of remote code execution that could be triggered through specially crafted input. "Multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions," according to an advisory released by the project maintainers earlier this month. The shortcom

The U.S. Environmental Protection Agency (EPA) said it's forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country. "In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations would seek to build upon existing collaborative products," the EPA  said . In a letter sent to all U.S. Governors, EPA Administrator Michael Regan and National Security Advisor Jake Sullivan highlighted the need to secure water and wastewater systems (WWS) from cyber attacks that could disrupt access to clean and safe drinking water. At least two threat actors have been linked to intrusions targeting the nation's water systems, including those by an Iranian hacktivist group named  Cyber Av3ngers  as well as the China-linked  Volt Typhoon , which has targeted commu

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories. Called the  Principles for Package Repository Security , the framework  aims  to establish a set of foundational rules for package managers and further harden open-source software ecosystems. "Package repositories are at a critical point in the open-source ecosystem to help prevent or mitigate such attacks," OpenSSF  said . "Even simple actions like having a documented account recovery policy can lead to robust security improvements. At the same time, capabilities must be balanced with resource constraints of package repositories, many of which are operated by non-profit organizations." Notably, the principles lay out four security maturity levels for package repositories across four categories of authenticati

Stuxnet has both fascinated and horrified the cybersecurity community throughout 2010. Its multiple zero-day exploits, stealth capabilities, and precise control over industrial machinery mark it as a prime example of advanced cyber threats. Stuxnet represents both a nightmare and a dream for security researchers due to its sophisticated design and capabilities. Today, I moderated a panel on cybersecurity and infrastructure at the Washington Press Club, hosted by The Atlantic . I was eager to hear the panelists' insights on Stuxnet. I asked them to delve deeper than the usual "This is an existence proof of our worst fears" rhetoric and to identify more nuanced implications. The most intriguing response came from Bill Hunteman, senior advisor for cybersecurity at the Department of Energy. "This is just the beginning," Hunteman remarked. He explained that the advanced hackers who created Stuxnet "did all the hard work," and now the methods they develope

The computer virus Stuxnet, which some experts believe was created specifically to target Iran's nuclear facilities, could also threaten U.S. infrastructure, according to a senior Department of Homeland Security official. "That virus focused on specific software implementations, and those software implementations did exist in some U.S. infrastructure," Greg Schaffer, the department's assistant secretary for cybersecurity and communications, told reporters at a breakfast Monday morning. "So, there was the potential for some U.S. infrastructure to be impacted at some level." Schaffer described Stuxnet as a "very tiered, complex, and sophisticated virus" that has attracted worldwide attention because it specifically targeted supervisory control and data acquisition (SCADA) systems at Siemens plants, including those in Iran. Experts have suggested that the cost and manpower required to create such a virus indicate that a government, rather than a rog