Tag Archive for: Response

FEMA Continues Hurricane Fiona Response Efforts: Sept. 24 Updates

/in


WASHINGTON — On Sept. 21, President Joseph R. Biden, Jr. approved Puerto Rico Gov. Pedro Pierluisi’s request for an expedited major disaster declaration. That declaration now authorizes FEMA to provide individual assistance to survivors in 63 municipalities and public assistance and hazard mitigation in all 78 Puerto Rico municipalities.

Five additional municipalities were added to the declaration on Sept. 23, allowing eligible survivors in Arecibo, Barceloneta, Cabo Rojo, Loíza and Manatí to apply for federal assistance. We have teams on the ground conducting damage assessments and using data obtained from satellites to expedite our review. More municipalities may be approved for Individual Assistance as assessments are completed and adjudicated.

Survivors who live in the 63 declared municipalities can apply for federal assistance at www.DisasterAssistance.gov, by calling 800-621-FEMA (3362) or by using the FEMA App. Survivors using a relay service, such as a video relay service, captioned telephone service or others, can give the FEMA operator the number for that service. FEMA Disaster Survivor Assistance teams are in affected municipalities, conducting outreach and working to help survivors apply for assistance.

FEMA approved Critical Needs Assistance for disaster survivors who have immediate or critical needs because they are displaced from their primary dwelling. Immediate or critical needs are life-saving and life-sustaining items. This assistance is a one-time payment of $700 per household. Since declaration was approved, more than 168,000 survivors applied and FEMA has awarded $40 million as we continue to process applications.

FEMA is committed to making assistance available to all eligible applicants. The agency expanded the type of documentation needed to prove homeownership and occupancy, making it easier to apply for assistance. These include motor vehicle registrations, documentation from schools, federal or state benefit providers, social service organizations or court documents. Survivors with heirship properties, mobile homes or travel trailers who do not have the traditional documentation of ownership verification may also self-certify ownership.

Federal…

Source…

Investigating NATO-Themed Phishing Lures With EclecticIQ Intelligence Center and Endpoint Response Tool

/in


tool-stix-icon

Synopsis

With cyberattacks such a common occurrence, analysts must be able to stay ahead of the curve by investigating files and indicators of compromise quickly and efficiently. The EclecticIQ Intelligence Center (IC) is the perfect tool to facilitate investigations like these. This post will describe how EclecticIQ’s Intelligence & Research analysts used the IC to investigate the potential maliciousness of files leveraging NATO-themed phishing lures, and how they operationalized this intelligence by feeding it into the EclecticIQ Endpoint Response (ER) security tool.

The Need for Targeted Collection: The Benelux Region’s Unique Concerns About Cyber Threats

If past attacks are any indicator of future risk, Belgium, the Netherlands, and Luxembourg (collectively Benelux) region of Europe is an attractive target for cyber threat actors. A review of past cyberattacks targeting Benelux shows that the number of attacks targeting this region has grown in a way that is typical for what one might expect in a relatively connected, business-intense region. (1, 2) It is difficult to know the exact number of cyberattacks since many go unreported, but based on those that are reported, analysts note a few patterns. Most Belgium, Luxembourg, and The Netherlands-focused cyberattacks remain localized; they are severe enough to make news and to be disruptive by reducing or suspending services, but generally, the damage from attacks is contained. Often, individuals or assets in the region may be caught up in wide-reaching software vulnerabilities or supply chain issues, simply because they are part of an international network of users. Judging from news and press, cyberattacks were also typical in that they appear opportunistic with attackers pursuing any vulnerable target they find, regardless of industry; schools and universities, businesses, and government entities have been victimized in recent years. (3, 4, 5, 6, 7, 8, 9)

DevOps Experience 2022

Defining Initial Collection Requirements: Identify and Sample Benelux-Based Potential Targets

To dig deeper into the Benelux cyber threat landscape, analysts developed a list of possible high-profile targets in those three countries; the list included government and…

Source…

How Managed Detection and Response Keeps Businesses Safe from Ransomware

/in


Like most firms, LEO A DALY still faces an onslaught of phishing attempts, but its systems and people are able to stop them from progressing. Just recently, employees received text messages and emails purportedly from a company president. Multiple recipients questioned their legitimacy and reported them to IT. “They could have also hit the phishing alert button,” Held adds.

All the steps the firm has taken have moved it along the path toward zero trust, a holistic security mindset. One aspect of zero trust is least-privilege access. “You don’t have to open the door so wide that criminals can squeeze through along with your own people,” says Jim Taylor, chief product officer at RSA Security. “Only give people access to things that they need.”

Another component is no implied trust — always validate. “In the old world, where we could put a firewall up, we built a moat and a fence, we had a perimeter,” explains Taylor. “That doesn’t exist in the modern world. We all access Software as a Service. You can’t build a wall around the world. The criminals are on the inside. So, identify what’s important and secure those assets.”

The industry is moving in the right direction, Taylor adds. “I can honestly say, hand on heart, that this is one of the most exciting times in security,” he says. “It’s always been, ‘Oh, we’ll get to it. Security’s really important,’ but it’s No. 5 on the list. Companies are taking it seriously now.”

READ MORE: Find out what tools you need to build a zero-trust environment.

Lean on Cybersecurity Professionals For Help

The ransomware attack could have gone very differently for BCU. The vulnerability came from a phone vendor that leveraged Kaseya. BCU could have lost its phone system indefinitely, a significant blow to any financial institution, Jauregui says.

He was brought in to help guard against such threats. He started in February 2020, one month before the COVID-19 pandemic hit. The company already had CrowdStrike, which eased his mind, but with only four people on his team, two of whom were new to cybersecurity, he needed help. In addition to growing the team — he now has 10 team members — he suggested…

Source…

Starlink Got Hacked And SpaceX’s Response Was Incredible

/in


Wouters submitted all of his findings to SpaceX in a responsible way: through its dedicated bug bounty program. In fact, this got him inducted into the SpaceX bug hunting hall of fame, in which he now holds the second place. SpaceX presumably paid the hacker for finding the bug, as that’s the whole point of the program, although the amount hasn’t been disclosed. Many large organizations rely on third-party researchers to help them track down bugs and vulnerabilities that may slip through the cracks during testing. For instance, Apple recently paid a PhD student $100,000 for successfully hacking a Mac.

Once Wouters published his side of the story, SpaceX responded with a six-page paper (PDF), and it’s hard not to admire the enthusiasm shown in that response. Right from the very headline, SpaceX is inviting people to do what Wouters just did by saying, “Starlink welcomes security researchers (bring on the bugs).” The giant goes on to describe Starlink and its impact on the world, especially visible now during the war in Ukraine, where Starlink has become one of the sources of connectivity for some of the Ukrainian citizens who remain in the country. 

SpaceX congratulated Wouters on this achievement, but also made sure to point out that this kind of hack is low-impact for the network and its users. “We aim to give each part of the system the minimal set of privileges required to get its job done,” said SpaceX, affirming that one piece of compromised equipment should not affect the entire network. With that said, SpaceX also notes that it’s hard to protect a device to which a hacker has constant unmonitored physical access — so the bug hunting continues.

Source…