Tuesday, February 27, 2024
HomeSECURITYCISA gives companies free tools to protect in the cloud

CISA gives companies free tools to protect in the cloud

-


CISA gives companies free tools to protect in the cloud

The agency has facilitated the efforts of professionals who migrate systems to the cloud from on-premise environments.

U.S. Agency for Cybersecurity and Infrastructure Protection (CISA) published news bulletin with details on free tools and best practices for protecting digital assets after moving to the cloud from on-premises environments.

The newsletter helps cybersecurity teams reduce the risk of information theft and disclosure, as well as data encryption and ransomware attacks. These tools are designed to help you solve the critical challenges of identifying, detecting, and resolving known vulnerabilities and cyberthreats that arise when managing cloud or hybrid environments.

Dedicated tools complement the built-in tools provided by cloud service providers and help improve network infrastructure resilience, strengthen security measures, quickly identify compromises, carefully display potential threat vectors, and effectively detect malicious activity after a breach.

IN list of free tools introduced and developed by CISA in collaboration with partners include:

While these tools are not comprehensive, they can help detect malicious activity, increase resilience against cyberattacks, and assist in remediation and investigations. The announcement is part of an ongoing effort to protect critical infrastructure from cyber threats by providing organizations with timely warnings and guidance.

For example, CISA recently required federal agencies to fix vulnerability in Arm Mali GPU driver immediately which is actively exploited by cybercriminals and has been fixed in the latest Android security updates.

Also CISA, in conjunction with the FBI, Center for Internet Security (MS-ISAC) and the Canadian Center for Cyber ​​Security (CCCS) noted that hackers use new options Truebot malware to attack organizations in the US and Canada. Since May 31, specialists have begun to notice a surge in financially motivated TrueBot activity.

In addition, in July CISA warned of a critical vulnerability , found in systems of the cardiological equipment of the medical company Medtronic. The vulnerability allows hackers to steal, delete or change data, as well as penetrate the network of a medical organization. In addition, using this error, an attacker can remotely execute code on the device and carry out DoS attacks.



Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular