Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) are releasing this joint Cybersecurity Advisory (CSA) to provide mitigation guidance on addressing vulnerabilities in  Apache’s Log4j software library: CVE-2021-44228 (known as “Log4Shell”), CVE-2021-45046, and CVE-2021-45105.

NIST Launches New International Cybersecurity and Privacy Resources Website

Every day, NIST cybersecurity and privacy resources are being used throughout the world to help organizations manage cybersecurity and privacy risks. To assist our international colleagues, NIST has launched a new International Cybersecurity and Privacy Resources Site.  The site includes translations of the Cybersecurity Framework, including a newly published Indonesian translation.  You can get more information and add to this list by reaching out to intl-cyber-privacy@nist.gov.  Check out this site for information on upcoming international events with NIST participation, links to these international engagement update blogs, information on our international standards development work, and more.

HHS launches website for the 405(d) Aligning Health Care Industry Security Approaches Program

Today, the U.S. Department of Health and Human Services (HHS) through the Office of Chief Information Officer (OCIO) and Office of Information Security (OIS) launched a website for the HHS 405(d) Aligning Health Care Industry Security Approaches Program. The HHS 405(d) Program website was developed in partnership with the HHS 405(d) Task Group which includes more than 150 individuals from industry and the federal government who have tirelessly collaborated and provided their insights because they believe there is only one way to fight cybersecurity threats- together.  Through this new website, the 405(d) Program supports the motto that Cyber Safety is Patient Safety and provides the Healthcare and Public Health (HPH) sector with useful, impactful, and vetted resources, products, videos, and tools that help raise awareness and provide cybersecurity practices, which drive behavioral change and move toward consistency in mitigating the most relevant cybersecurity threats to the sector.

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

This joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, CISA, ACSC, and NCSC assess is associated with the government of Iran. FBI and CISA have observed this Iranian government-sponsored APT group exploit Fortinet vulnerabilities since at least March 2021 and a Microsoft Exchange ProxyShell vulnerability since at least October 2021 to gain initial access to systems in advance of follow-on operations, which include deploying ransomware. ACSC is also aware this APT group has used the same Microsoft Exchange vulnerability in Australia.

The AP Interview: Justice Dept. conducting cyber crackdown
The Justice Department is stepping up actions to combat ransomware and cybercrime through arrests and other actions, its No. 2 official told The Associated Press, as the Biden administration escalates its response to what it regards as an urgent economic and national security threat. Deputy Attorney General Lisa Monaco said that “in the days and weeks to come, you’re going to see more arrests,” more seizures of ransom payments to hackers and additional law enforcement operations.

SAFEGUARDING TRUST

ADVANCING HEALTHCARE