Rich Helms

ISCPO webmaster. 905-852-9294 Sunderland, Ontario, Canada

FBI Update on Exploitation of Fortinet FortiOS Vulnerabilities – June 1, 2021

by

Critical Infrastructure Colleagues and Partners, The Federal Bureau of Investigation (FBI) has released an FBI FLASH, APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity, which describes advanced persistent threat (APT) actors exploiting known Fortinet FortiOS vulnerabilities. APT actors may exploit these vulnerabilities to gain initial access to multiple government, commercial, and technology … Read more

Washington Update – May 2021

by

Despite Slow Pace, Infrastructure Still A High Priority in Washington The Biden Administration continues its outreach to Republican lawmakers in the hopes of brokering a bipartisan agreement on a massive infrastructure bill.  Biden’s $2.3 trillion proposal — which he outlined in a speech to a joint session of Congress on April 29th — has been panned by GOP lawmakers, who argue it includes a huge array … Read more

INV Systems USA

by

INV Systems USA 320 Decker Drive Irving, Texas 75062 847-431-5914 www.INVseguridad.com/en At INV Group, we are aware that the trust of our customers is key to fulfilling our purpose. This is the reason why quality, involvement, trust and closeness to our clients are part of our DNA. Perhaps this great commitment makes us enjoy a … Read more

New ISCPO Board Member – Steve Sturgill –

by

The ISCPO is excited to welcome Amazon’s Steve Sturgill to its board of directors. Steve has an extensive background spanning over 30 years. He currently leads a team of Amazon’s investigators that focus on losses that occur within the Supply Chain. Prior to his time with Amazon, Steve worked for 7-Eleven Stores, Sears Holdings and … Read more

Washington Update – April 13, 2021

by

Infrastructure Congress returned to Washington this week after a two-week recess – with action on President Biden’s broadly defined “infrastructure” proposal at the top of the agenda for the Democratic majority.  While the President continues to talk publicly about working on a bipartisan basis, at this point it appears he and his party will seek … Read more

CISA Releases Supplemental Direction Version 2 to Emergency Directive 21-02 – April 13, 2021

by

Apply Microsoft April 2021 Security Update to Mitigate Newly Disclosed Microsoft Exchange Vulnerabilities Critical Infrastructure Colleagues and Partners, Today, the Acting Director of the Cybersecurity and Infrastructure Security Agency (CISA) issued supplemental direction version 2 (https://cyber.dhs.gov/ed/21-02/#supplemental-direction-v2) to Emergency Directive (ED) 21-02 requiring federal agencies to apply the Microsoft April 2021 update to all affected Exchange … Read more

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities – April 5, 2021

by

CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory(https://www.ic3.gov/Media/News/2021/210402.pdf) (CSA)  to warn users and administrators of the likelihood that advanced persistent threat (APT) actors are actively exploiting known Fortinet FortiOS vulnerabilities CVE-2018-13379 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13379), CVE-2020-12812 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12812), and CVE-2019-5591 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5591). APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access … Read more

CISA Insights: National Supply Chain Integrity Month – April 1, 2021

by

In recognition of National Supply Chain Integrity Month, the Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI), the Department of Defense, and other government and industry partners to promote a call to action for a unified effort by organizations across the country to strengthen global … Read more