My information Resource (blog.mir.net)

Build the skills you need to create new opportunities and accelerate your understanding of Microsoft Cloud technologies at a free Microsoft Power Platform Virtual Training Day from Microsoft Learn. Join us at Empower Everyone to Build Apps to see how to build and test model-driven and canvas apps with Power Apps. You’ll explore how to store and manage data for your apps with Microsoft Dataverse and learn how to customize applications for your business. You’ll also understand how to expedite development and create intelligent apps with AI-powered capabilities. You will have the opportunity to: Gain the knowledge to build applications with low-code tools. Understand how to simplify app development with Power Apps. Discover how to build an app through natural language processing with copilot assistance. Jump-start preparation for the Microsoft Power Platform App Maker Associate certification exam. Join us at an upcoming Empower Everyone to Build Apps event: May 07, 2024 | 12:00 PM -3:00 PM | (GMT-05:00) Eastern Time (US & Canada) Delivery Language: English Closed Captioning Language(s): English

REGISTER TODAY >

NIST plans to update NIST IR 7621 Rev. 1, Small Business Information Security: The Fundamentals and is issuing this Pre-Draft Call for Comments to solicit feedback. The public is invited to provide input by 12:00 p.m. ET on May 16, 2024. 

Details

Since NIST IR 7621 Revision 1 was published in November of 2016, NIST has developed new frameworks for cybersecurity and risk management and released major updates to critical resources and references. This revision will focus on clarifying the publication’s audience, making the document more user-friendly, aligning with other NIST guidance, updating the narrative with current approaches to cybersecurity risk management, and updating appendices. Before revising, NIST invites the public to suggest changes that would improve the document’s effectiveness, relevance, and general use to better help the small business community understand and manage their cybersecurity risk.

NIST welcomes feedback and input on any aspect of NIST IR 7621 and additionally proposes a list of non-exhaustive questions and topics for consideration:

• How have you used or referenced NIST IR 7621?
• What specific topics in NIST IR 7621 are most useful to you?
• What challenges have you faced in applying the guidance in NIST IR 7621?
• Is the document’s current level of specificity appropriate, too detailed, or too general? If the level of specificity is not appropriate, how can it be improved?
• How can NIST improve the alignment between NIST IR 7621 and other frameworks and publications?
• What new cybersecurity capabilities, challenges, or topics should be addressed?
• What topics or sections currently in the document are out of scope, no longer relevant, or better addressed elsewhere?
• Are there other substantive suggestions that would improve the document?
• Are there additional appendices in NIST IR 7621, or resources outside NIST IR 7621, that would add value to the document?

Submit Comments

• The comment period closes at 12:00 p.m. ET on May 16, 2024.
• View the Pre-Draft Call for Comments.
• View the publication.
• Submit comments using this comment template to ir7621-comments@nist.gov with “Comments on NIST IR 7621” in the subject field.
• Email questions to ir7621-comments@nist.gov.

Read More

Join the National Cybersecurity Center of Excellence (NCCoE) for a Community Profiles Webinar on April 23^rd, 2024, at 2:00 p.m. ET to discuss guidance and considerations for creating and using Community Profiles to implement the NIST Cybersecurity Framework (CSF) 2.0.

During this webinar, the presenters will:

1. Provide an overview of the NIST CSF 2.0
2. Introduce the NCCoE Framework Resource Center (FRC)
3. Discuss the Cyber Risk Institute (CRI) approach to updating the CRI Profile for the Financial Sector from CSF v1.1 to 2.0
4. Discuss the NIST Cybersecurity White Paper (CSWP) 32 Initial Public Draft: A Guide to Creating Community Profiles
5. Provide time for Q&A

Submit Comments for NIST Cybersecurity White Paper 32

The public comment period on the NIST CSWP 32 Initial Public Draft: A Guide to Creating Community Profiles closes at 11:59 p.m. ET on May 3, 2024. Please email all draft comments to framework-profiles@nist.gov.

We encourage you to submit all feedback using the comment template found on our project page.

Register Now

This Joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) are releasing this Joint Cybersecurity Advisory to disseminate known Akira ransomware IOCs and TTPs identified through FBI investigations as recently as February 2024 and trusted third party reporting.

Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines. As of January 1, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds.

Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension. Akira threat actors have continued to use both Megazord and Akira, including Akira_v2 (identified by trusted third party investigations) interchangeably.

The FBI, CISA, EC3, and NCSC-NL encourage organizations to implement the recommendations in the mitigations section of this advisory to reduce the likelihood and impact of ransomware incidents.

The FBI released a public service announcement warning of an uptick in unpaid road toll SMiShing scams. Since the scams started in early March 2024, over 2,000 complaints have been made to the FBI from at least three states, and it appears to be moving from state to state, including New Jersey, New York, and Pennsylvania. On April 12,  the New Jersey Turnpike Authority issued a statement alerting drivers that the scam had begun to target drivers throughout the state.

The fraudulent SMS text messages contain almost identical language, including a similar amount owed for the “outstanding toll amount.” However, threat actors impersonate the target state’s toll service name and change the sender’s phone number and link in the message depending on the state. This social engineering attack appears to be an attempt to trick users into providing personal and financial information.

Recommendations

Avoid clicking links, responding to, or otherwise acting on unsolicited text messages. Confirm requests from senders via contact information obtained from verified and official sources. Type official website URLs into browsers manually. Report SMiShing to the FTC, FBI’s IC3, and NJCCIC, and forward the message to 7726 (SPAM).

Synopsis Join us during Second Chance Month to discuss the challenges and opportunities of the reintegration of justice-involved individuals into the workforce. We will emphasize the resilience, redemption, and the transformative power of second chances in the world of digital security. This webinar will explore the journey of justice-involved individuals re-entering the workforce, specifically in the field of cybersecurity; it seeks to foster supportive dialogue and shed light on justice-involved individuals who will contribute to positive change as the NICE community works together to provide individuals with a pathway to employment in a cybersecurity-related career. Register Here

Event delivery: digital For your business to succeed in today’s decentralized, data-rich workplace, you need to be able to gain visibility and easy access to your entire data estate while safeguarding against threats. Join us at Microsoft Tech Brief: Improve Data Security with Microsoft Purview, a free event, to understand how to improve your organization’s security posture by discovering, protecting, and preventing the loss of data and managing insider risk across clouds, apps, and endpoints. You’ll learn how to use AI to close visibility gaps and more easily detect insider risks. You’ll also learn how to identify, manage, and reduce data vulnerabilities in a single portal. You’ll have the opportunity to:  Identify the value of a unified approach to data security in decentralized work environments. Understand how to help SecOps teams discover, protect, and prevent the loss of data. Learn how to accelerate the detection of insider risk and identification and classification of sensitive data with AI and machine learning. Space is limited. Register for free today. Delivery language: English Closed captioning provided in English Microsoft Teams delivers a rich, interactive experience that works best with the Teams app. We recommend downloading the app if you don’t have it, as not all browsers are supported. When you join this event, your name, email, or phone number may be viewable by other session participants in the attendee list. By joining this event, you’re agreeing to this experience. Where: Online When: Wednesday, May 22, 2024, 2:00 – 4:00 PM (GMT-04:00)

Microsoft Tech Brief: Improve Data Security with Microsoft Purview

Register now >

Event Date: May 2, 2024

Event Time: 2:00 p.m. to 2:45 p.m. ET

Event Location: Virtual

Event Description:

Join us on May 2, 2024, for a 30-minute fireside chat with the NIST MEP Program Office. During this webinar we will highlight the cybersecurity resources available to the nation’s small and medium-sized manufacturers (SMMs).

SMMs are increasingly relying on data, information, and technologies to run their operations in a competitive and efficient manner. With this increased reliance on technology and connectivity comes an increased cybersecurity threat surface to the business and to the entire supply chain in which they contribute.

Defending an SMM’s assets from cybersecurity threats can be challenging. However, because these organizations often have less complex information technology (IT) and operational technology (OT) infrastructures, many can more readily take basic steps to defend their information and systems. 

The MEP National Network helps manufacturers of all sizes manage their cybersecurity and privacy risks by providing guidance, solutions, and training that is practical, actionable, and cost-effective.  

During this webinar, we’ll have a robust discussion to provide attendees with:

• An introduction to the MEP National Network
• An overview of the MEP cybersecurity services and resources
• Basic steps an SMM can take to manage their cybersecurity risks
• Information about how to locate an MEP Center in your area

We’ll reserve time at the end of the webinar to address questions.

Speakers: 

• Dr. Jyoti Malhotra, Division Chief, National Programs, NIST MEP
• Savann Thorn, IT Specialist (Security), NIST MEP
• Daniel Eliot, Lead for Small Business Engagement, Applied Cybersecurity Division, NIST

Register Here

The US Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) released this Analyst Note with insight into BazaCall campaigns in the healthcare sector. Even though the analysis is focused on the Healthcare and Public Health (HPH) Sector, all agencies and organizations are encouraged to review the information contained in the Analyst Note. Operating since as early as 2000, the threat actors behind BazaCall (also known as BazarCall), an advanced social engineering method, have been observed using multiple tactics, techniques, and procedures (TTPs) to breach targeted networks and lure unsuspecting victims into downloading its malicious malware. Many of these threat groups are offshoots of the defunct, notorious Russia-linked Conti gang, known to have aggressively targeted the HPH sector. Over time, these groups have since adopted and independently developed their own targeted phishing tactics that continuously evolve to target victims.   This HC3 Analyst Note provides an overview and examination of these groups, their TTPs, target industries and victim countries, impact to the HPH sector, indicators of compromise, and recommended defense and mitigations. This advisory is being provided to assist all agencies and organizations in guarding against the persistent malicious actions of cyber criminals.

Join us on April 16 to learn about the latest Azure product innovations and see how they’ll help your organization maintain a competitive edge. Find out how migrating Windows Server and SQL Server to a secure, optimized, and agile foundation on Azure prepares your organization for AI and fuels innovation. Register for the Migrate to Innovate digital event now to: Be the first to see what’s included in the upcoming Windows Server 2025 release. Get first access to viewing product demos of new AI innovations, including Microsoft Copilot. Learn about the latest updates on intelligent Azure databases to power your data and AI workloads. Discover strategies for gaining cloud agility, including running VMware workloads across cloud, hybrid, or on-premises environments. Join us for deep dive sessions, real customer scenarios, and live Q&A with Microsoft product and migration experts.

Migrate to Innovate: Be AI Ready, Be Secure Tuesday, April 16, 2024 9:00 AM–11:00 AM Pacific Time (UTC-7) Register here