https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
  • IWCE
    • Back
    • Conference
    • Special Events
    • Exhibitor Listings
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

NSA, CISA warn of attacks on federated authentication

NSA, CISA warn of attacks on federated authentication

  • Written by Robert Lemos / Dark Reading
  • 28th December 2020

While incident responders focus on attacks using SolarWinds Orion, government cyber defenders highlight other methods likely being used as well.

An attacker-modified update to the SolarWinds Orion network management product that compromised thousands of companies and government agencies is likely not the only way Russian attackers infiltrated networks, according to the US Cybersecurity and Infrastructure Security Agency (CISA) in an update over the weekend.

In an updated alert about the recent cyber-espionage attacks against government agencies and private-sector companies, CISA noted on Dec. 18 that the attackers appear to have used other vectors of attacks outside of the SolarWinds Orion platform. On Dec. 21, the agency pointed to an advisory published the previous week by the National Security Agency, which warned that attackers were stealing private keys for single sign-on (SSO) infrastructure to bypass two-factor authentication.

The NSA pointed to a Dec. 7 warning that Russian state-sponsored actors had exploited a vulnerability in VMware Access and VMware Identify Manager products to gain access to protected data. CISA did not name VMware but cited the issue in similar language.

“Specifically, we are investigating incidents in which activity indicating abuse of Security Assertion Markup Language (SAML) tokens consistent with this adversary’s behavior is present, yet where impacted SolarWinds instances have not been identified,” the agency stated in its updated advisory.

To read the complete article, visit Dark Reading.

 

Tags: Alerting Systems Applications Critical Infrastructure Cybersecurity DHS Enterprise Federal Government/Military Incident Command/Situational Awareness News NIST/PSCR Policy Public Safety Regional Coordination Security Software State & Local Government Tracking, Monitoring & Control Partner content

Related


  • Public safety needs a better way to triage emergency calls
    The overarching goal of the public-safety community is to ensure that 911 callers receive the most appropriate emergency response as quickly as possible. Lives often are on the line in an emergency, and every second matters. Achieving a balance between sending the optimal response to an emergency and having it arrive as fast as possible […]
  • Newscan: FBI received over 100,000 pieces of digital evidence after Capitol attack
    Newscan: FBI received over 100,000 pieces of digital evidence after Capitol attack
    Web Roundup Items from other news organizations FBI received over 100,000 pieces of digital evidence after Capitol attack Social workers to be sent to non-violent 911 calls for service in St. Petersburg, Fla. Minnesota cities turning to drones to help law enforcement Police investigating legitimacy of 911 call that prompted huge response to Connecticut home […]
  • Intelsat to test 4G connections to iPhones from stratosphere
    Satellite company Intelsat appears to be coming down to Earth. Or, at least a little lower. Specifically, Intelsat is asking for FCC permission to test LTE connections in Arizona from a “high-altitude platform system,” or HAPS. The company said the HAPS is an unmanned aircraft operated by Airbus, and that it will allow the company to offer […]
  • Connected fleets and EVs could pose greatest cyber risk, says GuardKnox
    Connected Fleets and EVs could be at the biggest risk of future mass infrastructure cyber hacks that automakers will have to gear up to prevent. That’s the view of  Moshe Shlisel, CEO of cyber-security specialist GuardKnox who points out that these automotive sectors have become important parts of a nation state’s core infrastructure. The company, […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • LMR licensing activity again dips to new all-time lows in 2020
  • Healthcare organizations bear the brunt of cyberattacks amid pandemic
  • On the road with in-vehicle satellite navigation systems
  • Report: Many governments facing revenue shortfalls due to COVID-19

Commentary


Public safety needs a better way to triage emergency calls

13th January 2021

In challenging year, working with public safety to move FirstNet forward

30th December 2020

Communications solutions must evolve quickly to meet needs of a changing world

31st October 2020
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

RT @IWCEexpo: 📆 Mark Your Calendars: IWCE will be returning to Las Vegas this September and registration is slated to open in April 📆 Wa…

15th January 2021
UrgentComm

RT @IWCEexpo: ⚡FLASH SALE: Don't miss this exclusive offer! Passes to #IBFVirtual are now 50% off with code TWITTER50. Take advantage of th…

6th November 2020
UrgentComm

Get ready for part 2 of "Ensuring Public Safety Emergency Communications" next week! @PCTEL_inc will explore… twitter.com/i/web/status/1…

3rd November 2020
UrgentComm

Over the past few months, we’ve seen the world transform, and it's clear that cities will be affected in the long-t… twitter.com/i/web/status/1…

27th October 2020
UrgentComm

Florida state & local agencies subscribing to the Statewide Law Enforcement Radio System (SLERS) will be able to co… twitter.com/i/web/status/1…

26th October 2020
UrgentComm

Tune in to @slacorp CEO Josh Lober as he explains how the company has fully integrated its #PTT application to work… twitter.com/i/web/status/1…

26th October 2020
UrgentComm

.@SierraWireless announced the commercial availability of the AirLink MG90 platform, which they tout as the first m… twitter.com/i/web/status/1…

26th October 2020
UrgentComm

Attorneys for #Hytera and #MotorolaSolutions this week submitted final written arguments, apparently clearing a pat… twitter.com/i/web/status/1…

22nd October 2020

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • Microwave/RF
  • T&D World
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X