#cisa

#cisa

Federal legislation aims to diversify cybersecurity workforce with $20 million annually for CISA program. [ more ]

CISA has made progress in understanding cyber risks, collaborating with industry, and promoting secure products, but more work is needed, as mentioned by departing official Eric Goldstein. [ more ]

Eric Goldstein, an influential figure at CISA, is stepping down from his role as executive assistant director for cybersecurity next month. [ more ]

Eric Goldstein, executive assistant director for cybersecurity at CISA, will leave next month after key initiatives and significant contributions since 2021. [ more ]

US security agencies issued advisories on Black Basta after the group claimed responsibility for a cyberattack on a healthcare provider. [ more ]

Make software secure by design to combat ransomware attacks and enhance cybersecurity measures. [ more ]

AI is empowering cybercriminals and making cybersecurity threats more sophisticated and widespread. [ more ]

Russia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.

NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin. [ more ]

Law firms are adopting a cloud-first mentality, but often overlook the importance of securing their cloud environment, leaving room for vulnerabilities. [ more ]

The Androxgh0st malware is a botnet that collects cloud credentials and abuses the Simple Mail Transfer Protocol.

The malware targets websites using the Laravel web application framework to steal credentials and other sensitive data. [ more ]

CISA has removed a security vulnerability (CVE-2022-28958) from its Known Exploited Vulnerability catalog after it was found to be a fake vulnerability.

The vulnerability was thought to be a critical remote code execution flaw but had no impact on the systems it targeted. [ more ]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors.

The vulnerability (CVE-2023-26360) allows for arbitrary code execution and affects ColdFusion 2018 and ColdFusion 2021 versions. [ more ]

CISA added known software flaws to its KEV catalog months after they were disclosed and exploited.

The delayed updates to the KEV catalog can hinder security teams' patching efforts and put organizations at risk.

The examples of Adobe, Juniper, and Veeam demonstrate the long lead time for vulnerabilities to be included in the KEV catalog. [ more ]

CISA has released a mitigation guide for the Healthcare and Public Health sector to combat cyber threats.

The guide provides defensive mitigation strategy recommendations and identifies known vulnerabilities for organizations to assess their networks.

HPH entities are encouraged to visit CISA's Healthcare and Public Health Cybersecurity Toolkit and Sector webpages for more information. [ more ]

The cybercrime group known as Scattered Spider is still operating and attacking US organizations despite being known to law enforcement for over six months.

Law enforcement's failure to make arrests or disrupt the group's activities is seen as a failure in cybersecurity law enforcement.

The FBI and CISA have released an advisory on Scattered Spider, providing recommendations for organizations to improve their cybersecurity posture. [ more ]

CISA added Sophos, Oracle, and Microsoft product flaws to its Known Exploited Vulnerabilities catalog.

The Sophos flaw CVE-2023-1671 is a critical vulnerability that can be exploited for arbitrary code execution.

CVE-2020-2551 is an Oracle WebLogic Server flaw targeted by a Chinese threat actor in attacks on government and critical infrastructure organizations in Taiwan. [ more ]