#cisa
#cisa

[ follow ]

fromNextgov.com

US politics

Trump's CISA nominee is confident he can get funding to cyber agency where needed

fromSecuritymagazine

Mobile UX

CISA's Reset Delays Action as Mobile Spyware Surges

fromThe Hacker News

Information security

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

Privacy professionals

Microsoft's new SharePoint vulnerability - everything you need to know

fromSecuritymagazine

4 Critical, Known Exploited Vulnerabilities Added to KEV Catalog

CISA has added four new vulnerabilities to the Known Exploited Vulnerabilities Catalogue, indicating active exploitation risks.

Privacy professionals

fromDatabreaches

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

CISA confirmed active exploitation of CitrixBleed 2 vulnerability, giving federal agencies one day to install necessary patches.

fromNextgov.com

US politics

Trump's CISA nominee is confident he can get funding to cyber agency where needed

fromSecuritymagazine

Mobile UX

CISA's Reset Delays Action as Mobile Spyware Surges

fromThe Hacker News

Information security

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

Privacy professionals

Microsoft's new SharePoint vulnerability - everything you need to know

fromSecuritymagazine

Web frameworks

4 Critical, Known Exploited Vulnerabilities Added to KEV Catalog

fromDatabreaches

Privacy professionals

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

more#cybersecurity

Information security

Interlock ransomware gang is ramping up activity, CISA warns

fromTheregister

Information security

Ransomware disrupted utility services in SimpleHelp attacks

Privacy professionals

fromDatabreaches

#StopRansomware: Medusa Ransomware

Medusa ransomware has impacted over 300 victims across various sectors, prompting a call for strengthened defenses.

Information security

fromTheregister

CISA's KEV list informs ransomware attacks, paper suggests

Attackers are leveraging the CISA Known Exploited Vulnerability (KEV) catalog to plan ransomware attacks.

Information security

Interlock ransomware gang is ramping up activity, CISA warns

Information security

fromTheregister

Ransomware disrupted utility services in SimpleHelp attacks

Ransomware groups exploited a vulnerability in SimpleHelp's software, causing service disruptions and extortion incidents.

Privacy professionals

fromDatabreaches

#StopRansomware: Medusa Ransomware

Medusa ransomware has impacted over 300 victims across various sectors, prompting a call for strengthened defenses.

Information security

fromTheregister

CISA's KEV list informs ransomware attacks, paper suggests

Attackers are leveraging the CISA Known Exploited Vulnerability (KEV) catalog to plan ransomware attacks.

more#ransomware

fromComputerWeekly.com

Patch ToolShell SharePoint zero-day immediately, says Microsoft | Computer Weekly

Organisations using on-premise SharePoint instances must urgently update due to serious vulnerabilities being exploited.

Privacy professionals

fromTheregister

Microsoft warns on-prem SharePoint users of a zero-day

Microsoft warns of an active zero-day vulnerability in SharePoint Server, allowing unauthorized access due to incomplete past updates.

fromNextgov.com

Trump's CISA nominee to testify before Senate panel next week

Sean Plankey is scheduled to testify before the Senate Homeland Security Committee regarding his nomination to lead the Cybersecurity and Infrastructure Security Agency.

fromBreaking Defense

Iran may go after US defense firms with cyber attacks, warn Pentagon, Homeland Security

Homeland Security's Cybersecurity & Infrastructure Security Agency warned US defense contractors working in Israel that they may be targeted by Iranian cyber attacks.

US politics

Want to build more secure software? Follow these key memory safe language tips from CISA

Achieving better memory safety demands language-level protections, library support, robust tooling, and developer training, as traditional languages can't eliminate vulnerabilities as effectively.

Software development

fromTheregister

AWS enforces MFA across 100% of root users: re:Inforce

For anyone who still has doubts about MFA: just ask Snowflake CISO Brad Jones, who last year saw more than 160 of his customers' accounts compromised using stolen credentials. None of these had MFA enabled, and this safeguard likely would have prevented the intruders from accessing the customers' databases.

Marketing tech

fromTheregister

CISA loses senior exec Bridget Bean, pre-budget cuts

Bridget Bean has officially retired from CISA, leaving the agency without a Senate-confirmed director.

fromTheregister

NSA, CISA top brass absent from RSA Conference

The NSA's 'State of the Hack' panel was canceled at this year's RSA Conference, reflecting a shift in their public engagement approach.

CISA issues warning in wake of Oracle cloud credentials leak

CISA warns of potential data breach risks from a security incident involving legacy Oracle cloud environments, urging enterprises to strengthen their security defenses.

Information security

Privacy professionals

fromArs Technica

Chris Krebs, who debunked 2020 election lies, vows full-time fight against Trump

CISA's Chris Krebs was terminated by Trump after debunking election fraud claims, emphasizing integrity amidst political pressure.

fromTechzine Global

Privacy professionals

SentinelOne exec Krebs leaves following Trump pressure

Privacy professionals

fromArs Technica

Chris Krebs, who debunked 2020 election lies, vows full-time fight against Trump

CISA's Chris Krebs was terminated by Trump after debunking election fraud claims, emphasizing integrity amidst political pressure.

fromTechzine Global

Privacy professionals

SentinelOne exec Krebs leaves following Trump pressure

more#chris-krebs

fromTechzine Global

MITRE CVE database saved after last minute reversal

The U.S. government extended funding for the CVE database for eleven months, preventing the crucial cybersecurity resource from going offline due to funding discontinuation.

Information security

fromArs Technica

Crucial CVE flaw-tracking database narrowly avoids closure to DHS cuts

CVE's funding was at risk, but CISA has extended the contract to ensure continued operations.

fromTheregister

Incoming deputy head of DHS says CISA needs to be reined in

CISA's management needs reform, according to nominee Troy Edgar, emphasizing a focus on cybersecurity over election investigations.

[ Load more ]