#cisa
#cisa

Information security

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

CISA added a critical vulnerability in SolarWinds Web Help Desk to its KEV catalog, pointing to active exploitation risks. [ more ]

CyberScoop

Information security

Tens of thousands of IPs vulnerable to Fortinet flaw dubbed 'must patch' by feds

Around 87,000 IPs are vulnerable to a critical Fortinet flaw, urging immediate action based on active exploitation, according to CISA. [ more ]

Theregister

Information security

86k Fortinet devices still vulnerable to active exploits

Over 86,000 Fortinet instances remain vulnerable to a serious flaw recently exploited by attackers, according to reports.

The vulnerability CVE-2024-23113 is rated 9.8 on the CVSS scale, indicating its severity and potential impact. [ more ]

CyberScoop

Information security

CISA advisory committee approves four draft reports on critical infrastructure resilience

CISA is enhancing national cyber resilience and awareness amid threats from Chinese hackers, especially regarding critical infrastructure security. [ more ]

The Hacker News

2 days ago

Information security

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

CISA added a critical vulnerability in ScienceLogic SL1 to its KEV catalog due to active exploitation.

Reportedly, this zero-day vulnerability allows remote code execution and affects multiple software versions. [ more ]

Securitymagazine

4 days ago

Information security

SolarWinds Help Desk software vulnerability added to CISA catalogue

Active exploitation of vulnerabilities poses a significant threat to both federal and private sectors as highlighted by CISA's recent additions to its catalogue. [ more ]

thehackernews.com

Information security

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

CISA added a critical vulnerability in SolarWinds Web Help Desk to its KEV catalog, pointing to active exploitation risks. [ more ]

CyberScoop

Information security

Tens of thousands of IPs vulnerable to Fortinet flaw dubbed 'must patch' by feds

Around 87,000 IPs are vulnerable to a critical Fortinet flaw, urging immediate action based on active exploitation, according to CISA. [ more ]

Theregister

Information security

86k Fortinet devices still vulnerable to active exploits

Over 86,000 Fortinet instances remain vulnerable to a serious flaw recently exploited by attackers, according to reports.

The vulnerability CVE-2024-23113 is rated 9.8 on the CVSS scale, indicating its severity and potential impact. [ more ]

CyberScoop

Information security

CISA advisory committee approves four draft reports on critical infrastructure resilience

CISA is enhancing national cyber resilience and awareness amid threats from Chinese hackers, especially regarding critical infrastructure security. [ more ]

morecybersecurity

#software-security

FedScoop

2 weeks ago

Artificial intelligence

CISA official: AI tools 'need to have a human in the loop'

CISA is developing AI security initiatives, emphasizing the importance of human oversight in cybersecurity processes despite the hype around AI technology. [ more ]

Cloud Pro

Information security

Software vendors are flocking to CISA's Secure by Design Pledge

More than 180 software companies have committed to CISA's Secure by Design Pledge to enhance product security by integrating security principles into the design and manufacturing process. [ more ]

FedScoop

2 weeks ago

Artificial intelligence

CISA official: AI tools 'need to have a human in the loop'

CISA is developing AI security initiatives, emphasizing the importance of human oversight in cybersecurity processes despite the hype around AI technology. [ more ]

Cloud Pro

Information security

Software vendors are flocking to CISA's Secure by Design Pledge

More than 180 software companies have committed to CISA's Secure by Design Pledge to enhance product security by integrating security principles into the design and manufacturing process. [ more ]

moresoftware-security

ComputerWeekly.com

3 weeks ago

Information security

Defaulting to open: Decoding the (very public) CrowdStrike event | Computer Weekly

The CrowdStrike IT outage raises questions about our dependence on certain organizations and their role in maintaining cyber security. [ more ]

#election-security

CyberScoop

Information security

OIG audit calls for more clarity from CISA, DHS on disinformation mission

CISA receives positive audit ratings for election security but has decreased disinformation efforts. [ more ]

CyberScoop

Information security

CISA moves away from trying to influence content moderation decisions on election disinformation

CISA is confident in the protection of U.S. election infrastructure for 2024, with improved security measures. [ more ]

CyberScoop

Information security

Forget AI: Physical threats are biggest risk facing the 2024 election

Physical threats to election administrators are a major concern overshadowing AI-related worries at the RSA Conference. [ more ]

CyberScoop

Information security

OIG audit calls for more clarity from CISA, DHS on disinformation mission

CISA receives positive audit ratings for election security but has decreased disinformation efforts. [ more ]

CyberScoop

Information security

CISA moves away from trying to influence content moderation decisions on election disinformation

CISA is confident in the protection of U.S. election infrastructure for 2024, with improved security measures. [ more ]

CyberScoop

Information security

Forget AI: Physical threats are biggest risk facing the 2024 election

Physical threats to election administrators are a major concern overshadowing AI-related worries at the RSA Conference. [ more ]

moreelection-security

Nextgov.com

Privacy professionals

GSA awards contract for $524M CISA headquarters

GSA awarded a $524-million contract for a new CISA headquarters in Washington, D.C., funded in part by the Inflation Reduction Act. [ more ]

Theregister

Information security

Google gamed into advertising a malicious Authenticator

Scammers used Google ads to distribute fake Google Authenticator software.

AI technology is increasingly being used in cyber fraud, with AI-written emails accounting for 40% of BEC cases.

CISA appointed its first Chief AI Officer, indicating a growing focus on the threats posed by machine learning. [ more ]

FedScoop

Artificial intelligence

CISA names Lisa Einstein as its first chief AI officer

Lisa Einstein appointed as CISA's first chief AI officer to advance cyber defenses and critical infrastructure support through AI technologies. [ more ]

#vulnerability

Ars Technica

4 months ago

Information security

Federal agency warns critical Linux vulnerability being actively exploited

CISA added a critical Linux security bug, CVE-2024-1086, actively exploited, granting privilege escalation through a use-after-free vulnerability in Linux kernel versions 5.14-6.6. [ more ]

Ars Technica

Information security

0-click GitLab hijacking flaw under active exploit, with thousands still unpatched

A maximum severity vulnerability in GitLab allows account hijacking without user interaction. [ more ]

Ars Technica

4 months ago

Information security

Federal agency warns critical Linux vulnerability being actively exploited

CISA added a critical Linux security bug, CVE-2024-1086, actively exploited, granting privilege escalation through a use-after-free vulnerability in Linux kernel versions 5.14-6.6. [ more ]

Ars Technica

Information security

0-click GitLab hijacking flaw under active exploit, with thousands still unpatched

A maximum severity vulnerability in GitLab allows account hijacking without user interaction. [ more ]

morevulnerability

CyberScoop

Information security

Departing top CISA official reflects on nearly four years in the cyber hot seat

CISA has made progress in understanding cyber risks and collaborating with industry, but more work remains, including implementing a rule for gathering cyber incident data. [ more ]

#cybersecurity-threats

Axios

Artificial intelligence

How AI is turbocharging security issues

AI is empowering cybercriminals and making cybersecurity threats more sophisticated and widespread. [ more ]

ComputerWeekly.com

Information security

NCSC updates warning over hacktivist threat to CNI | Computer Weekly

Russia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.

NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin. [ more ]

Axios

Artificial intelligence

How AI is turbocharging security issues

AI is empowering cybercriminals and making cybersecurity threats more sophisticated and widespread. [ more ]

ComputerWeekly.com

morecybersecurity-threats

Information security

NCSC updates warning over hacktivist threat to CNI | Computer Weekly

Russia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.

NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin. [ more ]

Theregister

Information security

68 tech companies sign CISA's secure by design pledge

Tech giants sign CISA's Secure by Design pledge to enhance product security by committing to specific actions within a year. [ more ]

#cloud-security

Above the Law

Information security

Cloud Security Advice For Law Firms

Law firms are adopting a cloud-first mentality, but often overlook the importance of securing their cloud environment, leaving room for vulnerabilities. [ more ]

TechRepublic

Privacy professionals

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

The Androxgh0st malware is a botnet that collects cloud credentials and abuses the Simple Mail Transfer Protocol.

The malware targets websites using the Laravel web application framework to steal credentials and other sensitive data. [ more ]

Above the Law

Information security

Cloud Security Advice For Law Firms

Law firms are adopting a cloud-first mentality, but often overlook the importance of securing their cloud environment, leaving room for vulnerabilities. [ more ]

TechRepublic

Privacy professionals

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

The Androxgh0st malware is a botnet that collects cloud credentials and abuses the Simple Mail Transfer Protocol.

The malware targets websites using the Laravel web application framework to steal credentials and other sensitive data. [ more ]

morecloud-security

Theregister

Information security

CISA's KEV list improving private and public-sector patching

CISA's Known Exploited Vulnerabilities catalog deadlines are positively affecting private organizations' vulnerability remediation timeline. [ more ]

Theregister

Information security

CISA expects devs to squash old directory traversal bugs

CISA urges software industry to address directory traversal vulnerabilities. [ more ]

Nextgov.com

Information security

House cyber chairman tries again to undo SEC cyber disclosure rules

Rep. Andrew Garbarino aims to dissolve SEC cybersecurity incident disclosure rule, favoring Cybersecurity and Infrastructure Security Agency for handling such disclosures. [ more ]

Nextgov.com

Privacy professionals

Contracts featuring automation, built-in security can boost agencies' cyber defenses, VA officials say

Automating legacy systems and prioritizing built-in security in contracts can enhance cyber resilience at federal agencies.

The Department of Veterans Affairs oversees a significant portion of IT assets in the federal civilian space and relies on CISA for cybersecurity implementation. [ more ]

#china

CyberScoop

Privacy professionals

CISA orders Ivanti devices targeted by Chinese hackers be disconnected

Federal agencies running Ivanti Connect Secure or Ivanti Policy Secure devices must disconnect them due to cyber espionage linked to China.

CISA has issued instructions for updating and bringing the devices back online. [ more ]

CyberScoop

Privacy professionals

CISA, FBI warns of Chinese-manufactured drones

The Cybersecurity and Infrastructure Security Agency and the FBI warn about potential threats from Chinese-made drones on critical infrastructure.

The guidance advises critical infrastructure owners and operators to reduce risk by purchasing drones from U.S. companies. [ more ]

CyberScoop

Privacy professionals

CISA orders Ivanti devices targeted by Chinese hackers be disconnected

Federal agencies running Ivanti Connect Secure or Ivanti Policy Secure devices must disconnect them due to cyber espionage linked to China.

CISA has issued instructions for updating and bringing the devices back online. [ more ]

CyberScoop

Privacy professionals

CISA, FBI warns of Chinese-manufactured drones

The Cybersecurity and Infrastructure Security Agency and the FBI warn about potential threats from Chinese-made drones on critical infrastructure.

The guidance advises critical infrastructure owners and operators to reduce risk by purchasing drones from U.S. companies. [ more ]

morechina

Nextgov.com

Privacy professionals

Biden to veto any efforts to shutter SEC cyber disclosure rules

The White House reaffirmed its commitment to a SEC rule on cybersecurity disclosures and stated that President Biden would veto any efforts to eliminate the regulation.

Lawmakers both in the Senate and the House have proposed measures to nullify the SEC rule, arguing that disclosing cyber incidents could compromise businesses and national security. [ more ]

BleepingComputer

Information security

CISA: Vendors must secure SOHO routers against Volt Typhoon attacks

CISA and the FBI are urging manufacturers of small office/home office (SOHO) routers to enhance their security against attacks by state-backed hacking groups like Volt Typhoon.

The agencies are advising vendors to eliminate vulnerabilities in router web management interfaces during the design and development stages. [ more ]

#CISA

Theregister

Information security

CISA finally removes dud vulnerability from must-patch list

CISA has removed a security vulnerability (CVE-2022-28958) from its Known Exploited Vulnerability catalog after it was found to be a fake vulnerability.

The vulnerability was thought to be a critical remote code execution flaw but had no impact on the systems it targeted. [ more ]

Databreaches

Information security

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors.

The vulnerability (CVE-2023-26360) allows for arbitrary code execution and affects ColdFusion 2018 and ColdFusion 2021 versions. [ more ]

Dark Reading

Information security

Exploited Vulnerabilities Can Take Months to Make KEV List

CISA added known software flaws to its KEV catalog months after they were disclosed and exploited.

The delayed updates to the KEV catalog can hinder security teams' patching efforts and put organizations at risk.

The examples of Adobe, Juniper, and Veeam demonstrate the long lead time for vulnerabilities to be included in the KEV catalog. [ more ]

www.databreaches.net

Public health

CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector

CISA has released a mitigation guide for the Healthcare and Public Health sector to combat cyber threats.

The guide provides defensive mitigation strategy recommendations and identifies known vulnerabilities for organizations to assess their networks.

HPH entities are encouraged to visit CISA's Healthcare and Public Health Cybersecurity Toolkit and Sector webpages for more information. [ more ]

Dark Reading

Privacy professionals

Scattered Spider Casino Hackers Evade Arrest in Plain Sight

The cybercrime group known as Scattered Spider is still operating and attacking US organizations despite being known to law enforcement for over six months.

Law enforcement's failure to make arrests or disrupt the group's activities is seen as a failure in cybersecurity law enforcement.

The FBI and CISA have released an advisory on Scattered Spider, providing recommendations for organizations to improve their cybersecurity posture. [ more ]

SecurityWeek

Information security

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA added Sophos, Oracle, and Microsoft product flaws to its Known Exploited Vulnerabilities catalog.

The Sophos flaw CVE-2023-1671 is a critical vulnerability that can be exploited for arbitrary code execution.

CVE-2020-2551 is an Oracle WebLogic Server flaw targeted by a Chinese threat actor in attacks on government and critical infrastructure organizations in Taiwan. [ more ]

Theregister

Information security

CISA finally removes dud vulnerability from must-patch list

CISA has removed a security vulnerability (CVE-2022-28958) from its Known Exploited Vulnerability catalog after it was found to be a fake vulnerability.

The vulnerability was thought to be a critical remote code execution flaw but had no impact on the systems it targeted. [ more ]

Databreaches

Information security

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors.

The vulnerability (CVE-2023-26360) allows for arbitrary code execution and affects ColdFusion 2018 and ColdFusion 2021 versions. [ more ]

Dark Reading

Information security

Exploited Vulnerabilities Can Take Months to Make KEV List

CISA added known software flaws to its KEV catalog months after they were disclosed and exploited.

The delayed updates to the KEV catalog can hinder security teams' patching efforts and put organizations at risk.

The examples of Adobe, Juniper, and Veeam demonstrate the long lead time for vulnerabilities to be included in the KEV catalog. [ more ]

www.databreaches.net

Public health

CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector

CISA has released a mitigation guide for the Healthcare and Public Health sector to combat cyber threats.

The guide provides defensive mitigation strategy recommendations and identifies known vulnerabilities for organizations to assess their networks.

HPH entities are encouraged to visit CISA's Healthcare and Public Health Cybersecurity Toolkit and Sector webpages for more information. [ more ]

Dark Reading

Privacy professionals

Scattered Spider Casino Hackers Evade Arrest in Plain Sight

The cybercrime group known as Scattered Spider is still operating and attacking US organizations despite being known to law enforcement for over six months.

Law enforcement's failure to make arrests or disrupt the group's activities is seen as a failure in cybersecurity law enforcement.

The FBI and CISA have released an advisory on Scattered Spider, providing recommendations for organizations to improve their cybersecurity posture. [ more ]

SecurityWeek

Information security

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA added Sophos, Oracle, and Microsoft product flaws to its Known Exploited Vulnerabilities catalog.

The Sophos flaw CVE-2023-1671 is a critical vulnerability that can be exploited for arbitrary code execution.

CVE-2020-2551 is an Oracle WebLogic Server flaw targeted by a Chinese threat actor in attacks on government and critical infrastructure organizations in Taiwan. [ more ]

moreCISA

Theregister