#cisa

[ follow ]
#vulnerability
Ars Technica
1 month ago
Information security

Federal agency warns critical Linux vulnerability being actively exploited

CISA added a critical Linux security bug, CVE-2024-1086, actively exploited, granting privilege escalation through a use-after-free vulnerability in Linux kernel versions 5.14-6.6. [ more ]
Ars Technica
2 months ago
Information security

0-click GitLab hijacking flaw under active exploit, with thousands still unpatched

A maximum severity vulnerability in GitLab allows account hijacking without user interaction. [ more ]
Ars Technica
1 month ago
Information security

Federal agency warns critical Linux vulnerability being actively exploited

CISA added a critical Linux security bug, CVE-2024-1086, actively exploited, granting privilege escalation through a use-after-free vulnerability in Linux kernel versions 5.14-6.6. [ more ]
Ars Technica
2 months ago
Information security

0-click GitLab hijacking flaw under active exploit, with thousands still unpatched

A maximum severity vulnerability in GitLab allows account hijacking without user interaction. [ more ]
morevulnerability
#cybersecurity
CyberScoop
1 month ago
Information security

House bill would give CISA millions to diversify cyber workforce

Federal legislation aims to diversify cybersecurity workforce with $20 million annually for CISA program. [ more ]
CyberScoop
1 month ago
Information security

Departing top CISA official reflects on nearly four years in the cyber hot seat

CISA has made progress in understanding cyber risks, collaborating with industry, and promoting secure products, but more work is needed, as mentioned by departing official Eric Goldstein. [ more ]
CyberScoop
1 month ago
Information security

Top CISA official Eric Goldstein to depart agency next month

Eric Goldstein, an influential figure at CISA, is stepping down from his role as executive assistant director for cybersecurity next month. [ more ]
Nextgov.com
1 month ago
Information security

Top CISA official Eric Goldstein to depart agency next month

Eric Goldstein, executive assistant director for cybersecurity at CISA, will leave next month after key initiatives and significant contributions since 2021. [ more ]
Theregister
2 months ago
Information security

CISA spreads Black Basta advice amid Ascension infection

US security agencies issued advisories on Black Basta after the group claimed responsibility for a cyberattack on a healthcare provider. [ more ]
Theregister
2 months ago
Information security

CISA boss: Secure software needed to stop ransomware

Make software secure by design to combat ransomware attacks and enhance cybersecurity measures. [ more ]
CyberScoop
1 month ago
Information security

House bill would give CISA millions to diversify cyber workforce

Federal legislation aims to diversify cybersecurity workforce with $20 million annually for CISA program. [ more ]
CyberScoop
1 month ago
Information security

Departing top CISA official reflects on nearly four years in the cyber hot seat

CISA has made progress in understanding cyber risks, collaborating with industry, and promoting secure products, but more work is needed, as mentioned by departing official Eric Goldstein. [ more ]
CyberScoop
1 month ago
Information security

Top CISA official Eric Goldstein to depart agency next month

Eric Goldstein, an influential figure at CISA, is stepping down from his role as executive assistant director for cybersecurity next month. [ more ]
Nextgov.com
1 month ago
Information security

Top CISA official Eric Goldstein to depart agency next month

Eric Goldstein, executive assistant director for cybersecurity at CISA, will leave next month after key initiatives and significant contributions since 2021. [ more ]
Theregister
2 months ago
Information security

CISA spreads Black Basta advice amid Ascension infection

US security agencies issued advisories on Black Basta after the group claimed responsibility for a cyberattack on a healthcare provider. [ more ]
Theregister
2 months ago
Information security

CISA boss: Secure software needed to stop ransomware

Make software secure by design to combat ransomware attacks and enhance cybersecurity measures. [ more ]
morecybersecurity
CyberScoop
1 month ago
Information security

Departing top CISA official reflects on nearly four years in the cyber hot seat

CISA has made progress in understanding cyber risks and collaborating with industry, but more work remains, including implementing a rule for gathering cyber incident data. [ more ]
CyberScoop
2 months ago
Information security

Forget AI: Physical threats are biggest risk facing the 2024 election

Physical threats to election administrators are a major concern overshadowing AI-related worries at the RSA Conference. [ more ]
#cybersecurity-threats
Axios
2 months ago
Artificial intelligence

How AI is turbocharging security issues

AI is empowering cybercriminals and making cybersecurity threats more sophisticated and widespread. [ more ]
ComputerWeekly.com
2 months ago
Information security

NCSC updates warning over hacktivist threat to CNI | Computer Weekly

Russia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.
NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin. [ more ]
Axios
2 months ago
Artificial intelligence

How AI is turbocharging security issues

AI is empowering cybercriminals and making cybersecurity threats more sophisticated and widespread. [ more ]
ComputerWeekly.com
2 months ago
Information security

NCSC updates warning over hacktivist threat to CNI | Computer Weekly

Russia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.
NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin. [ more ]
morecybersecurity-threats
Theregister
2 months ago
Information security

68 tech companies sign CISA's secure by design pledge

Tech giants sign CISA's Secure by Design pledge to enhance product security by committing to specific actions within a year. [ more ]
#cloud-security
Above the Law
2 months ago
Information security

Cloud Security Advice For Law Firms

Law firms are adopting a cloud-first mentality, but often overlook the importance of securing their cloud environment, leaving room for vulnerabilities. [ more ]
TechRepublic
5 months ago
Privacy professionals

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

The Androxgh0st malware is a botnet that collects cloud credentials and abuses the Simple Mail Transfer Protocol.
The malware targets websites using the Laravel web application framework to steal credentials and other sensitive data. [ more ]
Above the Law
2 months ago
Information security

Cloud Security Advice For Law Firms

Law firms are adopting a cloud-first mentality, but often overlook the importance of securing their cloud environment, leaving room for vulnerabilities. [ more ]
TechRepublic
5 months ago
Privacy professionals

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

The Androxgh0st malware is a botnet that collects cloud credentials and abuses the Simple Mail Transfer Protocol.
The malware targets websites using the Laravel web application framework to steal credentials and other sensitive data. [ more ]
morecloud-security
Theregister
2 months ago
Information security

CISA's KEV list improving private and public-sector patching

CISA's Known Exploited Vulnerabilities catalog deadlines are positively affecting private organizations' vulnerability remediation timeline. [ more ]
Theregister
2 months ago
Information security

CISA expects devs to squash old directory traversal bugs

CISA urges software industry to address directory traversal vulnerabilities. [ more ]
Nextgov.com
2 months ago
Information security

House cyber chairman tries again to undo SEC cyber disclosure rules

Rep. Andrew Garbarino aims to dissolve SEC cybersecurity incident disclosure rule, favoring Cybersecurity and Infrastructure Security Agency for handling such disclosures. [ more ]
Nextgov.com
5 months ago
Privacy professionals

Contracts featuring automation, built-in security can boost agencies' cyber defenses, VA officials say

Automating legacy systems and prioritizing built-in security in contracts can enhance cyber resilience at federal agencies.
The Department of Veterans Affairs oversees a significant portion of IT assets in the federal civilian space and relies on CISA for cybersecurity implementation. [ more ]
#china
CyberScoop
5 months ago
Privacy professionals

CISA orders Ivanti devices targeted by Chinese hackers be disconnected

Federal agencies running Ivanti Connect Secure or Ivanti Policy Secure devices must disconnect them due to cyber espionage linked to China.
CISA has issued instructions for updating and bringing the devices back online. [ more ]
CyberScoop
5 months ago
Privacy professionals

CISA, FBI warns of Chinese-manufactured drones

The Cybersecurity and Infrastructure Security Agency and the FBI warn about potential threats from Chinese-made drones on critical infrastructure.
The guidance advises critical infrastructure owners and operators to reduce risk by purchasing drones from U.S. companies. [ more ]
CyberScoop
5 months ago
Privacy professionals

CISA orders Ivanti devices targeted by Chinese hackers be disconnected

Federal agencies running Ivanti Connect Secure or Ivanti Policy Secure devices must disconnect them due to cyber espionage linked to China.
CISA has issued instructions for updating and bringing the devices back online. [ more ]
CyberScoop
5 months ago
Privacy professionals

CISA, FBI warns of Chinese-manufactured drones

The Cybersecurity and Infrastructure Security Agency and the FBI warn about potential threats from Chinese-made drones on critical infrastructure.
The guidance advises critical infrastructure owners and operators to reduce risk by purchasing drones from U.S. companies. [ more ]
morechina
Nextgov.com
5 months ago
Privacy professionals

Biden to veto any efforts to shutter SEC cyber disclosure rules

The White House reaffirmed its commitment to a SEC rule on cybersecurity disclosures and stated that President Biden would veto any efforts to eliminate the regulation.
Lawmakers both in the Senate and the House have proposed measures to nullify the SEC rule, arguing that disclosing cyber incidents could compromise businesses and national security. [ more ]
BleepingComputer
5 months ago
Information security

CISA: Vendors must secure SOHO routers against Volt Typhoon attacks

CISA and the FBI are urging manufacturers of small office/home office (SOHO) routers to enhance their security against attacks by state-backed hacking groups like Volt Typhoon.
The agencies are advising vendors to eliminate vulnerabilities in router web management interfaces during the design and development stages. [ more ]
#CISA
Theregister
7 months ago
Information security

CISA finally removes dud vulnerability from must-patch list

CISA has removed a security vulnerability (CVE-2022-28958) from its Known Exploited Vulnerability catalog after it was found to be a fake vulnerability.
The vulnerability was thought to be a critical remote code execution flaw but had no impact on the systems it targeted. [ more ]
Databreaches
7 months ago
Information security

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors.
The vulnerability (CVE-2023-26360) allows for arbitrary code execution and affects ColdFusion 2018 and ColdFusion 2021 versions. [ more ]
Dark Reading
7 months ago
Information security

Exploited Vulnerabilities Can Take Months to Make KEV List

CISA added known software flaws to its KEV catalog months after they were disclosed and exploited.
The delayed updates to the KEV catalog can hinder security teams' patching efforts and put organizations at risk.
The examples of Adobe, Juniper, and Veeam demonstrate the long lead time for vulnerabilities to be included in the KEV catalog. [ more ]
www.databreaches.net
7 months ago
Public health

CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector

CISA has released a mitigation guide for the Healthcare and Public Health sector to combat cyber threats.
The guide provides defensive mitigation strategy recommendations and identifies known vulnerabilities for organizations to assess their networks.
HPH entities are encouraged to visit CISA's Healthcare and Public Health Cybersecurity Toolkit and Sector webpages for more information. [ more ]
Dark Reading
7 months ago
Privacy professionals

Scattered Spider Casino Hackers Evade Arrest in Plain Sight

The cybercrime group known as Scattered Spider is still operating and attacking US organizations despite being known to law enforcement for over six months.
Law enforcement's failure to make arrests or disrupt the group's activities is seen as a failure in cybersecurity law enforcement.
The FBI and CISA have released an advisory on Scattered Spider, providing recommendations for organizations to improve their cybersecurity posture. [ more ]
SecurityWeek
7 months ago
Information security

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA added Sophos, Oracle, and Microsoft product flaws to its Known Exploited Vulnerabilities catalog.
The Sophos flaw CVE-2023-1671 is a critical vulnerability that can be exploited for arbitrary code execution.
CVE-2020-2551 is an Oracle WebLogic Server flaw targeted by a Chinese threat actor in attacks on government and critical infrastructure organizations in Taiwan. [ more ]
Theregister
7 months ago
Information security

CISA finally removes dud vulnerability from must-patch list

CISA has removed a security vulnerability (CVE-2022-28958) from its Known Exploited Vulnerability catalog after it was found to be a fake vulnerability.
The vulnerability was thought to be a critical remote code execution flaw but had no impact on the systems it targeted. [ more ]
Databreaches
7 months ago
Information security

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors.
The vulnerability (CVE-2023-26360) allows for arbitrary code execution and affects ColdFusion 2018 and ColdFusion 2021 versions. [ more ]
Dark Reading
7 months ago
Information security

Exploited Vulnerabilities Can Take Months to Make KEV List

CISA added known software flaws to its KEV catalog months after they were disclosed and exploited.
The delayed updates to the KEV catalog can hinder security teams' patching efforts and put organizations at risk.
The examples of Adobe, Juniper, and Veeam demonstrate the long lead time for vulnerabilities to be included in the KEV catalog. [ more ]
www.databreaches.net
7 months ago
Public health

CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector

CISA has released a mitigation guide for the Healthcare and Public Health sector to combat cyber threats.
The guide provides defensive mitigation strategy recommendations and identifies known vulnerabilities for organizations to assess their networks.
HPH entities are encouraged to visit CISA's Healthcare and Public Health Cybersecurity Toolkit and Sector webpages for more information. [ more ]
Dark Reading
7 months ago
Privacy professionals

Scattered Spider Casino Hackers Evade Arrest in Plain Sight

The cybercrime group known as Scattered Spider is still operating and attacking US organizations despite being known to law enforcement for over six months.
Law enforcement's failure to make arrests or disrupt the group's activities is seen as a failure in cybersecurity law enforcement.
The FBI and CISA have released an advisory on Scattered Spider, providing recommendations for organizations to improve their cybersecurity posture. [ more ]
SecurityWeek
7 months ago
Information security

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA added Sophos, Oracle, and Microsoft product flaws to its Known Exploited Vulnerabilities catalog.
The Sophos flaw CVE-2023-1671 is a critical vulnerability that can be exploited for arbitrary code execution.
CVE-2020-2551 is an Oracle WebLogic Server flaw targeted by a Chinese threat actor in attacks on government and critical infrastructure organizations in Taiwan. [ more ]
moreCISA
Theregister
7 months ago
Information security

CISA reveals how fed agency succumbed to ColdFusion attacks

A federal agency had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability.
The agency failed to patch the vulnerability for more than three months after the deadline set by CISA. [ more ]
Tripwire
4 weeks ago
Information security

Watch Out! CISA Warns It Is Being Impersonated By Scammers

CISA warns of increasing impersonation scams targeting individuals for fraud. [ more ]
[ Load more ]