#cisa

#cisa

The Royal ransomware operation has rebranded to BlackSuit, demanding large ransoms. Trend Micro identifies it as one of the most prolific digital extortion groups.

Ransomware strain BlackSuit demands up to $500 million in ransoms, with individual demands reaching $60 million.

A red team exercise by CISA exposed major security weaknesses in an unnamed federal agency's critical assets in 2023.

CISA and allied agencies have issued a guide to strengthen cybersecurity measures for communications providers against advanced persistent threats from cyber actors.

The Ivanti Cloud Service Appliance 4.6 and below has a significant vulnerability that is actively exploited, necessitating urgent updates to CSA 5.0.

Lisa Einstein appointed as CISA's first Chief AI Officer to enhance cybersecurity with AI technologies.

Brad Smith urges the Trump administration to continue strong cyber security measures against state-sponsored threats from nations like Russia, China, and Iran.

The CrowdStrike IT outage raises questions about our dependence on certain organizations and their role in maintaining cyber security.

The integrity of the 2024 elections has been affirmed as secure with no evidence of malicious activity impacting it.

CISA receives positive audit ratings for election security but has decreased disinformation efforts.

Physical threats to election administrators are a major concern overshadowing AI-related worries at the RSA Conference.

CISA is confident in the protection of U.S. election infrastructure for 2024, with improved security measures.

CISA reports no significant threats to the security of today's presidential election.

CISA is developing AI security initiatives, emphasizing the importance of human oversight in cybersecurity processes despite the hype around AI technology.

More than 180 software companies have committed to CISA's Secure by Design Pledge to enhance product security by integrating security principles into the design and manufacturing process.

CISA added a critical Linux security bug, CVE-2024-1086, actively exploited, granting privilege escalation through a use-after-free vulnerability in Linux kernel versions 5.14-6.6.

A maximum severity vulnerability in GitLab allows account hijacking without user interaction.

AI is empowering cybercriminals and making cybersecurity threats more sophisticated and widespread.

Russia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.

NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin.