CVEs News CISA warns of high-severity vulnerability in once-popular Microsoft product Security agency adds CVE-2012-4792 to its catalogue of known vulns and warns it can "execute arbitrary code via a crafted web site" Azania Imtiaz Patel July 25, 2024
cyberattack ransomware News Cyberattack disrupts 911 emergency services in California Incident blamed on 'relatively new' gang of cybercriminals. Azania Imtiaz Patel July 16, 2024
Cybersecurity vulnerabilities DevSecOps CISO News Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit... Fix up, look sharp: Uncle Sam is running out of patience with tech firms shipping insecure software. Vendors? Get familiar with the phrase "query parameterization"... Edward Targett June 26, 2024
Cybersecurity chemicals News CISA breach: Hackers gained access to chemical sector's vulnerability assessments Cybersecurity agency's cybersecurity appliance breached (yes, everything is broken) but no exfiltration seen says CISA The Stack June 25, 2024
cybersecurity FBI News FBI reveals Zero Trust adoption plans in $8 billion IT budget Crime fighters prioritise internal network security in the wake of major data breach Azania Imtiaz Patel June 10, 2024
ransomware Black Basta Cybersecurity News Fresh Black Basta TTPs revealed as CISA says CNI hit Ransomware group using "Backstab" to kill EDR processes. Francesca Dean May 13, 2024
News Microsoft CISA issues warning over 'Midnight Blizzard' Microsoft attack CISA has posted a new directive for US government agencies regarding targeted attacks by the Midnight Blizzard hacking team that also hit Microsoft Shaun Nichols April 12, 2024
DHS operational technology News CISA talks up "game-changing" new data collection powers under Circia CISA is moving into what it hopes is the home stretch for drafting and enforcing stricter reporting rules for cybersecurity incidents Shaun Nichols March 28, 2024
