Content Paint
Search
Sign in

CISA

cybersecurity  | Mar 13, 2024
US gov tells software suppliers exactly how it wants them to develop secure code
US gov tells software suppliers exactly how it wants them to develop secure code

As CISA reportedly admits two of its systems were breached in February due to Ivanti flaws

 |  CISA  | Feb 12, 2024
How secure is your package repo? CISA defines four levels of security maturity, starting at zero
How secure is your package repo? CISA defines four levels of security maturity, starting at zero

"Package managers are at a critical point in the open source ecosystem and have the capability to scale security improvements across open source ecosystems"

cyberattack  | Jan 30, 2024
Hack back: US disconnects Volt Typhoon
Hack back: US disconnects Volt Typhoon

"This actor is not doing the quiet intelligence collection and theft of secrets... they can disrupt major services if, and when, the order comes down,"

 |  CISA  | Nov 30, 2023
CISA's going to name and shame vendors on insecure software
CISA's going to name and shame vendors on insecure software

"When we see a vulnerability or intrusion campaign that could have been reasonably avoided if the software manufacturer had aligned to secure by design principles, we’ll call it out"

News  | Aug 25, 2023
Ivanti and Veeam bugs fall under attack
Ivanti and Veeam bugs fall under attack

CISA has sounded the alarm over a pair of actively targeted vulnerabilities in Ivanti and Veeam software

Interviews  | Aug 21, 2023
The Big Interview: CISA’s $7 billion CDM program aims to run pan-federal cybersecurity. Is it delivering?
The Big Interview: CISA’s $7 billion CDM program aims to run pan-federal cybersecurity. Is it delivering?

"We have gotten very smart on how to do business with agencies and build in flexibility into our contracting vehicles. We took an approach early on to divide and conquer..."

Citrix  | Jul 21, 2023
Citrix zero day used to attack critical infrastructure -- IOCs and detections now available
NetScaler vulnerability, CVE-2023-3519 IOCs

Attackers dropped a webshell, collected and exfiltrated Active Directory data, then ran into some healthy obstacles...

Azure  | Jul 13, 2023
Microsoft clams up over critical Azure key breach, security incident as attackers breach US agencies
Microsoft clams up over critical Azure key breach, security incident as attackers breach US agencies

Following a major security breach involving US federal agencies, Microsoft refuses to provide details on the incident

Cybersecurity  | Apr 10, 2023
Known exploited list: 15 million systems still exposed 
Known exploited list: 15 million systems still exposed 

... and probably shot to high heaven with malware.

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.