The Stack

About
Partner

Sign in Subscribe

CISA

CISA's going to name and shame vendors on insecure software

CISA

CISA's going to name and shame vendors on insecure software

"When we see a vulnerability or intrusion campaign that could have been reasonably avoided if the software manufacturer had aligned to secure by design principles, we’ll call it out"

Ivanti and Veeam bugs fall under attack

News

Ivanti and Veeam bugs fall under attack

CISA has sounded the alarm over a pair of actively targeted vulnerabilities in Ivanti and Veeam software

The Big Interview: CISA’s $7 billion CDM program aims to run pan-federal cybersecurity. Is it delivering?

Interviews

The Big Interview: CISA’s $7 billion CDM program aims to run pan-federal cybersecurity. Is it delivering?

"We have gotten very smart on how to do business with agencies and build in flexibility into our contracting vehicles. We took an approach early on to divide and conquer..."

NetScaler vulnerability, CVE-2023-3519 IOCs

Citrix

Citrix zero day used to attack critical infrastructure -- IOCs and detections now available

Attackers dropped a webshell, collected and exfiltrated Active Directory data, then ran into some healthy obstacles...

Microsoft clams up over critical Azure key breach, security incident as attackers breach US agencies

Azure

Microsoft clams up over critical Azure key breach, security incident as attackers breach US agencies

Following a major security breach involving US federal agencies, Microsoft refuses to provide details on the incident

Known exploited list: 15 million systems still exposed

Cybersecurity

Known exploited list: 15 million systems still exposed

... and probably shot to high heaven with malware.

US agencies warn over "Royal" ransomware rise

Cybersecurity

US agencies warn over "Royal" ransomware rise

Phishing is key threat vector and a Blue Team bête noire...

IBM high speed file transfer software exploited by hackers

Cybersecurity

IBM high speed file transfer software exploited by hackers

A pre-auth RCE in IBM Aspera Faspex is being exploited in the wild

Critical controller bug could trigger traffic chaos: Software vendor ignores CISA outreach

Cybersecurity

Critical controller bug could trigger traffic chaos: Software vendor ignores CISA outreach

One of 14 new advisories on vulnerable ICS software...

Defending against Hive ransomware: It's time to use the attackers' tools

Featured

Defending against Hive ransomware: It's time to use the attackers' tools

And, um, do you know how to restore from backup without Active Directory?

GIGABYTE drivers are getting exploited warns CISA as 2018 bugs come back to bite

Cybersecurity

GIGABYTE drivers are getting exploited warns CISA as 2018 bugs come back to bite

POCs have circulated for years...

US agencies ordered to run asset discovery scans every single week

Cybersecurity

US agencies ordered to run asset discovery scans every single week

Knock Knock. Who's there? Multiple APTs, patch your shit.

See all

The Stack

Interviews, Insight, Intelligence for Digital Leaders

The Stack

Sign up

Powered by Ghost

The Stack

Interviews, Insight, Intelligence for Digital Leaders