Vulnerabilities CISA: Several Old Linux Vulnerabilities Exploited in Attacks Several old Linux vulnerabilities for which there are no public reports of malicious exploitation have been added to CISA’s KEV catalog. Eduard KovacsMay 15, 2023
Government CISA Introduces Secure-by-design and Secure-by-default Development Principles CISA has described and published a set of principles for the development of security-by-design and security-by-default cybersecurity products. Kevin TownsendApril 14, 2023
Ransomware CISA Gets Proactive With New Pre-Ransomware Alerts CISA has sent notifications to more than 60 organizations as part of a new initiative to alert entities of early-stage ransomware attacks. Ionut ArghireMarch 24, 2023
Supply Chain Security OpenVEX Spec Adds Clarity to Supply Chain Vulnerability Warnings Chainguard OpenVEX Spec adds clarity to Supply Chain Vulnerability warnings specifications to help software vendors and maintainers communicate precise metadata about the vulnerability status... Ryan NaraineJanuary 31, 2023
Vulnerabilities Exploited Control Web Panel Flaw Added to CISA ‘Must-Patch’ List CISA gave federal agencies a February deadline to patch a critical vulnerability in the CentOS Control Web Panel utility. Ryan NaraineJanuary 18, 2023