Network Security CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance The US cybersecurity agency CISA issues cybersecurity recommendations for the healthcare and public health sector. Ionut ArghireDecember 18, 2023
Government CISA Seeks Public Opinion on Google Workspace Secure Configuration Baselines CISA is asking for public opinion on SCuBA secure configuration baselines for nine Google Workspace services. Ionut ArghireDecember 13, 2023
Cyberwarfare CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks. Ryan NaraineDecember 7, 2023
Security Architecture CISA Debuts ‘Secure by Design’ Alert Series New CISA alerts shed light on the harm occurring when software vendors fail to implement secure by design principles. Ionut ArghireNovember 30, 2023
Government CISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure Entities New CISA pilot program brings cutting-edge cybersecurity services to critical infrastructure entities that need support. Ionut ArghireNovember 21, 2023
Artificial Intelligence CISA Outlines AI-Related Cybersecurity Efforts CISA details its efforts to promote the use of AI in cybersecurity and guide critical infrastructure in adopting AI. Ionut ArghireNovember 15, 2023
Government CISA, HHS Release Cybersecurity Healthcare Toolkit CISA and the HHS have released resources for healthcare and public health organizations to improve their security. Ionut ArghireOctober 26, 2023
Vulnerabilities US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability CISA, FBI, and MS-ISAC warn of potential widespread exploitation of CVE-2023-22515, a critical vulnerability in Atlassian Confluence. Ionut ArghireOctober 17, 2023
Government CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware CISA is now flagging vulnerabilities and misconfigurations that are known to be exploited in ransomware attacks. Ionut ArghireOctober 13, 2023
Vulnerabilities CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range. Eduard KovacsOctober 6, 2023
Government Government Shutdown Could Bench 80% of CISA Staff Roughly 80% of CISA staff will be sent home at the end of the week in case of a government shutdown. Eduard KovacsSeptember 28, 2023
Government CISA Unveils New HBOM Framework to Track Hardware Components CISA unveils a new Hardware Bill of Materials (HBOM) framework for buyers and sellers to communicate about components in physical products. Ryan NaraineSeptember 27, 2023