CISA

Subscribe to CISA via RSS

On August 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory entitled “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System.” The Advisory warns that People’s Republic of China (PRC) sponsored advanced persistent threat (APT) actors “are targeting networks globally, including, but not limited to, telecommunications, government

In this line of work, I am often asked if law enforcement is ever successful in finding and punishing the threat actors who have wreaked havoc on U.S. businesses and stolen millions of dollars in ransomware attacks. I am so pleased to report that—although few and far between, and very difficult to accomplish—there are wins

On August 11, 2025, the Pennsylvania Office of Attorney General (PA AG) issued a statement on its Facebook account regarding a cyber incident that had affected PA AG systems, including its website, email accounts, and phone lines.

The PA AG has not shared a specific cause of the incident. However, security researcher Kevin Beaumont recognized

The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning that cyber actors affiliated with the Russian military are targeting critical infrastructure, government services, financial services, transportation systems, energy, and healthcare sectors of NATO

The Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Department of Defense Cyber Crime Center (DC3) issued a joint alert on August 28, 2024, warning U.S.-based organizations that cyber actors, “known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm,” are targeting and exploiting U.S. organizations

On August 1, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) announced the appointment of its first CISA Chief Artificial Intelligence Officer. The appointee, Lisa Einstein, served as CISA’s Senior Advisor for AI and as Executive Director of CISA’s Cybersecurity Advisory Committee, advising CISA on the reduction of risk to critical infrastructure. She earned a

The city of Columbus, Ohio, announced on May 29, 2024, that it was forced to take its systems offline due to a ransomware attack. According to its notice, the attack was perpetrated by “an established, sophisticated threat actor operating overseas,” and that it was working with law enforcement to investigate the incident.

According to