CISA

Subscribe to CISA

The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored cyber actors since 2020.

According to the Alert, these threat actors “continue to exploit known vulnerabilities to actively target U.S. and allied networks as

Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’ systems.

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory following Microsoft’s release of the mitigation steps, encouraging “users and administrators to review

On June 2, 2022, CISA (the Cybersecurity and Infrastructure Security Agency), the FBI, the Department of the Treasury and the Financial Crimes Enforcement Network issued a joint Cybersecurity Alert warning companies of the Karakurt Team/Karakurt Lair extortion group, which has “employed a variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and

The Cybersecurity & Infrastructure Security Agency (CISA) added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 23, 2022, due to active exploitation by cyber criminals. The vulnerabilities are a “frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.”

Although the alert is directed at federal agencies

As we have pointed out before, it is cumbersome yet critical, to patch vulnerabilities on a timely basis. Cyber-attackers move swiftly to take advantage of known vulnerabilities and are aware of the challenges organizations have in closing those doors.

The Cybersecurity and Infrastructure Security Agency (CISA), along with its counterparts in other countries, issued a

The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity.”

According to

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of destructive malware that is being used to target organizations in Ukraine, with the ongoing warnings of increased cyber-attacks against U.S. organizations.

The malware, WhisperGate and HermeticWiper, is used to “destroy computer systems and render them inoperable.”

Organizations often struggle with budgeting for cybersecurity risk and mitigation. It’s hard to see the return on investment for prevention of things that attack the company through the clouds.

It is rare that help comes in the form of FREE services and tools offered by the federal government. The Cybersecurity & Infrastructure Security Agency (CISA)

The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the U.S. about cybersecurity risks during the ongoing escalation of tension between the U.S. and Russia over Ukraine.

According to the CISA Insights publication entitled “Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats,” “public and private entities in

The Cybersecurity & Infrastructure Security Agency (CISA), in tandem with the FBI and National Security Agency, issued a Cybersecurity Advisory on January 22, 2022, to warn organizations, and especially critical infrastructure operators, to be on heightened alert that Russian state-sponsored cyber operations may again use the tensions with the U.S. to attack U.S. companies.

The