Former President Joe Biden issued an Executive Order (EO) entitled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity” on January 16, 2025. The EO is designed to
Cybersecurity and Infrastructure Agency
Joint Advisory Lists Top Routinely Exploited Vulnerabilities
On November 12, 2024, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency, along with its security partners in Australia, Canada, New Zealand, and the United Kingdom, issued the cybersecurity advisory “2023 Top Routinely Exploited Vulnerabilities,” outlining top vulnerabilities impacting companies across the free world.
The…
Update on Snowflake Cyber Threat
On June 2, 2024, cloud service provider Snowflake reported increased cyber threat activity targeting some of its customer’s accounts. Snowflake recommended that customers review unusual activity to detect and prevent unauthorized user access.
The Cybersecurity and Infrastructure Agency (CISA) then sent an alert on June 3, 2024, recommending that Snowflake customers “hunt for malicious activity…
Privacy Tip #398 – Cybersecurity Agencies Issue Guidance for Civil Society on Mitigating Cyber Threats
The Cybersecurity and Infrastructure Security Agency (CISA) and its partners recently issued helpful guidance for entities that have limited resources to address cyber threats. The guidance, entitled “Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society,” is targeted to assist civil society—“nonprofit, advocacy, cultural, faith-based, academic, think tanks, journalist, dissident, and diaspora organizations, communities…
Cisco Releases Updates to Vulnerabilities in Firewall Platforms
The Cybersecurity and Infrastructure Agency (CISA) has published an Alert confirming that Cisco has released security updates to its firewall platforms. The releases apply to Cisco’s ArcaneDoor zero-day vulnerabilities applicable to Cisco’s Adaptive Security Appliances devices and its Firepower Threat Defense software.
The exploitation of CVE 2024-20353 and CVE-2024-20359 has been confirmed, and the identified…