Security News

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
2024-12-24 09:25

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities...

CISA: Use Signal or other secure communications app
2024-12-20 12:19

In the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, CISA is advising “highly...

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
2024-12-20 04:30

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to...

CISA orders federal agencies to secure their Microsoft cloud environments
2024-12-19 12:58

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud...

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01
2024-12-19 10:00

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and...

CISA urges switch to Signal-like encrypted messaging apps after telecom hacks
2024-12-18 18:19

Today, CISA urged senior government and political officials to switch to end-to-end encrypted messaging apps like Signal following a wave of telecom breaches across dozens of countries, including...

CISA orders federal agencies to secure Microsoft 365 tenants
2024-12-17 20:01

​CISA has issued this year's first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required...

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
2024-12-17 05:47

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in...

CISA confirms critical Cleo bug exploitation in ransomware attacks
2024-12-13 21:24

CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. [...]

CISA warns water facilities to secure HMI systems exposed online
2024-12-13 19:34

CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. [...]