Current Activity

CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1

Original release date: June 28, 2022 CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication ("Modern Auth") before Microsoft begins permanently disabling…

Comments Off

June 28, 2022

Current Activity

2022 CWE Top 25 Most Dangerous Software Weaknesses

Original release date: June 28, 2022The Homeland Security Systems Engineering and Development Institute, sponsored by CISA and operated by MITRE, has released the 2022 Common Weakness Enumeration (CWE) Top 25…

Comments Off

June 28, 2022

Current Activity

CISA Adds Eight Known Exploited Vulnerabilities to Catalog  

Original release date: June 27, 2022CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack…

Comments Off

June 27, 2022

Current Activity

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

Original release date: June 23, 2022 CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors,…

Comments Off

June 23, 2022

Current Activity

CISA Releases Cloud Security Technical Reference Architecture

Original release date: June 23, 2022CISA has released its Cloud Security (CS) Technical Reference Architecture (TRA) to guide federal civilian departments and agencies in securely migrating to the cloud. Co-authored…

Comments Off

June 23, 2022

Current Activity

CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

Original release date: June 16, 2022CISA has released Trusted Internet Connections (TIC) 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data,…

Comments Off

June 16, 2022

Current Activity

CISA Adds One Known Exploited Vulnerability to Catalog 

Original release date: June 14, 2022CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack…

Comments Off

June 14, 2022

Current Activity

Citrix Releases Security Updates for Application Delivery Management

Original release date: June 14, 2022Citrix has released security updates to address vulnerabilities in Application Delivery Management. An attacker could exploit these vulnerabilities to take control of an affected system.…

Comments Off

June 14, 2022

Current Activity

Microsoft Releases June 2022 Security Updates

Original release date: June 14, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected…

Comments Off

June 14, 2022

Current Activity

CISA Adds Three Known Exploited Vulnerabilities to Catalog  

Original release date: June 9, 2022CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent…

Comments Off

June 9, 2022