Current Activity

CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth

Today, CISA released CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth in coordination with the assessed organization. This Cybersecurity Advisory (CSA) details…

Comments Off

July 12, 2024

Current Activity

CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities

Today, CISA and FBI are releasing their newest Secure by Design Alert in the series, Eliminating OS Command Injection Vulnerabilities, in response to recent well-publicized threat actor campaigns that exploited OS…

Comments Off

July 11, 2024

Current Activity

CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40

CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) to release an advisory, People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in…

Comments Off

July 9, 2024

Current Activity

Progress Software Releases Security Bulletin for MOVEit Transfer

Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and…

Comments Off

June 29, 2024

Current Activity

CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs)

Today, CISA released Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities, a detailed report exploring challenges to SSO adoption by small and medium-sized…

Comments Off

June 21, 2024

Current Activity

Microsoft Releases June 2024 Security Updates

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and…

Comments Off

June 12, 2024

Current Activity

Cisco Releases May 2024 Cisco ASA, FMC, and FTD Software Security Publication

Cisco released a bundled publication for security advisories that address vulnerabilities in Cisco Adaptive Security Appliance (ASA), Firepower Management Center (FMC), and Firepower Threat Defense (FTD) software. A cyber threat…

Comments Off

May 25, 2024

Current Activity

Rockwell Automation Encourages Customers to Assess and Secure Public-Internet-Exposed Assets

Rockwell Automation has released guidance encouraging users to remove connectivity on all Industrial Control Systems (ICS) devices connected to the public-facing internet to reduce exposure to unauthorized or malicious cyber…

Comments Off

May 22, 2024

Current Activity

CISA and Partners Release Advisory on Black Basta Ransomware

Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint…

Comments Off

May 11, 2024

Current Activity

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies

Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), together with CISA, the Canadian Centre for Cyber Security (CCCS), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and…

Comments Off

May 10, 2024