Tag: Cybersecurity and Infrastructure Security Agency (CISA)
-
The Register: Cyber congressman demands answers before CISA gets cut down to size
Source URL: https://www.theregister.com/2025/04/14/swalwell_cisa_cuts/ Source: The Register Title: Cyber congressman demands answers before CISA gets cut down to size Feedly Summary: What’s the goal here, Homeland Insecurity or something? As drastic cuts to the US govt’s Cybersecurity and Infrastructure Security Agency loom, Rep Eric Swalwell (D-CA), the ranking member of the House’s cybersecurity subcommittee, has demanded…
-
The Register: As CISA braces for more cuts, threat intel sharing takes a hit
Source URL: https://www.theregister.com/2025/04/08/cisa_cuts_threat_intel/ Source: The Register Title: As CISA braces for more cuts, threat intel sharing takes a hit Feedly Summary: Will ‘gutting’ the civilian defense agency make American cybersecurity great again? Analysis Slashing staff at the US govt’s Cybersecurity and Infrastructure Security Agency, aka CISA, and scrapping vital programs, isn’t exactly boosting national security,…
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/03/31/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20439 Cisco Smart Licensing Utility Static Credential Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…
-
Alerts: CISA Releases Four Industrial Control Systems Advisories
Source URL: https://www.cisa.gov/news-events/alerts/2025/03/25/cisa-releases-four-industrial-control-systems-advisories Source: Alerts Title: CISA Releases Four Industrial Control Systems Advisories Feedly Summary: CISA released four Industrial Control Systems (ICS) advisories on March 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-084-01 ABB RMC-100 ICSA-25-084-02 Rockwell Automation Verve Asset Manager ICSA-25-084-03 Rockwell Automation 440G TLS-Z…
-
The Register: Ex-NSA boss: Good news. Election security focus helped dissuade increase in Russian meddling with US
Source URL: https://www.theregister.com/2025/03/23/nsa_rogers_russia/ Source: The Register Title: Ex-NSA boss: Good news. Election security focus helped dissuade increase in Russian meddling with US Feedly Summary: Plus AI in the infosec world, why CISA should know its place, and more Interview Russia appears to be having second thoughts on how aggressively, or at least how visibly, it…
-
Schneier on Security: Critical GitHub Attack
Source URL: https://www.schneier.com/blog/archives/2025/03/critical-github-attack.html Source: Schneier on Security Title: Critical GitHub Attack Feedly Summary: This is serious: A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally targeted the widely used “tj-actions/changed-files” utility, is now believed to have originated from an…
-
Alerts: CISA Releases Seven Industrial Control Systems Advisories
Source URL: https://www.cisa.gov/news-events/alerts/2025/03/18/cisa-releases-seven-industrial-control-systems-advisories Source: Alerts Title: CISA Releases Seven Industrial Control Systems Advisories Feedly Summary: CISA released seven Industrial Control Systems (ICS) advisories on March 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-077-01 Schneider Electric EcoStruxure Power Automation System User Interface (EPAS-UI) ICSA-25-077-02 Rockwell Automation Lifecycle…
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/03/13/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24201 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability CVE-2025-21590 Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability These types of vulnerabilities are…