Tag: Cybersecurity and Infrastructure Security Agency
-
Alerts: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies
Source URL: https://www.cisa.gov/news-events/alerts/2024/12/05/asds-acsc-cisa-and-us-and-international-partners-release-guidance-choosing-secure-and-verifiable Source: Alerts Title: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Feedly Summary: Today, CISA—in partnership with the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), and other international partners—released updates to a Secure by Design Alert, Choosing Secure and Verifiable Technologies. Partners…
-
Alerts: CISA Releases New Public Version of CDM Data Model Document
Source URL: https://www.cisa.gov/news-events/alerts/2024/12/04/cisa-releases-new-public-version-cdm-data-model-document Source: Alerts Title: CISA Releases New Public Version of CDM Data Model Document Feedly Summary: Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an updated public version of the Continuous Diagnostics and Mitigation (CDM) Data Model Document. Version 5.0.1 aligns with fiscal year 2023 Federal Information Security Modernization Act (FISMA) metrics.…
-
Slashdot: US Senators Propose Law To Require Bare Minimum Security Standards
Source URL: https://it.slashdot.org/story/24/11/26/1855253/us-senators-propose-law-to-require-bare-minimum-security-standards?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: US Senators Propose Law To Require Bare Minimum Security Standards Feedly Summary: AI Summary and Description: Yes Summary: The proposed Health Care Cybersecurity and Resiliency Act of 2024 emphasizes the importance of cybersecurity in the healthcare sector, mandating multifactor authentication and stronger incident reporting requirements. This legislation reflects a…
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2024/11/25/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28461 Array Networks AG and vxAG ArrayOS Improper Authentication Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors…
-
Alerts: 2024 CWE Top 25 Most Dangerous Software Weaknesses
Source URL: https://www.cisa.gov/news-events/alerts/2024/11/20/2024-cwe-top-25-most-dangerous-software-weaknesses Source: Alerts Title: 2024 CWE Top 25 Most Dangerous Software Weaknesses Feedly Summary: The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering and Development Institute (HSSEDI), operated by MITRE, has released the 2024 CWE Top 25 Most Dangerous Software Weaknesses. This annual list identifies the most critical…
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2024/11/20/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors…
-
Alerts: USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication
Source URL: https://www.cisa.gov/news-events/alerts/2024/11/20/usda-releases-success-story-detailing-implementation-phishing-resistant-multi-factor-authentication Source: Alerts Title: USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication Feedly Summary: Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Department of Agriculture (USDA) released Phishing-Resistant Multi-Factor Authentication (MFA) Success Story: USDA’s FIDO Implementation. This report details how USDA successfully implemented phishing-resistant authentication for its…