The Cybersecurity and Infrastructure Security Agency (CISA) has added two new Common Vulnerabilities and Exposures (CVEs) listings to its already extensive website catalog of CVEs, the agency said in a Twitter posting on Nov.28. […]
Since July 2021, the Hive ransomware group has victimized over 1,300 companies worldwide and received about $100 million in ransom payments, according to the Federal Bureau of Investigation (FBI). […]
The Cybersecurity and Infrastructure Security Agency (CISA) along with the National Security Agency (NSA) and the Office of the Director of National Intelligence (ODNI) published the final part of the three-part series on securing supply chains on Nov. 17. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced on Nov. 22 the release of a new update on the agency’s Infrastructure Resilience Planning Framework (IRPF) which helps state, local, tribal, and territorial planners protect technological infrastructure. […]
The General Services Administration (GSA) filed a request for information (RFI) on behalf of the Cybersecurity and Infrastructure Security Agency (CISA) to gather industry feedback on a potential cyber threat intelligence exchange platform. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has named Dr. Elizabeth Kolmstetter the agency’s first-ever Chief People Officer. […]
Iranian nation-state threat actors breached a Federal agency’s network before deploying malware, including a credential harvester and a cryptocurrency miner, according to a joint advisory released on Nov. 16, by the Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA). […]
The Government Accountability Office (GAO) said in a Nov. 16 report that Federal agencies need to up their ransomware assistance for state, local, Tribal, and territorial (SLTT) government organizations – including schools – by improving interagency collaboration, awareness, outreach, communication, and coordination with schools. […]
The Cybersecurity and Infrastructure Agency (CISA) has outlined critical steps for the prioritization of software vulnerability remediation by Federal agencies and the private sector. However, the success of these steps relies on software vendors providing the necessary information for this process. […]
A Cybersecurity and Infrastructure Security Agency (CISA) official told attendees at the Nov. 9 Red Hat Government Symposium that the agency’s efforts to improve security threat hunting within Federal government networks relies on speeding threat data to end users who can best use it. […]
The nation’s voting infrastructure received a clean bill of health today for its 2022 midterm election performance from the government’s top civilian cybersecurity agency, even as the outcome of numerous close election contests remained unknown late into the day after the elections. […]
As Federal agencies work through the second year of implementing the Biden administration’s cybersecurity executive order issued in May 2021, one benefit not enumerated in the order is coming into view: chief information officers (CIO) and security officials are getting a bigger seat at the table with agency leadership. […]
The Cybersecurity and Infrastructure Security Agency said Tuesday afternoon that it was seeing relatively smooth sailing for voting infrastructure and processes across the United States with polls open in all 50 states for the 2022 midterm elections. […]
Former Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs indicated today he sees no threats to election infrastructure that would jeopardize a fair midterm election, and bitterly decried people that cast doubt on the integrity of the election process with no firm evidence to back up their claims. […]
As agencies work to implement the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program capabilities, agency officials today said that operational technology (OT) has proved to be “one of the biggest challenges” for the program – and represents an unknown territory for both CISA and partner agencies. […]
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), said today that her agency has found no “credible” threats that would disrupt U.S. elections infrastructure. […]
The Department of Education and the Cybersecurity and Infrastructure Security Agency (CISA) need to do better in coordinating efforts to aid K-12 schools in cybersecurity, according to a recent report by the Government Accountability Office (GAO). […]
The Cybersecurity and Infrastructure Security Agency (CISA) along with the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) released a new Cybersecurity Advisory (CSA) on Oct. 21 warning about ransomware attacks by the Daixin Team hacking group. The advisory says the Daixin Team has been targeting U.S. healthcare organizations […]
The Cybersecurity and Infrastructure Security Agency (CISA) on Oct. 20 released new security configuration baseline recommendations for Microsoft 365 cloud services. […]
Sen. Jacky Rosen, D-Nev., requested information on Oct. 17 from the Department of Transportation (DoT) and the Cybersecurity and Infrastructure Security Agency (CISA) about cyberattacks that targeted the U.S. aviation sector last week. […]
With the U.S. midterm elections just around the corner and security concerns running high, a new survey finds that three-quarters of local election websites are not using the .gov domain to help boost site security and engender a higher degree of user trust. […]
Improving the cybersecurity of the water critical infrastructure sector, K-12 schools, and healthcare sector are among the top priorities for the Cybersecurity and Infrastructure Security Agency (CISA), agency Director Jen Easterly said today during Mandiant’s mWISE conference in Washington. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) Program is helping Federal agencies to make progress on mandates in President Biden’s cybersecurity executive order to install endpoint detection and response (EDR) on their networks, a senior CISA official said. […]
Rep. Ritchie Torres, D-N.Y., asked Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly in an Oct. 14 letter for a rundown on how CISA is carrying out its outsized role as risk manager for about half of the U.S. critical infrastructure sectors designated by the Department of Homeland Security (DHS). […]
The Cybersecurity and Infrastructure Security Agency (CISA) is chalking up two significant milestone victories in its ongoing campaign to help Federal agencies put into action recent cybersecurity improvement mandates. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has selected Mona Harrington to be the assistant director for the agency’s National Risk Management Center (NRMC), a position she has been serving on a temporary basis since March. […]
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) released an advisory this week detailing how multiple nation-state hacking groups potentially targeted a Defense Industrial Base (DIB) sector organization’s enterprise network as part of a cyber espionage campaign. […]
In a public service announcement (PSA) issued Oct. 4., the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said they believe that “any attempts by cyber actors to compromise election infrastructure are unlikely to result in largescale disruptions or prevent voting.” […]
Federal officials urged state and local government and education leaders this week to focus on some of the Federal government’s top existing resources in the fight against ransomware attacks – including one principle that’s easy to say but harder to do – don’t meet ransom demands. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has opened their annual, voluntary cybersecurity assessment for state, local, tribal, and territorial (SLTT) entities across the nation and aims to provide a broad picture of the current cybersecurity gaps and capabilities. […]