SEARCH
Archive
CISA Issues Emergency Directive For Ivanti Flaws, Warns of ‘Widespread Exploitation’
CISA said its new emergency directive for Ivanti zero-days is “based on widespread exploitation of vulnerabilities by multiple threat actors."
CISA: Threat Actors Targeting Unitronics Devices Used in Water Facilities
CISA is urging water facilities in the critical infrastructure sector to change the default passwords on their Unitronics devices and disconnect them from the internet after a water treatment facility in Pennsylvania was hit by a cyberattack.
CISA Outlines Plans to Tackle Open Source Software Security
In an Open Source Software Security Roadmap released on Tuesday, the agency said it wants to build up the capabilities to better understand the complex open source ecosystem and create visibility around the security risks in this landscape.
CISA Sounds Alarm on Critical Infrastructure Devices Vulnerable to Ransomware
As part of its Ransomware Vulnerability Warning Pilot program, CISA has notified more than 100 organizations that they are running internet-exposed devices with flaws that are frequently targeted by ransomware actors, including 26 alerts related to the MOVEit Transfer flaw.
Federal Agencies Now Required to Secure Internet-Exposed Network Devices
The new directive from CISA aims to help federal agencies identify and secure their network devices that are exposed to the public internet.