Articles about CISA

Recent shifts in US federal cybersecurity efforts, most notably cuts to key CISA programs and the disbanding of the Cyber Safety Review Board, are having an impact beyond Washington according to a new report.

Security automation company Swimlane surveyed 500 IT and security decision-makers across the US and UK The findings show how private-sector leaders are now shouldering greater responsibility for resilience, investment and public‑private coordination.

Continue reading →

A vulnerability in the Windows NTLM authentication protocol, which is known to have been actively exploited for at least a month, has been added to the US CISA’s Known Exploited Vulnerabilities Catalog.

While Microsoft deprecated NTLM last year, it remains widely used. Security researchers discovered the hash disclosure spoofing bug, and Microsoft quietly patched it in March. But the creation of a patch is one thing -- having users install it is something else. By adding the vulnerability, tracked as CVE-2025-24054, to its catalog, CISA is raising aware that action needs to be taken.

Continue reading →

Software-driven digital innovation is essential for competing in today's market, and the foundation of this innovation is code. However, there are widespread cracks in this foundation -- lines of bad, insecure, and poorly written code -- that manifest into tech debt, security incidents, and availability issues.

The cost of bad code is enormous, estimated at over a trillion dollars. Just as building a housing market on bad loans would be disastrous, businesses need to consider the impact of bad code on their success. The C-suite must take action to ensure that its software and its maintenance are constantly front of mind in order to run a world-class organization. Software is becoming a CEO and board-level agenda item because it has to be.

Continue reading →

The US Cybersecurity and Infrastructure Agency's (CISA) Secure Software Development Attestation Form rules come into force on June 11, 2024.

This requires software producers who work with the US government to adhere to and confirm the deployment of key security practices. But new research from Lineaje reveals that 80 percent of companies are not ready.

Continue reading →

As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in both sophistication and number.

A new report from Cado Security is based on analysis of real-world techniques employed by attackers using honeypot infrastructure. Last year Cado introduced 'Cloudypots', a new, more sophisticated, high-interaction honeypot system.

Continue reading →

The CISA has launched a new security tool designed to help protect various Microsoft cloud services. The open source Untitled Goose Tool is available for both Windows and macOS.

The utility was developed by the US Cybersecurity & Infrastructure Security Agency in conjunction with Sandia National Laboratories. The aim of the tool is to help to detect and respond to malicious activity in Microsoft Azure, Azure Active Directory (AAD) and Microsoft 365 (M365) environments.

Continue reading →

In a speech that lauded Apple for not only its security practices but also its transparency, Jen Easterly from the CISA said that Microsoft and Twitter needed to do more to keep their users secure.

The Cybersecurity and Infrastructure Security Agency director was speaking at Carnegie Mellon University where she made particular reference to multifactor authentication. Easterly praised Apple for enabling MFA by default while describing Microsoft and Twitter as "disappointing" in this area.

Continue reading →

The number of CVEs reported via ICS advisories has increased each year, with 2020-2021 seeing a 67.3 percent increase in CISA ICS CVEs, while 2021-2022 saw a two percent increase, according to a new report from SynSaber.

The growing volume of vulnerabilities highlights continued efforts to secure the ICS systems critical to a nation's energy, manufacturing, water, and transportation infrastructure. There's also a growing focus on regulation which means operators in critical infrastructure are under more pressure to analyze, mitigate, and report on new and existing vulnerabilities

Continue reading →

Do you know what IT devices are in your business or on your network right now? If not, it’s not just cybercriminals that might be knocking on your door very soon, but the White House.

Binding Operational Directive 23-01, or BOD 23-01, is a new directive from the U.S. Cybersecurity and Infrastructure Security Agency. CISA has issued a Binding Operational Directive (BOD) that orders federal agencies in the country to keep track of their IT assets and any vulnerabilities on their networks.

Continue reading →

The US Cybersecurity and Infrastructure Security Agency has issued a warning about a security issue with the UnRAR tool for Linux-based systems.

The vulnerability is being tracked as CVE-2022-30333, and if successfully exploited, the flaw could allow an attacker to use the process of unpacking an archive to write data to an area of storage.

Continue reading →

The National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have joined forces to publish guidelines design to help people make informed choices when selecting a VPN.

In the joint NSA-CISA information sheet, the organizations provide help and advice in a range of areas including not only choosing a reliable, trustworthy VPN, but also how to configure a VPN for maximum security and a reduced attack surface.

Continue reading →

Cybersecurity and Infrastructure Security Agency (CISA) has taken the extraordinary steps of issuing an emergency alert about a critical vulnerability in Windows.

CISA issued the warning to government departments, saying it "has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action". With Emergency Directive 20-04, the CISA requires agencies to install the August 2020 Security Update to mitigate against a vulnerability in Microsoft Windows Netlogon Remote Protocol.

Continue reading →