CISA

US gives federal agencies 48 hours to disconnect flawed Ivanti VPN tech

U.S. cybersecurity agency CISA has ordered federal agencies to urgently disconnect Ivanti VPN appliances given the risk of malicious exploitation due to multiple software flaws. In an update to an eme

CISA says US government agency was hacked thanks to ‘end of life’ software

U.S. cybersecurity agency CISA has warned that unknown hackers broke into the servers of a federal government agency by taking advantage of a previously known vulnerability in software that no longer

US, Norway say hackers have been exploiting Ivanti zero-day since April

Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software undetected for at least three months, U.S. and Norwegian cybersecurity agencies have warned. It was confirmed last w

CISA’s security-by-design initiative is at risk: Here’s a path forward

Success with security-by-design is at risk, both from the political challenges of implementation and the threat of unrealistic expectations.

US, Australia cyber agencies warn IDOR security flaws can be exploited ‘at scale’

U.S. and Australian government cybersecurity agencies are warning that common and easily exploitable security vulnerabilities in websites and web apps can be abused to carry out large-scale data breac

Scammers publish ads for hacking services on government websites

Scammers have published various advertisements for hacking services on the official websites of multiple U.S. state, county and local governments, a federal agency, as well as numerous universities. T

Critical-rated security flaw in Illumina DNA sequencing tech exposes patient data

The U.S. government has sounded the alarm about a critical software vulnerability found in genomics giant Illumina’s DNA sequencing devices, which hackers can exploit to modify or steal patients

Nation state hackers exploited years-old bug to breach a US federal agency

The U.S. government has warned that multiple cybercriminal gangs, including a nation state-backed hacking group, exploited a four-year-old software vulnerability in order to compromise a U.S. federal

US federal agencies hacked using legitimate remote desktop tools

The U.S. government’s cybersecurity agency has warned that criminal financially motivated hackers compromised federal agencies using legitimate remote desktop software. CISA said in a joint advisory

FBI, CISA say Cuba ransomware gang extorted $60M from victims this year

The Cuba ransomware gang extorted more than $60 million in ransom payments from victims between December 2021 and August 2022, a joint advisory from CISA and the FBI has warned. The latest advisory is

Iran-backed hackers breached a US federal agency that failed to patch year-old bug

The U.S. government’s cybersecurity agency says hackers backed by the Iranian government compromised a federal agency that failed to patch against Log4Shell, a vulnerability fixed almost a year

Everything we know so far about the ransomware attack on Los Angeles schools

Los Angeles Unified School District, or LAUSD — the second largest district in the U.S. with more than 1,000 schools and 600,000 students — confirmed this week that it was hit by a cyberattack ove

US government says North Korean hackers are targeting American healthcare organizations with ransomware

The FBI, CISA and the U.S. Treasury Department are warning that North Korean state-sponsored hackers are using ransomware to target healthcare and public health sector organizations across the United

US, UK and EU blame Russia for ‘unacceptable’ Viasat cyberattack

The U.S., U.K. and EU have formally blamed the Russian government for the February cyberattack against satellite communications provider Viasat, which triggered outages across central and eastern Euro

North Korean hackers are targeting blockchain companies with malicious crypto-stealing apps

The U.S. government has warned that North Korean state-backed hackers known as the Lazarus Group are targeting organizations in the blockchain industry using trojanized cryptocurrency applications. In

Shift5 raises $50M to defend transport networks from cyberattacks

You might not think much about the train or the airplane that gets you from one place to another, but behind any transportation link is a vast sprawling network of electronics, devices and data that k

US government offers $10M bounty for DarkSide ransomware hackers

The U.S. Department of State is upping the ante in its fight against ransomware by offering a reward of up to $10 million for information that helps identify or track down leaders of the notorious Dar

BlackMatter ransomware gang says it’s shutting down over law enforcement pressure

The BlackMatter ransomware operation, which came to prominence earlier this year following the demise of the DarkSide ransomware gang, is allegedly shutting down due to “pressure from the authoritie

CISA launches platform to let hackers report security bugs to US federal agencies

The Cybersecurity and Infrastructure Security Agency has launched a vulnerability disclosure program allowing ethical hackers to report security flaws to federal agencies. The platform, launched with

Biden’s cybersecurity dream team takes shape

President Biden has named two former National Security Agency veterans to senior government cybersecurity positions, including the first national cyber director. The appointments, announced Monday, la
Load More