CISA warns that vulnerable SimpleHelp RMM instances have been exploited against a utility billing software provider’s customers.
The post SimpleHelp Vulnerability Exploited Against Utility Billing Software Users appeared first on SecurityWeek.
FBI Aware of 900 Organizations Hit by Play Ransomware
Play ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities.
The post FBI Aware of 900 Organizations Hit by Play Ransomware appeared first on SecurityWeek.
Vulnerabilities in CISA KEV Are Not Equally Critical: Report
New report says organizations should always consider environmental context when assessing the impact of vulnerabilities in CISA KEV catalog.
The post Vulnerabilities in CISA KEV Are Not Equally Critical: Report appeared first on SecurityWeek.
Companies Warned of Commvault Vulnerability Exploitation
CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments.
The post Companies Warned of Commvault Vulnerability Exploitation appeared first on SecurityWeek.
CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine
Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine.
The post CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine appeared first on SecurityWeek.
Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers
The Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization.
The post Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers appeared first on SecurityWeek.
Madhu Gottumukkala Officially Announced as CISA Deputy Director
New CISA Deputy Director Madhu Gottumukkala has joined the agency from South Dakota’s Bureau of Information and Technology.
The post Madhu Gottumukkala Officially Announced as CISA Deputy Director appeared first on SecurityWeek.
New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA
By baking minimum expectations into procurement conversations, the plan is to steer software vendors to “secure-by-design and default” basics.
The post New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA appeared first on SecurityWeek.
US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations
The US government warns of threat actors targeting ICS/SCADA systems at oil and natural gas organizations.
The post US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations appeared first on SecurityWeek.
White House Proposal Slashes Half-Billion from CISA Budget
The proposed $491 million cut is being positioned as a “refocusing”of CISA on its core mission “while eliminating weaponization and waste.”
The post White House Proposal Slashes Half-Billion from CISA Budget appeared first on SecurityWeek.