CISA’s Malware Next-Gen system is now available for any organization to submit malware samples and other suspicious artifacts for analysis.
The post CISA Releases Malware Next-Gen Analysis System for Public Use appeared first on SecurityWeek.
CISA Moving Forward With Cyber Incident Reporting Rules Impacting 316,000 Entities
CISA is seeking comment on the implementation of CIRCIA, which will cost $2.6 billion and will impact 316,000 entities.
The post CISA Moving Forward With Cyber Incident Reporting Rules Impacting 316,000 Entities appeared first on SecurityWeek.
US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities
CISA and the FBI issue a secure-by-design alert on eliminating SQL injection vulnerabilities from software.
The post US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities appeared first on SecurityWeek.
CISA’s OT Attack Response Team Understaffed: GAO
GAO study finds that CISA does not have enough staff to respond to significant OT attacks in multiple locations at the same time.
The post CISA’s OT Attack Response Team Understaffed: GAO appeared first on SecurityWeek.
CISA Outlines Efforts to Secure Open Source Software
Concluding a two-day OSS security summit, CISA details key actions to help improve open source security.
The post CISA Outlines Efforts to Secure Open Source Software appeared first on SecurityWeek.
US Gov Says Software Measurability is ‘Hardest Problem to Solve’
White House calls for the “timely, complete, and consistent” publication of CVE and CWE data to help solve the security metrics problem.
The post US Gov Says Software Measurability is ‘Hardest Problem to Solve’ appeared first on SecurityWeek.
Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts
US government and allies expose TTPs used by notorious Russian hacking teams and warn of the targeting of dormant cloud accounts.
The post Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts appeared first on SecurityWeek.
CISA Warns of Roundcube Webmail Vulnerability Exploitation
CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog.
The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek.
CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption
New CISA alert includes technical mitigations to harden attack surfaces and instructions to hunt for the Chinese government-backed hackers.
The post CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption appeared first on SecurityWeek.
Ivanti Struggling to Hit Zero-Day Patch Release Schedule
Ivanti is struggling to hit its own timeline for the delivery of patches for critical — and already exploited — flaws in its flagship VPN appliances.
The post Ivanti Struggling to Hit Zero-Day Patch Release Schedule appeared first on SecurityWeek.
