Collecting Cyber-News from over 60 sources

Tag: cisa

FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker

Mar 19, 2026 6:10 PM

Tags: attack, cisa, cyberattack, data, iran, malware, microsoft, risk

The attackers behind a recent attack on Stryker did not use malware, instead breaking into a legitimate Microsoft device management system called Intune and wiping the company’s data that way. First seen on therecord.media Jump to article: therecord.media/fbi-cisa-warn-of-microsoft-intune-risks-stryker
FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker

Mar 19, 2026 6:10 PM

Tags: attack, cisa, cyberattack, data, iran, malware, microsoft, risk

The attackers behind a recent attack on Stryker did not use malware, instead breaking into a legitimate Microsoft device management system called Intune and wiping the company’s data that way. First seen on therecord.media Jump to article: therecord.media/fbi-cisa-warn-of-microsoft-intune-risks-stryker
FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker

Mar 19, 2026 6:10 PM

Tags: attack, cisa, cyberattack, data, iran, malware, microsoft, risk

The attackers behind a recent attack on Stryker did not use malware, instead breaking into a legitimate Microsoft device management system called Intune and wiping the company’s data that way. First seen on therecord.media Jump to article: therecord.media/fbi-cisa-warn-of-microsoft-intune-risks-stryker
Cisa tells US organisations to harden endpoint management after Stryker attack

Mar 19, 2026 6:10 PM

Tags: attack, cisa, cyber, endpoint, iran, service

Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640448/Cisa-tells-US-organisations-to-harden-endpoint-management-after-Stryker-attack
CISA urges organizations to harden endpoint security following Stryker attack

Mar 19, 2026 5:10 PM

Tags: attack, cisa, endpoint, microsoft, threat

The agency is coordinating with the FBI and other agencies amid concerns about additional threat activity involving Microsoft Intune.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-organizations-harden-endpoint-security-stryker-attack/815193/
CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices

Mar 19, 2026 5:10 PM

Tags: access, cisa, cybersecurity, hacker, microsoft, phone

The U.S. cybersecurity agency urged companies to prevent access to systems used for remotely managing their fleets of employee devices after hackers broke into a major U.S. medical tech giant and remotely wiped thousands of phones and computers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/19/cisa-urges-companies-to-secure-microsoft-intune-systems-after-hackers-mass-wipe-stryker-devices/
CISA Calls on Organizations to Strengthen Microsoft Intune Security After Stryker Incident

Mar 19, 2026 3:09 PM

Tags: cisa, cyber, cyberattack, cybersecurity, endpoint, infrastructure, malicious, microsoft, technology

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert calling on organizations to aggressively harden their endpoint management systems. Released on March 18, 2026, the critical warning follows a significant cyberattack against U.S.-based medical technology provider Stryker Corporation. The agency observed malicious actors actively targeting endpoint management platforms, explicitly misusing legitimate administrative…
Secure endpoint management systems immediately, CISA urges

Mar 19, 2026 2:10 PM

Tags: cisa, cyber, cyberattack, cybersecurity, endpoint, infrastructure

The US Cybersecurity and Infrastructure Security Agency (CISA) warns that the cyberattack on Stryker Corporation serves as a signal to U.S. organizations that foreign cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/cisa-endpoint-management-system-warning/
CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

Mar 19, 2026 1:10 PM

Tags: cisa, cve, exploit, microsoft, remote-code-execution, vulnerability

CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/sharepoint-vulnerability-cve-2026-20963-exploited/
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach

Mar 19, 2026 1:10 PM

Tags: breach, cisa, cyberattack, endpoint, exploit, microsoft, technology, tool

CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker’s systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-businesses-to-secure-microsoft-intune-systems-after-stryker-breach/
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat

Mar 19, 2026 12:10 PM

Tags: access, authentication, breach, cisa, ciso, cloud, control, cyber, data, data-breach, flaw, google, government, group, hacker, Hardware, infrastructure, Intruder, leak, login, mfa, monitoring, network, password, ransom, risk, service, switch, threat, tool, training, update, zero-day

Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat

Mar 19, 2026 12:10 PM

Tags: access, authentication, breach, cisa, ciso, cloud, control, cyber, data, data-breach, flaw, google, government, group, hacker, Hardware, infrastructure, Intruder, leak, login, mfa, monitoring, network, password, ransom, risk, service, switch, threat, tool, training, update, zero-day

Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List

Mar 19, 2026 10:10 AM

Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, update, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies and organizations using the platform must apply the necessary updates by April 1, 2026, to mitigate active exploitation risks. Exploited Zimbra Collaboration Suite Flaw Tracked as CVE-2025-66376,…
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Mar 19, 2026 8:10 AM

Tags: attack, cisa, cisco, cve, cybersecurity, exploit, flaw, government, infrastructure, microsoft, office, ransomware, vulnerability, zero-day

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild.The vulnerabilities in question are as follows -CVE-2025-66376 (CVSS score: 7.2) – A stored cross-site scripting First seen…
U.S. CISA adds Microsoft SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog

Mar 18, 2026 11:10 PM

Tags: cisa, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ([1, 2]) SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first vulnerability added to the catalog, tracked…
CISA orders feds to patch Zimbra XSS flaw exploited in attacks

Mar 18, 2026 10:10 PM

Tags: attack, cisa, exploit, flaw, government, update, vulnerability, xss

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-zimbra-xss-flaw-exploited-in-attacks/
DHS nominee Mullin pressed on restoring CISA staffing

Mar 18, 2026 9:10 PM

Tags: cisa

Senator Maggie Hassan (D-NH) asked Mullin about Noem’s decision to cut CISA’s workforce by one third and remove hundreds of millions of dollars from the agency’s budget after Trump took office. First seen on therecord.media Jump to article: therecord.media/dhs-mullin-pressed-on-restoring-cisa-staffing
CISA official says agency has not seen uptick in cyber threats amid Iran war

Mar 18, 2026 4:10 PM

Tags: cisa, cyber, cybersecurity, group, infrastructure, iran, threat

Cybersecurity and Infrastructure Security (CISA) Acting Director Nick Andersen said the agency has been working closely with industry and sector-based groups on threats from Iran in the past couple of weeks. First seen on therecord.media Jump to article: therecord.media/cisa-official-says-agency-has-not-seen-uptick-cyber-threats-iran
AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure

Mar 18, 2026 3:10 PM

Tags: ai, cisa, exploit, kev, vulnerability

Rapid7 says median time from publication to CISA KEV inclusion dropped to five days First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/exploitation-accelerates-in-2025/
FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

Mar 18, 2026 5:10 AM

Tags: access, ai, apt, attack, awareness, backdoor, cctv, cisa, cloud, control, cve, cyber, cyberattack, data, data-breach, detection, email, endpoint, exploit, flaw, fortinet, google, government, group, healthcare, identity, infrastructure, intelligence, Internet, iran, kev, malicious, malware, microsoft, mitigation, network, office, phishing, remote-code-execution, risk, technology, theft, threat, training, unauthorized, update, vulnerability, windows, zero-day

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access without triggering user warnings. Key takeaways: CVE-2026-21514 is a Microsoft Word n-day that bypasses OLE and Mark-of-the-Web protections, executing payloads silently without triggering user security prompts Tenable’s…
FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

Mar 18, 2026 5:10 AM

Tags: access, ai, apt, attack, awareness, backdoor, cctv, cisa, cloud, control, cve, cyber, cyberattack, data, data-breach, detection, email, endpoint, exploit, flaw, fortinet, google, government, group, healthcare, identity, infrastructure, intelligence, Internet, iran, kev, malicious, malware, microsoft, mitigation, network, office, phishing, remote-code-execution, risk, technology, theft, threat, training, unauthorized, update, vulnerability, windows, zero-day

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access without triggering user warnings. Key takeaways: CVE-2026-21514 is a Microsoft Word n-day that bypasses OLE and Mark-of-the-Web protections, executing payloads silently without triggering user security prompts Tenable’s…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors

Mar 17, 2026 11:10 PM

Tags: cisa, guide, infrastructure, risk, risk-management

Acting director Nick Andersen said relationships, not actor risk management agency designations, should guide which agency is at the forefront. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-srma-critical-infrastructure-flexible-partnerships-nick-andersen/
CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks

Mar 17, 2026 11:10 AM

Tags: attack, cisa, cyber, cybercrime, cybersecurity, exploit, flaw, infrastructure, kev, network, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical vulnerability in the Wing FTP Server. On March 16, 2026, the agency officially added this security flaw to its Known Exploited Vulnerabilities (KEV) catalog. This addition serves as a clear warning to network defenders that cybercriminals are actively exploiting…
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

Mar 17, 2026 8:10 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, leak, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, CVE-2025-47813 (CVSS score: 4.3), is an information disclosure vulnerability that leaks the installation path of the application under certain conditions First seen on thehackernews.com…
CISA Alerts Users to Exploited Chrome 0-Day Flaws

Mar 17, 2026 7:10 AM

Tags: browser, chrome, cisa, cyber, cybersecurity, exploit, flaw, google, infrastructure, kev, malicious, vulnerability, zero-day

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two highly critical zero-day vulnerabilities. These flaws, which primarily affect Google Chrome and its underlying technologies, are currently being exploited in the wild by malicious actors. As a result, CISA has added both security issues to its Known Exploited Vulnerabilities (KEV) catalog,…
US Lawmakers Call for CISA Polygraph Probe

Mar 17, 2026 12:09 AM

Tags: cisa, cybersecurity, infrastructure, intelligence

House Democrats Demand Probe Into Former CISA Head Gottumukkala Poly Failures. Five U.S. Democratic lawmakers called for an investigation into a series of escalating controversies surrounding Cybersecurity and Infrastructure Security Agency leadership, following allegations that ex-Acting Director Madhu Gottumukkala bypassed established intelligence protocols. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-lawmakers-call-for-cisa-polygraph-probe-a-31043
U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog

Mar 16, 2026 11:10 PM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Wing FTP Server flaw, tracked as CVE-2025-47813 (CVSS score of 4.3), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-47813 is an information disclosure vulnerability affecting Wing FTP…
CISA flags Wing FTP Server flaw as actively exploited in attacks

Mar 16, 2026 8:09 PM

Tags: attack, cisa, exploit, flaw, government, remote-code-execution, vulnerability

CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-wing-ftp-server-flaw-as-actively-exploited-in-attacks/