Tag: cisa
-
Expired protections, exposed networks: The stakes of CISA’s sunset
Congress needs to reauthorize the information-sharing law and build a modernized framework for collaborative cyber defense. First seen on cyberscoop.com Jump to article: cyberscoop.com/cybersecurity-information-sharing-act-expiration-date/
-
CISA Orders Urgent Patching of Cisco Firewall Zero-Day Vulnerabilities
CISA warns of active Cisco ASA exploits. Patch now to block remote code execution and privilege escalation risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisa-urgent-patch-cisco-firewall/
-
This Time, I Had Something Special to Offer
The call came from a Fortune 20 customer yesterday morning. “Hey, Vinay, we’re getting flooded with noise about these two new Cisco ASA/FTD vulnerabilities that CISA posted the emergency advisory on. We are seeing a ton of inconsistent information, would like something to put it together for an exec view. Some enterprises are shutting down……
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/cisco_firewall_flaws/
-
UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/cisco_firewall_flaws/
-
CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-emergency-directive-timeline-investigation/
-
Cisco Adaptive Security Appliance wird über 0-day angegriffen
Die US Cybersicherheitsbehörde CISA hat eine dringende Warnung an US-Behörden herausgegeben. Cisco ASA (Adaptive Security Appliance) wird über 0-day-Schwachstellen in den Webservices aktiv angegriffen. US-Behörden müssen sofort auf die Schwachstellen reagieren und Gegenmaßnahmen ergreifen. Die Warnung der CISA findet sich … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/26/cisco-adaptive-security-appliance-wird-ueber-0-day-angegriffen/
-
Patch now: Attacker finds another zero day in Cisco firewall software
Tags: access, attack, best-practice, cisa, cisco, cve, cyber, defense, detection, exploit, firewall, firmware, Hardware, incident response, malware, monitoring, network, resilience, risk, router, software, technology, threat, tool, update, vpn, vulnerability, zero-day, zero-trustroot, which may lead to the complete compromise of the device.Affected are devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) software, Cisco Secure Firewall Threat Defense (FTD) software, as well as devices running Cisco IOS, IOS XE and IOS XR software. There are two attack scenarios:an unauthenticated, remote attacker getting into devices running Cisco…
-
Feds Isolate Cisco Firewalls to Defend Against ‘Arcane Door’
CISA Issues Emergency Directive After Cisco Exploits Persist After Reboot. CISA issued an emergency directive Thursday after discovering an advanced hacking campaign exploiting two persistent zero-days in Cisco firewall gear – malware that survives system reboots and upgrades – forcing agencies to disconnect vulnerable devices by Friday. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/feds-isolate-cisco-firewalls-to-defend-against-arcane-door-a-29568
-
CISA alerts federal agencies of widespread attacks using Cisco zero-days
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-emergency-directive-cisco-zero-days/
-
U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities (KEV) catalog. CISA urges Federal Agencies to identify and mitigate potential compromise…
-
‘Emergency’ Response Needed Amid Cisco Firewall Attacks
Tags: attack, cisa, cisco, cyberattack, cybersecurity, exploit, firewall, infrastructure, vulnerability, zero-dayCyberattacks that have exploited two zero-day Cisco firewall vulnerabilities prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue an “emergency directive” Thursday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-emergency-response-needed-amid-cisco-firewall-attacks
-
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild.The zero-day vulnerabilities in question are listed below -CVE-2025-20333 (CVSS score: 9.9) – An improper validation…
-
CISA orders feds to patch Cisco flaws used to hack multiple agencies
One U.S. official called the ongoing cyberattack campaign hitting federal agencies and businesses “very sophisticated.” First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-emergency-directive-cisco-vulnerabilities-arcanedoor/761150/
-
CISA orders agencies to patch Cisco flaws exploited in zero-day attacks
CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-cisco-flaws-exploited-in-zero-day-attacks/
-
How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw
Tags: breach, cisa, cve, cybersecurity, exploit, flaw, infrastructure, remote-code-execution, threat, vulnerabilityUS CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatched GeoServer flaw, tracked as CVE-2024-36401 (CVSS score of 9.8), which is a critical remote code execution (RCE) issue. In mid-July 2024, the U.S. Cybersecurity and Infrastructure…
-
CISA Reveals Hackers Breached U.S. Federal Agency via GeoServer RCE Flaw
Tags: access, breach, cisa, cyber, cybersecurity, detection, endpoint, exploit, flaw, hacker, incident response, Intruder, rce, remote-code-execution, vulnerabilityFederal cybersecurity agency CISA has disclosed that attackers exploited a remote code execution vulnerability in GeoServer to breach a U.S. federal civilian executive branch agency. The incident response began after endpoint detection alerts sounded at the agency. Over three weeks, cyber intruders used the flaw to gain initial access, move laterally, and establish persistence across…
-
Federal Agency Compromised Via GeoServer Exploit, CISA Reveals
An unnamed federal agency was hacked last year after threat actors exploited a critical GeoServer vulnerability First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-federal-agency-geoserver/
-
CISA Issues Alert on Actively Exploited Google Chrome 0-Day Vulnerability
Tags: browser, chrome, cisa, cve, cyber, cybersecurity, exploit, flaw, google, infrastructure, risk, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding an actively exploited zero-day vulnerability in Google Chrome. The vulnerability, designated as CVE-2025-10585, affects the V8 JavaScript and WebAssembly engine within Google Chromium, creating significant security risks for users worldwide. Critical Type Confusion Flaw Discovered The newly identified vulnerability represents a…
-
U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog
Tags: browser, chrome, cisa, cve, cybersecurity, exploit, flaw, google, infrastructure, kev, update, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium flaw, tracked as CVE-2025-10585, to its Known Exploited Vulnerabilities (KEV) catalog. In mid-September, Google released security updates to address four vulnerabilities in the Chrome web browser, including CVE-2025-10585, which…
-
CISA says hackers breached federal agency using GeoServer exploit
CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-says-hackers-breached-federal-agency-using-geoserver-exploit/
-
Security Affairs newsletter Round 542 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyberattack on Collins Aerospace disrupted operations at major European airports CISA warns of malware deployed…
-
CISA warns of malware deployed through Ivanti EPMM flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) disclosed two malware strains found in a network compromised via Ivanti EPMM flaws. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published technical details of two malware families that were discovered in the network of an unnamed organization following the compromise of Ivanti Endpoint Manager Mobile (EPMM).…
-
Future of CVE Program in limbo as CISA, board members debate path forward
Last week, CISA released two documents explaining their plans for the CVE Program, a critical cybersecurity resource used globally to catalog thousands of software and hardware bugs. First seen on therecord.media Jump to article: therecord.media/cve-program-future-limbo-cisa
-
Ivanti EPMM holes let miscreants plant shady listeners, CISA says
Unnamed org compromised with two malware sets First seen on theregister.com Jump to article: www.theregister.com/2025/09/19/cisa_ivanti_bugs_exploited/
-
CISA exposes malware kits deployed in Ivanti EPMM attacks
Tags: attack, cisa, cybersecurity, endpoint, exploit, infrastructure, ivanti, malware, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-exposes-malware-kits-deployed-in-ivanti-epmm-attacks/
-
CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware
Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities”, CVE-2025-4427 and CVE-2025-4428″, to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2 (web-install.jar, WebAndroidAppInstaller.class), both designed to inject arbitrary code and maintain persistence on Apache…
-
CISA Warns of New Malware Campaign Exploiting Ivanti EPMM Vulnerabilities
Tags: attack, cisa, cybersecurity, endpoint, exploit, infrastructure, ivanti, malware, mobile, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR), highlighting a new attack trend targeting Ivanti Endpoint Manager Mobile (EPMM) systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-mar-cve-2025-4427-28/