Tag: cisa
-
As the NVD scales back CVE enrichment, here’s what Tenable customers need to know
Tags: access, ai, cisa, cloud, cve, cvss, data, data-breach, exploit, infrastructure, intelligence, kev, metric, mitre, nist, nvd, ransomware, risk, software, strategy, technology, threat, vulnerability, vulnerability-management, zero-dayNIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accelerates vulnerability disclosure rates, organizations need independent, high-fidelity intelligence to prioritize risks that the NVD may now overlook. Key takeaways NIST is pivoting to a prioritized enrichment model, focusing only on specific criteria like…
-
China-Backed Groups are Using Massive Botnets in Espionage, Intrusion Campaigns
China-sponsored threat groups like Salt Typhoon and Flax Typhoon are increasingly relying on multiple massive botnets comprising edge and IoT devices to run their cyber espionage and network intrusion campaigns, CISA and other security agencies say. The use of such “covert networks” makes it more difficult to detect and mitigate their campaigns. First seen on…
-
Security Affairs newsletter Round 574 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog Over 400,000…
-
U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The vulnerability CVE-2024-7399 (CVSS score of 8.8) is…
-
U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The vulnerability CVE-2024-7399 (CVSS score of 8.8) is…
-
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The list of vulnerabilities is below -CVE-2024-57726 (CVSS score: 9.9) – A missing authorization vulnerability in First seen on thehackernews.com…
-
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor. The malware reportedly persisted even after security patches were applied,…
-
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor. The malware reportedly persisted even after security patches were applied,…
-
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor. The malware reportedly persisted even after security patches were applied,…
-
CISA Hunts for Cisco Backdoor Spotted on Federal Network
‘Firestarter’ Backdoor Can Survive Reboots, Upgrades and Standard Fixes. The Cybersecurity and Infrastructure Security Agency issued an emergency directive warning a newly-discovered Cisco backdoor can survive routine remediation processes, forcing agencies to investigate edge devices that anchor federal firewall and VPN security. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisa-hunts-for-cisco-backdoor-spotted-on-federal-network-a-31505
-
CISA last in line for access to Anthropic Mythos
This article first appeared on Computerworld. First seen on csoonline.com Jump to article: www.csoonline.com/article/4163316/cisa-last-in-line-for-access-to-anthropic-mythos-3.html
-
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with malware called FIRESTARTER.FIRESTARTER, per CISA and the U.K.’s National Cyber Security Centre (NCSC), is assessed to be a backdoor designed for remote access and…
-
Trump’s CISA director pick withdraws after tumultuous nomination
Tags: cisaCISA has been without a permanent director for more than a year, imperiling its efforts to establish a strategic direction. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-sean-plankey-withdraw-nomination/818266/
-
Trump’s CISA director pick withdraws after tumultuous nomination
Tags: cisaCISA has been without a permanent director for more than a year, imperiling its efforts to establish a strategic direction. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-sean-plankey-withdraw-nomination/818266/
-
Trump’s CISA director pick withdraws after tumultuous nomination
Tags: cisaCISA has been without a permanent director for more than a year, imperiling its efforts to establish a strategic direction. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-sean-plankey-withdraw-nomination/818266/
-
Governments on high alert after CISA snuffs out Firestarter backdoor on fed network
Latest in long-running pwning of Cisco kit found in mystery Fed agency First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/government_cni_on_high_alert/
-
New Cisco firewall malware can only be killed by pulling the plug
Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/cisco-firepower-firestarter-backdoor/
-
Breach Roundup: Myanmar Scam Compound Managers Charged
Also, Europol Cracks DDoS Networks, Mythos Finds Bugs, France Portal Hit. This week, scam compounds. Attackers exploit flaws pre-disclosure. A crackdown on DDoS-for-hire. No Mythos for CISA, yes for Mozilla. France ID portal breach. Israeli and Venezuelan critical infrastructure targeted. Russian hacking in Ukraine. An Apache flaw. A ransomware negotiator aided BlackCat. First seen on…
-
The curious case of Sean Plankey’s derailed CISA nomination
Questions over who wanted Plankey blocked: On March 3, Ana Visneski, a former head of global disaster response at Amazon Web Services and former chief of digital media for the US Coast Guard, posted on Bluesky that she was “hearing from multiple sources” that Plankey “has been fired and escorted out of Coast Guard HQ…
-
Trump’s pick to run US cyber agency CISA asks to drop out
Sean Plankey has requested to withdraw his name to run the U.S. cybersecurity agency after a tumultuous year of chaotic temporary leadership. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/23/trumps-pick-to-run-us-cyber-agency-cisa-asks-to-drop-out/
-
US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through March
CISA said the unnamed department was infected with malware called “FIRESTARTER” that allowed the hackers to return to the Cisco device in March without re-exploiting the original vulnerabilities. First seen on therecord.media Jump to article: therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor
-
Trump’s Top Cyber Nominee Withdraws After Turbulent Process
Sean Plankey Abandons Bid After Yearlong Delay as CISA’s Leadership Vacuum Deepens. Sean Plankey withdrew his nomination after a 13-month stalled process, leaving the U.S. Cybersecurity and Infrastructure Security Agency without a Senate-confirmed director as political disputes, workforce cuts and budget pressure continue to hamper federal cyber operations. First seen on govinfosecurity.com Jump to article:…
-
Trump’s pick for CISA director withdraws from consideration
Tags: cisaSean Plankey reportedly told colleagues that he needed to focus on assuaging concerns about his Coast Guard work that had led Sen. Rick Scott (R-FL) to block his nomination. First seen on therecord.media Jump to article: therecord.media/trump-pick-to-lead-cisa-withdraws-from-consideration
-
CISA orders feds to patch BlueHammer flaw exploited as zero-day
CISA has ordered U.S. federal agencies to patch a Microsoft Defender privilege escalation flaw (dubbed BlueHammer) that has been exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-microsoft-defender-flaw-exploited-in-zero-day-attacks/
-
U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-33825 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-33825 is a Microsoft Defender flaw that can be exploited…
-
CISA director pick Sean Plankey withdraws his nomination
Tags: cisaPlankey had been waiting for more than a year, prompting the request to withdraw him as the one tapped to lead an agency now in further upheaval. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-director-pick-sean-plankey-withdraws-his-nomination/
-
Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide
Lawmakers decry CISA cuts: ‘We are shooting ourselves in the foot’ First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/exfbi_cyber_chief_urges_felony_charges_ransomware/
-
More Cisco SD-WAN bugs battered in attacks
CISA gives federal agencies 4 days to patch First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/cisco_sdwan_bugs_kev/
-
More Cisco SD-WAN bugs battered in attacks
CISA gives federal agencies 4 days to patch First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/cisco_sdwan_bugs_kev/
-
CISA urges security teams to view environments following axios compromise
A suspected North Korea-linked actor is behind a supply chain attack on the widely used library. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa–security-teams-environments-axios-compromise/818081/