Tag: cisa
-
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild.The zero-day vulnerabilities in question are listed below -CVE-2025-20333 (CVSS score: 9.9) – An improper validation…
-
CISA orders feds to patch Cisco flaws used to hack multiple agencies
One U.S. official called the ongoing cyberattack campaign hitting federal agencies and businesses “very sophisticated.” First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-emergency-directive-cisco-vulnerabilities-arcanedoor/761150/
-
CISA orders agencies to patch Cisco flaws exploited in zero-day attacks
CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-cisco-flaws-exploited-in-zero-day-attacks/
-
CISA Reveals Hackers Breached U.S. Federal Agency via GeoServer RCE Flaw
Tags: access, breach, cisa, cyber, cybersecurity, detection, endpoint, exploit, flaw, hacker, incident response, Intruder, rce, remote-code-execution, vulnerabilityFederal cybersecurity agency CISA has disclosed that attackers exploited a remote code execution vulnerability in GeoServer to breach a U.S. federal civilian executive branch agency. The incident response began after endpoint detection alerts sounded at the agency. Over three weeks, cyber intruders used the flaw to gain initial access, move laterally, and establish persistence across…
-
How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw
Tags: breach, cisa, cve, cybersecurity, exploit, flaw, infrastructure, remote-code-execution, threat, vulnerabilityUS CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatched GeoServer flaw, tracked as CVE-2024-36401 (CVSS score of 9.8), which is a critical remote code execution (RCE) issue. In mid-July 2024, the U.S. Cybersecurity and Infrastructure…
-
Federal Agency Compromised Via GeoServer Exploit, CISA Reveals
An unnamed federal agency was hacked last year after threat actors exploited a critical GeoServer vulnerability First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-federal-agency-geoserver/
-
CISA Issues Alert on Actively Exploited Google Chrome 0-Day Vulnerability
Tags: browser, chrome, cisa, cve, cyber, cybersecurity, exploit, flaw, google, infrastructure, risk, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding an actively exploited zero-day vulnerability in Google Chrome. The vulnerability, designated as CVE-2025-10585, affects the V8 JavaScript and WebAssembly engine within Google Chromium, creating significant security risks for users worldwide. Critical Type Confusion Flaw Discovered The newly identified vulnerability represents a…
-
U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog
Tags: browser, chrome, cisa, cve, cybersecurity, exploit, flaw, google, infrastructure, kev, update, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium flaw, tracked as CVE-2025-10585, to its Known Exploited Vulnerabilities (KEV) catalog. In mid-September, Google released security updates to address four vulnerabilities in the Chrome web browser, including CVE-2025-10585, which…
-
CISA says hackers breached federal agency using GeoServer exploit
CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-says-hackers-breached-federal-agency-using-geoserver-exploit/
-
Security Affairs newsletter Round 542 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyberattack on Collins Aerospace disrupted operations at major European airports CISA warns of malware deployed…
-
CISA warns of malware deployed through Ivanti EPMM flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) disclosed two malware strains found in a network compromised via Ivanti EPMM flaws. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published technical details of two malware families that were discovered in the network of an unnamed organization following the compromise of Ivanti Endpoint Manager Mobile (EPMM).…
-
Future of CVE Program in limbo as CISA, board members debate path forward
Last week, CISA released two documents explaining their plans for the CVE Program, a critical cybersecurity resource used globally to catalog thousands of software and hardware bugs. First seen on therecord.media Jump to article: therecord.media/cve-program-future-limbo-cisa
-
Ivanti EPMM holes let miscreants plant shady listeners, CISA says
Unnamed org compromised with two malware sets First seen on theregister.com Jump to article: www.theregister.com/2025/09/19/cisa_ivanti_bugs_exploited/
-
CISA exposes malware kits deployed in Ivanti EPMM attacks
Tags: attack, cisa, cybersecurity, endpoint, exploit, infrastructure, ivanti, malware, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-exposes-malware-kits-deployed-in-ivanti-epmm-attacks/
-
CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware
Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities”, CVE-2025-4427 and CVE-2025-4428″, to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2 (web-install.jar, WebAndroidAppInstaller.class), both designed to inject arbitrary code and maintain persistence on Apache…
-
CISA Warns of New Malware Campaign Exploiting Ivanti EPMM Vulnerabilities
Tags: attack, cisa, cybersecurity, endpoint, exploit, infrastructure, ivanti, malware, mobile, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR), highlighting a new attack trend targeting Ivanti Endpoint Manager Mobile (EPMM) systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-mar-cve-2025-4427-28/
-
CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization’s network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM).”Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on the compromised…
-
CISA audit sparks debate about cybersecurity pay incentives
Some Cybersecurity and Infrastructure Security Agency employees believe a recent inspector general’s report partially missed the mark. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-cyber-pay-incentives-ig-report-pushback/760132/
-
Building Resilient IT Infrastructure From the Start
CISA’s Secure by Design planted a flag. Now, it’s on those who care about safeguarding systems to pick up the torch and take action to secure systems throughout the enterprise. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/building-resilient-it-infrastructure
-
CISA at Risk After OIG Accuses it of Wasting Federal Funds
US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-oig-accuses-wasting-federal/
-
CISA Lays Out Roadmap for CVE Program’s ‘Quality Era’
Five months after the future of the CVE program was thrown in doubt, CISA this week released a roadmap that calls for steps to take for its new “quality era,” which includes public sponsorship, expanded public-private partnership, and modernization. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/cisa-lays-out-roadmap-for-cve-programs-quality-era/
-
DHS inspector general: CISA mismanaged multimillion-dollar employee incentives program
Auditors examined CISA’s Cybersecurity Retention Incentive program and found that the agency did not “properly design, implement, comply with or manage” requirements for it. First seen on therecord.media Jump to article: therecord.media/cisa-cybersecurity-retention-incentives-dhs-ig-audit
-
All your vulns are belong to us! CISA wants to maintain gov control of CVE program
Get ready for a fight over who steers the global standard for vulnerability identification First seen on theregister.com Jump to article: www.theregister.com/2025/09/12/cisas_vision_for_cve/
-
CISA pledges robust support for funding, further development of CVE program
A key official from the agency said the vulnerability management program will continue with additional participation and enhancements. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-pledges-robust-support-for-funding-further-development-of-cve-program/760020/
-
“‹”‹DHS watchdog finds mismanagement in critical cyber talent program
CISA was paying employees without mission-critical cybersecurity backgrounds as part of a program for retaining cyber talent. First seen on fedscoop.com Jump to article: fedscoop.com/cisa-cyber-incentive-program-dhs-inspector-general-report/
-
CISA warns of actively exploited Dassault RCE vulnerability
Tags: cisa, cybersecurity, exploit, flaw, hacker, infrastructure, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers exploiting a critical remote code execution flaw in DELMIA Apriso, a manufacturing operations management (MOM) and execution (MES) solution from French company Dassault Systèmes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-dassault-rce-vulnerability/
-
Cybersecurity Snapshot: Security Lags Cloud and AI Adoption, Tenable Report Finds, as CISA Lays Out Vision for CVE Program’s Future
Tags: access, ai, api, attack, automation, best-practice, breach, bug-bounty, business, cisa, cloud, communications, computer, control, cve, cyber, cybersecurity, data, data-breach, defense, encryption, exploit, framework, google, governance, government, identity, infrastructure, intelligence, international, Internet, linkedin, mitre, network, nist, office, open-source, privacy, programming, RedTeam, resilience, risk, risk-management, service, skills, software, strategy, tactics, technology, threat, tool, update, vulnerabilityCheck out Tenable’s report detailing challenges and best practices for cloud and AI security. Plus, CISA rolled out a roadmap for the CVE Program, while NIST updated its guidelines for secure software patches. And get the latest on TLS/SSL security and AI attack disclosures! Here are five things you need to know for the week…
-
Addressing CISA Advisory on Rockwell Automation ThinManager SSRF Vulnerability (CVE-2025-9065)
Critical Security Alert: If you are an organization using Rockwell’s ThinManager software version 13.0 or below, you are vulnerable. If you cannot upgrade immediately, please scroll to the section on compensating controls below and contact our team without delay. On September 9, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a critical advisory……
-
CISA official calls on lawmakers to extend cyber info-sharing law
The official’s call for a renewal came less than three weeks before the 2015 Cybersecurity Information Sharing Act (CISA 2015), which provides incentives for private entities to voluntarily share digital threat intelligence with the federal government, is due to sunset. First seen on therecord.media Jump to article: therecord.media/cisa-official-calls-on-lawmakers-renew-cisa2015