Tag: cisa
-
Discontinuation of CISA’s mobile app security program untimely, lawmaker says
First seen on scworld.com Jump to article: www.scworld.com/brief/discontinuation-of-cisas-mobile-app-security-program-untimely-lawmaker-says
-
CISA Issues 7 ICS Advisories Targeting Critical Infrastructure Flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released seven new ICS advisories, each highlighting cybersecurity vulnerabilities in key Industrial Control Systems across energy, communications, emergency response, and manufacturing sectors. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-ics-advisories/
-
U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Google Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, tracked as CVE-2025-5419, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Google released out-of-band updates to address three vulnerabilities…
-
OffensiveCon25 Attacking Browsers via WebGPU
Author/Presenter: Lukas Bernhard Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Keynote How Offensive Security Made Me Better at Defense
Author/Presenter: Dino Dai Zovi Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey…
-
Trump’s cyber czar pick grilled over CISA cuts: ‘If we have a cyber 9/11, you’re the guy’
Plus: Plankey’s confirmation process ‘temporarily delayed’ First seen on theregister.com Jump to article: www.theregister.com/2025/06/05/trump_cyber_nominee_cairncross/
-
Top US cyber officials face divergent paths after Senate confirmation
Tags: china, cisa, cyber, cybersecurity, government, incident, incident response, iran, jobs, russia, strategy, technology, threatDivergent strategies moving forward: The road ahead appears paved with opportunity for Cairncross, while Plankey faces a narrower path of contraction and clean-up at CISA.”This is a perfect opportunity for the NCD [national cyber director] position to work,” Center on Cyber and Technology Innovation’s Montgomery said. “You have a National Security Council focused on the…
-
FBI, CISA warn Play ransomware targeting critical infrastructure with evolving techniques
The hacker group has breached hundreds of organizations and is working with others to exploit flaws in a popular remote support tool. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fbi-cisa-play-ransomware-critical-infrastructure/749940/
-
Rep. Garbarino: Ending CISA mobile app security program for feds sends ‘wrong signal’
CyberScoop is first to report on the letter to DHS from the chair of a cybersecurity subcommittee, which also addresses CISA’s role as lead coordinator with the telecom sector. First seen on cyberscoop.com Jump to article: cyberscoop.com/rep-garbarino-ending-cisa-mobile-app-security-program-for-feds-sends-wrong-signal/
-
CISA Releases TTPs IoCs for Play Ransomware That Hacked 900+ Orgs
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the Federal Bureau of Investigation (FBI) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), has released detailed Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IoCs) for the notorious Play ransomware group. As of May 2025, the FBI has identified approximately 900 entities…
-
Trump’s CISA director, national cyber director picks obtain industry support
First seen on scworld.com Jump to article: www.scworld.com/brief/trumps-cisa-director-national-cyber-director-picks-obtain-industry-support
-
Attacks involving ConnectWise ScreenConnect bug underway
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-attacks-involving-connectwise-screenconnect-bug-underway
-
FBI: Play ransomware breached 900 victims, including critical orgs
In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the number of victims reported in October 2023. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-play-ransomware-breached-900-victims-including-critical-orgs/
-
OffensiveCon25 Garbage Collection In V8
Authors/Presenters: Richard Abou Chaaya and John Stephenson Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing…
-
OffensiveCon25 Finding and Exploiting 20-Year-Old Bugs in Web Browsers
Authors/Presenters: Ivan Fratric Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
CISA workforce cut by nearly one-third so far
The agency has lost roughly 1,000 staffers in the wake of the Trump administration’s workforce cuts, losses that could imperil its ability to protect government computer systems and critical infrastructure. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-departures-trump-workforce-purge/749796/
-
U.S. CISA adds Multiple Qualcomm chipsets flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multiple Qualcomm chipsets flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple Qualcomm chipsets flaws to its Known Exploited Vulnerabilities (KEV) catalog. This week, Qualcomm addressed the above zero-day vulnerabilities that, according to the company, have been exploited in limited,…
-
OffensiveCon25 Frame By Frame, Kernel Streaming Keeps Giving Vulnerabilities
Authors/Presenters: Angelboy Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI,…
-
U.S. CISA adds ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: Last…
-
Massive CISA cuts detailed in new budget proposal
Tags: cisaFirst seen on scworld.com Jump to article: www.scworld.com/brief/massive-cisa-cuts-detailed-in-new-budget-proposal
-
Trump’s 2026 Budget Guts CISA: Nearly 30% of Jobs and $500M on the Chopping Block
Trump’s 2026 budget proposal seeks to cut nearly 30% of CISA’s workforce and $495M from its budget, slashing key cyber defense and election security programs. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/trump-2026-budget-cuts-cisa/
-
ConnectWise ScreenConnect Vulnerability Exploited: CISA
CISA warned that the ConnectWise ScreenConnect vulnerability is being exploited by threat actors to perform ViewState code injection attacks. First seen on crn.com Jump to article: www.crn.com/news/security/2025/connectwise-screenconnect-vulnerability-exploited-cisa
-
OffensiveCon25 Chainspotting 2: The Unofficial Sequel to the 2018 Talk >>Chainspotting<<
Author/Presenter: Ken Gannon Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Trump’s cyber nominees gain broad industry support
CISA director and national cyber director nominees could transform how the federal government engages with the private sector on cybersecurity issues. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/trump-cyber-sean-plankey-cairncross-nominees-endorsements/749663/
-
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
CISA is alerting federal agencies in the U.S. of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the server. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-connectwise-screenconnect-bug-exploited-in-attacks/
-
Trump Budget Plan to Cut Nearly 1000 Jobs at Cyber Agency CISA
CISA is facing $495m budget cut, losing 1000 employees and reducing staff to 2324 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/trump-cut-nearly-1000-jobs-cisa/
-
Trump Budget Plan to Cut Nearly 1000 Jobs at Cyber Agency CISA
CISA is facing $495m budget cut, losing 1000 employees and reducing staff to 2324 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/trump-cut-nearly-1000-jobs-cisa/
-
CISA Alerts on ConnectWise ScreenConnect Authentication Vulnerability Actively Exploited
Tags: attack, authentication, cisa, cve, cyber, exploit, flaw, injection, remote-code-execution, vulnerabilityA critical improper authentication vulnerability has been discovered in ConnectWise ScreenConnect, tracked as CVE-2025-3935 and mapped to CWE-287 (Improper Authentication). This flaw affects all ScreenConnect versions up to and including 25.2.3, exposing them to ViewState code injection attacks that could result in remote code execution (RCE) if machine keys are compromised. Technical Details: Vulnerability Summary…
-
US cyber agency CISA faces stiff budget cuts
CISA is one of several US agencies facing drastic budget cuts under the Trump administration First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625236/US-cyber-agency-CISA-faces-stiff-budget-cuts
-
ThreatPlattformen ein Kaufratgeber
Tags: ai, attack, automation, breach, cisa, cloud, crowdstrike, cyber, cyberattack, dark-web, deep-fake, dns, edr, exploit, finance, firewall, gartner, identity, incident response, intelligence, mail, malware, monitoring, network, open-source, phishing, risk, siem, soar, soc, threat, tool, vulnerability, zero-dayThreat-Intelligence-Plattformen erleichtern es, Bedrohungen zu durchdringen und wirksame Abwehrmaßnahmen zu ergreifen.Der erste Schritt zu einem soliden Enterprise-Security-Programm besteht darin, eine geeignete Threat-Intelligence-Plattform (TIP) auszuwählen. Fehlt eine solche Plattform, haben die meisten Security-Teams keine Möglichkeit, Tool-Komponenten miteinander zu integrieren und angemessene Taktiken und Prozesse zu entwickeln, um Netzwerke, Server, Applikationen und Endpunkte abzusichern. Aktuelle Bedrohungstrends machen…