CISA

CISA said the latest theft of government email — blamed on Russian government hackers — presents “a grave and unacceptable risk” to U.S. federal agencies.

U.S. cybersecurity agency CISA has ordered federal agencies to urgently disconnect Ivanti VPN appliances given the risk of malicious exploitation due to multiple software flaws. In an update to an…

U.S. cybersecurity agency CISA has warned that unknown hackers broke into the servers of a federal government agency by taking advantage of a previously known vulnerability in software that no…

Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software undetected for at least three months, U.S. and Norwegian cybersecurity agencies have warned. It was confirmed last week that…

Success with security-by-design is at risk, both from the political challenges of implementation and the threat of unrealistic expectations.

U.S. and Australian government cybersecurity agencies are warning that common and easily exploitable security vulnerabilities in websites and web apps can be abused to carry out large-scale data breaches. In…

The U.S. government has sounded the alarm about a critical software vulnerability found in genomics giant Illumina’s DNA sequencing devices, which hackers can exploit to modify or steal patients’ sensitive…

The U.S. government has warned that multiple cybercriminal gangs, including a nation state-backed hacking group, exploited a four-year-old software vulnerability in order to compromise a U.S. federal government agency. A…

The U.S. government’s cybersecurity agency has warned that criminal financially motivated hackers compromised federal agencies using legitimate remote desktop software. CISA said in a joint advisory with the National Security…

The Cuba ransomware gang extorted more than $60 million in ransom payments from victims between December 2021 and August 2022, a joint advisory from CISA and the FBI has warned.…

The U.S. government’s cybersecurity agency says hackers backed by the Iranian government compromised a federal agency that failed to patch against Log4Shell, a vulnerability fixed almost a year ago. In…

The FBI, CISA and the U.S. Treasury Department are warning that North Korean state-sponsored hackers are using ransomware to target healthcare and public health sector organizations across the United States.…

The U.S., U.K. and EU have formally blamed the Russian government for the February cyberattack against satellite communications provider Viasat, which triggered outages across central and eastern Europe hours before…

The U.S. government has warned that North Korean state-backed hackers known as the Lazarus Group are targeting organizations in the blockchain industry using trojanized cryptocurrency applications. In a joint advisory…

You might not think much about the train or the airplane that gets you from one place to another, but behind any transportation link is a vast sprawling network of…

The U.S. Department of State is upping the ante in its fight against ransomware by offering a reward of up to $10 million for information that helps identify or track…

The BlackMatter ransomware operation, which came to prominence earlier this year following the demise of the DarkSide ransomware gang, is allegedly shutting down due to “pressure from the authorities.” The…

The Cybersecurity and Infrastructure Security Agency has launched a vulnerability disclosure program allowing ethical hackers to report security flaws to federal agencies. The platform, launched with the help of cybersecurity…

President Biden has named two former National Security Agency veterans to senior government cybersecurity positions, including the first national cyber director. The appointments, announced Monday, land after the discovery of…

Trump’s election denialism saw him retaliate in a way that isn’t just putting the remainder of his presidency in jeopardy, it’s already putting the next administration in harm’s way. In…

A lot happened in cybersecurity over the past week. The University of Utah paid almost half a million dollars to stop hackers from leaking sensitive student data after a ransomware…

In a rare joint public statement, the FBI and Homeland Security’s cybersecurity advisory unit CISA have accused top Chinese hackers of trying to steal U.S. research related to the coronavirus…

Homeland Security’s cybersecurity advisory unit “has not yet completed” its plans to secure the 2020 presidential election, a government watchdog has said. The report, published on Thursday by the Government…

Homeland Security’s cybersecurity agency says a popular gas station software contains several security vulnerabilities that require “low skill” to exploit. The advisory, posted by the Cybersecurity and Infrastructure Security Agency…

In a crushing blow to the tech industry and privacy advocates, the Senate today passed the controversial Cybersecurity Information Sharing Act (CISA). The bill, which passed the Senate on a…

The House of Representatives today passed The Protecting Cyber Networks Act on a 307-116 bipartisan vote. The bill aims to remove legal barriers so that American companies can share threat…

The same Russian hackers who breached the State Department system for months also gained access to an unclassifed White House computer system, according to a report from CNN. Although the system…