Security news that informs and inspires

Archive

11 results for tag Cisa:

Attackers Using Suite of Tools to Exploit ManageEngine Flaw

An APT group is using a suite of tools, including KdcSponge, Godzilla, and NGLite, to exploit a known ManageEngine flaw and move laterally.

Cisa

CISA Warns Iranian APT Targeting US Infrastructure

CISA warned that an unnamed APT group associated with the Iranian government i exploiting known Fortinet and the Exchange ProxyShell bug to gain access to target networks.

Cisa, Iran

‘We Have to Change the Decision Calculus’ to Stop Ransomware

Ransomware groups such as REvil have take some hits recently, but the broader landscape has continued to expand and experts say defenders need to change their thinking in order to address the problem.

Ransomware, Governance, Cisa

CISA Orders Federal Agencies to Patch Hundreds of Known Flaws

Under a new binding operational directive (BOD), CISA has developed a catalog of known, exploited vulnerabilities that federal agencies must address.

Government Agencies, Cisa, Vulnerabilities, Vulnerability Management

New Tools Target Pulse Connect Secure Flaws

CISA has released analyses of five new pieces of malware being used in attacks against known bugs in Pulse Connect Secure appliances.

Vpn, Cisa