Security news that informs and inspires


34 results for tag Cisa:

CISA Issues Emergency Directive For Log4j Flaw

Federal agencies have until Dec. 23 to track down systems vulnerable to Log4j and apply patches or mitigations.

Log4j, Cisa, Patch

New Guidance Pushes Federal Agencies Toward Automated Incident Reporting

New guidance from the White House requires CISA to develop policies for federal agencies to move toward automated security incident reporting.

Cisa, Government

APT Groups Exploiting Critical Flaw in ManageEngine ServiceDesk Plus

CISA and the FBI are warning that APT groups are exploiting a critical flaw (CVE-2021-44077) in the ManageEngine ServiceDesk Plus tool.


Attackers Using Suite of Tools to Exploit ManageEngine Flaw

An APT group is using a suite of tools, including KdcSponge, Godzilla, and NGLite, to exploit a known ManageEngine flaw and move laterally.


CISA Warns Iranian APT Targeting US Infrastructure

CISA warned that an unnamed APT group associated with the Iranian government i exploiting known Fortinet and the Exchange ProxyShell bug to gain access to target networks.

Cisa, Iran