SEARCH
Archive
CISA Issues Emergency Directive For Log4j Flaw
Federal agencies have until Dec. 23 to track down systems vulnerable to Log4j and apply patches or mitigations.
New Guidance Pushes Federal Agencies Toward Automated Incident Reporting
New guidance from the White House requires CISA to develop policies for federal agencies to move toward automated security incident reporting.
APT Groups Exploiting Critical Flaw in ManageEngine ServiceDesk Plus
CISA and the FBI are warning that APT groups are exploiting a critical flaw (CVE-2021-44077) in the ManageEngine ServiceDesk Plus tool.
Attackers Using Suite of Tools to Exploit ManageEngine Flaw
An APT group is using a suite of tools, including KdcSponge, Godzilla, and NGLite, to exploit a known ManageEngine flaw and move laterally.
CISA Warns Iranian APT Targeting US Infrastructure
CISA warned that an unnamed APT group associated with the Iranian government i exploiting known Fortinet and the Exchange ProxyShell bug to gain access to target networks.