Tag: cisa
-
Rep. Green on CISA cuts, China hacking and cyber as a bipartisan issue
by
in SecurityNewsThe chair of the House Homeland Security Committee said his panel was prepared to take on pressing cyber policy challenges, like an estimated cyber workforce shortage of 50,000 professionals and burdensome digital compliance. First seen on therecord.media Jump to article: therecord.media/mark-green-interview-cisa-cuts-china-hacking
-
China Secretly (and Weirdly) Admits It Hacked US Infrastructure
by
in SecurityNewsPlus: The Department of Homeland Security begins surveilling immigrants’ social media, President Donald Trump targets former CISA director who refuted his claims of 2020 election fraud, and more. First seen on wired.com Jump to article: www.wired.com/story/china-admits-hacking-us-infrastructure/
-
Trump Strips Security Clearances of Ex-CISA Head Krebs, SentinelOne
by
in SecurityNewsPresident Trump stripped former CISA head Chris Krebs of his security clearances, accusing him of disloyalty for claiming the 2020 election was safe and disagreeing with him regarding the pandemic. SentinelOne, where Krebs is an executive, also was targeted by Trump, who further ordered investigations of Krebs and CISA. First seen on securityboulevard.com Jump to…
-
Trump orders probe of ex-CISA chief Krebs over 2020 election dispute
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/trump-orders-probe-of-ex-cisa-chief-krebs-over-2020-election-dispute
-
Trump’s CISA chief nominee blocked as former head is probed
by
in SecurityNews
Tags: cisaFirst seen on scworld.com Jump to article: www.scworld.com/brief/trumps-cisa-chief-nominee-blocked-as-former-head-is-probed
-
U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
by
in SecurityNewsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Linux Kernel flaws, respectively tracked as CVE-2024-53197 and CVE-2024-53150, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability CVE-2024-53197 (CVSS score of 7.8) resides in the Linux kernel’s ALSA USB-audio driver affecting Extigy…
-
Trump’s DoJ Targets Krebs, Revokes SentinelOne Security Clearance
by
in SecurityNews
Tags: cisaAn executive order is targeting former Trump appointees, including former CISA director Chris Krebs and his current coworkers, in the latest in a series of directives against those who dissented against the president and his associates. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/trump-doj-krebs-revokes-sentinelone-security-clearance
-
Plankey nomination at CISA placed on hold after Wyden pushes for telecom report
by
in SecurityNewsThe Oregon senator is demanding CISA release a report on security practices in the industry, citing concerns about the Salt Typhoon hacking campaign.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/plankey-nomination-cisa-wyden-telecom/745024/
-
Trump administration planning major workforce cuts at CISA
by
in SecurityNews
Tags: cisaThe agency is looking to remove some 1,300 people by cutting about half its full-time staff and another 40 percent of its contractors, a source with direct knowledge of the developing plans told Recorded Future News. First seen on therecord.media Jump to article: therecord.media/trump-administration-planning-workforce-cuts-at-cisa
-
Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs
by
in SecurityNews
Tags: cisaTrump orders a termination of any active security clearances held by Krebs and a suspension of clearances held by individuals at SentinelOne. The post Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/trump-revokes-security-clearance-for-ex-cisa-director-chris-krebs/
-
Trump orders federal investigation into former CISA director Chris Krebs
by
in SecurityNewsTrump fired Krebs by tweet in 2020 after he publicly debunked Trump’s false claims of election fraud. First seen on techcrunch.com Jump to article: techcrunch.com/2025/04/10/trump-orders-federal-investigation-into-former-cisa-director-chris-krebs/
-
CISA under review: Trump memo spurs scrutiny and uncertainty
by
in SecurityNewsRisks public-private collaboration: The directive is likely to have ripple effects on the cybersecurity community as well.CISA has, over the past few years, carved out a critical role as the convening point for public-private cyber collaboration. The agency has been central to fostering trust between federal authorities and private sector entities, especially in areas like…
-
CISA Alerts on Actively Exploited Linux Kernel OutBounds Read Flaw
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts regarding two actively exploited vulnerabilities in the Linux Kernel. The flaws, tagged as CVE-2024-53197 and CVE-2024-53150, both reside in the USB-audio driver. These vulnerabilities could potentially allow attackers to manipulate system memory, escalate privileges, or access sensitive information. CVE-2024-53197: Linux Kernel Out-of-Bounds Access Vulnerability The…
-
Trump Revokes Security Clearance For Former CISA Director Chris Krebs
by
in SecurityNewsPresident Donald Trump signed a memorandum Wednesday that revokes any active security clearances held by former CISA director Chris Krebs and suspends any security clearances held by individuals connected with Krebs’ current employer, cybersecurity vendor SentinelOne. First seen on crn.com Jump to article: www.crn.com/news/security/2025/trump-revokes-security-clearance-for-former-cisa-director-chris-krebs
-
Trump orders probe of former CISA Director Chris Krebs over alleged censorship
by
in SecurityNews
Tags: cisaPresident Donald Trump revoked any security clearances held by former CISA Director Chris Krebs and ordered an investigation into alleged censorship of conservatives by the agency. First seen on therecord.media Jump to article: therecord.media/trump-memo-chris-krebs-cisa-sentinelone
-
Trump kills clearances for infosec’s SentinelOne, ex-CISA boss Chris Krebs
by
in SecurityNewsAlleges cybersecurity agency was ‘weaponized’ to suppress debunked theories First seen on theregister.com Jump to article: www.theregister.com/2025/04/10/trump_cisa_investigation_memo/
-
Wyden to block Trump’s CISA nominee until agency releases report on telecoms’ ‘negligent cybersecurity’
by
in SecurityNewsOregon Sen. Ron Wyden (D) will block the nomination of Sean Plankey over what he called CISA’s “multi-year cover up of the phone companies’ negligent cybersecurity.” First seen on therecord.media Jump to article: therecord.media/wyden-blocks-plankey-nomination-cisa
-
Wyden blocks Trump’s CISA boss nominee, blames cyber agency for ‘actively hiding info’ about telecom insecurity
by
in SecurityNewsIt worked for in 2018 with Chris Krebs. Will it work again? First seen on theregister.com Jump to article: www.theregister.com/2025/04/09/wyden_blocks_trumps_cisa_boss/
-
Sweeping cuts to CISA spark warnings of weakened US cyber defenses
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/sweeping-cuts-to-cisa-spark-warnings-of-weakened-us-cyber-defenses
-
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days
by
in SecurityNewsCISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog. The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-urges-urgent-patching-for-exploited-centrestack-windows-zero-days/
-
U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog
by
in SecurityNews
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws, respectively tracked as CVE-2025-30406 and CVE-2025-29824, to its…
-
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)
by
in SecurityNewsA critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/09/rce-gladinet-centrestack-file-sharing-exploited-cve-2025-30406/
-
Wyden to Hold Up Trump CISA Nominee Over Telecom ‘Cover Up’: Report
by
in SecurityNews
Tags: cisaSenator Ron Wyden (D-OR) is demanding CISA release a three-year-old report critical of telecoms’ security in the wake of the expansive Salt Typhoon hacks before he lifts a hold on President Trump’s nomination of Sean Plankey as head of the agency. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/wyden-to-hold-up-trump-cisa-nominee-over-telecom-cover-up-report/
-
CISA Alerts on Active Exploitation of CentreStack Hard-Coded Key Vulnerability
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert highlighting a critical vulnerability in Gladinet CentreStack, a cloud-based enterprise file-sharing platform. The issue, tracked as CVE-2025-30406, involves the use of a hard-coded cryptographic key that could enable attackers to execute remote code on compromised systems, posing a major security risk to organizations relying on…
-
CISA, experts warn of Crush file transfer attacks as ransomware gang makes threats
by
in SecurityNewsThe makers of the popular file transfer tool CrushFTP say a responsibly disclosed vulnerability in the software has been weaponized. CISA and cyber researchers are sounding alarm bells. First seen on therecord.media Jump to article: therecord.media/crushftp-vulnerability-exploited
-
CISA Alerts on Actively Exploited CrushFTP Authentication Bypass Vulnerability
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited vulnerability in CrushFTP, a popular file transfer server solution. Identified as CVE-2025-31161, the vulnerability allows attackers to bypass authentication, posing significant risks to organizations relying on CrushFTP for secure file sharing and transfer. CISA has added this critical vulnerability to…
-
CISA Warns of CrushFTP Vulnerability Exploitation in the Wild
by
in SecurityNewsThe US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crushftp-vulnerability-cisa-kev/
-
CISA Warns of CrushFTP Exploit Letting Attackers Bypass Authentication
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has recently added a new vulnerability to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2025-31161, is an Authentication Bypass Vulnerability in CrushFTP, a widely used FTP server software. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-adds-cve-2025-31161-to-kev-catalog/