Tag: cisa
-
CISA director Jen Easterly to depart agency on January 20
by
in SecurityNewsCISA’s director will depart the agency after three years at the helm, as part of the “seamless transition” of government power. First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/18/cisa-director-jen-easterly-to-depart-agency-on-january-20/
-
18th November Threat Intelligence Report
by
in SecurityNewsThe FBI and CISA issued a joint statement detailing a major Chinese cyber-espionage campaign targeting U.S. telecommunications infrastructure, led by the APT group Salt Typhoon. This operation compromised networks to steal call […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/18th-november-threat-intelligence-report/
-
T-Mobile is one of the victims of the massive Chinese breach of telecom firms
T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. Recently, the FBI and CISA announced they are continuing to investigate a large-scale cyber-espionage campaign by China-linked threat actors targeting U.S. telecoms,…
-
Palo Alto Networks’ customer migration tool hit by trio of CVE exploits
by
in SecurityNewsCISA warned of two critical and actively exploited vulnerabilities in Expedition one week after another CVE came under active exploitation in the same product. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/palo-alto-networks-migration-tool-exploits/733072/
-
BSI/CISA-Warnung: Angriffe auf Ungepatchte Schwachstelle in Firewalls von Palo Alto Networks
by
in SecurityNewsIn den Firewalls von Palo Alto Networks soll eine ungepatchte Schwachstelle existieren. Über diese Schwachstelle kann auf das Management Interface zugegriffen werden. Das wird wohl bereits für Angriffe ausgenutzt. Sowohl das BSI als auch die US-Behörde CISA warnen: Kunden sollten … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/16/bsi-cisa-warnung-angriffe-auf-ungepatchte-schwachstelle-in-firewalls-von-palo-alto-networks/
-
CISA Faces Uncertain Future Under Trump
by
in SecurityNewsTrump Administration Picks May Test Bipartisan Support for Cybersecurity Agency. Newly empowered Republicans in U.S. president-elect Donald Trump’s orbit appear slated to enact far-reaching changes to the federal cyber defense agency, with one senator pledging to act on his long-standing enmity to the Cybersecurity and Infrastructure Security Agency. First seen on govinfosecurity.com Jump to article:…
-
More bugs in Palo Alto Expedition see active exploitation, CISA warns
Hackers have been actively targeting the firewall management software through multiple vulnerabilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/palo-alto-expedition-firewall-exploit-cisa-kev/
-
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog. The post CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-two-more-palo-alto-expedition-flaws-exploited-in-attacks/
-
U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog
by
in SecurityNewsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following Palo Alto Networks Expedition vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Last week, Palo Alto Networks addressed multiple vulnerabilities that an attacker can chain to hijack…
-
Zero-Day Exploits Surge in 2023, Cisco, Fortinet Vulnerabilities Targeted
by
in SecurityNewsA report from the Five Eyes cybersecurity alliance, released by the CISA, highlights the majority of the most exploited vulnerabilities last year were initially zero-day flaws, a significant increase compared to 2022 when less than half of the top vulnerabilities were zero-day exploits. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/zero-day-exploits-surge-in-2023-cisco-fortinet-vulnerabilities-targeted/
-
CISA warnt vor Angriffen auf Palo-Alto-Software
by
in SecurityNewsErst vergangene Woche warnte die CISA vor einer angegriffenen Sicherheitslücke in Palo Altos Expedition, jetzt stehen weitere Lecks unter Beschuss. First seen on heise.de Jump to article: www.heise.de/news/Palo-Alto-Weitere-Sicherheitslecks-in-MIgrationstool-aktiv-angegriffen-10036380.html
-
Vietnam Strengthens Cybersecurity by Partnering with CISA to Secure Critical Infrastructure
by
in SecurityNewsThe Vietnam Authority of Information Security (AIS), part of the Ministry of Information and Communications, has signed a memorandum of understanding (MoU) with the Cybersecurity and Infrastructure Security Agency (CISA) under the US Department of Homeland Security. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/vietnam-authority-of-information-security-cisa/
-
CISA Warns of Actors Exploiting Two Palo Alto Networks Vulnerabilities
by
in SecurityNews
Tags: cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, malicious, network, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, CVE-2024-9463 and CVE-2024-9465, are reportedly actively exploited by malicious cyber actors. CISA emphasizes that both vulnerabilities pose significant risks, particularly to federal systems. CVE-2024-9463: Palo…
-
CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed
by
in SecurityNews
Tags: attack, cisa, cybersecurity, exploit, flaw, infrastructure, kev, network, rce, remote-code-execution, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition have come under active exploitation in the wild.To that, it has added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates by…
-
CISA Flags Critical Palo Alto Network Flaws Actively Exploited in the Wild
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition have come under active exploitation in the wild.To that, it has added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates by…
-
CISA warns of more Palo Alto Networks bugs exploited in attacks
by
in SecurityNewsCISA warned today that two more critical security vulnerabilities in Palo Alto Networks’ Expedition migration tool are now actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-more-palo-alto-networks-bugs-exploited-in-attacks/
-
Feds find ‘broad and significant’ China espionage campaign in US telecom networks
The FBI and CISA warned the nation-state affiliated malicious activities are extensive and include the theft of sensitive call records and court-ordered information. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-espionage-us-telecom-networks/732947/
-
CISA and FBI: Chinese Hackers Compromised US Telecom Networks
by
in SecurityNewsThe CISA and FBI have issued an advisory detailing a sophisticated cyberespionage campaign by state-sponsored Chinese hackers that… First seen on hackread.com Jump to article: hackread.com/cisa-fbi-chinese-hackers-hacked-us-telecom-networks/
-
China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials
by
in SecurityNewsChina-linked threat actors breached U.S. broadband providers and gained access to private communications of a limited number of U.S. government officials. The FBI and CISA continues to investigate a large-scale cyber-espionage campaign by China-linked threat actors targeting U.S. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures.…
-
FBI confirms China-backed hackers breached US telecom giants to steal wiretap data
The FBI and CISA say they have uncovered a “broad and significant” China-linked cyber espionage campaign First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/14/us-confirms-china-backed-hackers-breached-telecom-providers-to-steal-wiretap-data/
-
CISA, FBI Confirm China Hacked Telecoms Providers for Spying
CISA and the FBI have confirmed that Chinese hackers compromised the networks of telecommunications companies to spy on specific targets. The post CISA, FBI Confirm China Hacked Telecoms Providers for Spying appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-fbi-confirm-china-hacked-telecoms-providers-for-spying/
-
Massive Telecom Hack Exposes US Officials to Chinese Espionage
by
in SecurityNewsThe FBI and CISA have confirmed that US officials’ private communications have been compromised First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/telecom-hack-exposes-us-officials/
-
Key ICS Vulnerabilities Identified in Latest CISA Advisories
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has recently issued a series of security advisories, shedding light on several critical vulnerabilities affecting Industrial Control Systems (ICS). First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ics-vulnerabilities-this-week/
-
US confirms China-backed hackers breached telecom providers to steal wiretap data
by
in SecurityNewsCISA and the FBI say they have uncovered a ‘broad and significant’ PRC-linked cyberespionage campaign First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/14/us-confirms-china-backed-hackers-breached-telecom-providers-to-steal-wiretap-data/
-
ShrinkLocker ransomware scrambled your files? Free decryption tool to the rescue
by
in SecurityNewsPlus: CISA’s ScubaGear dives deep to fix M365 misconfigs First seen on theregister.com Jump to article: www.theregister.com/2024/11/14/shrinklocker_ransomware_decryptor/
-
US govt officials’ communications compromised in recent telecom hack
by
in SecurityNewsCISA and the FBI confirmed that Chinese hackers compromised the “private communications” of a “limited number” of government officials after breaching multiple U.S. broadband providers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-compromised-us-government-officials-private-communications-in-recent-telecom-breach/
-
Response to CISA Advisory (AA24-317A): 2023 Top Routinely Exploited Vulnerabilities
by
in SecurityNewsIn response to the recently published CISA Advisory (AA24-317A) that disseminates the top routinely exploited vulnerabilities from 2023, AttackIQ has proposed a multitude of recommendations that customers can take to emulate these prevalent vulnerabilities. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/response-to-cisa-advisory-aa24-317a-2023-top-routinely-exploited-vulnerabilities/
-
ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell
by
in SecurityNewsCISA, Schneider Electric, Siemens, and Rockwell Automation have released November 2024 Patch Tuesday security advisories. The post ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ics-patch-tuesday-security-advisories-released-by-cisa-schneider-siemens-rockwell/
-
FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023
by
in SecurityNewsThe FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance have released today a list of the top 15 routinely exploited vulnerabilities throughout last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-cisa-and-nsa-reveal-most-exploited-vulnerabilities-of-2023/
-
The Power of the Purse: How to Ensure Security by Design
by
in SecurityNews
Tags: cisaCISA should make its recommended goals mandatory and perform audits to ensure compliance. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/power-purse-ensure-security-by-design