CISA Issues Emergency Directive Requiring Federal Agencies to Check Pulse Connect Secure Products
The directive is in response to observed active exploitation using disclosed vulnerabilities in Pulse Connect Secure products. Keep Reading
The directive is in response to observed active exploitation using disclosed vulnerabilities in Pulse Connect Secure products. Keep Reading
The ICSJWG, one of the principle components of the Strategy for Securing Control Systems, coordinates the facilitation of stakeholder efforts and shares information to help manage cybersecurity risk. Keep Reading
The Cybersecurity and Infrastructure Security Agency (CISA) has been selected as a recipient of the American Society for Public Administration’s 2021 Public Integrity Award. Keep Reading
Representatives from multiple government agencies and the community discussed their roles, shared best practices, and improved coordination mechanisms to help keep the public safe. Keep Reading
Police Chief Chris Magnus of Tucson, Ariz., was selected to lead Customs and Border Protection while Ur Jaddou, the former director of DHS Watch, was selected for USCIS and John Tien was nominated for deputy DHS secretary. Keep Reading
Former NSA Deputy Director Chris Inglis picked to be the first national cyber director, former NSA deputy for counterterrorism Jen Easterly picked to lead CISA, and Rob Silvers, former assistant secretary for cyber policy at DHS, chosen as DHS undersecretary for policy. Keep Reading
Immigration increases include USCIS funding and Office of Professional Responsibility to process CBP, ICE complaints. Keep Reading
CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Keep Reading
APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access to multiple government, commercial, and technology services. Gaining initial access pre-positions the APT actors to conduct future attacks. Keep Reading
Information and communications technology (ICT) systems underpin a broad range of critical infrastructure activities that support critical functions within our communities, such as generating electricity, operating hospitals, and supplying clean water. Keep Reading
The first sprint will focus on fight against ransomware, which DHS secretary said "now poses a national security threat." Keep Reading
On March 23, CISA published a 60-day notice in the Federal Register (86 FR 15490) soliciting public comment on revisions to Information Collection Request (ICR) 1670-0014 that supports several efforts under the CFATS program. Keep Reading
The exercise is part of an ongoing partnership between those involved and was not in response to any specific threat. Keep Reading
Making elections secure means protecting against ever-evolving threats to information technology — which scans in-person and mail-in ballots, supports voter registration databases and communicates vote tallies. Keep Reading
CISA has added two new Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. Keep Reading
Wales called cybersecurity investments in the American Rescue Act, including an extra $650 million for CISA, "an important down payment on the cybersecurity capabilities," but "we are not stopping there." Keep Reading
The table uses the MITRE ATT&CK framework to identify APT TTPs and includes detection recommendations. This information will assist network defenders in detecting and responding to this activity. Keep Reading
The first part of our Profiles in Excellence series. Stay tuned over the next month as we highlight all of our 2020 Award Winners! Keep Reading
A Government Accountability Office (GAO) report says the Cybersecurity and Infrastructure Security Agency (CISA) isn't fully up and running yet. As a result, the watchdog says it may be difficult for CISA to identify and respond to cybersecurity incidents. Keep Reading
CISA encourages users and administrators review the F5 advisory and install updated software as soon as possible. Keep Reading