Latest News
Stay up to date with the latest posts and updates
Alerts
-
Supply Chain Attack Against 3CXDesktopApp
CISA is aware of open-source reports describing a supply chain attack against 3CX software and their customers. According to the reports, 3CXDesktopApp — a voice and video conferencing…
4 min read
-
Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments
Today, CISA released the Untitled Goose Tool to help network defenders detect potentially malicious activity in Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) environments. The…
4 min read
-
JCDC Cultivates Pre-Ransomware Notification Capability
In today’s blog post, Associate Director of the Joint Cyber Defense Collaborative (JCDC) Clayton Romans highlighted recent successes of pre-ransomware notification and its impact in reducing harm from ransomware…
4 min read
-
CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management
As part of the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has released Identity and Access Management Recommended…
4 min read
-
CISA Releases Updated Cybersecurity Performance Goals
Content: Today, we published stakeholder-based updates to the Cybersecurity Performance Goals (CPGs). Originally released last October, the CPGs are voluntary practices that businesses and critical infrastructure owners can…
4 min read
-
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected…
4 min read
