Joint Advisory Warns of Snatch RansomwareNew!!
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...
CISA Alert: VMware Releases Security Update—Patch VMware Tools Now
VMware provides multi-cloud services, products, and solutions for its customers, including VMware Tools. On September 1, 2023, VMware released a security update for a vulnerability in VMware Tools. According to the...
CISA Issues Four More Industrial Control Systems Advisories
On August 22, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) issued four more advisories related to industrial control systems. The advisories are applicable to four different industrial control products, explain...
CISA Urges Secure by Design for AI Tools
CISA released a blog post last week reminding software designers that artificial intelligence (AI) tools are software and that they “must consider the security of the customers as a core business...
CISA Issues Two Industrial Control Systems Advisories
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and exploits surrounding” Industrial Control Systems (ICS). The Advisories provide background on the vulnerabilities, and...
CISA Issues 2022 Top Routinely Exploited Vulnerabilities
In its continued effort to keep the industry apprised of threats facing companies in the U.S., CISA recently issued a Cybersecurity Advisory: 2022 Top Routinely Exploited Vulnerabilities that is helpful to...
CISA Issues Three Advisories for Industrial Control Systems
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell ArmorStart,...
CISA Director Urges Regulation of the Use of Artificial Intelligence
While recently speaking at a conference hosted by Vanderbilt University, Jen Easterly, the Director of the Cybersecurity Infrastructure Security Agency (CISA) urged the development of regulations around the use of artificial...
The surveys speak: supply chain threats are freaking people out
A bunch of recent surveys of IT and security pros send a clear message: threats and risks from vulnerable software supply chains are real, and they’re starting to freak people out.
The...
Forget the IoT. Meet the IoZ: our Internet of Zombie things
A school that never sleeps? Cameras that go dark? A dead company hacked back to life? Welcome to the growing Internet of Zombie devices that threatens the security of the Internet....