The agencies say it’s vital to prioritize patching. Otherwise, we’re making it easy for attackers who don’t have to work at finding 0 days.
Tag Archives: CISA
Uncle Sam to agencies: No encrypted DNS for you!
The US federal government has been protecting its users by blocking malicious destinations for years, but it won’t let them take advantage of the latest protective measure in DNS – encryption – just yet.
COVID-19 prompts DHS warning to review Office 365 security
The DHS is urging users to secure Office 365 accounts after reporting security weaknesses in Microsoft’s online productivity service.
Ransomware attack forces 2-day shutdown of natural gas pipeline
The attacker(s) infected both IT and operational networks with an unspecified ransomware strain, though the facility never lost control.
Foreign spies may be hiding in your VPN, warns DHS
“…nation-state actors have demonstrated intent and capability to leverage VPN services and vulnerable users for malicious purposes.”
US Government halves deadline for applying critical patches to 15 days
US federal agencies must fix their security bugs twice as quickly under new rules issued by the Department of Homeland Security (DHS).
Google, Facebook, Amazon et al join forces against incoming cybersecurity law
CISA opponents say it may “infringe on users’ privacy” and “cause collateral harm to the systems of innocent third parties.”
Jeb Bush says people need to stop “demonizing” the NSA
In a blog post this week laying out his cybersecurity policy proposals, US presidential candidate Jeb Bush said it’s time to stop “demonizing” intelligence officials at the NSA.