SSVC: Prioritization of vulnerability remediation according to CISA
Given that 2021 was a record year for new vulnerabilities published and threat actors became better at weaponizing vulnerabilities, timely and well-judged vulnerability …
CISA releases RedEye open-source analytic tool
CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye, available on GitHub, allows an …
What $1B in cybersecurity funding can mean for US state, local governments
How do you best spend a cybersecurity budget you have long been hoping you’d get? That’s the question state, local, and territorial (SLT) governments are starting to ask …
CISA orders federal agencies to regularly perform IT asset discovery, vulnerability enumeration
A new directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) is ordering US federal civilian agencies to perform regular asset discovery and …
Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password …
US to award $1B to state, local, and territorial governments to improve cyber resilience
The US government will award $1 billion in grants to help state, local, and territorial (SLT) governments address cybersecurity risks, strengthen the cybersecurity of their …
Is $15.6 billion enough to protect critical infrastructure?
Several bills totaling $15.6 billion are making their way through the House for the 2023 fiscal year. While $11.2 billion will go to the Department of Defense, $2.9 billion …
IronNet partners with CISA to improve nation’s cyber defense
IronNet has entered into an agreement with the Cybersecurity and Infrastructure Security Agency (CISA) to share information from IronNet’s Collective Defense platform to help …
Black Hat USA 2022 video walkthrough
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …
USA’s plan to build its cyber workforce, improve skills-based pathways to cyber jobs
On July 19, 2022, National Cyber Director Chris Inglis hosted the National Cyber Workforce and Education Summit at the White House. The event focused on building the cyber …
Healthcare organizations targeted with Maui ransomware
A less known ransomware threat dubbed Maui has been and is likely to continue hitting healthcare organizations, a new CISA alert warns. Maui is unusual in many ways: it does …
CISA and NPower offer free entry-level cybersecurity training
NPower, a US-based non-profit participating in a cybersecurity workforce development program started by the Cybersecurity and Infrastructure Agency (CISA), is looking for …