Federal News Network

CISA delays cyber incident reporting town halls due to shutdown

CISA had been planning to hold the town halls starting on Monday. The shutdown is "likely" to also delay issuance of the final cyber incident reporting rule.
EDUCAUSE Review

CISA Announces Town Hall Meetings on CIRCIA Regulations

The Cybersecurity and Infrastructure Security Agency has announced a series of virtual town hall meetings to seek additional input on proposed regulat ...
CSO Online

CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws

Patched vulnerabilities in Ivanti Endpoint Manager and Cisco Catalyst SD-WAN are under attack, according to the US security agency, which added reporting requirements to its previous Cisco directive.

CISA: Recently patched Ivanti EPM flaw now actively exploited

CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks.
Nextgov

New tech, personnel will help CISA with coming rush of cyber incident reports

CISA said “an automated mechanism” could help it better process and review a coming deluge of new cyber incident reports but could not be accounted for in its current budget. The Cybersecurity and ...
Forbes

CISA Incident Reporting Requirements: What Does This Mean For You?

Cyberattacks targeting critical infrastructure and essential services are on the rise. In response, the Cybersecurity and Infrastructure Security Agency (CISA), under the Cyber Incident Reporting for ...
JD Supra

CISA Opens Notice and Comment Process on CIRCIA Draft Regulations

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security published a long-awaited notice of proposed rulemaking (NPRM) pursuant to the ...
TechRepublic

Possible National Security Crisis Averted: CISA’s Reversal Extends Support for CVE Database

Possible National Security Crisis Averted: CISA’s Reversal Extends Support for CVE Database Your email has been sent The nonprofit organization MITRE, which maintains the Common Vulnerabilities and ...

CISA orders feds to patch n8n RCE flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability.
SDxCentral

CISA releases Malware Analysis Report on RESURGE malware associated with Ivanti Connect Secure

Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report (MAR) with analysis and associated detection signatures on a new malware variant CISA has identified as ...
Homeland Security Today

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities

CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities, according to a press release yesterday.
The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...