Security news aggregator

Latest coverage for CISA

Stay informed on the latest CISA updates, guidelines, and alerts critical for robust information security and cyber threat prevention.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Cybersecurity and Infrastructure Security Agency (CISA) is the U.S. Department of Homeland Security agency for reducing cyber and physical risks to critical infrastructure and federal civilian networks. Created by the 2018 CISA Act, it works with government and industry, publishes alerts and guidance, and coordinates assistance during significant incidents. Its direct federal-network role chiefly covers the Federal Civilian Executive Branch, including .gov; private-sector engagement is often voluntary or sector-specific.

Practitioners use CISA advisories and the Known Exploited Vulnerabilities catalog to prioritize patching where exploitation has been observed, and consult applicable directives and incident-response guidance. CISA supports vulnerability reporting and promotes controls such as multifactor authentication, logging, and tested recovery. A CISA alert is an actionable risk signal, not proof every organization is affected; teams should verify product, version, exposure, and obligations.

Showing 13 most recent headlines Filtered view

Affected federal agencies must comb through mails, reset API keys and passwords The US Cybersecurity and Infrastructure Security Agency (CISA) warns that Russian spies who gained access to Microsoft's email system were able to steal sensitive data, including authentication details and that immediate remedial action is required by affected agencies.…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft's systems that led to the theft of email correspondence with the company

Krebs on Security 2 years, 3 months ago

Why CISA is Warning CISOs About a Breach at Sisense

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.

Bank Info Security 2 years, 3 months ago

CISA Warns Russian Microsoft Hackers Targeted Federal Emails

US Cyber Defense Agency Instructs Agencies to Fortify Systems Amid Microsoft BreachThe U.S. Cybersecurity and Infrastructure Security Agency publicly released an emergency directive Thursday requiring impacted federal agencies to take immediate remediation measures amid continued fallout from the Russian state-sponsored hacking of Microsoft that began in late November.

Bank Info Security 2 years, 3 months ago

US CISA Aims to Expand Automated Malware Analysis Support

US Cyber Defense Agency Scales Next-Generation Malware Analysis PlatformThe U.S. Cybersecurity and Infrastructure Security Agency has announced an update to its Next-Generation Malware Analysis platform as part of an effort to better provide all government entities - including state, local and tribal agencies - with real-time support to fight malicious cyber activity.