Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

23 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 23 Filtered view

Acting director Nick Andersen said a binding operational directive is en route for agencies, and that more specific discussions need to happen with critical infrastructure owners. The post CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector appeared first on CyberScoop.

Bank Info Security 1 year, 7 months ago

CISA Red Team Finds Alarming Critical Infrastructure Risks

Red Team Finds Vulnerabilities in Critical Infrastructure Org’s Security FrameworkThe U.S., cyber defense agency is urging critical infrastructure operators to learn from the experience of a volunteer read teaming test and not rely too heavily on host-based endpoint detection and response solutions at the expense of network layer protections.

Attackers Are Targeting the Widely Used Mirth Connect Data Integration PlatformCyberattackers are actively exploiting a vulnerability in the NextGen Healthcare Mirth Connect product, an open-source data integration platform widely used by healthcare companies, said CISA in an alert Monday. The flaw, which allows remote code execution, has been known since October 2023.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

Bank Info Security 2 years, 7 months ago

CISA Releases Health Sector Vulnerability Mitigation Guide

Agency Maps its Advice to Other Health Industry Cyber Best Practice ResourcesA new guide from the Cybersecurity and Infrastructure Security Agency aims to help healthcare and public health sector entities get a much tighter grip on managing serious risks posed by the most troublesome types of vulnerabilities threatening the beleaguered industry.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware gangs, aiming to help critical infrastructure organizations thwart their attacks. [...]

Threat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]

Loading more headlines...