Tag: U.S. Cybersecurity and Infrastructure Security Agency (CISA)

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
News

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

More than six months after it was revealed that a China-linked cyber espionage campaign was targeting two dozen organizations, Microsoft has extended free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit, regardless of license tier. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) stated that Microsoft "will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days." Furthermore, this data will offer enhanced telemetry, aiding numerous federal agencies in fulfilling logging prerequisites as mandated by the Office of Management and Budget Memorandum M-21-31. In July 2023, Microsoft reported that an activity group named Storm-0558, originating from China, unlawfully infil...
CISA Warning Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
News

CISA Warning Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability

Following reports that it's likely being exploited in Akira ransomware attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a now-patched security flaw affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its list of known exploited vulnerabilities (KEV) on Thursday. The high-severity information disclosure flaw in question is CVE-2020-3259 (CVSS score: 7.5), which might enable an attacker to access memory contents on a compromised device. Cisco corrected it as part of upgrades that were made available in May 2020. The cybersecurity company Truesec reported late last month that it had discovered evidence indicating that Akira ransomware attackers had used it as a weapon read more CISA Warning Akira Ransomware Exp...
CISA and OpenSSF Release Framework for Package Repository Security
News

CISA and OpenSSF Release Framework for Package Repository Security

A new framework for securing package repositories will be published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group. The methodology, known as the Principles for Package Repository Security, attempts to further fortify open-source software ecosystems by laying out a set of fundamental guidelines for package administrators. According to OpenSSF, package repositories play a crucial role in the open-source ecosystem by assisting in the mitigation or prevention of such assaults. Robust security gains can result from even little steps read more CISA and OpenSSF Release Framework for Package Repository Security. Get up to date on the latest cybersecurity ...
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability
News

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

A serious issue that has been fixed and affects Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core was added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its list of known exploited vulnerabilities (KEV) on Thursday. The agency stated that the flaw is being actively exploited in the field. Concerning CVE-2023-35082 (CVSS score: 9.8), this vulnerability is an authentication bypass that is a workaround for another vulnerability in the same solution that is being tracked as CVE-2023-35078 (CVSS score: 10.0). "If exploited, this vulnerability enables an unauthorized, remote (internet-facing) actor to potentially access users' personally identifiable information and make limited changes to the server read more U.S. Cybersecurity Agency Warns of Actively E...