CISA

Security | Oct 06, 2022

US agencies ordered to run asset discovery scans every single week

Knock Knock. Who's there? Multiple APTs, patch your shit.

Security | Aug 30, 2022

Industrial software vuln actively exploited says CISA – but little evidence of real-world attacks

Attacks against ICS and OT systems are an increasingly real concern though.

Software | Jun 28, 2022

Mitel 0day being used as access point for ransomware

Crowdstrike-discovered vuln added to CISA's Known Exploited Vulnerabilities list.

Security | Jun 08, 2022

This is how Chinese hackers are breaching telcos worldwide, say US authorities

SOHO devices and unpatched enterprise switches are the way in.

Security | May 17, 2022

Zyxel, VMware, F5 vulnerabilities under attack: Updated CISA database

Don't put that stuff on the public internet, kids.

Security | Apr 29, 2022

The 10 most-exploited vulnerabilities of 2021: Not patched? Likely pwned...

Attackers continue to accelerate their weaponisation of newly-discovered flaws, the Five Eyes list of most-exploited vulnerabilities of 2021 shows. Contrary to some reports suggesting fears of mass-exploitation had been over-indexed, the flaw in Log4j joined the most widely-exploited vulnerabilities last year, despite only being discovered at the year's

Security | Mar 02, 2022

Previously undocumented rootkit being deployed by Chinese APT

Daxin malware has some really clever C2 techniques to exfiltrate intelligence

Security | Nov 05, 2021

US Agencies given two weeks to patch 100+ exploited vulns -- but who's forcing compliance?

It took TWO YEARS for all agencies to meet an earlier 45 day deadline

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();