CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed ...
Morning Overview on MSN

CISA ordered federal agencies to patch two actively exploited Microsoft Defender flaws — RedSun and UnDefend — by June 3

Federal civilian agencies across the United States face a two-week sprint to fix two Microsoft Defender vulnerabilities that ...
GovInfoSecurity

CISA Urges OT Operators to Plan for Worst Case Scenarios

The latest initiative from the U.S. cyber defense agency aimed at operational technology operators is a little bit different.
Biometric Update

GitHub exposure points to broader contractor identity security gaps at CISA

When contractors expose privileged credentials, it raises questions not just about one vendor, but government oversight of ...
CSOonline

CISA releases cybersecurity performance goals to reduce risk and impact of adversarial threats

Based on the NIST Cybersecurity Framework, the goals could become the baseline standards for cybersecurity negligence and possible future regulatory requirements. Last week, the US Cybersecurity and ...
AFCEA

CISA Views Critical Infrastructure and Cybersecurity Through Global Lens

If an international coalition that includes multiple U.S. agencies gets its way, software manufacturers rather than their customers will be largely responsible for securing software used to defend ...