CISA stories - Page 4

Veracode has unveiled enhancements to its AI-powered coding solution, Veracode Fix, aiming to cut vulnerability remediation time drastically.

The UK faces increasing cyber threats from China-backed group Volt Typhoon, jeopardising critical infrastructure and national security, warns Certes.

Leading cybersecurity agencies have issued an advisory identifying frequently exploited vulnerabilities in 2023, urging enhanced security measures across sectors.

Memory safety vulnerabilities are surging in industrial control systems, with over 3,000 reported in 2022, prompting urgent calls for enhanced security measures.

A coalition of global agencies warns of Iranian cyber threats targeting critical infrastructure, highlighting emerging tactics and unresolved vulnerabilities.

A joint advisory from international agencies warns of Iranian cyber actors targeting critical infrastructure sectors using brute force tactics for credential compromise.

American Water has reported a cybersecurity breach, highlighting the vulnerabilities threatening critical infrastructure such as water treatment facilities.

Report reveals a 43% surge in vulnerabilities and a 6% rise in ransomware attacks in H1 2024, with VPNs and network infrastructure under significant threat.

OPSWAT and F5's new research reveals critical cyber concerns, with 83% of companies lacking robust defence-in-depth strategies, leaving them vulnerable to evolving cyber threats.

A new survey reveals that 83% of organisations lack robust cyber defences, highlighting alarming vulnerabilities amidst rising application security threats.

AttackIQ signs CISA's Secure by Design pledge, aiming to integrate robust security measures into all products, enhancing global digital safety and inspiring industry standards.

Tenable has launched Vulnerability Intelligence and Exposure Response, aiming to revolutionise the USD $16 billion vulnerability management sector.

Qualys launches TruRisk Eliminate, a novel solution aimed at addressing cybersecurity vulnerabilities without solely relying on patching, enhancing protection.

Microsoft's July 2024 Patch Tuesday reveals 139 vulnerabilities, including two zero-days under active exploitation: Hyper-V's EoP and MSHTML Spoofing.

A new cybersecurity report reveals that 52% of critical open-source projects rely on memory-unsafe programming languages, posing significant security risks.

WatchGuard Technologies unveils ThreatSync+ NDR and WatchGuard Compliance Reporting, leveraging AI to simplify cybersecurity for smaller IT teams and enhance compliance.

Semperis unveils Delegation Manager, an Active Directory tool to combat cyber threats by offering granular control of permissions, reducing over-privileged accounts.

Cybersecurity giant Fortinet has solidified its commitment to secure product development and transparency by becoming an early signatory to the Secure by Design pledge initiated by the Cybersecurity and Infrastructure Security Agency (CISA).

Zscaler's 2024 ThreatLabz VPN Risk Report reveals concerns over VPN vulnerabilities amidst rising cyber attacks in Australia, prompting a shift towards Zero Trust architecture.

Semperis researchers have identified a potential new threat called Silver SAML that exploits SAML to attack from cloud identity providers such as Entra ID, potentially endangering applications like Salesforce or ServiceNow.