Cybersecurity and Infrastructure Security Agency (CISA) Archives

Here’s what could happen if CISA 2015 expires next month

The Cybersecurity Information Sharing Act lapsing might spell disaster, experts and industry groups warn.

2 days ago By Tim Starks

Fortinet office in Burnaby, BC, Canada, July 7, 2023. (Getty Images)

Fortinet SIEM issue coincides with spike in brute-force traffic against company’s SSL VPNs

Researchers aren’t aware of any active exploitation of the software, but the issue is being dealt with simultaneously as attackers are trying to brute force the company’s…

Aug 13, 2025 By Matt Kapko

President Donald Trump holds up an executive order on creating a White House 2028 Olympics task force after signing it in the South Court Auditorium of the White House on Aug. 5, 2025. (Photo by Brendan SMIALOWSKI / AFP)

The overlooked changes that two Trump executive orders could bring to cybersecurity

Good, bad, puzzling — a March order and June order could have bigger ripples than realized when the president signed them.

Aug 13, 2025 By Tim Starks

Sean Plankey, of Pennsylvania, responds to questioning during Senate Committee on Homeland Security and Governmental Affairs hearings to examine his nomination to be Director of the Cybersecurity and Infrastructure Security Agency, of the Department of Homeland Security, in the Dirksen Senate office building, in Washington, DC, on Wednesday July 24, 2025. (Mattie Neretin/CNP/Sipa USA)

Patch the vulnerability: Confirm Sean Plankey as CISA director

The executive director of the National Technology Security Coalition writes that Plankey is a strong, capable leader who will strengthen public-private partnerships.

Aug 13, 2025 By Patrick D. Gaul

A corporate logo for Microsoft hangs above the door to its office building on 8th Avenue on June 24, 2025, in New York City. (Photo by Gary Hershorn/Getty Images)

Microsoft Patch Tuesday follows SharePoint attacks, Exchange server warnings

Despite serious alarm raised by officials, organizations have not applied the patch for Microsoft Exchange servers en masse.

Aug 12, 2025 By Matt Kapko

SonicWall headquarters — SonicWall’s headquarters in Milpitas, California. (Getty Images)

SonicWall pins firewall attack spree on year-old vulnerability

The vendor ruled out a zero-day vulnerability as the root cause, disputing initial assessments from third-party researchers. Fewer than 40 organizations have been impacted since mid-July.

Aug 11, 2025 By Matt Kapko

BlackSuit, Royal ransomware group hit over 450 US victims before last month’s takedown

The Department of Homeland Security said the Russian cybercrime collective received at least $370 million in ransom payments, based on current cryptocurrency valuations.

Aug 7, 2025 By Matt Kapko

Microsoft Romania headquarters in City Gate Towers situated in Free Press Square, in Bucharest, Romania. (Getty Images)

CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability

The public disclosure and advisories came late Wednesday during Black Hat, but Microsoft said the timing was coordinated.

Aug 7, 2025 By Matt Kapko

Sean Cairncross, CEO, Millenium Challenge Corporation, speaks onstage during the 2019 Concordia Annual Summit – Day 2 at Grand Hyatt New York on Sept. 24, in New York City. (Photo by Riccardo Savi/Getty Images for Concordia Summit)

New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats

It’s a “pivotal” moment for Sean Cairncross, fresh off his Senate confirmation in a changing federal cyber landscape.

Aug 6, 2025 By Tim Starks

SonicWall firewalls hit by active mass exploitation of suspected zero-day

About 20 organizations have been impacted and the pace of attacks is rising. Threat researchers and SonicWall are scrambling to determine the root cause.

Aug 5, 2025 By Matt Kapko