CISA stories - Page 3

Tenable has launched Vulnerability Intelligence and Exposure Response, aiming to revolutionise the USD $16 billion vulnerability management sector.

Qualys launches TruRisk Eliminate, a novel solution aimed at addressing cybersecurity vulnerabilities without solely relying on patching, enhancing protection.

Microsoft's July 2024 Patch Tuesday reveals 139 vulnerabilities, including two zero-days under active exploitation: Hyper-V's EoP and MSHTML Spoofing.

A new cybersecurity report reveals that 52% of critical open-source projects rely on memory-unsafe programming languages, posing significant security risks.

WatchGuard Technologies unveils ThreatSync+ NDR and WatchGuard Compliance Reporting, leveraging AI to simplify cybersecurity for smaller IT teams and enhance compliance.

Semperis unveils Delegation Manager, an Active Directory tool to combat cyber threats by offering granular control of permissions, reducing over-privileged accounts.

Cybersecurity giant Fortinet has solidified its commitment to secure product development and transparency by becoming an early signatory to the Secure by Design pledge initiated by the Cybersecurity and Infrastructure Security Agency (CISA).

Zscaler's 2024 ThreatLabz VPN Risk Report reveals concerns over VPN vulnerabilities amidst rising cyber attacks in Australia, prompting a shift towards Zero Trust architecture.

Semperis researchers have identified a potential new threat called Silver SAML that exploits SAML to attack from cloud identity providers such as Entra ID, potentially endangering applications like Salesforce or ServiceNow.

In light of the massive cybersecurity breach impacting Ivanti solutions, firms are urged to embrace cyber resilience for business continuity, demonstrating greater fortitude against potential disruptions.

OX Security unveils the industry's first Active Application Security Posture Management Platform, aiming at active threat analysis and reducing alert fatigue.

A shocking 30% increase in attacks on critical infrastructures was recorded in 2023, resulting in over 420 million incidents.

iboss reveals a Government Protective DNS Module seeking to safeguard government agencies from DNS cyber vulnerabilities by leveraging the Cybersecurity and Infrastructure Security Agency's protective DNS service.

ESET, a global cybersecurity firm, boosts Microsoft Sentinel’s security abilities by integrating its six threat intelligence data feeds.

Endpoint ransomware attacks see an 89% rise, whilst cybercriminals increase exploitation of remote access software, according to WatchGuard.

Cloud Security Alliance (CSA) has launched the industry's first Zero Trust training and certification, the Certificate of Competence in Zero Trust (CCZT).

FreeBSD Foundation launches SSDF Attestation, simplifying secure software development for vendors and cloud providers.

Keeper Security, a leader in password management, has become the first company in its field to join the CVE programme as a CNA.

Delinea continues its commitment to cybersecurity education and evangelism as a Champion of Cybersecurity Awareness Month 2023.