Tag : CISA

image_pdfimage_print

The US cybersecurity agency CISA has announced a new pilot program to provide managed cybersecurity services to critical infrastructure entities that need support. For years, the agency has been acting as a managed service provider to the federal civilian government, which has resulted in reduced risks and cost-savings, in addition to delivering standardization. Now, CISA ..

Leggi tutto

La “Roadmap for Artificial Intelligence 2023-2024” della Cybersecurity and Infrastructure Security Agency (CISA), un’agenzia del Dipartimento della Sicurezza Interna degli Stati Uniti (DHS), rappresenta un piano strategico cruciale che risponde direttamente all’Ordine Esecutivo 14110 della Casa Bianca. Questo documento è fondamentale per garantire lo sviluppo e l’uso sicuri e affidabili dell’intelligenza artificiale (AI), allineandosi strettamente ..

Leggi tutto

The US cybersecurity agency CISA on Tuesday published a new document detailing its efforts in promoting the use of artificial intelligence (AI) to improve security and supporting critical infrastructure organizations in adopting AI. Aligned with national AI strategy, CISA’s Roadmap to AI (PDF) promotes beneficial uses of AI in enhancing cybersecurity capabilities and details the ..

Leggi tutto

The US cybersecurity agency CISA and the Department of Health and Human Services (HHS) on Wednesday released cybersecurity resources for healthcare and public health (HPH) organizations. These entities heavily rely on digital technologies to store personal and medical information, perform medical procedures, and communicate with patients, which increases their attack surface, but often face challenges ..

Leggi tutto

US cybersecurity agency CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warn organizations of potential widespread exploitation of a recent zero-day vulnerability in Atlassian Confluence Data Center and Server. Tracked as CVE-2023-22515 (CVSS score of 9.8), the bug has been exploited by a nation-state threat actor since September 14, roughly two ..

Leggi tutto

The US cybersecurity agency CISA is stepping up its efforts to prevent ransomware by making it easier for organizations to learn about vulnerabilities and misconfigurations exploited in these attacks. As part of its Ransomware Vulnerability Warning Pilot (RVWP) program launched in March, the agency has released two new resources to help organizations identify and eliminate ..

Leggi tutto

The US cybersecurity agency CISA has removed several Owl Labs product flaws from its Known Exploited Vulnerabilities (KEV) Catalog after SecurityWeek privately called into question its decision. In mid-September, CISA added to its KEV catalog four vulnerabilities affecting Owl Labs’ Meeting Owl smart video conferencing product, a device shaped like an owl that features a ..

Leggi tutto

The US government’s cybersecurity agency CISA has unveiled a new Hardware Bill of Materials (HBOM) framework offering a consistent, repeatable way for vendors to communicate with purchasers about hardware components in physical products. The new framework provides what CISA describes as “a reliable and predictable structure for HBOMs” and a set of clearly defined data ..

Leggi tutto

The Known Exploited Vulnerabilities (KEV) Catalog maintained by the US cybersecurity agency CISA has led to significant improvements in federal agencies’ patching efforts, with more than 1,000 vulnerabilities now included in the list. Launched in November 2021, the KEV Catalog lists flaws that CISA has proof are being exploited in malicious attacks, and is accompanied ..

Leggi tutto