CISA stories - Page 3

Microsoft's June 2025 patch fixes 67 flaws, including the first WebDAV zero-day in seven years and critical remote code execution issues across Windows and Office.

President Trump's 2026 budget plan cuts CISA funding by USD $495 million, risking cybersecurity readiness amid rising threats and concerns over election security.

Global security agencies urge enhanced AI data security and updated SIEM-SOAR protocols to combat evolving cyber threats and safeguard critical systems.

ISACA launches the Advanced in AI Audit certification for experienced auditors, enhancing expertise in AI governance, risk, and auditing tools in evolving industries.

Less than 40% of firms fully see their software supply chains amid rising security threats and new EU and US cybersecurity regulations.

Fewer than 40% of organisations have full visibility into their software supply chains, exposing risks amid rising cybersecurity concerns and regulation.

Rubrik launches Identity Resilience to enhance protection of human and non-human identities against cyber-attacks targeting critical infrastructure globally.

CISA extends its contract with MITRE for another 11 months at USD $44 million, securing the critical CVE vulnerability programme amid funding concerns.

The rise of Fast Flux DNS has empowered cybercriminals to evade detection more effectively, presenting significant challenges for security agencies in Australia.

A recent Bitdefender report reveals February 2025 as the worst month for ransomware, with victims rising 126% to 962, including a notable impact on Australia.

Concerns grow over the Medusa ransomware group's threats to critical infrastructure, with attacks on over 300 victims reported amidst escalating cybersecurity risks.

The persistent threat of Medusa ransomware continues to alarm global organisations, as new advisories highlight the urgent need for enhanced cybersecurity measures.

Australia has climbed to fourth place globally for cyberattacks on critical infrastructure, as a report reveals a surge in diverse threats targeting various sectors.

The FBI and CISA have alerted organisations to increased cyber threats from China's Ghost ransomware group, affecting over 70 countries through outdated software.

Microsoft has patched 56 vulnerabilities in its February 2025 update, including two now exploited, marking a fifth month of no critical zero-days released.

Check Point Software's Infinity Platform has been recognised for its exceptional security efficacy, achieving a 99.9% malware block rate in Miercom's 2025 benchmark report.

CISA and the FDA have raised alarms about potential security flaws in Contec CMS8000 patient monitors, highlighting risks from a possible backdoor linked to China.

The UK faces increasing cyber threats from China-backed group Volt Typhoon, jeopardising critical infrastructure and national security, warns Certes.

Leading cybersecurity agencies have issued an advisory identifying frequently exploited vulnerabilities in 2023, urging enhanced security measures across sectors.

American Water has reported a cybersecurity breach, highlighting the vulnerabilities threatening critical infrastructure such as water treatment facilities.