CISA stories - Page 3

Australia has climbed to fourth place globally for cyberattacks on critical infrastructure, as a report reveals a surge in diverse threats targeting various sectors.

The FBI and CISA have alerted organisations to increased cyber threats from China's Ghost ransomware group, affecting over 70 countries through outdated software.

Microsoft has patched 56 vulnerabilities in its February 2025 update, including two now exploited, marking a fifth month of no critical zero-days released.

Check Point Software's Infinity Platform has been recognised for its exceptional security efficacy, achieving a 99.9% malware block rate in Miercom's 2025 benchmark report.

ISACA has launched the Certified Cybersecurity Operations Analyst credential to meet the rising demand for skilled cybersecurity professionals with hands-on experience.

CISA and the FDA have raised alarms about potential security flaws in Contec CMS8000 patient monitors, highlighting risks from a possible backdoor linked to China.

Zyxel Networks has won the 2024 Cyber Security Award for Innovation for its USG FLEX 200HP Security Firewall, enhancing global digital resilience.

In 2025, organisations must navigate the complexities of AI integration in software development, balancing innovation with security and skilled developer support.

Dragos has appointed Ekta Singh-Bushell as its inaugural Chief Operating Officer, aiming to boost operational efficiency and customer satisfaction.

Chris Hughes predicts that open source software adoption will grow in 2025, alongside sophisticated attacks and challenges in governance and security.

CISA has mandated federal agencies to implement SCuBA Secure Configuration Baselines for Microsoft 365 by mid-2025 to combat rising cyber threats.

This December, Microsoft addresses 70 vulnerabilities, including 16 critical remote code execution flaws, in its latest Patch Tuesday update.

OpenText has partnered with Secure Code Warrior to enhance security in software development by integrating real-time training into its Fortify product suite.

Veracode has unveiled enhancements to its AI-powered coding solution, Veracode Fix, aiming to cut vulnerability remediation time drastically.

The UK faces increasing cyber threats from China-backed group Volt Typhoon, jeopardising critical infrastructure and national security, warns Certes.

Memory safety vulnerabilities are surging in industrial control systems, with over 3,000 reported in 2022, prompting urgent calls for enhanced security measures.

A coalition of global agencies warns of Iranian cyber threats targeting critical infrastructure, highlighting emerging tactics and unresolved vulnerabilities.

A joint advisory from international agencies warns of Iranian cyber actors targeting critical infrastructure sectors using brute force tactics for credential compromise.

American Water has reported a cybersecurity breach, highlighting the vulnerabilities threatening critical infrastructure such as water treatment facilities.

Report reveals a 43% surge in vulnerabilities and a 6% rise in ransomware attacks in H1 2024, with VPNs and network infrastructure under significant threat.