CISA

• 

  Do you really need to fix that critical flaw?

  News Many CVEs represent no risk in a cloud container environment, researchers claim

  By Emma Woollacott Published 29 May 25

  News
• 

  CISA issues warning in wake of Oracle cloud credentials leak

  News The security agency has published guidance for enterprises at risk

  By Ross Kelly Published 18 April 25

  News
• 

  Warning issued over ‘fast flux’ techniques used to obscure malicious signals on compromised networks

  News Cybersecurity agencies have issued a stark message that too little is being done to sniff out malware hiding in corporate networks

  By Rory Bathgate Published 4 April 25

  News
• 

  Five Eyes cyber agencies issue guidance on edge device vulnerabilities

  News Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.

  By Emma Woollacott Published 6 February 25

  News
• 

  The memory-safe language shift is gaining momentum

  Analysis Government agencies have been calling for devs to move away from languages like C++ for years

  By Solomon Klappholz Published 11 November 24

  Analysis
• 

  Two notorious infostealer malware operations were just knocked offline

  News Infrastructure linked to two major infostealer malware strains has been seized in a joint law enforcement operation

  By Solomon Klappholz Published 31 October 24

  News
• 

  Software vendors are flocking to CISA’s Secure by Design Pledge

  News CISA’s Secure by Design Pledge is picking up momentum, adding a further 100 companies to its list of signees since May

  By Solomon Klappholz Published 1 August 24

  News
• 

  CISA breached a federal agency as part of its red team program — and nobody noticed for five months

  News A red team assessment performed by CISA on an unnamed federal agency found a series of critical security weaknesses

  By Solomon Klappholz Published 22 July 24

  News
• 

  What is the Cybersecurity and Infrastructure Security Agency (CISA) and what does it do?

  Explainer CISA plays a critical role in keeping US organizations safe from cyber attacks, providing vital advice and threat information

  By Ross Kelly Published 19 July 24

  Explainer
• 

  Most open source projects fail to use memory-safe programming languages – and CISA says that needs to change

  News CISA and other security bodies are urging developers to adopt memory-safe programming languages in a bid to tighten up software security

  By Emma Woollacott Published 1 July 24

  News
• 

  This ransomware variant has now been used against 500 targets — here's what you need to know

  News One form of ransomware has become a ‘significant threat’, US authorities have warned - here’s how to protect yourself

  By Steve Ranger Published 16 May 24

  News
• 

  Nearly 70 software vendors sign up to CISA’s cyber resilience program

  News Major software manufacturers pledge to a voluntary framework aimed at boosting cyber resilience of customers across the US

  By Solomon Klappholz Published 9 May 24

  News