Author: nlqip
Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. This Directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tools, and align cloud environments to CISA’s Secure Cloud Business Applications (SCuBA) secure configuration baselines. Recent cybersecurity incidents highlight the significant…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-55956 Cleo Multiple Products Unauthenticated File Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of…
Read More
What happens when social media platforms prioritize engagement over safety? How do drug dealers exploit apps like Snapchat to target teens? Amy Neville lost her son Alex to counterfeit Oxycodone pills that were laced with Fentanyl. He bought them from a Snapchat user. She talked with us about this hidden crisis and her mission to…
Read MoreCISA released five Industrial Control Systems (ICS) advisories on December 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol
Read MoreToday, CISA and the Office of the National Cyber Director (ONCD) published Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure to assist grant-making agencies to incorporate cybersecurity into their grant programs and assist grant-recipients to build cyber resilience into their grant-funded infrastructure projects. This guide is for federal grant program managers, critical…
Read More
Here are the five most important Amazon Web Services executives who left this year that you need to know about. Amazon Web Services saw the departures of several important top executives in 2024, including former CEO Adam Selipsky and longtime artificial intelligence innovator Matt Wood. The Seattle-based worldwide leader in cloud computing currently owns 31…
Read More
The cloud leader is continuing to pour billions into expanding its data center footprint by announcing a new $10 billion investment in Ohio. Amazon Web Services is continuing to pour billions into expanding its data center footprint, which powers its cloud and AI solutions by unveiling today a new $10 billion investment in Ohio. “Today,…
Read Moren/a — n/a A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511…
Read More
‘As of early January 2025, Ingram Micro will no longer be doing business with Broadcom and have limited engagement with VMware in select regions. Neither are material to our business,’ the world’s second largest distributor said in a statement to CRN. The world’s second largest technology distributor, Ingram Micro, has dropped Broadcom from its lineup…
Read MoreCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20767 Adobe ColdFusion Improper Access Control Vulnerability CVE-2024-35250 Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive…
Read More