My TechDecisions

Search Results: cisa

Zero Trust, ZTNA, Netskope

Check Out CISA’s Updated Zero Trust Guidance

CISA's updated Zero Trust Maturity Model helps organizations strengthen their posture regardless of their starting point.

April 11, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency has released an updated version of its Zero Trust Maturity Model, which bolsters the agency’s zero trust standards with input from a public comment period. While designed for federal agencies, any organization can review the guidance and apply the protections to their infrastructure to help keep malicious actors […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

These Dangerous Vulnerabilities on CISA’s KEV List Are Still Being Widely Exploited

Despite patches being available for most of the bugs in CISA's Known Exploited Vulnerabilities catalog, many devices remain unpatched.

April 3, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency has been keeping an updated list of Known Exploited Vulnerabilities (KEV) that currently includes more than 900 security bugs, with the goal of helping inform organizations about vulnerabilities that should be prioritized. Despite that awareness campaign and emphasis on vulnerabilities that have been exploited in the wild, new […]

Read More
CISA Software Security

Use This Free CISA Tool for Threat Hunting, Incident Response

CISA's Untitled Goose Tool is a free new tool designed to help network defenders detect malicious activity in Microsoft Azure, AAD and M365.

March 27, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency has released the Untitled Goose Tool, a free  tool designed to help network defenders detect malicious activity in Microsoft Azure, Azure Active Directory (AAD) and Microsoft 365 (M365) environments. According to CISA, the Untitled Goose Tool offers novel authentication and data gathering methods for network defenders to use […]

Read More
CISA Ransomware

CISA Wants You To Report Anything You Know About Ransomware Activity

The U.S. Cybersecurity and Infrastructure Security Agency's new initiative is designed to help organizations stop ransomware attacks early.

March 23, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is launching its Pre-Ransomware Notificaiton Initiative designed to help organizations thwart ransomware attacks in the early stages of incidents as ransomware actors dwell in a victim’s environment before deploying the ransomware. According to CISA, that window of time–which can last from hours to days–gives the agency enough […]

Read More
Royal Ransomware

FBI, CISA Warn of Royal Ransomware Targeting Critical Infrastructure

Royal ransomware actors have been targeting manufacturing, communications, healthcare and education entities since September 2022, agencies say.

March 3, 2023 Zachary Comeau Leave a Comment

U.S. agencies are warning critical infrastructure organizations to be on the lookout for Royal ransomware, a financially motivated threat actor that has been targeted manufacturing, communications, healthcare and education entities since September 2022. In a joint advisory, the FBI and U.S. Cybersecurity and Infrastructure Security Agency say the Royal ransomware actors have compromised U.S. and […]

Read More
CISA Software Security

What CISA Learned After Conducting a Red Team Assessment of a Large Critical Infrastructure Organization

CISA obtained persistent access to the organization's network, but security controls like MFA helped thwart further activity.

March 1, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory that describes a CISA red team assessment of a large critical infrastructure organization with a mature cyber posture, with the goal of sharing its key findings to help IT and security professionals improve monitoring and hardening of networks. According to the advisory, […]

Read More
CISA Software Security

CISA Releases Cybersecurity Performance Goals for Critical Infrastructure

CISA's Cybersecurity Performance Goals are based on cost, complexity, and impact and are applicable to organizations of all sizes.

October 28, 2022 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new set of voluntary Cybersecurity Performance Goals that outline he highest priority baseline measures that businesses and critical infrastructure owners can take to protect themselves against cyber threats. The Cybersecurity Performance Goals (CPGs), developed by the Department of Homeland Security (DHS) and CISA at […]

Read More
CISA Software Security

CISA Warns of Quantum Computing Vulnerabilities

U.S. cyber agency's new guide warns of vulnerabilities and outlines the actions critical infrastructure stakeholders should take now.

August 29, 2022 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new guide that outlines the actions critical infrastructure stakeholders should take now to prepare for their future migration to the post-quantum cryptographic standard that the National Institute of Standards and Technology (NIST) will publish in 2024. In the guide, CISA says both the public […]

Read More
CISA Software Security

CISA Adds 75 Known Exploited Vulnerabilities to List, Including New Cisco Bug

CISA within the last week has added 75 security flaws to its list of known vulnerabilities, including a newly discovered CISCO bug.

May 27, 2022 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) within the last week has added more than 70 security flaws to its list of known exploited vulnerabilities that U.S. agencies must patch by a certain date, indicating a heightened danger if the bugs are left unpatched. CISA on Wednesday added 34 bugs to its catalog of […]

Read More

Retrace Founder & CEO Ali Sadat DDS Recognized as Incisal Edge 40 Under 40

April 27, 2022 TechDecisions Staff Leave a Comment

Nomination for Dr. Sadat showcases Retrace’s commitment to improve the entire dental landscape by using AI to unite and integrate the entire claims process SAN FRANCISCO–(BUSINESS WIRE)–Retrace, the first native-built AI healthcare clearinghouse to provide real time connectivity between dental practices and payers, today announced that their Founder and CEO, Ali Sadat, DDS, was honored […]

Read More