Tag: CISA

CISA Delays Cyber Incident Reporting Rule for Critical Infrastructure

Posted on by Dissent

Ashden Fein, Micaela McMurrough, Caleb Skeath, and John Webster Leslie of Covington and Burling write: The U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) plans to delay the publication of its much-anticipated cybersecurity incident reporting rule implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”).  According to an entry on the Spring 2025 Unified Agenda…

Read more

CISA orders federal agencies to patch Sitecore zero-day following hacking reports

Posted on by Dissent

Jonathan Greig reports: Federal civilian agencies have until September 25 to patch a vulnerability in popular content management system Sitecore after incident responders said they disrupted a recent attack involving the bug. Sitecore published a bulletin on Wednesday about CVE-2025-53690, which affects several of the company’s products. A key issue with the bug is the use of…

Read more

#StopRansomware: Interlock

Posted on by Dissent

Actions for Organizations to Take Today to Mitigate Cyber Threats Related to Interlock Ransomware Activity Prevent initial access by implementing domain name system (DNS) filtering and web access firewalls, and training users to spot social engineering attempts. Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date. Segment networks…

Read more

CISA orders federal agencies to secure Microsoft cloud systems after ‘recent’ intrusions

Posted on by Dissent

Jonathan Greig reports: Federal civilian agencies were ordered to secure their Microsoft cloud systems after several recent cyber incidents. The Cybersecurity and Infrastructure Security Agency (CISA) issued a binding directive on Tuesday giving federal agencies a series of deadlines to identify cloud systems, implement assessment tools and abide by the agency’s Secure Cloud Business Applications (SCuBA) secure…

Read more