CISA/DHS News

The Cybersecurity and Infrastructure Security Agency (CISA) recently released a new tool titled; Mass Gathering Security Planning Tool that I wanted to share with you. This tool will provide event planners with a framework to begin or continue planning efforts for a mass gathering or special event, as well as key resources that will point…

The Office for Bombing Prevention (OBP) leads the Department of Homeland Security’s (DHS) efforts to implement the National Policy for Countering Improvised Explosive Devices (PDF) (National Counter-IED policy) and enhance the nation’s ability to prevent, protect against, respond to, and mitigate the use of explosives against critical infrastructure; the private sector; and federal, state, local, tribal, and territorial…

CISA Adds Seven Known Exploited Vulnerabilities to Catalog 11/08/2022 10:57 AM EST Original release date: November 8, 2022 CISA has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.…

Cyber Training Bulletin  –  November and December   CSD Cyber Defense Education and Training (CDET) Offerings Highlights: What You Want to Know CISA will host the 200th Industrial Control Systems Cybersecurity (301L) course on November 7th! This is a four-day, instructor-led, hands-on lab that is taught at a training facility in Idaho Falls, Idaho, USA.…

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) partnered with industry and government experts under the Enduring Security Framework (ESF) to release Securing the Software Supply Chain Recommended Practices Guide for Suppliers and accompanying fact sheet. Software suppliers/vendors act as a…

The Cybersecurity and Infrastructure Security Agency (CISA) kicks off Infrastructure Security Month 2022. This November, CISA reminds everyone that Infrastructure Security is National Security: Together we can Drive Down Risk, Build Resilience. Keeping the nation’s critical infrastructure secure is a foundation of our national security. Critical infrastructure spans everything from healthcare, water, and education to chemical, transportation…

The Cybersecurity and Infrastructure Security Agency (CISA) released a released two fact sheets to give IT leaders and network defenders an improved understanding of current threats against accounts and systems that use multifactor authentication (MFA), “Implementing Phishing-Resistant MFA” and “Implementing Number Matching in MFA Applications.” Because not all forms of MFA are equally secure, the…

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the  Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, “Understanding and Responding to Distributed Denial-of-Service Attacks”, to provide organizations with proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks. Although DDoS attacks are unlikely…

THIS IS NOT A TACTICAL TRAINING COURSE Tuesday, November 8, 2022 1:00 p.m. EST (12:00 p.m. CST) The Cybersecurity and Infrastructure Security Agency (CISA), Region 4 (Alabama, Florida, Georgia, Kentucky, Mississippi, North Carolina, South Carolina, and Tennessee) invites you to join a two-hour security webinar to enhance your organization’s resilience in case of an active…

CISA, NSA and FBI Release Advisory on PRC State-Sponsored Malicious Cyber Activity The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) with details about the top vulnerabilities used and exploited since 2020 by the People’s Republic of China (PRC) state-sponsored…