Szolgáltatóknak

Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight — and hopefully better control.

The Cisco and AWS integration is a radically new approach to ensuring the availability of modern apps today's multicloud, hybrid environments.

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an updated public version of the Continuous Diagnostics and Mitigation (CDM) Data Model Document. Version 5.0.1 aligns with fiscal year 2023 Federal Information Security Modernization Act (FISMA) metrics. The CDM Data Model Document provides a comprehensive description of a common data schema to ensure that prescribed diagnostic activities within CDM solutions are consistent across all participating federal agencies. Agencies leverage the common data schema to accomplish these critical objectives: Reduce agency threat surface. Increase visibility into the federal cybersecurity posture. Improve federal cybersecurity response capabilities. Streamline FISMA reporting. Vendors also can benefit from the CDM Data Model Document. For additional information, visit the Continuous Diagnostics and Mitigation (CDM) Program web page.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-51378 CyberPanel Incorrect Default Permissions Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

There is no denying that the digital capabilities of any country, business, or entity significantly impact its competitiveness on the world stage or in the global marketplace. Leveraging secure digital technologies allows organizations to improve efficiency and productivity, respond to market demands faster, and innovate effectively. However, without a skilled workforce—whether it’s basic IT skills […]