22 matches found
CISA Strengthens Commitment to SLTT Governments
The Cybersecurity and Infrastructure Security Agency CISA announced that it has transitioned to a new model to better equip state, local, tribal, and territorial SLTT governments to strengthen shared responsibility nationwide. CISA is supporting our SLTT partners with access to grant funding,...
Chinese Hackers Exploit Cityworks 0-Day to Hit US Local Governments
Cisco Talos warns of active exploitation of a zero-day vulnerability CVE-2025-0994 in Cityworks supposedly by Chinese hackers from…...
Wiz achieves StateRAMP authorization
Great news for State and Local Governments! Wiz for Gov is now StateRAMP authorized...
The Latest Funding News and What it Means for Cyber Security in 2023
The White House has recently announced a $1 billion cyber security grant program that is designed to help state and local governments improve their cyber defenses, especially about protecting critical infrastructure. The recent executive order stems from the $1.2 trillion infrastructure bill that...
StateRAMP: The “easy button” is now a reality
When StateRAMP was announced last year, I was excited! Finally, they have put together a program that will enforce rigorous cloud security standards, while reducing the burden on state and local governments, which are flexible and eliminate repetitive and costly authorization and accreditation...
Cybersecurity in the Infrastructure Bill
On August 10, 2021, the U.S. Senate passed the Infrastructure Investment and Jobs Act of 2021 H.R.3684. The bill comes in at 2,700+ pages, provides for $1.2T in spending, and includes several cybersecurity items. We expect this legislation to become law around late September and do not expect...
Mind the Gap: Securely Embracing the Digital Explosion
State and local governments are weathering a digital explosion. The move to "virtual everything" means that greater amounts of information are being produced and transmitted electronically, but the digital infrastructure powering these operations is straining under the weight. This shift is...
CISA Releases Supplemental Direction on Emergency Directive for Microsoft Exchange Server Vulnerabilities
CISA has issued supplemental direction to Emergency Directive ED 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies ...
CISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities
CISA has issued supplemental direction to Emergency Directive ED 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies ...
ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI on Wednesday issued a joint advisory warning of active exploitation of vulnerabilities in Microsoft Exchange on-premises products by nation-state actors and cybercriminals. "CISA and FBI...
Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities
Beginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation of web shells for persistent access, remote code execution, and reconnaissance for endpoint securit...
Feds Sound Alarm Over Emotet Attacks on State, Local Govs
A dramatic uptick in Emotet phishing attacks since July has led the U.S. Cybersecurity and Infrastructure Security Agency CISA to issue a warning that state and local governments need to fortify their systems against the trojan. “This increase has rendered Emotet one of the most prevalent ongoing...
CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol
The Cybersecurity and Infrastructure Security Agency CISA has released Emergency Directive ED 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could exploit this...
CISA Releases Emergency Directive on Critical Microsoft Vulnerability
The Cybersecurity and Infrastructure Security Agency CISA has released Emergency Directive 20-03 addressing a critical vulnerability—CVE-2020-1350—affecting all versions of Windows Server with the Domain Name System DNS role enabled. A remote attacker could exploit this vulnerability to take...
CISA Releases Emergency Directive and Activity Alert on Critical Microsoft Vulnerabilities
The Cybersecurity and Infrastructure Security Agency CISA has released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Windows CryptoAPI, Windows Remote Desktop Gateway RD Gateway, and Windows Remote Desktop Client. A remote attacker could exploit these...
Ransomware at IT Services Provider Synoptek
Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customers nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand ...
Congress Still Doesn't Have an Answer for Ransomware
As data hijackers continue to target local governments and hospitals, legislators remain stymied over how best to address the problem...
Congress Still Doesn't Have an Answer for Ransomware
As data hijackers continue to target local governments and hospitals, legislators remain stymied over how best to address the problem...
A Huge Ransomware Attack Messes With Texas
A coordinated strike against 23 local governments is called the largest such hack from a single source...
Coordinated Ransomware Attack Hits 23 Texas Government Agencies
UPDATE Up to 22 Texas entities – the majority of which are local governments – were hit by a ransomware attack on Friday that Texas officials say is part of a targeted attack launched by a single threat actor. Details remain scant about the specific agencies hit by the ransomware attacks, which...