cisa – PossibleThreat Articles

Microsoft Fix Targets Attacks on SharePoint Zero-Day

July 25, 2025 0 Comments cisa, cve-2025-49704, cve-2025-49706, cve-2025-53770, cve-2025-53771, cybersecurity & infrastructure security agency, eye security, Latest Warnings, microsoft corp., rapid7, sharepoint server, The Coming Storm, Time to Patch

Credit to Author: BrianKrebs| Date: Mon, 21 Jul 2025 14:45:46 +0000

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies.

MalwareBytes Security

Why your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)

November 4, 2024 0 Comments cisa, election, lock and code, Podcast, Security, vote

This week on the Lock and Code podcast, we speak with Cait Conley about CISA’s election security measures and why your vote can’t be hacked.

Security Sophos

Sophos Provides Progress on its Pledge to CISA’s Secure by Design Initiative

June 26, 2024 0 Comments cisa, featured, products & services, secure by design

Credit to Author: Ross McKerchar| Date: Wed, 26 Jun 2024 12:59:43 +0000

We are pleased to openly share our pledges and the progress we are making in each of the seven core pillars of product security in the Secure by Design framework.

Security Sophos

Defenders assemble: Time to get in the game

May 7, 2024 0 Comments cisa, featured, law enforcement, Ransomware, secure by design, threat research

Credit to Author: Chester Wisniewski| Date: Tue, 07 May 2024 21:00:44 +0000

Recent research finds signs of progress in the public-private alliance against ransomware

Security Sophos

Sophos Guidance on CIRCIA

March 5, 2024 0 Comments circia, cisa, products & services

Credit to Author: Doug Aamoth| Date: Tue, 05 Mar 2024 18:06:53 +0000

Insights to support US organizations impacted by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA).

MalwareBytes Security

Patch now! Roundcube mail servers are being actively exploited

February 13, 2024 0 Comments cisa, cve-2023-43770, Exploits and vulnerabilities, news, persistent xss

A vulnerability in Roundcube webmail is being actively exploited and CISA is urging users to install an updated version.

MalwareBytes Security

CISA: Disconnect vulnerable Ivanti products TODAY

February 2, 2024 0 Comments cisa, cve-2023-46805, cve-2024-21887, cve-2024-21888, cve-2024-21893, Exploits and vulnerabilities, fceb, ivanti, news

CISA has ordered all FCEB agencies to disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure solution products.

Independent Krebs Security

Arrests in $400M SIM-Swap Tied to Heist at FTX?

February 1, 2024 0 Comments 0ktapus, A Little Sunshine, alphv ransomware, ars technica, blackcat ransomware, carter rohn, cisa, Data Breaches, elliptic, emily hernandez, FBI, ftx, kroll, Ne'er-Do-Well News, nick bax, powell sim swapping crew, r$, robert powell, scattered spider, SIM swapping, tom robinson, unciphered

Credit to Author: BrianKrebs| Date: Thu, 01 Feb 2024 18:41:37 +0000

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX, which had just filed for bankruptcy on that same day.

MalwareBytes Security