The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed several members of its election security team on administrative leave, the Department of Homeland Security has confirmed to TechCrunch. The Associated Press, citing a person familiar with the situation, reported on Tuesday that 17 CISA employees have been placed on leave pending review. In a … Read more
Feb 05, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache … Read more
Jan 31, 2025Ravie LakshmananVulnerability / Healthcare The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a scale … Read more
CISA Under Trump Jen Easterly is out as the Director of CISA. Read her final interview: There’s a lot of unfinished business. We have made an impact through our ransomware vulnerability warning pilot and our pre-ransomware notification initiative, and I’m really proud of that, because we work on preventing somebody from having their worst day. … Read more
The Cybersecurity and Infrastructure Security Agency (CISA) on Jan. 7 added three bugs to its Known Exploited Vulnerabilities (KEV) catalog, two that affected the Mitel MiCollab communications and collaboration platform, and an Oracle WebLogic Server bug from 2020. Of the two Mitel MiCollab bugs, the most serious of the two — CVE-2024-41713 — was assigned … Read more
