Cybersecurity Spending, Government, Industry Specific $100M in State Cyber Grants Signals Reduced Federal Support Amid Increasing Demand Chris Riotta (@chrisriotta) • August 5, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has revealed a $100 million grant initiative designed to boost cybersecurity frameworks at the state and local levels. This…
CISA: No Broader Federal Impact from Treasury Cyber Incident; Investigation Continues
Jan 07, 2025
Critical Infrastructure / Cyber Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Monday that there are no signs indicating the recent cyber attack on the Treasury Department has affected other federal agencies. CISA is collaborating closely with the Treasury Department and BeyondTrust to fully understand the breach and reduce its effects. CISA emphasized, “The security of federal systems and the data they safeguard is crucial to our national security. We are taking proactive measures to prevent any further repercussions and will provide updates as needed.” This statement follows the Treasury Department’s disclosure of being targeted in a “major cybersecurity incident” involving Chinese state-sponsored actors, which enabled remote access to certain computers and unclassified documents. The incident, revealed in early December 2024, stemmed from a breach in BeyondTrust’s systems, allowing adversaries to gain sensitive access.
CISA Reports No Broader Federal Impact from Treasury Cyber Attack; Investigation Continues On January 7, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) announced that the recent cyber breach affecting the Treasury Department does not appear to have compromised other federal agencies. This development follows a major cybersecurity incident, described…
CISA: No Broader Federal Impact from Treasury Cyber Incident; Investigation Continues
Jan 07, 2025
Critical Infrastructure / Cyber Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Monday that there are no signs indicating the recent cyber attack on the Treasury Department has affected other federal agencies. CISA is collaborating closely with the Treasury Department and BeyondTrust to fully understand the breach and reduce its effects. CISA emphasized, “The security of federal systems and the data they safeguard is crucial to our national security. We are taking proactive measures to prevent any further repercussions and will provide updates as needed.” This statement follows the Treasury Department’s disclosure of being targeted in a “major cybersecurity incident” involving Chinese state-sponsored actors, which enabled remote access to certain computers and unclassified documents. The incident, revealed in early December 2024, stemmed from a breach in BeyondTrust’s systems, allowing adversaries to gain sensitive access.
CISA Alerts: Active Exploitation of SysAid Vulnerabilities Allows Remote File Access and SSRF
Jul 23, 2025
Vulnerability / Software Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws affecting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. The vulnerabilities are as follows:
CVE-2025-2775 (CVSS score: 9.3): This vulnerability involves improper restrictions on XML external entity (XXE) references in the Checkin processing functionality, enabling potential administrator account takeover and file read access.
CVE-2025-2776 (CVSS score: 9.3): Similar to the first, this flaw also concerns improper restrictions on XXE references, but it affects the Server URL processing functionality, leading to possible administrator account takeover and file read access.
Both vulnerabilities were disclosed by watchTowr Labs researchers Sina Kheirkhah and Jake Knott in May, along with CVE-2025-2777 (CVSS score: 9.3), which pertains to a pre-authenticated XXE vulnerability within the /lshw endpoint. SysAid has since addressed these issues in their on-premises software.
CISA Alerts: Vulnerabilities in SysAid Software Under Active Attack On July 23, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) unveiled critical vulnerabilities affecting SysAid, a popular IT support software, highlighting their presence in the agency’s Known Exploited Vulnerabilities (KEV) catalog due to signs of active exploitation. The two…
CISA Alerts: Active Exploitation of SysAid Vulnerabilities Allows Remote File Access and SSRF
Jul 23, 2025
Vulnerability / Software Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws affecting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. The vulnerabilities are as follows:
CVE-2025-2775 (CVSS score: 9.3): This vulnerability involves improper restrictions on XML external entity (XXE) references in the Checkin processing functionality, enabling potential administrator account takeover and file read access.
CVE-2025-2776 (CVSS score: 9.3): Similar to the first, this flaw also concerns improper restrictions on XXE references, but it affects the Server URL processing functionality, leading to possible administrator account takeover and file read access.
Both vulnerabilities were disclosed by watchTowr Labs researchers Sina Kheirkhah and Jake Knott in May, along with CVE-2025-2777 (CVSS score: 9.3), which pertains to a pre-authenticated XXE vulnerability within the /lshw endpoint. SysAid has since addressed these issues in their on-premises software.
CISA Urges Immediate Patching of Microsoft SharePoint Vulnerabilities Amid Ongoing Attacks by Chinese Hackers On July 22, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) formally identified two critical Microsoft SharePoint vulnerabilities—CVE-2025-49704 and CVE-2025-49706—as part of its Known Exploited Vulnerabilities (KEV) catalog. This designation follows evidence indicating that these…
Title: Trump Administration Axes DHS Advisory Committee Memberships, Impacting Cybersecurity Oversight
January 23, 2025
Cybersecurity / National Security
The new Trump administration has dissolved all memberships of advisory committees under the Department of Homeland Security (DHS). In a memo dated January 20, 2025, Acting Secretary Benjamine C. Huffman stated, “In line with DHS’s commitment to resource efficiency and prioritizing national security, I am directing the immediate termination of all existing advisory committee memberships. Future committee initiatives will be solely focused on enhancing our mission to safeguard the homeland and align with DHS’s strategic objectives.” This decision affects members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cyber Safety Review Board (CSRB), which recently criticized Microsoft for a series of preventable mistakes that allowed its infrastructure to be exploited by a China-based threat actor.
Trump Terminates DHS Advisory Committee Memberships, Impacting Cybersecurity Review January 23, 2025 Cybersecurity / National Security In a significant move, the Trump administration has dissolved all advisory committee memberships associated with the Department of Homeland Security (DHS). Acting Secretary Benjamine C. Huffman announced in a memo dated January 20, 2025,…
Title: Trump Administration Axes DHS Advisory Committee Memberships, Impacting Cybersecurity Oversight
January 23, 2025
Cybersecurity / National Security
The new Trump administration has dissolved all memberships of advisory committees under the Department of Homeland Security (DHS). In a memo dated January 20, 2025, Acting Secretary Benjamine C. Huffman stated, “In line with DHS’s commitment to resource efficiency and prioritizing national security, I am directing the immediate termination of all existing advisory committee memberships. Future committee initiatives will be solely focused on enhancing our mission to safeguard the homeland and align with DHS’s strategic objectives.” This decision affects members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cyber Safety Review Board (CSRB), which recently criticized Microsoft for a series of preventable mistakes that allowed its infrastructure to be exploited by a China-based threat actor.
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Senator Maintains Hold on Trump’s CISA Nominee Amid Report Delays Chris Riotta (@chrisriotta)• July 30, 2025 Image: Adam McCullough/Shutterstock The U.S. Cybersecurity and Infrastructure Security Agency (CISA) plans to release a previously withheld report addressing vulnerabilities in telecom infrastructure.…
U.S. Agencies Issue Warning About Increased Iranian Cyber Threats Targeting Defense and Critical Infrastructure
Date: June 30, 2025
Topic: Cybersecurity / Critical Infrastructure
U.S. cybersecurity and intelligence agencies have released a joint advisory cautioning about the rising risk of cyber attacks from Iranian government-sponsored or affiliated groups. “In recent months, we’ve observed heightened activity from hacktivists and Iranian-linked actors, likely to escalate due to current geopolitical circumstances,” the agencies stated. They highlighted that these cyber adversaries typically exploit opportunities presented by unpatched or outdated software vulnerable to known Common Vulnerabilities and Exposures, as well as the use of default or easily guessed passwords on internet-connected accounts and devices. Currently, there is no evidence pointing to a coordinated campaign of malicious cyber actions in the U.S. attributed to Iran, according to insights from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA). Emphasizing the need for enhanced vigilance…
U.S. Agencies Raise Alarm Over Increasing Iranian Cyber Threats Targeting Defense and Critical Infrastructure June 30, 2025 U.S. cybersecurity and intelligence agencies have collaboratively issued a cautionary advisory regarding an uptick in cyber threats emanating from Iranian state-affiliated actors. They have observed heightened activity from hacktivists and individuals connected to…
U.S. Agencies Issue Warning About Increased Iranian Cyber Threats Targeting Defense and Critical Infrastructure
Date: June 30, 2025
Topic: Cybersecurity / Critical Infrastructure
U.S. cybersecurity and intelligence agencies have released a joint advisory cautioning about the rising risk of cyber attacks from Iranian government-sponsored or affiliated groups. “In recent months, we’ve observed heightened activity from hacktivists and Iranian-linked actors, likely to escalate due to current geopolitical circumstances,” the agencies stated. They highlighted that these cyber adversaries typically exploit opportunities presented by unpatched or outdated software vulnerable to known Common Vulnerabilities and Exposures, as well as the use of default or easily guessed passwords on internet-connected accounts and devices. Currently, there is no evidence pointing to a coordinated campaign of malicious cyber actions in the U.S. attributed to Iran, according to insights from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA). Emphasizing the need for enhanced vigilance…
In April 2025, Hackread.com reported that the Medusa ransomware group had successfully breached the National Association for Stock Car Auto Racing (NASCAR), demanding a ransom of $4 million. Following this claim, NASCAR has confirmed that its systems were compromised, corroborating Hackread.com’s initial findings. Medusa Ransomware’s leak site on the dark…
Critical Infrastructure Security, Election Security, Fraud Management & Cybercrime Sean Plankey Faces Election Security Scrutiny in Senate Confirmation Hearing Chris Riotta (@chrisriotta) • July 24, 2025 Sean Plankey testifies before the Senate Homeland Security and Governmental Affairs Committee on July 24, 2025. During his confirmation hearing on July 24, 2025,…
