CISA and FBI urge small office/home office (SOHO) router manufacturers to build security into the design, development, and maintenance of SOHO routers to prevent threat actors from compromising devices and using them to further compromise U.S. critical infrastructure entities.| Cybersecurity and Infrastructure Security Agency CISA
CISA's Cross-Sector Cybersecurity Performance Goals (CPGs) are a subset of cybersecurity practices, selected through a thorough process of industry, government, and expert consultation, aimed at meaningfully reducing risks to both critical infrastructure operations and the American people. These voluntary Cross-Sector CPGs strive to help small- and medium-sized organizations kickstart their cybersecurity efforts by prioritizing investment in a limited number of essential actions with high-i...| Cybersecurity and Infrastructure Security Agency CISA
References to Advisories, Solutions, and Tools| nvd.nist.gov
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.How to use the KEV CatalogThe KEV catalog is also available in these formats:| Cybersecurity and Infrastructure Security Agency CISA
Summary| Cybersecurity and Infrastructure Security Agency CISA
Microsoft has uncovered stealthy malicious activity by Volt Typhoon focused on post-compromise credential access & network system discovery.| Microsoft Security Blog
Joint guidance by CISA, FBI, NSA, and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, Netherlands, and New Zealand (CERT NZ, NCSC-NZ) that urges software manufacturers to take urgent steps to ship products that are secure-by-design and -default.| Cybersecurity and Infrastructure Security Agency CISA
As America’s cyber defense agency, CISA is charged with defending our nation against ever-evolving cyber threats and to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every hour of every day. But, as we introduce more unsafe technology to our lives, this has become increasingly difficult. | Cybersecurity and Infrastructure Security Agency CISA