Aggregator

本文将开启Pytorch深度学习系列，希望对初学者有帮助！

本文将开启Pytorch深度学习系列，希望对初学者有帮助！

CISA’s FOCAL Plan, which aims to standardize the cybersecurity operations of federal civilian agencies, marks an important step in the federal government's efforts to strengthen cyber defenses and reduce agency risk. Learn how Tenable One for Government, which recently achieved FedRAMP Authorization, aligns to the FOCAL Plan key priorities. 

Each Federal Civilian Executive Branch (FCEB) agency has a unique role in supporting the mission of the U.S. federal government, from national security to healthcare to education. However, agencies’ approaches to managing cyber risk vary widely, with each agency operating independent networks with interconnected systems and varying degrees of cyber risk tolerance. This complexity makes managing exposures across the FCEB a complex challenge and drives the need for a coordinated cybersecurity strategy.

To address this issue, the Cybersecurity and Infrastructure Security Agency (CISA) recently unveiled the “Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan.” It’s designed to enhance cybersecurity across the FCEB by standardizing essential components of operational cybersecurity throughout the federal enterprise and enabling a collective defense approach. It provides actionable steps federal agencies can take, with their varied architectures and risk management strategies, to mitigate cyber risks and improve resilience through a unified approach to operational defense. And while it is not an exhaustive list of all the things agencies must do to secure their missions, it does provide a baseline for agencies to focus resources on those actions that substantially advance operational cybersecurity improvements and alignment goals. 

CISA’s FOCAL Plan priority areas

(Source: “Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan,” CISA, September 2024.)

1. Asset Management

To safeguard federal networks, agencies must have comprehensive visibility into their entire infrastructure, and continuously assess how those assets are interconnected. As the old saying goes: “You can’t protect what you can’t see.” This priority area aims to ensure agencies know what assets they have so they can be properly defended. 

It’s important to remember that assets span far beyond traditional IT assets. As recent mandates and CISA Binding Operational Directives (BOD) have stressed, agencies must have visibility into OT, IoT, cloud and identity assets. Look no further than the Office of Management and Budget (OMB)’s Memorandum M-24-04 which directed federal civilian departments and agencies to inventory their IoT and OT assets by the end of fiscal year 2024.

1. Vulnerability Management

Getting an accurate inventory of your assets is a key first step, but it’s equally fundamental to understand the vulnerabilities on each of those assets so that you can proactively secure the attack surface. As the FOCAL Plan points out: “What constitutes an agency’s enterprise has evolved over the years, particularly as the attack surface has expanded and grown more complicated.” This has made vulnerability management more challenging. The FOCAL Plan focuses on proactive vulnerability management, so that agencies can understand their exposures by identifying, assessing and mitigating vulnerabilities across asset types, before an attacker can exploit them. 

1. Defensible Architecture

Because attacks are inevitable and resilience is critical, this priority area focuses on building robust, defensible infrastructures with principles like segmentation, identity management and zero-trust security. With a focus on limiting an attacker's ability to access sensitive data when a compromise occurs, this priority aims to help agencies minimize impact and operational disruptions through the implementation of proper tools and controls. 

1. Cyber Supply Chain Risk Management (C-SCRM)

FCEB agencies often rely on third-party vendors, which can introduce supply chain risk. This priority addresses the risk posed by external vendors and technologies by ensuring agencies can quickly identify, assess and mitigate vulnerable software and hardware from their suppliers and partners. 

Case in point: the critical Log4j vulnerability, known as Log4Shell, a critical remote code execution vulnerability in Apache’s Log4j software library. This vulnerability posed a massive risk due to the widespread use of the Apache Log4j open-source logging library in many enterprise applications and cloud services, and the ease with which the vulnerability could be exploited. In the days that followed, every agency and industry security practitioner had to detect all instances of Log4j in their environment. In many cases, versions of the offering were buried deep within third-party software packages or government off-the-shelf solutions. Agencies with a complete understanding of the software deployed across their environment were able to quickly respond to the threat, and meet or exceed the deadline established by the CISA Emergency Directive (ED) 22-02. Unfortunately, Log4Shell quickly became a crisis for security teams that did not have a complete understanding of their inventory.

1. Incident Detection and Response 

This priority area is geared towards strengthening the ability of security operations centers (SOCs) to detect, respond to, and mitigate cyberattacks rapidly and effectively. As mentioned earlier, attacks are inevitable, so it’s critical to quickly detect and respond to an attack. Combining rapid detection and response with best practices such as segmentation and identity management will further disrupt an attacker's ability to access sensitive data.

Meeting CISA FOCAL Plan priorities with Tenable One

We’re excited to share that Tenable One is now FedRAMP authorized at the moderate impact level. Tenable One for Government is an exposure management platform designed to help agencies radically unify security visibility, insight and action across the attack surface to rapidly expose and close the gaps that put agencies at risk. 

Tenable One for Government helps agencies meet CISA FOCAL Plan priorities with:

• Centralized visibility of all assets across the attack surface, from IT infrastructure to cloud environments to critical infrastructure, containers, identity systems, web applications and everywhere in between.
• Vulnerability enumeration and prioritization so you can pinpoint priority weaknesses and focus on the actual exposures that matter to quickly reduce cyber risk.
• A defensible architecture based on zero trust principles so you can quickly detect and respond to attacks in real time, map attack paths and surface all the possible steps that attackers could take to move laterally, escalate privileges and gain control of your infrastructure.
• A deep understanding of overall cyber risk with risk metrics and exposure scores to easily identify problem areas across your agency infrastructure. You can then set precise, trackable KPIs and SLAs to hold teams accountable for managing risk.

Learn more:

• The white paper “CISA FOCAL Plan: Aligning Cybersecurity Across Federal Agencies with Tenable One”
• ”Tenable One for Government” datasheet

Today, we are launching a new dedicated “AI Insights” page on Cloudflare Radar that incorporates this graph and builds on it with additional metrics.

Picus Security reports infostealer surge after revealing credentials appear in 29% of malware

A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations

A vulnerability, which was classified as problematic, has been found in qodeinteractive Qi Addons For Elementor Plugin up to 1.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-13699. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Ontinue announced the expansion of its managed services to include IoT/OT environments. Ontinue ION for IoT Security is an add-on service to the Ontinue ION MXDR service that extends continuous protection to customers’ IoT and OT environments. As organizations integrate more IoT and OT devices into their operations, they face an expanding attack surface and increasing vulnerability to sophisticated cyber threats. Recent research reveals that nearly one-third of organizations experienced six or more intrusions in … More →

The post Ontinue ION for IoT Security secures critical operational environments appeared first on Help Net Security.

SpyCloud, a leading identity threat protection company, has unveiled key innovations in its portfolio, driving a shift towards holistic identity security. By leveraging its vast collection of darknet data and automated identity analytics, SpyCloud correlates malware, phishing, and breach exposures across both professional and personal identities. This comprehensive approach allows security and fraud prevention teams […]

The post SpyCloud Leads the Way in Comprehensive Identity Threat Protection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Why automated response is a necessity to thwart ransomware attacks in Amazon Web Service cloud environments

Минцифры рассмотрит новый механизм идентификации.

Left unchecked, AI's energy and carbon footprint could become a significant concern. Can our AI systems be far less energy-hungry without sacrificing performance?

SpyCloud’s Identity Threat Protection solutions spearhead a holistic identity approach to security, illuminating correlated hidden identity exposures and facilitating fast, automated remediation. SpyCloud, a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection. By operationalizing its vast collection of darknet data with automated identity analytics […]

The post SpyCloud Pioneers the Shift to Holistic Identity Threat Protection appeared first on Cyber Security News.

Researchers from the Anthropic Safeguards Research Team have developed a new approach to protect AI models from universal jailbreaks. This innovative method, known as Constitutional Classifiers, has shown remarkable resilience against thousands of hours of human red teaming and synthetic evaluations. Universal jailbreaks refer to inputs designed to bypass the safety guardrails of AI models, […]

The post Researchers Uncovers New Methods To Defend AI Models Against Universal Jailbreaks appeared first on Cyber Security News.

A critical security flaw in Apple’s service ticket portal has come to light, potentially exposing the sensitive data of millions of users.  The vulnerability, rooted in a combination of Insecure Direct Object Reference (IDOR) and privilege escalation, allowed unauthorized access to user information, including Mac serial numbers, IMEI numbers, and service ticket details. When Virtuvil, […]

The post Apple Service Ticket Portal Vulnerability Exposes Millions of Users Data appeared first on Cyber Security News.

The popular food delivery platform Grubhub has disclosed a significant data breach involving unauthorized access to customer, merchant, and driver information.  The breach, which was caused by a compromised third-party contractor account, raised concerns about data security and third-party risk management practices. Grubhub detected “unusual activity” within its systems, which was traced to an account […]

The post GrubHub Data Breach – Customers Phone Numbers Exposed  appeared first on Cyber Security News.

A new security vulnerability, identified as CVE-2025-24860, has been disclosed in Apache Cassandra, a widely used distributed database system. The flaw involves an authorization bypass that could allow users to gain unauthorized access to data centers or network regions when using specific authorizer configurations. Additionally, users with restricted access can escalate their permissions via DCL […]

The post Apache Cassandra Vulnerability Let Attackers Gain Access to the Data Centers Remotely appeared first on Cyber Security News.

CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. The 7-Zip vulnerability (CVE-2025-0411) Mark-of-the-Web (MotW) is a zone identifier used by the Windows operating system to flag files downloaded from the internet as potentially harmful. “CVE-2025-0411 allows threat actors to bypass Windows MoTW protections by double archiving contents using 7-Zip. … More →

The post Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) appeared first on Help Net Security.

Austin, TX, USA, 4th February 2025, CyberNewsWire

The post SpyCloud Pioneers the Shift to Holistic Identity Threat Protection appeared first on Security Boulevard.