CISA developed a novel malware-related idea.
The top US cybersecurity organization has revealed plans to expand its list of hacker-targeted vulnerabilities to include a section on malware groups.
Officials from the Cybersecurity and Infrastructure Security Agency (CISA) announced that through their database of known exploitable vulnerabilities (KEVs), all organizations will now have access to information about which vulnerabilities are frequently linked to malware attacks.
Previously, only the Malware Vulnerability Alert Pilot Program (RVWP) of CISA offered this information. Through this program, CISA found businesses that had Internet-accessible vulnerabilities that were frequently linked to well-known malware actors.
The KEV directory will now have a "Known to use malware in campaigns" column, according to Gabrielle Davis, CISA's chief risk advisor, and Sandra Radesky, deputy director of vulnerability management.
Additionally, CISA has created a second new RVWP resource that acts as a list of additional configuration errors and security holes that are known to be exploited by malware campaigns. Organizations can use this list to quickly identify services that threat actors are known to use and put the right mitigation measures in place.
Three weeks ago, CISA added the 1,000th vulnerability to the KEV list, which has since grown to become the go-to resource for knowledge on the most concerning flaws being used by a variety of hackers.
More than 800 vulnerable systems with Internet-accessible flaws that are frequently linked to malware campaigns have been reported to organizations by RVWP to date.
The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022 called for the establishment of the RVWP. The new incident reporting regulations, according to CISA Director Jen Easterly, will help government officials better understand how their actions affect the number of malware attacks that U.S. organizations have to deal with.
Comments 0