A DHS inspector general report found that CISA doesn’t have plans for what to do with AIS if the Cybersecurity Information Sharing Act lapses.

A DHS plan estimates that it would keep nearly 900 CISA workers on the job during a lapse in federal funding.

Forta, the vendor behind the file-transfer service software, has yet to report exploitation or address evidence of compromise. Independent researchers say otherwise.

The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity.

Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.

The vendor didn’t provide evidence of active exploitation, yet experts said it’s only a matter of time before that changes.

Veracode co-founder and CTO Chris Wysopal

The company confirmed to CyberScoop that an unidentified cybercriminal accessed SonicWall’s customer portal through a series of brute-force attacks.

A recent wave of attacks targeting SonicWall customers has researchers and authorities on alert. Many victim organizations had misconfigurations in their systems.

Nick Andersen rebutted criticisms from industry, state and local governments and the Hill about where CISA capabilities stand.