28 April 2022

Once Again the Federal .gov is on Top of Things

More vulnerabilities that are YEARS old, still in place in the federal .gov. CISA adds 7 vulnerabilities to list of bugs exploited in attacks

Still, it is better than prior lists, which listed bugs dating back as far as 2013.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its list of actively exploited security issues, including those from Microsoft, Linux, and Jenkins.

The 'Known Exploited Vulnerabilities Catalog' is a list of vulnerabilities known to be actively exploited in cyberattacks and required to be patched by Federal Civilian Executive Branch (FCEB) agencies.

The current list of updates includes bugs that "only" go back to 2019. Note that those bugs were like fixed in 2019 as well. Maybe 2020. What year is it again?

CISA, or The Cybersecurity and Infrastructure Security Agency, which was apparently named by the Department of Redundancy Depart, is trying to get the federal .gov up to a reasonable level of support with respect to known and fixed software bugs. They don't seem to be having a lot of luck. While I won't say that this is the worst logo in all of government, I will ask, "Is this the best you can do?"

Here's a plan (whether you work in government or private industry): Update Your Damn Systems.

This line from Men in Black keeps running through my mind. "You're everything we've come to expect from years of government training."

No comments:

Post a Comment

Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.

Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.