Widespread IT Outage

Widespread IT Outage Due to CrowdStrike Update

CISA will update this Alert with more information as it becomes available.

Infrastructure Resilience Planning Framework Playbook

Infrastructure Resilience Planning Framework Playbook

CISA publishes a supplementary ‘how-to’ guide to assist stakeholders in executing the planning approach laid out in our Infrastructure Resilience Planning Framework (IRPF). 

Secure by Design Alert: Eliminating OS Command Injection Vulnerabilities

Secure by Design Alert: Eliminating OS Command Injection Vulnerabilities

In response to recent well-publicized threat actor campaigns that exploited OS command injection defects in network edge devices, we published this alert urging software manufacturers to employ Secure by Design practices.  

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

APT40 has repeatedly targeted Australian networks as well as government and private sector networks in the region, and the threat they pose to our networks is ongoing.

Continued Progress Towards a Secure Open Source Ecosystem

Continued Progress Towards a Secure Open Source Ecosystem

CISA published a blog on the agency’s work across the federal government to secure Open Source Software (OSS) since it held its first Summit on OSS Security

Guide to Operational Security for Election Officials.

Guide to Operational Security for Election Officials

This guide helps election officials apply OPSEC principles to election processes.

JCDC unifies cyber defenders from organizations worldwide. This diverse team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.

StopRansomware.gov is the U.S. Government's official one-stop location for resources to tackle ransomware more effectively.

SAFECOM works to improve emergency communications interoperability across local, regional, tribal, state, territorial, international borders, and with federal government entities.

Additional CISA Resources

Abstract image of a PCB overlayed with cyber design elements

CISA’s Federal Cyber Defense Skilling Academy

CISA’s Federal Cyber Defense Skilling Academy provides full-time federal employees an opportunity to focus on professional growth through an intense, full-time, three-month accelerated training program.

Image of an event with speaker and participants

CISA Events

CISA hosts and participates in events throughout the year to engage stakeholders, seek research partners, and communicate with the public to help protect the homeland.

CISA Services Catalog

A single resource that provides you with access to information on services across CISA’s mission areas.

Employees pictured during training session

CISA Training

As part of our continuing mission to reduce cybersecurity and physical security risk, CISA provides a robust offering of cybersecurity and critical infrastructure training opportunities.