CISA warns that its Chemical Security Assessment Tool (CSAT) was hacked in January. Hackers used a webshell on the Ivanti device, which may have exposed important security assessments and plans.
In March, The Record revealed that CISA had a breach after the Ivanti device was exploited, leading to two systems being taken offline for investigation.
By infosecbulletin
/ Sunday , April 20 2025
You copy a password from your manager, thinking it's safe. Meanwhile, your phone is saving it in plain text. Samsung...
Read More
By infosecbulletin
/ Saturday , April 19 2025
A data leak involving 8 million UK healthcare worker records, including IDs and financial information, was caused by a misconfigured...
Read More
By infosecbulletin
/ Saturday , April 19 2025
GitHub has released security updates for GitHub Enterprise Server to fix several vulnerabilities, including a high-severity flaw that could allow...
Read More
By infosecbulletin
/ Friday , April 18 2025
Hackers can exploit a vulnerability in Asus routers to execute unauthorized functions. This serious issue, rated 9.2 out of 10,...
Read More
By infosecbulletin
/ Friday , April 18 2025
According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...
Read More
By infosecbulletin
/ Friday , April 18 2025
A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...
Read More
By infosecbulletin
/ Thursday , April 17 2025
On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
By infosecbulletin
/ Thursday , April 17 2025
Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
By infosecbulletin
/ Thursday , April 17 2025
On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
By infosecbulletin
/ Wednesday , April 16 2025
On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
CISA wouldn’t provide details about the incident, but according to sources from The Record, it involved the Infrastructure Protection (IP) Gateway and Chemical Security Assessment Tool (CSAT).
CSAT is an online portal used by facilities to report their possession of chemicals that could be used for terrorism. It helps determine if they are considered high-risk. If they are, the tool prompts them to upload a security vulnerability assessment (SVA) and site security plan (SSP) survey containing sensitive information about the facility.
CISA confirms breach:
CISA has confirmed the breach of the CSAT Ivanti Connect Secure appliance on January 23, 2024.
The cybersecurity agency has informed CFATS program participants about the intrusion and the potentially affected information.
“While the investigation found no evidence of credentials being stolen, CISA encourages individuals who had CSAT accounts to reset passwords for any account, business or personal, which used the same password,” CISA explained, urging organizations that use Ivanti products to read a February advisory about recent vulnerabilities affecting the company’s tools.