CyberSecurityBoard
Sponsor Register Login

CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse | The Record from Recorded Future News

Many in the cybersecurity community expressed alarm on Tuesday following a letter from Yosry Barsoum, MITRE’s vice president and director of the Center for Securing the Homeland, which warned that funding for the CVE program was expiring and the federal government appeared to have no intention to renew the contract. The MITRE Corporation will continue operating the CVE program for at least another 11 months after federal cybersecurity officials confirmed that they temporarily extended their contract with the organization to keep the platform running. A MITRE spokesperson told Recorded Future News that were the contract to lapse, no new CVEs would be added to the program and the CVE program website online would eventually cease. The CVE program — which stands for Common Vulnerabilities and Exposures — is a foundational pillar of the cybersecurity system that countless cybersecurity vendors, governments and critical infrastructure organizations rely on for vulnerability identification. While this structure has supported the program's growth, it has also raised longstanding concerns among members of the CVE Board about the sustainability and neutrality of a globally relied-upon resource being tied to a single government sponsor,” the organization said. Federal contract documents show that CISA’s $57.8 million contract with MITRE expired on Wednesday but had an option to continue until March 16, 2026.

This Cyber News was published on therecord.media. Publication date: Wed, 16 Apr 2025 16:30:19 +0000


Cyber News related to CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse | The Record from Recorded Future News

CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse | The Record from Recorded Future News - Many in the cybersecurity community expressed alarm on Tuesday following a letter from Yosry Barsoum, MITRE’s vice president and director of the Center for Securing the Homeland, which warned that funding for the CVE program was expiring and the ...
3 weeks ago Therecord.media
MITRE warns of lapse with CVE program as contract with US set to expire | The Record from Recorded Future News - The MITRE Corporation said on Tuesday that its stewardship of the CVE program — which catalogs all public cybersecurity vulnerabilities — may be ending this week because the federal government has decided not to renew its contract with the ...
3 weeks ago Therecord.media
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
7 months ago Therecord.media
CISA Provides Last-Minute Support to Keep CVE Program Running - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has extended its contract with MITRE Corporation, ensuring the uninterrupted operation of the Common Vulnerabilities and Exposures (CVE) program, a cornerstone of global cybersecurity ...
3 weeks ago Cybersecuritynews.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
11 months ago Securityaffairs.com
CISA Confirms Continued Support for CVE Program, No Funding Issues - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reaffirmed its strong commitment to the Common Vulnerabilities and Exposures (CVE) Program, following recent public reports that inaccurately suggested the program was in jeopardy ...
2 weeks ago Cybersecuritynews.com
Trump administration planning major workforce cuts at CISA | The Record from Recorded Future News - The Department of Homeland Security, where CISA is housed, recently expanded its voluntary departure program to include early retirement and, in some cases, a buyout, dangling a lump sum payment of up to $25,000 to employees in roles slated for ...
1 month ago Therecord.media
The Hidden Risks Within Ethereum's CREATE2 Function: A Guide to Navigating Blockchain Security - Today, we're delving into a less talked about yet critical issue in the blockchain community: the security risks associated with Ethereum's CREATE2 function. Highlights Unlocking New Possibilities, Inviting New Risks: Ethereum's CREATE2 function, ...
1 year ago Blog.checkpoint.com
CISA extends funding to ensure 'no lapse in critical CVE services' - Before CISA's announcement, a group of CVE Board members announced the launch of the CVE Foundation, a non-profit organization established to secure the CVE program's independence in light of MITRE's warning that the U.S. government might not renew ...
3 weeks ago Bleepingcomputer.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
CISA says it will continue to monitor Russian cyber threats | The Record from Recorded Future News - Both The Guardian and Washington Post bolstered the claims about CISA by saying a recent speech on critical infrastructure cyber threats by a senior State Department official did not mention Russia. The story emerged on Friday around the same time as ...
2 months ago Therecord.media
CISA to Congress: US Under Threat of Chemical Attacks - CISA warned this week that facilities maintaining dangerous chemicals across the US are no longer receiving adequate security support. Compared with such industries as energy, water, and telecoms, cybersecurity professionals tend to be less au ...
1 year ago Darkreading.com
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
1 year ago Cisa.gov
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
1 year ago Securityweek.com
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
Securing Tomorrow: A Recap of CISA's Cyber Resilient 911 Symposium - CISA's Emergency Communications Division spearheaded the Cyber Resilient 911 Program's fourth regional symposium, which included CISA Regions 5 and 7. Among the attendees were state 911 administrators, representatives from 911 centers, IT/cyber ...
11 months ago Cisa.gov
CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts | The Record from Recorded Future News - A CISA spokesperson said the agency planned to cut annual funding of $10 million that was given to the Center for Internet Security (CIS) for managing the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Election Infrastructure ...
2 months ago Therecord.media
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
7 months ago Cyberdefensemagazine.com Akira
Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk - In October 2022, CISA released the Cybersecurity Performance Goals to help organizations of all sizes and at all levels of cyber maturity become confident in their cybersecurity posture and reduce business risk. Earlier this summer, CISA outlined ...
1 year ago Cisa.gov
CEO of Ukraine's largest telecom operator describes Russian cyberattack that wiped thousands of computers - In the two months since Russia-linked hackers attacked Ukraine's largest telecom operator, many questions have emerged about how they gained access to the company's systems and lingered there, likely for months, undetected. During a cybersecurity ...
1 year ago Therecord.media
CVE Foundation Launched to Ensure the Long-term Vulnerability Tracking - Its unique identifiers and open database have enabled security teams, vendors, and governments worldwide to coordinate responses to emerging cyber threats, underpinning the security of the digital ecosystem. Experts warned that any interruption could ...
3 weeks ago Cybersecuritynews.com
CISA confirms compromise of its Ivanti systems - CISA confirmed two of its internal systems were breached by a threat actor that exploited flaws in Ivanti products used by the U.S. cybersecurity agency. Ivanti on Jan. 10 disclosed two zero-day vulnerabilities that were under exploitation by a ...
1 year ago Techtarget.com CVE-2023-46805 CVE-2024-21887
12 Software Dev Predictions for Future - Predicting the future of software development trends is always a tough call. Such trends will also rule the future of the software development industry. Analyzing these future software development trends will put enthusiasts ahead of the competition. ...
1 year ago Feeds.dzone.com
CISA Warns Threat Hunting Staff to Stop Using Censys & VirusTotal - “We understand the importance of these tools in our operations and are actively exploring alternative tools to ensure minimal disruption,” said the April 16-dated notification sent to more than 500 CISA cyber threat hunters. Homeland ...
2 weeks ago Cybersecuritynews.com Hunters
CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild - CISA has issued a new security warning about a critical vulnerability affecting the Commvault Web Server, built into one of the industry’s leading data protection platforms. This alert comes as security teams worldwide scramble to assess exposure ...
1 week ago Cybersecuritynews.com CVE-2025-3928

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)