#cybersecurity Archives - Fortiva IT Consulting

New ESTA Proposal: Security Gains, Travel Friction, And Risks

By Dan HoffmanPosted on January 26, 2026Posted in UncategorizedTagged #cybersecurity, #DataProtection, #DigitalGovernance, #DigitalIdentity, #riskmanagement, #TravelSecurity, #VisaWaiverProgram

Red Teaming the New ESTA Proposal: Security Gains, Travel Friction, and the Risks We’re Not Talking About Recent proposals to expand data collection under the U.S. Visa Waiver Program (ESTA) have been discussed largely through the lenses of immigration and travel policy. But at its core, this proposal is not just about border control — […]

CISA May 2025 ICS Advisories

By Dan HoffmanPosted on May 17, 2025Posted in cybersecurityTagged #CISA, #criticalinfrastructure, #cyberrisk, #cybersecurity, #ICS, #industrialcybersecurity, #infosec, #MitsubishiElectric, #OTsecurity, #patchmanagement, #riskmanagement, #SchneiderElectric, #Siemens, #vulnerabilitymanagement

🔐 CISA’s May 2025 ICS Advisories: Detailed Overview 🏭 Siemens Advisories 🧹 ECOVACS Advisory ⚡ Schneider Electric Advisory 🏗️ Mitsubishi Electric Advisories

Trump Administration Shifts Cybersecurity Responsibilities to States

By Dan HoffmanPosted on April 19, 2025Posted in cybersecurityTagged #cybersecurity

In March 2025, President Donald Trump signed an executive order titled “Achieving Efficiency Through State and Local Preparedness,” which significantly shifts cybersecurity responsibilities from the federal government to state and local authorities. This policy change has sparked widespread concern among cybersecurity experts and state officials.Yahoo+6Inside Government Contracts+6The White House+6 Key Elements of the Executive Order […]

CVE Program gets new life

By Dan HoffmanPosted on April 18, 2025Posted in cybersecurityTagged #CISA, #cve, #cybersecurity

Why the CVE Program Matters — and Why CISA Saving It Is Critical The CVE Program — Common Vulnerabilities and Exposures — is the backbone of vulnerability tracking. It gives cybersecurity professionals a universal system to identify, communicate, and fix security flaws quickly. Without CVEs, patching would be slower, coordination chaotic, and defenses weaker. Earlier […]

NIST Releases Draft Guidance for Ransomware Risk Management

By Dan HoffmanPosted on April 9, 2025Posted in cybersecurityTagged #cybersecurity

The National Institute of Standards and Technology (NIST) has released a draft Cybersecurity Framework Profile for Ransomware Risk Management to help organizations prevent, respond and recover from ransomware attacks. The Ransomware Profile is intended to be used by organizations that have adopted the NIST Cybersecurity Framework and want to improve their risk postures or any organization that […]

UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine

By 69458pwpadminPosted on April 8, 2025Posted in cybersecurityTagged #cybersecurity

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware. The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine’s eastern border, the agency said. The attacks involve distributing phishing emails containing a macro-enabled Microsoft Excel […]

Recent Oracle Health Breaches Expose Critical Gaps in Healthcare Cybersecurity

By 69458pwpadminPosted on April 8, 2025Posted in cybersecurityTagged #cybersecurity

In early 2025, Oracle Health (formerly Cerner) experienced two significant cybersecurity incidents that impacted multiple U.S. healthcare providers. 🔍 What Happened? The FBI and cybersecurity firm CrowdStrike are currently investigating.