The Federal Communications Commission (FCC) maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national security pursuant to the Secure and Trusted Communications Networks Act of 2019.
As the 6th annual National Supply Chain Integrity Month concludes, CISA reminds all critical infrastructure owners and operators to take necessary steps in securing the nation’s most critical supply chains. CISA urges organizations to incorporate the Covered List into their supply chain risk management efforts, in addition to adopting recommendations listed in Defending Against Software Supply Chain Attacks—a joint CISA and NIST resource that provides guidance on using NIST’s Cyber Supply Chain Risk Management (C-SCRM) framework to identify, assess, and mitigate risks. All critical infrastructure organizations are also urged to enroll in CISA’s free Vulnerability Scanning service for assistance in identifying vulnerable or otherwise high-risk devices such as those on FCC’s Covered List.
To learn more about CISA’s supply chain efforts and to view resources, visit CISA.gov/supply-chain-integrity-month.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released 10 Industrial Control Systems (ICS) advisories. These advisories provide timely information about current…
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released one Industrial Control Systems (ICS) advisory on October 14, 2025. These advisories provide…
Today, CISA issued Emergency Directive ED 26-01: Mitigate Vulnerabilities in F5 Devices to direct Federal…
CISA released thirteen Industrial Control Systems (ICS) advisories on October 16, 2025. These advisories provide…
This website uses cookies.