November 16, 2023
Via: CSO OnlineWith the US Securities and Exchange Commission (SEC) having taken legal action against CISOs at both SolarWinds and Uber, security executives feel the pressure to be absolutely precise when writing up security incidents that the company has decided are material. […]
Cybersecurity, IT Policy, Tech
November 15, 2023
Via: Washington's Top NewsWith just seven weeks until the end of the year, the Biden administration is running out of time to win the reauthorization of a spy program it says is vital to preventing terrorism, catching spies and disrupting cyberattacks. The tool, […]
November 10, 2023
Via: Dark ReadingIn an online overview published on Nov. 9, the government of Maine confirmed that a group of cybercriminals exploiting the now-infamous vulnerability in the MOVEit file-transfer tool to allow them access to files belonging to the State of Maine between […]
November 8, 2023
Via: CSO OnlineThe US Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) have announced the launch of the “Shields Ready” campaign to promote critical national infrastructure (CNI) security and resilience. Shields […]
October 26, 2023
Via: ArsTechnicaA relentless team of pro-Russia hackers has been exploiting a zero-day vulnerability in widely used webmail software in attacks targeting governmental entities and a think tank, all in Europe, researchers from security firm ESET said on Wednesday. The previously unknown […]
October 24, 2023
Via: Fox NewsThe Chinese government is leveraging green energy companies in an effort to create technological dependencies and “achieve strategic, political, and intelligence advantages” over the U.S., according to a sprawling new report. The report — published Monday by the Foundation for […]
October 19, 2023
Via: CSO OnlineA decade ago, then-Secretary of Defense Leon Panetta uttered a phrase that would go on to live in infamy: “cyber Pearl Harbor.” Panetta was using his platform as the country’s leading national security official to warn of dire future digital […]
October 11, 2023
Via: CSO OnlineAmid the ongoing conflict between Israel and Hamas, a new battleground has opened up in cyberspace, with hackers from both sides trying to attack each other’s infrastructure, while also dragging supporters of each other into the conflict. “Analysts have noted […]
October 6, 2023
Via: Government ExecutiveFederal agencies and the private sector still face significant challenges in adopting and implementing critical security controls like multifactor authentication and single sign-on services, according to new guidance from the Cybersecurity and Infrastructure Security Agency and the National Security Agency. […]
October 3, 2023
Via: CSO OnlineDozens of global cybersecurity experts have raised concerns about the proposed vulnerability disclosure requirements of the EU’s Cyber Resilience Act (CRA). An open letter signed by representatives from a wide range of organizations including Google, the Electronic Frontier Foundation, the […]
September 29, 2023
Via: Government ExecutiveFederal agencies are racing to release guidance for staff as a looming government shutdown threatens to furlough thousands of employees, disrupt critical services and reduce national cyber operations to skeleton crews. Federal employees are learning whether they will be considered […]
September 26, 2023
Via: CIOThe concept of Zero Trust has gained significant traction in recent years, as organizations look to enhance their cybersecurity defenses and safeguard their digital assets. The US government has been at the forefront of promoting this approach, with a series […]
September 25, 2023
Via: CSO OnlineA series of attacks targeting a Southeast Asian government has been found to be carried out by distinct threat actors affiliated with Chinese interests, according to Unit 42, the Palo Alto research arm closely studying the attacks. Initially thought to […]
September 13, 2023
Via: StateScoopThe U.S. Cybersecurity and Infrastructure Security Agency is offering free security scans for critical infrastructure facilities, such as water utilities, to help protect them from cyberattacks. The midweek announcement comes as water treatment facilities across the country have suffered from […]
August 21, 2023
Via: Dark ReadingForeign adversaries are waging cyber espionage campaigns against the US space industry, according to a joint warning issued this week by the National Counterintelligence and Security Center (NCSC), FBI, and the Air Force Office of Special Investigations (AFOSI). The two-page […]
August 16, 2023
Via: NextgovThe Cybersecurity and Infrastructure Security Agency released its first remote monitoring and management software guidance document on Wednesday, part of the agency’s larger Joint Cyber Defense Collaborative initiative. The Remote Monitoring & Management Cyber Defense Plan specifically focuses on the […]
August 16, 2023
Via: NextgovSen. Mark Warner, D-Va., chair of the Senate Select Committee on Intelligence, wants artificial intelligence companies to commit to extending existing voluntary pledges to all of their systems and make more commitments to address high-risk areas like real-time facial recognition. […]
August 11, 2023
Via: Dark ReadingThe Cybersecurity Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recently collaborated to produce an important new document, “Identity and Access Management: Recommended Best Practices for Administrators.” Part of the Enduring Security Framework (ESF), it presents a distillation […]
August 8, 2023
Via: Government ExecutiveAnew report has found that cyberattacks targeting government agencies and the public sector increased at an alarming rate in recent months, as threat actors unleashed a slate of novel malware campaigns that impacted financial institutions, healthcare services and critical infrastructure […]
August 7, 2023
Via: StateScoopThe Colorado Department of Higher Education on Friday reported it was the victim of a data breach following a ransomware attack this past June, and that the personal information of students and teachers dating back to 2004 may have been […]