Category: Cybersecurity

August 11, 2023

The Cybersecurity Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recently collaborated to produce an important new document, “Identity and Access Management: Recommended Best Practices for Administrators.” Part of the Enduring Security Framework (ESF), it presents a distillation […]

August 8, 2023

Anew report has found that cyberattacks targeting government agencies and the public sector increased at an alarming rate in recent months, as threat actors unleashed a slate of novel malware campaigns that impacted financial institutions, healthcare services and critical infrastructure […]

August 7, 2023

The Colorado Department of Higher Education on Friday reported it was the victim of a data breach following a ransomware attack this past June, and that the personal information of students and teachers dating back to 2004 may have been […]

August 1, 2023

Hacking teams working for the Chinese government are intent on burrowing into the farthest reaches of US infrastructure and establishing permanent presences there if possible. In the past two years, they have scored some wins that could seriously threaten national […]

July 28, 2023

The MOVEit breach has claimed yet another target: Maximus Inc., a US government contractor. Though the company’s internal systems were unaffected, 8 to 11 million people’s personal information may have been compromised. Maximus provides technology services for administering and managing […]

July 26, 2023

The Securities and Exchange Commission adopted rules Wednesday to require public companies to disclose within four days all cybersecurity breaches that could affect their bottom lines. Delays will be permitted if immediate disclosure poses serious national security or public safety […]

July 14, 2023

The White House released its implementation plan for President Biden’s National Cybersecurity Strategy, broadly breaking down how it plans to accomplish more than 65 tasks involving 18 agencies outlined by the sweeping plan announced in March. The National Cybersecurity Strategy […]

July 12, 2023

Microsoft has disclosed that that a cyberattack by a China-based “nation-state actor” managed to access email hosted on Exchange Online and Outlook.com belonging to about 25 organizations, including government agencies. Mitigation of the attack is complete, according to a statement […]

July 5, 2023

As the Biden administration continues to develop US cybersecurity requirements on software and supply chain security, zero trust, and incident reporting, among other initiatives, the projects have one often-unstated overarching goal: Improve the cybersecurity resilience of the nation’s critical infrastructure. […]

June 30, 2023

In 2020, software company SolarWinds was hit with a cyberattack that compromised its Orion supply chain software. The attack impacted thousands of victims. Three years later, the US Securities and Exchange Commission (SEC) is continuing its investigation into the attack. […]

June 28, 2023

Hundreds of internet-connected devices found on federal systems remain vulnerable to critical cybersecurity threats, according to new research, despite a recent directive from the nation’s cyber defense agency requiring their removal from government networks. Researchers with the security firm Censys […]

June 28, 2023

K-12 school districts across the country continue to be targeted by threat actors looking to steal sensitive personal information. Examples of this can be seen in the recent incidents affecting the Pearland Independent School District in Texas and the Tucson […]

June 27, 2023

The Cybersecurity and Infrastructure Security Agency is developing a new resource center for federal agencies to help address compliance issues associated with a wave of recent cyber supply chain risk management — or C-SCRM — and software security mandates. The […]

June 26, 2023

The House Weaponization Subcommittee says the Cybersecurity and Infrastructure Security Agency (CISA) has “facilitated the censorship of Americans directly” and through third-party intermediaries during the Biden administration. Fox News Digital first obtained a new committee report Monday, stemming from the […]

June 21, 2023

The Justice Department announced the launch of a new specialized unit on Tuesday that officials said will be leveraged in early-stage cases to disrupt malicious cyber campaigns and to prosecute nation-state threat actors and cybercriminals. The new National Security Cyber […]

June 19, 2023

In the latest cyber incident affecting the US federal government, two arms of the US Department of Energy (DOE) and, according to press reports, the US Department of Agriculture and the Office of Personnel Management, have been swept up in […]

June 16, 2023

The Department of Energy and several other federal agencies were compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments, but the impact was not expected to be great, Homeland Security officials said […]

June 15, 2023

Hackers working for Russia’s Federal Security Service have mounted multiple cyberattacks that used USB-based malware to steal large amounts of data from Ukrainian targets for use in its ongoing invasion of its smaller neighbor, researchers said. “The sectors and nature […]

June 12, 2023

The Minnesota Department of Education announced Friday that personal information pertaining to about 95,000 students was breached as part of an ongoing and global exploit of a popular file-transfer system. Hackers from the ransomware group known as CL0P recently exploited […]

June 7, 2023

The vast majority of applications developed by public sector organizations over the last year suffered from at least one security flaw, according to a new report that analyzed 750,000 applications developed by the public and private sectors. Software security firm […]