Cybersecurity

Decade-old cyber advice from GAO remains unimplemented, watchdog says

Reliance on legacy IT systems creates challenges for agencies looking to make use of the suggestions.

Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says

Microsoft dismissed his warnings, telling him they would work on a long-term alternative — leaving cloud services around the globe vulnerable to attack in the meantime.

The next administration must be ready for new quantum encryption standards, MITRE advises

The U.S. is already assessing post-quantum readiness under order from the White House.

FCC greenlights $200M pilot for school and library cybersecurity

The commission also approved an item to help bolster the security of a core data routing algorithm.

A law directing cyber reg harmonization would ‘help enormously,’ White House official says

The remarks come a day after ONCD issued a blog calling for cybersecurity regulations to be harmonized.

White House urges streamlined cyber rules following industry feedback

Private sector input from an August 2023 information request signals a need to harmonize cybersecurity regulations, said ONCD chief Harry Coker.

FTC-industry talks over possible Microsoft probe raised recent hacking incidents

Chinese and Russian cyber infiltrations into agencies’ Microsoft email systems came up in discussions over a possible antitrust investigation into the company, people familiar say.

Former NSA head feels ‘really good’ about election security come November

Paul Nakasone, the recently retired head of NSA and CYBERCOM, said the intelligence community has everything it needs to combat election interference attempts later this year.

NIST taps Analygence to help fix vulnerability database backlog

The standards agency has been unable to keep up with the inflow of system vulnerabilities being reported to its database.

Senator calls for federal probes of UnitedHealth for negligent cyber practices

Hackers broke into Change Healthcare systems due to a lack of multifactor authentication.

US disables global cybercrime network that enabled theft of billions in fraud schemes

The botnet infected some 19 million IP addresses, with over 600,000 of them based in U.S. locations. Government fraud losses reached some $6 billion from the operations.

Online health services, apps to face new data security rule enforcement in July

The FTC rules are meant to incentivize digital health providers to shore up their security postures and increase transparency in the event of a data breach.

Watchdog calls out EPA for continued cybersecurity concerns

The EPA has still not implemented GAO’s 2019 recommendation to develop a process for conducting an organization-wide cybersecurity risk assessment. 

White House announces plans to revamp data routing security by year-end

Border Gateway Protocol hijacking attacks are becoming more sophisticated, according to National Cyber Director Harry Coker.

Cyber Force study gets added to House panel’s 2025 defense policy bill

The study on whether to create a Cyber Force branch in the Pentagon now goes to the House floor as part of the 2025 NDAA.