Cybersecurity
Top intelligence lawmaker fears China may exploit DOGE’s changes to government
Rep. Jim Himes, D-Conn., also called out the Trump administration on the recent firing of NSA Director Timothy Haugh, a move he viewed as “puzzling.”
CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in
“We understand the importance of these tools in our operations and are actively exploring alternative tools to ensure minimal disruption,” said the email sent to several hundred CISA cyber threat hunters.
Chinese telcos provide backbone for US allies’ mobile traffic, raising espionage concerns
A report from iVerify and other researchers found that mobile networks in countries like Japan, South Korea and New Zealand route telecom traffic through Chinese state-backed infrastructure.
Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure
“For those who know me, you know I don’t shy away from tough fights. But I also know this is one I need to take on fully — outside of SentinelOne,” Krebs said.
CISA extends MITRE-backed CVE contract hours before its lapse
“Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services,” an agency spokesperson said.
Updated
MITRE-backed cyber vulnerability program to lose funding Wednesday
Organizations across industry, government, national security and critical infrastructure rely on the CVE Program, which serves as the de-facto global standard for vulnerability identification and management.
User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says
The blocked login attempts, detailed in an extensive whistleblower complaint filed to the Senate Intelligence Committee and others, may indicate foreign adversaries have begun leveraging DOGE inroads into sensitive federal systems.
Chinese police say NSA hacked networks of Asian Winter Games
The accusations, which name three supposed NSA operatives, come amid escalating trade tensions between the U.S. and China.
Top homeland security lawmaker calls for cautious cuts to CISA
“We have to be very careful about who and what we cut, because [the Cybersecurity and Infrastructure Security Agency] does have a mission to overwatch our critical infrastructure and make sure the bad guys aren’t getting in,” said Rep. Mark Green, R-Tenn.
Treasury regulatory office reports ‘major information security incident’
The disclosed breach into the Office of the Comptroller of the Currency comes just months after another incident involving Chinese hacks into Treasury Department offices.
Senator puts hold on Trump cyber nominee, citing ‘cover up’ of telecom security report
An unreleased 2022 report is said to contain vital information about the security posture of the U.S. telecommunications sector, according to Sen. Ron Wyden, D-Ore., who is blocking Sean Plankey’s nomination to lead CISA.
China is trying to recruit current and former feds, intelligence document warns
The notice is one of the first public acknowledgements from the U.S. intelligence community showing how adversaries are leveraging DOGE-led layoffs to target the government.
Featured eBooks
Top NSA, Cyber Command officials pulled from premier cybersecurity conference
Notifications about their speaking engagements went out Tuesday afternoon, just days after President Trump fired the head of NSA and Cyber Command.
Tariffs create more volatile environment for cyberattacks, industry executive warns
Tenable Co-CEO Steve Vintz told Nextgov/FCW that the potential trade wars stoked by the Trump administration’s tariffs facilitate conditions that incentivize hacking activity around the globe.
Cyber label program could expand past consumer goods, FCC commissioner predicts
Nathan Simington, the junior Republican on the Federal Communications Commission, said a Biden-era cybersecurity labeling program could expand to cover wireless and industrial products.
Contractors could hack back against adversaries, top cyber Democrat says
Rep. Eric Swalwell, D-Calif., said the federal government can’t protect everyone and the concept of asking private sector security companies to conduct offensive cyber operations is worth exploring.
Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors
Nearly 880 spoofed domains of worldwide IT, defense and aerospace firms were identified between December and March, DomainTools Investigations says.
FCC to investigate potential US operations of restricted Chinese firms
The commission’s new chairman, Brendan Carr, believes that some or all of the companies on the FCC’s Covered List are still operating in the nation.
NIST’s vulnerability database logjam is still growing despite attempts to clear it
Vulnerability submissions increased 32% in 2024, NIST said. The agency is considering machine learning to automate certain vulnerability analysis tasks.
What’s next for cybersecurity, election info sharing?
Federal funding has been slashed by $10 million for two information sharing centers, which both have tens of thousands of members. A more fragmented and expensive future could follow as states and others go it alone.
