Cybersecurity

Log4j Vulnerability Prompts Lawmakers to Examine Agency Cyber Measures

House Energy and Commerce Committee leaders asked several federal agencies about mitigation efforts, following a previous CISA emergency directive about the vulnerability.

CISA Releases Cybersecurity Toolkit to Help Protect Upcoming Midterm Elections

The guide for state and local election officials offers free tools to help mitigate digital threats and safeguard voting systems from outside intrusion.

VA Systems Vulnerable to Cyber Intrusions Due to Lack of Effective Oversight, Report Says

The Department of Veterans Affairs Inspector General's office said the agency is "leaving its systems vulnerable to compromise by impostors who may gain access to protected information."

Cyber Threats Warrant a Government Reorganization, Former CISA Head Says

Inaugural CISA director Chris Krebs said the federal government should do more to respond to cybersecurity and data concerns.

'Hack DHS' Bug Bounty Program to Begin Second Phase with New Contract Request

The contract is geared toward companies that can conduct crowdsourced events and competitions for vetted security researchers, to help bolster DHS’ cyber resilience.

FCC, FEMA Raise Alarm Bells About Vulnerabilities in Emergency Alert System

Both agencies warned that software and equipment vulnerabilities could allow hackers to transmit fake emergency messages or disrupt real ones. 

Top Malware of 2021 Has Been in Use for Years, CISA Warns

The advisory highlights that such usage offers “opportunities to better prepare” and provides recommendations to mitigate cybersecurity threats.

Treasury Sanctions Cryptocurrency Mixer

The online digital money platform has proven to act as a haven for cyber criminals looking to launder illegal cryptocurrencies.

Finance Sector Deals Latest Blow to Cyber Solarium Construct Teetering in NDAA

Congress will return from the August recess faced once again with the challenge of building cybersecurity policy for private providers of critical infrastructure faster than industry can tear it down.

One Simple Fix Could Help Close the Federal Cyber Talent Gap

How to entice more students studying cybersecurity to work in government.

New Bill Would Unlock Cybersecurity Funding for Small Businesses

Sen. Maggie Hassan’s proposed law would help set up funds to protect smaller organizations from malware.

Misinformation Campaigns and Threats are Undermining Confidence in U.S. Elections, Official Says

CISA is ramping up efforts to defend voting systems from outside intrusion, but the spread of online misinformation and threats against election officials still damage faith in the electoral process.

How the Cyber Ambassador In Waiting Plans to Control $1.5 Billion for Open Networks

The recently passed “CHIPS and Science Act” funds a grants program that the new State Department official will have a key role in steering, including to telecom networking firms.

NIST, CISA Finalizing Guidance for Identity and Access Management Post-SolarWinds

The epic intrusion campaign has turned up the brights on vendors providing authentication services, but agencies will still need to be actively engaged for effective implementation.

Banking Groups Urge Senators to Reject NDAA Provision as Harmful to Cybersecurity

The provision for identifying “systemically important entities” included in the House-passed NDAA could still hitch a ride on the massive defense bill when it’s called to the floor in the upper chamber.

Security Alerts: Not All Vulnerabilities Are Created Equal

For industries without a heavy IT expertise, responding to the myriad vulnerability advisories released by the Cybersecurity and Infrastructure Security Agency is a daunting task.

White House Official: EPA to Issue Cybersecurity Rule for Water Facilities

As the U.S. pursues collaboration with international allies, the official noted lagging cybersecurity policies for domestic critical infrastructure.