Cybersecurity
CISA: SolarWinds' Orion may not be only entry point for hackers
CISA's latest alert suggests hackers may have found other entry points into the federal government's networks than just the IT management software suite.
Cybersecurity
GAO Issues ‘Wake-Up Call’ Report on Agencies’ Lax Supply Chain Security Management
The bottom line is that none of the 23 agencies audited fully implemented foundational risk management practices.
Cybersecurity
DOD announces first CMMC pilot contract nominees
The Dec. 15 announcement calls out seven pilot contracts across the Air Force, Navy and Missile Defense Agency.
Cybersecurity
After Solar Winds, it's time for a National Software Security Act
The time has come for Congress to regulate security in the software industry by mandating minimal best practices for software companies selling software products or services in America.
Cybersecurity
Pentagon Preps for First CMMC Pilots in 2021
The Pentagon’s Cybersecurity Maturity Model Certification program will begin including security requirements in select solicitations starting next year.
Cybersecurity
Lawmakers seek details on damage done by the SolarWinds hack
As information trickles out about which federal agencies have been compromised by a sophisticated hacking operation, lawmakers have begun seeking an extensive accounting of what damage has been done.
Cybersecurity
What We Know About the SolarWinds Breach
The White House invoked Presidential Policy Directive-41 to coordinate a "whole of government" response.
Cybersecurity
Senate Bill Targets Government’s Response to Agency-Involved Cyber Incidents
Agencies would see new reporting requirements to keep Congress and impacted individuals more informed about security breaches.
Cybersecurity
NSC invokes 2016 directive to respond to SolarWinds hack
The National Security Council's announcement to create a special group for coordinating the federal government's response to the SolarWinds hack comes as the list of affected agencies grows.
Cybersecurity
CISA Orders Federal Agencies to Turn Off SolarWinds Products
A critical flaw in software used throughout government was reportedly used to breach a major security company and at least two federal agencies.
Cybersecurity
Hack at Treasury and Commerce spurs emergency order from CISA
The Cybersecurity and Infrastructure Security Agency issued an emergency directive late Sunday night after reported breaches at two cabinet agencies. The Department of Homeland Security, CISA's parent agency, also has reportedly been breached.
Cybersecurity
Reports: Suspected Russian Hackers Breach Commerce, Treasury Departments
U.S. officials are investigating what data may have been stolen and whether the hack is more widespread.
Ideas
Your Robot Vacuum Could Spy on You
Researchers managed to recover speech data with high accuracy.
Cybersecurity
Presidential Advisers Make the Case for a New Cybersecurity Center for Sharing Threats
Current federal efforts to help mitigate threats against privately operated critical infrastructure fall short, according to a National Infrastructure Advisory Council report.
Ideas
5 Rules to Keep Breaking Barriers in Government
The pandemic disrupted how agencies conducted business but federal leaders can harness that momentum.
Cybersecurity
FBI, CISA, State Leaders Warn Schools About Ransomware Threats
The percentage of ransomware attacks perpetrated against schools more than doubled in 2020.
Cybersecurity
FCC Adopts Order to Rip and Replace Huawei, ZTE Equipment Amid 5G Security Challenges
The senior Democrat on the commission noted China’s continued leadership of global 5G standards development in urging further action.
Modernization
GSA Relaunches Federal Service Desk With New Look and Added Security
The help desk for all General Services Administration procurement systems got a makeover and a security lockdown.
Cybersecurity
Beware of COVID-19 Vaccine Scammers, FTC Warns
The Federal Trade Commission expects some opportunists to attempt to bilk the public when COVID-19 vaccines are made available.
Cybersecurity