Cybersecurity
Hackers exploited out-of-support software to scan federal systems, CISA says
The cyber agency is once again asking agencies to update their software.
Cybersecurity
OMB takes aim at internet of things cybersecurity
The Office of Management and Budget’s recent FISMA guidance notes the importance of the Cybersecurity and Infrastructure Security Agency’s ability to scan agencies for vulnerabilities on an ongoing basis.
Cybersecurity
House bill looks to shore up federal cyber workforce
The bill, a companion to a Senate bill introduced in July, looks to fortify the U.S.’s domestic cybersecurity workforce and training programs.
Cybersecurity
CISA, FBI warn on Iran-backed infrastructure hacks
The hacking group CyberAv3ngers is actively targeting an Israeli-made automation system in wide use in the water and wastewater sector.
Cybersecurity
OPM launches cyber rotational program for feds
The new rotational program is an outgrowth of 2022 legislation backed by Sen. Gary Peters, D-Mich., who chairs the Homeland Security and Governmental Affairs Committee.
Cybersecurity
Congress takes up software supply chain security
The FITARA scorecard could become a vehicle for measuring agency progress against the administration's software security goals.
Cybersecurity
Okta breach includes theft of data on nearly all help desk users, including some feds
The company revised its earlier reporting on the scope of the breach, but said that data on users of high-impact federal and DOD systems was not compromised.
Cybersecurity
HHS seeks zero trust support
The highly federated agency is looking for contactor assistance to hit enterprisewide security goals.
Cybersecurity
Navy’s first cyber strategy looks beyond cybersecurity to digital operations
The military branch must “fully account for new realities presented by cyberspace and the information environment,” the inaugural strategy asserts.
Cybersecurity
Employee data hit in Idaho National Lab cyberattack
The lab confirmed that it has been in touch with federal law enforcement agencies concerning the attack on its servers.
Cybersecurity
FCC wants to improve cyber protections for schools, libraries
Faced with a growing number of cyberattacks on school districts nationwide, the agency announced a three-year pilot program to gather data on the best cyberdefenses.
Cybersecurity
CISA, FBI warn of social engineering-based ransomware
Federal agencies are revealing more information on the Scattered Spider cybercriminal group in a bid to both prevent breaches and encourage victims to offer more detail on such attacks.
Cybersecurity
CISA turns 5 and looks to the future
The Cybersecurity and Infrastructure Security Agency is growing up as its mission to protect against cyber threats becomes ever more complex.
Cybersecurity
AI can help agencies enhance their cyber defense, study finds
General Dynamics Information Technology’s recent survey of 200 federal officials involved in cyber decisions found that AI tools could help address human-caused vulnerabilities.
Cybersecurity
NIST releases revised cyber requirements for controlled unclassified information
The proposed revisions will ideally serve as a “balanced, strong starting point” for agencies and contractors that deal with sensitive information, a NIST official said.
Cybersecurity
Defense firms can take steps now to comply with enhanced cyber standards, industry officials say
The next version of the Pentagon’s Cybersecurity Maturity Model Certification is expected to be released later this month and will “set the bar higher” for security requirements.
Cybersecurity
CISA sees ‘routine and standard’ security reports at beginning of Election Day
Working extensively with local jurisdictions, “it’s all about communication,” a Cybersecurity and Infrastructure Security Agency official noted.
Cybersecurity
Data on active-duty servicemembers is a available for purchase online, report says
A new study from Duke University sheds light on how easy it is to find U.S military personnel online for a price.
Cybersecurity
How the US aims to tackle the ‘collective action problem’ of ransomware
New efforts in the International Counter Ransomware Initiative intend to leverage automated systems to halt illicit financial transactions, according to a White House cyber official.
Cybersecurity