Cybersecurity
CISA’s new roadmap aims to fortify open source software security
The nation’s cyber defense agency wants to play a key role in hardening the broader open source software security ecosystem.
Cybersecurity
Amid shutdown anxiety, federal agencies are running up against an IT security deadline
While budget negotiations play out on Capitol Hill, federal agency CIOs are also on the clock to ensure the bulk of their information technology is reported through the CDM program.
Cybersecurity
HHS looks to improve cybersecurity coordination
The agency is utilizing a relaunched cybersecurity coordination center and additional programs to significantly ramp up interactions with key partners, a top official said.
Cybersecurity
CISA's CDM program gears up for a new era in cyber defense
How a cornerstone cybersecurity program has evolved from information collection to active defense.
Cybersecurity
Microsoft links Outlook hack to an engineer’s corporate account
The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a corporate account that contained a consumer signing key, the software giant said.
Cybersecurity
CISA plans new 'secure-by-design' guidance
The nation’s cyber defense agency is continuing to drive a major effort to shift security responsibilities from users to software providers.
Cybersecurity
CISA seeks vendor commitments to boost cybersecurity in K-12 schools
The nation’s cyber defense agency is building onto White House efforts to secure schools' systems nationwide with the help of major education software companies.
Cybersecurity
CDM policies provide a vital shield against climate-driven cyberattacks, experts say
Cybercriminals are increasingly leveraging extreme weather events to launch attacks on critical infrastructure sectors.
Cybersecurity
FDIC needs to sharpen its cyberthreat sharing with financial institutions, OIG says
Despite recent improvements, a watchdog report claims the agency still has more it can do to make threat-sharing policies more effective.
Cybersecurity
Russian cyber group unleashes new malware campaign on Ukrainian military targets
A new report says a cyber threat actor within Russia’s military intelligence service leveraged a novel malware campaign targeting Android devices used by the Ukrainian military.
Cybersecurity
Chinese hackers targeted government entities and thwarted recovery efforts, report says
The cybercrime group evaded remediation efforts by installing persistent backdoors and deploying “new and novel malware.”
Cybersecurity
Meta report spotlights ‘largest known’ foreign influence effort across social media platforms
Actors linked to adversarial nations — namely China and Russia — worked across platforms to push inaccurate content, according to a report released Tuesday.
Cybersecurity
US water infrastructure ‘unsustainable’ amid rapidly evolving crisis, report warns
The United States is facing an unsustainable demand for water and lacks the security posture to defend the nation’s water systems from emerging threats, according to a new report.
Cybersecurity
More than 1,000 federal system flaws fixed via CISA's bug reporting platform
The nation’s cyber defense agency is scaling up a key program that gives federal agencies a chance to remediate vulnerabilities before they can be exploited.
Cybersecurity
New bill would require all federal contractors to develop vulnerability disclosure policies
The Federal Cybersecurity Vulnerability Reduction Act aims to establish standardized vulnerability disclosure policies across all federal contractors.
Cybersecurity
North Korean hackers poised to cash out $40 million in bitcoin after crypto heists, FBI warns
The law enforcement agency says it has been tracking large volumes of cryptocurrency stolen by North Korean hackers during a summer of high-profile cyber heists.
Cybersecurity
National intelligence office issues cyber warning for government and commercial satellites
The warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to successfully hack a government satellite in orbit.
Cybersecurity
Threat actor targeted DOD contracting website
Malware leveraging flaws in edge routers has been spying on military contracting websites, according to research from Lumen's Black Lotus Labs.
Cybersecurity
CISA prioritizing on-site K-12 cybersecurity reviews this school year
The nation’s cyber defense agency is aiming to work with schools “where they’re at instead of where they should be.”
Cybersecurity