Exclusive
Cybersecurity
Suspected Chinese operation aims to recruit former feds with job postings, research shows
Researchers at the Foundation for Defense of Democracies uncovered a network of likely fraudulent China-linked websites operating as far back as 2021. One has very recently tried to recruit former federal workers and policy experts.
Cybersecurity
FEMA begins security overhauls following cyber incident and employee firings
The agency recently blocked users from accessing multiple websites and made password changes to an internet security tool in efforts to shore up its cyber posture, people familiar say.
Cybersecurity
House panel advances bill to extend bedrock cyber info-sharing law
Some Republicans want to ensure there’s language that would prevent the nation’s core cyberdefense agency from engaging in alleged “censorship” of Americans’ free speech.
Cybersecurity
Salt Typhoon hackers targeted over 80 countries, FBI says
The Chinese campaign appears to have reached into other organizations beyond the telecom industry, including transportation and military infrastructure networks, according to a Wednesday advisory.
Exclusive
Cybersecurity
Report: Russia-based Yandex employee oversees open-source software approved for DOD use
The package is listed inside Platform One’s Iron Bank, a vetted Defense Department software repository, people familiar say.
Cybersecurity
Zero trust requires workforce buy-in, federal officials say
The Interior Department’s acting CISO, Louis Eichenbaum, said it’s important for agencies’ workforces to understand “the concepts of zero trust and how you incorporate it into your daily activities.”
Cybersecurity
Wyden calls for review of US court systems’ cyber posture after case system hack
Since the incident, several district courts have instructed filers not to submit sealed documents, amid risks that the systems protecting them may not be secure.
Cybersecurity
UK ‘agreed to drop’ backdoor encryption demand for Apple, DNI says
Director of National Intelligence Tulsi Gabbard said the United Kingdom has abandoned its effort to require that Apple provide its law enforcement and intelligence personnel with “blanket capability” to access customers’ encrypted files.
Cybersecurity
Researchers detail new ‘gray zone conflict’ in AI-driven Chinese propaganda
Documents from Chinese firm GoLaxy detail influence operations aligned with Beijing that run at unprecedented speed and precision. National security experts at Vanderbilt say these developments may forever redefine information warfare.
Cybersecurity
In pitch to hacker community, Trump’s NSC cyber lead says AI key to future of cyberdefense
At DEF CON, Alexei Bulazel said AI-powered tools will give software developers “incredible abilities” to harden networks by adding multilayered checks to the code-scanning process and catching flaws that might otherwise slip through.
Cybersecurity
DARPA unveils winners of AI challenge to boost critical infrastructure cybersecurity
The AI Cyber Challenge aims to accelerate the distribution of open-source AI models to help patch the code that powers major infrastructure like water treatment plans and power grids. Four of the open-source models have already been made available for use.
Cybersecurity
US court system to boost cyber posture after hack of electronic case management tool
The breach may have revealed the identities of confidential informants involved in criminal cases in several federal district courts, according to Politico.
Cybersecurity
CISA officials commit to supporting top vulnerability cataloging program
Organizations around the world rely on the Common Vulnerabilities and Exposures Program, whose contract with CISA almost expired in April. It serves as the worldwide, de facto standard for vulnerability identification and management.
Cybersecurity
Small defense industrial base firms pose tempting targets for nation-state hackers, NSA official says
Some 80% of the defense industrial base are actually small firms, according to the NSA’s head of DIB security, who has helped over 200 providers identify thousands of vulnerabilities in their systems.
Updated
Cybersecurity
‘High-severity’ Microsoft Exchange vulnerability disclosed on heels of Black Hat talk
Parts of the federal enterprise are likely susceptible to the flaw that allows hackers to hijack on-premises versions of Active Directory. CISA plans to release an emergency directive on Thursday, according to a person familiar with the matter.
Cybersecurity
Federal CISO urges cyber community to start sharing and scaling their solutions
The Trump administration wants to ease regulatory burdens on the cyber industry with a mindset where there is still room for policymaking. It largely begins with the private sector.
Cybersecurity
Former and current officials clash over CISA’s role in US cyber defenses at Black Hat
CISA’s communications chief backed the narrowing of the agency’s scope, while a former NSA leader warned that shrinking the federal cyber workforce risks weakening U.S. defenses.
Cybersecurity
New research shows Iran’s expansive cyber offensive during ‘12-Day War’ with Israel
One state-backed hacking group created conflict-themed websites to lure pro-Israel visitors and siphon their data, according to SecurityScorecard.
Cybersecurity
