Cybersecurity
Expiring cyber information-sharing law puts US maritime infrastructure at risk, experts warn
A congressional probe last year found Chinese‑made technology embedded in many U.S. ports, raising fears of espionage and sabotage.
Cybersecurity
Government layoffs are making us less safe in cyberspace, experts fear
There’s been a mass exodus of government cyber expertise during the Trump administration.
Cybersecurity
Russian hackers target local internet to spy on embassies in Moscow, Microsoft says
The attack works by rerouting targeted diplomatic devices through a hoax captive portal modeled on the kind commonly used to grant internet access in hotels and airports.
Cybersecurity
CISA to release telecom security report as its director nominee nears confirmation
The 2022 report, which has not been made publicly available, has been used as leverage by Senator Ron Wyden to hold Sean Plankey from being confirmed as director of CISA.
Cybersecurity
Basic cybersecurity lapses are leaving US infrastructure exposed, top experts warn
To make U.S. networks more “toxic” to adversaries, “we need to have an ability for authentication to have some meaning,” former NSA director Gen. Paul Nakasone said.
Cybersecurity
Pentagon not impacted by Microsoft Sharepoint hack, tech chief says
The department has been holding daily calls with Microsoft since the zero-day was discovered, the DOD CIO said at an event Thursday.
Cybersecurity
Trump’s CISA nominee is confident he can get funding to cyber agency where needed
Sean Plankey, a former Energy Department cyber official, tussled with Sen. Richard Blumenthal, D-Conn., over 2020 election security during his confirmation hearing. He also committed to the renewal of a key cyber information-sharing law before it soon expires.
Cybersecurity
DHS impacted in hack of Microsoft SharePoint products, people familiar say
The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned groups, according to Microsoft.
Cybersecurity
Chinese hackers are exploiting SharePoint vulnerabilities, Microsoft says
The bugs affecting on-premises builds of SharePoint deployments are officially being exploited by at least two major Chinese nation-state hacking units, the company said. Patches have been issued for all affected versions of SharePoint.
Cybersecurity
Operational tech is ‘underprioritized’ in cyberdefense, experts tell Congress
Witnesses' calls for better investment in securing such systems come just two months before a key cybersecurity information-sharing law is set to expire.
Cybersecurity
Threat intel firms on alert for government systems impacted by Microsoft SharePoint vulnerability
Governments, schools, healthcare providers and large enterprise firms are at risk, one cyber threat intelligence chief said.
Cybersecurity
Salt Typhoon hacks into National Guard systems a ‘serious escalation’, experts warn
“Going forward, all U.S. forces must now assume their networks are compromised and will be degraded,” a former Air National Guard servicemember said.
Cybersecurity
OMB draft memo sets agency and vendor quantum security standards
The Office of Management and Budget is drafting a new memorandum to outline steps for the federal government’s migration to a post-quantum cryptographic standard.
Cybersecurity
DOD gets millions for cyber capabilities under GOP reconciliation package
The law’s vast cuts to Medicaid, however, are putting rural healthcare groups on high alert.
Exclusive
Cybersecurity
DHS plans to shed most of its intel office workforce
The Office of Intelligence and Analysis plans to reduce hundreds of its staff, per people with knowledge of recent plans communicated to employees. It’s faced scrutiny over past domestic surveillance abuses.
Cybersecurity
US unveils multiple operations to shutter North Korean IT worker schemes
At least one U.S. government contractor was hoovered up by the illicit worker operations, a senior FBI official said. The fraud has cost victims millions of dollars.
Cybersecurity
Iran-backed hackers may target US defense companies tied to Israel, agencies warn
“Despite a declared ceasefire and ongoing negotiations towards a permanent solution, Iranian-affiliated cyber actors and hacktivist groups may still conduct malicious cyber activity,” a government advisory says.
Exclusive
Cybersecurity
Former Biden cyber chief defends Cyber Trust Mark in the face of FCC review
Anne Neuberger told Nextgov/FCW the Cyber Trust Mark, as it stands, is the most effective path to labeling secure devices and reducing reliance on insecure tech from China.
Cybersecurity