Cybersecurity
F-35 program seeks cyber reinforcements
To improve the joint strike fighters' defenses against cyber attacks, the program office responsible for it wants an open system design solution.
Cybersecurity
FBI: Ransomware Attackers Have Code to Halt Critical Infrastructure
Monitoring remote access technology will be especially important for limiting the reach of malicious actors, allied cybersecurity agencies said in a report on trends they’ve observed over the last year in a booming ransomware industry.
Cybersecurity
CISA's public-private cyber defense group helped speed Log4j mitigation, experts say
A panel of cybersecurity pros testified that the Cybersecurity and Infrastructure Security Agency's collaborative operational body helped speed up response times and provide critical real-time insights on the Log4J software vulnerabilities to a vast range of companies and federal agencies.
Cybersecurity
Senators Relaunch Cybersecurity Bills Following log4j Concerns
The new package bill was introduced amid calls for increased government support of open-source software development.
Cybersecurity
Law Enforcement Seize Over $3.6 Billion in Crypto Related To 2016 Hack
The seizure is the largest in U.S. history.
Cybersecurity
Former CMMC Lead Resigns Amid Legal Drama
Katie Arrington, who was previously the chief information security officer for acquisition and sustainment, has resigned from her post.
Cybersecurity
IRS Suggests Need to Disclose Crypto Exchange Information to Law Enforcement
A letter the tax bureau sent to a key senator says stronger penalties for failure to report cryptocurrency-based income gains might also help deter cyber criminals.
Cybersecurity
NIST Suggests Agencies Accept the Word of Software Producers Per Executive Order
The standards agency said an attestation from vendors themselves would be sufficient when screening for cybersecurity, unless an agency's risk calculus suggests otherwise.
Cybersecurity
NSA rounds up the year in cyber
The National Security Agency's Cybersecurity Collaboration Center helped mitigate major vulnerabilities in 2021 while serving as a critical hub for industry and government officials to collaborate on cyber initiatives in an unclassified setting, according to a new report.
Cybersecurity
New Cyber Safety Board Pivots to Tackle log4j Vulnerabilities
The DHS body’s primary focus will be on addressing vulnerabilities in the commonly used log4j software library, but will also incorporate findings on the ‘SolarWinds’ hack.
Ideas
Building the Cybersecurity Workforce America Needs
No effort is more important in cybersecurity than creating a highly skilled workforce to protect both public and private systems.
Cybersecurity
DHS Official to Chair Biden-ordered Cyber Safety Review Board
Cybersecurity professionals say the board needs subpoena authority in order to be effective.
Cybersecurity
Supply Chain Security Training and FISMA Overhaul Bills Clear House Committee
The committee chair highlighted a need for incident reporting and other requirements for federal contractors.
Cybersecurity
The U.S. is Working to Improve Ukraine’s Cyber Defenses in the Face of Russian Threat
The prospect of a cyberattack amid heightened regional tensions creates a stark contrast against delicate diplomatic efforts the U.S. is pursuing to thwart ransomware criminals officials say are operating out of Russia.
Cybersecurity
NAPA report backs shift in leadership for cyber workforce development
A new study from the National Academy of Public Administration recommends that the newly established Office of the National Cyber Director develop and implement a coordinated, multi-sector strategy for the cybersecurity workforce, which faces chronic workforce shortages.
Cybersecurity
Audit: Labor Department Information Security Program ‘Not Effective’
Auditors made 18 recommendations to remediate some of the agency’s longstanding issues.
Cybersecurity
Security Specialists: Microsoft’s Discounted Logging Offering Warrants Scrutiny
The log management tool Microsoft is marketing as a way for agencies to fulfill administration requirements for network visibility could contribute to a risky ‘monoculture,’ according to cybersecurity professionals.
Cybersecurity
IG report points to weaknesses in the Commerce Department's infosec program
The Commerce Department has routinely failed to implement crucial security assessment measures and an effective continuous monitoring program, according to a new Inspector General report published this week.
Cybersecurity
FTC Warns of 18-Fold Surge in Investment, ‘Romance’ Scams on Social Media
More than 95,000 Americans were bilked over social media in 2021 resulting in losses approaching $1 billion.
Cybersecurity