Cybersecurity
Forthcoming NIST profile to address growing AI-cyber challenges
The Cyber AI Profile, currently in development, could help firms better prepare for hackers that use AI tools to enhance their cyberattacks, a top NIST official said at the RSAC Conference.
Cybersecurity
FBI asks public for tips about Salt Typhoon telecom hacks
Salt Typhoon accessed at least nine U.S. telecom firms and their systems that facilitate legal access requests for law enforcement.
Cybersecurity
Top intelligence lawmaker fears China may exploit DOGE’s changes to government
Rep. Jim Himes, D-Conn., also called out the Trump administration on the recent firing of NSA Director Timothy Haugh, a move he viewed as “puzzling.”
Cybersecurity
CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in
“We understand the importance of these tools in our operations and are actively exploring alternative tools to ensure minimal disruption,” said the email sent to several hundred CISA cyber threat hunters.
Cybersecurity
Chinese telcos provide backbone for US allies’ mobile traffic, raising espionage concerns
A report from iVerify and other researchers found that mobile networks in countries like Japan, South Korea and New Zealand route telecom traffic through Chinese state-backed infrastructure.
Cybersecurity
Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure
“For those who know me, you know I don’t shy away from tough fights. But I also know this is one I need to take on fully — outside of SentinelOne,” Krebs said.
Cybersecurity
CISA extends MITRE-backed CVE contract hours before its lapse
“Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services,” an agency spokesperson said.
Updated
Cybersecurity
MITRE-backed cyber vulnerability program to lose funding Wednesday
Organizations across industry, government, national security and critical infrastructure rely on the CVE Program, which serves as the de-facto global standard for vulnerability identification and management.
Cybersecurity
User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says
The blocked login attempts, detailed in an extensive whistleblower complaint filed to the Senate Intelligence Committee and others, may indicate foreign adversaries have begun leveraging DOGE inroads into sensitive federal systems.
Cybersecurity
Chinese police say NSA hacked networks of Asian Winter Games
The accusations, which name three supposed NSA operatives, come amid escalating trade tensions between the U.S. and China.
Cybersecurity
Top homeland security lawmaker calls for cautious cuts to CISA
“We have to be very careful about who and what we cut, because [the Cybersecurity and Infrastructure Security Agency] does have a mission to overwatch our critical infrastructure and make sure the bad guys aren’t getting in,” said Rep. Mark Green, R-Tenn.
Cybersecurity
Treasury regulatory office reports ‘major information security incident’
The disclosed breach into the Office of the Comptroller of the Currency comes just months after another incident involving Chinese hacks into Treasury Department offices.
Cybersecurity
Senator puts hold on Trump cyber nominee, citing ‘cover up’ of telecom security report
An unreleased 2022 report is said to contain vital information about the security posture of the U.S. telecommunications sector, according to Sen. Ron Wyden, D-Ore., who is blocking Sean Plankey’s nomination to lead CISA.
Cybersecurity
China is trying to recruit current and former feds, intelligence document warns
The notice is one of the first public acknowledgements from the U.S. intelligence community showing how adversaries are leveraging DOGE-led layoffs to target the government.
Cybersecurity
Top NSA, Cyber Command officials pulled from premier cybersecurity conference
Notifications about their speaking engagements went out Tuesday afternoon, just days after President Trump fired the head of NSA and Cyber Command.
Cybersecurity
Tariffs create more volatile environment for cyberattacks, industry executive warns
Tenable Co-CEO Steve Vintz told Nextgov/FCW that the potential trade wars stoked by the Trump administration’s tariffs facilitate conditions that incentivize hacking activity around the globe.
Cybersecurity
Cyber label program could expand past consumer goods, FCC commissioner predicts
Nathan Simington, the junior Republican on the Federal Communications Commission, said a Biden-era cybersecurity labeling program could expand to cover wireless and industrial products.
Cybersecurity
Contractors could hack back against adversaries, top cyber Democrat says
Rep. Eric Swalwell, D-Calif., said the federal government can’t protect everyone and the concept of asking private sector security companies to conduct offensive cyber operations is worth exploring.
Cybersecurity
Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors
Nearly 880 spoofed domains of worldwide IT, defense and aerospace firms were identified between December and March, DomainTools Investigations says.
Cybersecurity