The Hacks

US, UK Agencies Warn Russian Hackers Are Adapting Based on Government Advisories

The adversary is changing its tools to avoid detection while attacking the vulnerabilities governments issue warnings about. 

The FBI Is Breaking into Corporate Computers to Remove Malicious Code – Smart Cyber Defense or Government Overreach

The actions raise questions about the power of courts to regulate cybersecurity without the consent of the owners of the targeted computers.

Federal Agencies Detail Russian Tactics Used in Recent Cyber Intrusions

The FBI, Homeland Security Department and Cybersecurity and Infrastructure Security Agency issued an alert on Russian government cyber tradecraft and mitigation techniques for targets.

How the Federal CISO Views Zero Trust

Federal Chief Information Security Officer Chris DeRusha and other federal officials also advocated moving away from siloed cybersecurity budgeting for agencies.

CISA Issues Deadline for Federal Agencies to Address Pulse Secure Vulnerabilities

The vulnerabilities led to the compromise of government agencies early last summer and, together with a newly disclosed flaw, continue to be exploited.

White House Stands Down Coordination Effort on SolarWinds, Microsoft Exchange Hacks

The leading cybersecurity official on the National Security Council shared lessons learned as agencies reach patching goals.

The Hack Roundup: White House Sanctions Russia over SolarWinds

Agencies involved in response also issued advisories on the hackers' tactics while Microsoft offered federal customers free trials of an auditing tool.

Agencies Have Till Midnight April 15 to Apply New Microsoft Exchange Patches

Four of the 95 vulnerabilities Microsoft released as part of its monthly “patch Tuesday” were identified by the National Security Agency.

Former DHS Secretary Details SolarWinds Hackers’ Access to His Email

Chad Wolf said the information was all unclassified but the compromise was still disturbing.

White House to Seek Industry Input on New Software Security Rules, NSC Official Says

The administration wants to make sure the private sector has the ability to weigh in on procurement standards in an impending executive order.

Top Homeland Security Senators Want Details on Agencies Hit in SolarWinds, Microsoft Intrusions

Sens. Gary Peters and Rob Portman also request more information on key defensive programs and federal cyber leadership.

DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack

The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector. 

CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers

The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.

Director Says NSA’s Domestic Surveillance Authority ‘Rightly’ Limited

Gen. Paul Nakasone, who oversees both the intelligence agency and U.S. Cyber Command, stressed the need for greater visibility through private-sector information streams.

New Software Vendor Standards Coming Within Weeks, CISA Head Says 

The White House is leading an interagency effort focused on software development that will determine federal procurement of information technology.

CISA Will Use New Authority Over Internet Service Providers to Fight Ransomware, Official Says

Acting CISA Director Brandon Wales praised the government’s coordination absent a national cyber director.