Cybersecurity
CISA warns on new threat group using VPN flaw
A new report by the government's cybersecurity agency warns about another threat actor using malware initially discovered during the response to the intrusion involving SolarWinds.
Cybersecurity
CISA issues third emergency directive since SolarWinds
The government's cybersecurity watchdog is increasingly issuing emergency instructions to agencies for handling high-risk vulnerabilities, something analysts say reflects both CISA's stature and the environment its working in.
Cybersecurity
CISA confirms U.S. agencies affected by Pulse Connect VPN vulnerabilities
The cybersecurity firm FireEye suspects at least one of the campaigns it reported on operates on behalf of the Chinese government.
Cybersecurity
White House launches cybersecurity push targeting electricity sector
The pilot program to improve the cybersecurity of the nation's electricity infrastructure is part of a broader initiative focused on industrial control systems.
Cybersecurity
White House stands down groups tackling SolarWinds, Microsoft Exchange
The move comes days after the administration sanctioned Russia for its alleged role in the cyberattacks
Cybersecurity
White House sanctions Russia over SolarWinds campaign, election interference
The White House today announced a sanctions package targeting the Kremlin, Russian technology companies and financial institutions for hacking and misinformation efforts.
Cybersecurity
Biden taps Inglis, Easterly for top cyber jobs
National Security Agency veterans will serve as first national cyber director and lead the Cybersecurity and Infrastructure Security Agency.
Cybersecurity
White House plans order on industrial control systems
The move tracks with a schedule "sprint" on the risks posed by insecure industrial control systems scheduled for this summer by the Department of Homeland Security.
Cybersecurity
Top cyber slots still unfilled amid multiple crises
Chris Krebs, the former CISA director, has been vocal in recent months about the need for his old job to be filled in short order while the administration confronts multiple cybersecurity problems within the federal government.
Cybersecurity
Senators seek details on Einstein's performance and limitations
Ahead of its scheduled reauthorization next year, two senators are seeking detailed information about Einstein, a government cybersecurity program that has come into the spotlight in the wake of the breach involving SolarWinds.
Cybersecurity
CISA, FBI warn of hacking threat against Fortinet product
The advisory warns that an unattributed threat actor is using known vulnerabilities in a Fortinet security product to gain access to government and industry networks.
Cybersecurity
Krebs cautions on push for national cyber director
The former CISA chief expressed confidence in Deputy National Security Advisor Anne Neuberger to help the White House confront the multiple cybersecurity incidents it is facing.
Cybersecurity
Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce
The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.
Cybersecurity
CMMC body hires ex-CISA deputy as first CEO
The governing body in charge of implementing the Defense Department's Cybersecurity Maturity Model Certification program has hired Matthew Travis, former CISA deputy director, as new CEO.
Cybersecurity
Impatient lawmakers press Biden for cyber director nominee
President Joe Biden has said cybersecurity will be a top priority for his administration, but two senior positions focused on the issue remain either vacant or held by an acting official.
Cybersecurity
CISA head: Group of SolarWinds victims is 'solidified'
Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Agency, also said his agency is still working to determine if any federal networks were compromised by vulnerabilities discovered in Microsoft Exchange.
Cybersecurity
An ambitious cybersecurity strategy is just a starting point
With funding and the help of top experts, the Biden administration can make tangible progress toward modernization, but much work remains to be done.
Cybersecurity
Agency hacks could accelerate push to zero trust security model
Chris DeRusha, the federal chief information security officer, said agencies largely have the tools they need to adopt zero trust security protocols but making a change will "require a shift in mindset."
Cybersecurity
Senators press for federal agency accountability over SolarWinds
Three top cybersecurity officials struggled to answer questions from lawmakers about who is to blame for the government's failure to stop the breach of nine federal agencies.
Cybersecurity