Cybersecurity
CISA releases emergency directive on wormable DNS flaw
The directive orders civilian federal agencies to immediately begin patching a critical Remote Code Execution flaw in Windows DNS servers.
Cybersecurity
House's DHS funding bill would create public-private cyber center
The legislation would give $2.25 billion to DHS' cyber wing and set up an integrated cybersecurity center with other agencies, state and local governments and private industry.
Cybersecurity
CISA, USCYBERCOM warn of massive vulnerability for popular networking device
A particularly dangerous vulnerability affecting BIG-IP networking devices likely impacts every major sector in the world, including federal agencies.
Cybersecurity
CISA's hit parade of malware aimed at federal agencies
Data compiled from CISA's Intrusion Detection System highlights the three types of malware attacks most commonly targeted at civilian federal agencies.
Cybersecurity
CDC, IRS and other federal sites spoofed in global phishing scams
New research from Proofpoint has identified numerous phishing email campaigns over the past two months, some of which impersonated and spoofed websites from federal agencies, international governments and public health organizations involved in COVID-19 relief.
Cybersecurity
Best practices for agency implementation of CDM
A seasoned practitioner has some advice on how agencies can optimize their implementations of CDM tools, policies and processes.
Cybersecurity
How COVID-19 is changing the game on ransomware
More money is needed to tackle the problem, especially as states deal with an unprecedented economic crisis caused by the pandemic. It's unclear whether Congress will foot the bill.
Cybersecurity
Amid telework boom, CISA reminds agencies of DNS resolution requirements
The memo notes that CISA will begin issuing reports to agencies highlighting DNS traffic anomalies and could issue a follow up directive as new protections come online.
Cybersecurity
Solarium boosters pivot to acknowledge pandemic parallels
Members of the Solarium Commission are retooling their pitch to focus on recommendations that draw parallels to the current coronavirus crisis.
Cybersecurity
CISA tapped as shared services provider for cyber
The Office of Management and Budget formally designated Cybersecurity and Infrastructure Security Agency as the first Quality Service Management Office for shared services.
Cybersecurity
House Dems seek $400 million to help states deal with cyber threats during COVID-19
The request for new funding comes as state and local governments face an spike in ransomware attacks.
Cybersecurity
CISA looks to help secure federal telework
New guidance allows teleworking feds to connect and access agency and cloud resources from their homes while staying in compliance with the Trusted Internet Connection program.
Cybersecurity
CISA to release emergency TIC guidance for telework surge
The guidance will expire at the end of the year and will address capabilities such as email, networking, DNS, intrusion detection and data protection.
Cybersecurity
CISA looks to industry for anti-troll tools
The agency is looking to bolster its technical capabilities to identify foreign propaganda online that targets specific audiences in the U.S.
Cybersecurity
CISA stress tests DHS telework capacity
Not every agency will be ready to flip the switch from F2F to WFH, according to experts and former officials.
Cybersecurity
Ransomware top of mind for DHS cyber chief
The director of the Cybersecurity and Infrastructure Security Agency said the organization has been “a little bit late to the game” recognizing the potential of ransomware to directly touch the lives of citizens, but that’s changing.
Cybersecurity
TIC 3.0 and zero-trust networking
Commentators on the new Trusted Internet Connection policy have noted that "zero-trust" strategies might not be a perfect fit.
Cybersecurity
CISA leans into facilitator role in election security plan
A strategic plan for protecting the 2020 elections from foreign interference lays out a number of plans to support and empower other stakeholders from hacks, influence operations and other threats.
Cybersecurity
Budget request emphasizes cyber, network security efforts
The document provides a peek at how the administration would prioritize cybersecurity spending across DHS, Energy, Treasury and other departments.
Cybersecurity