Cyber Threats

Congress Losing a Heavy Hitter on Cybersecurity

Rep. Jim Langevin, co-chair and founder of the House Cybersecurity Caucus, will not seek re-election.

Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker

A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.

3 Strategies for Securing the Supply Chain, Security’s Weakest Link 

Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.

FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill

However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.

NSA, CISA, FBI Issue Joint Advisory Against Russian Hackers Amid Growing Tensions

The warning comes as a military build-up occurs at the Russian-Ukrainian border.

NIST Updates Cybersecurity Engineering Guidelines

Amid constant cybersecurity threats, NIST added more insight for engineers and programmers on how to mitigate system vulnerabilities.

How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy

Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.

FTC warns of legal risks of failing on Log4j mitigation

The Federal Trade Commission issued a warning this week urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.

AI-Powered Automation Can Be Both a Part of the Problem and Part of the Solution

There are real security concerns that should be addressed ahead of further government adoption of a truly automated future.

What Is Log4J, How Bad It Is and What’s at Stake?

Log4Shell is the latest hacker exploit rocking the internet, and it’s arguably the worst yet. The vulnerability is in an obscure piece of software used on millions of computers.

The Implications of Publicly Disclosing Cyberattacks

Officials must weigh the benefits and risks on a case-by-case basis.

Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive

The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.

U.S., Australian Law Enforcement Enter Into Partnership Against Cybercrimes

The U.S. and Australian government partnered under the CLOUD Act, which facilitates electronic communication and data sharing between nations to investigate various crimes.

NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Security Guidance

The agencies got specific about who is responsible for what in a four-part series on securing the inherently cloud-based environments.

Cream Cheese is the Just the Smooth Tip of a Sharp Problem

With ransomware hackers varying their targets to include operational technology used by U.S. factories and manufacturers, is an OT executive order needed to help combat them?

Federal Cybersecurity Advisor Floats Executive Order on Cloud Service Providers

The idea sprung from a sense of moral outrage Cybersecurity and Infrastructure Security Agency Director Jen Easterly identified with.