Cyber Threats

Threat actor targeted DOD contracting website

Malware leveraging flaws in edge routers has been spying on military contracting websites, according to research from Lumen's Black Lotus Labs.

IRS must speed up efforts to resolve IT security weaknesses across the agency, watchdog says

The IRS’s failure to expeditiously resolve weaknesses in its IT systems puts the agency “at risk for exploitation by threat actors,” according to an audit by the Treasury Inspector General for Tax Administration.

North Korea's cyber-enabled sanction evasion requires tougher response, lawmakers and experts say

Pyongyang’s growing reliance on cybercrimes to circumvent international sanctions should push the U.S. and its allies to fully enforce existing sanctions and review whether more regulations are needed to govern digital currencies.

SEC announces new cyber reporting rules for companies

After noting the increasing number of cyberattacks on U.S. networks, the SEC is asking company leadership for quick cyber incident disclosures and more documentation. 

There’s something DHS can do to help civilian agencies fight cyberattacks

The Homeland Security Department has the power to do a lot more than just issue words of warning. 

No 'systemic risk' to government networks from latest breach, CISA says

The nation’s cyber defense agency confirmed it was providing assistance to several federal agencies that have been impacted in an apparent global cyberattack.

Interior faces 'disturbing' cyber risks due to cracked passwords and vulnerable assets

Recent reports reveal the Department of Interior is not enforcing multifactor authentication for its high-value assets and has a range of other significant cybersecurity risks.

AI and China are ‘defining challenges of our time,’ CISA director says

Artificial intelligence’s potential as an “extinction event” for humanity prompted CISA Director Jen Easterly to advise companies to “think about self-regulation” for product security and safety.

Unmonitored networks put US nuclear arsenal at risk, GAO finds

A Government Accountability Office report found that the Energy Department cannot effectively monitor potential insider threats to U.S. nuclear security because department staff “have not identified the total number of DOE’s stand-alone classified networks.”

Agencies Warn of State-Sponsored Volt Typhoon’s Hacking Tactics

In collaboration with international and private sector partners, CISA released a new advisory warning network defenders of PRC-linked Volt Typhoon’s infiltration tactics. 

Report Estimates Trillions in Indirect Losses Would Follow Quantum Computer Hack

An analysis projects the hypothetical disruption a cyberattack from a quantum computer could have on global financial markets.

‘Continuing Significant Deficiencies’ Hamper VA’s Information Security Controls, Audit Finds

An audit released by the VA Office of Inspector General found that the department “needs to implement improved controls” to address persistent gaps in its information security program.

Quantum Cryptography Market to Exceed $3B by 2028

The growth reflects rising concern about the potential threat posed by fully realized quantum computers.

Federal Operation Takes Down Sophisticated Russian Malware

Snake malware has plagued international digital networks for nearly two decades; a joint federal effort finally dismantled the web of espionage spyware.

State-Sponsored Actors Leading Cause of Cyber Concern in Public Sector

A new SolarWinds report details how foreign hackers have become the largest concern among government entities, and how zero-trust strategies have become the most popular defense.

CISA, FBI Need Data from Cybercrime Victims to Support Policy

The federal agencies tasked with tracking and preventing cybercrime rely on collaboration and data sharing to protect U.S. digital networks.

US Marshals to Unveil ‘Fully Reconstituted System’ Following Ransomware Attack

Offline since February, the new system will have improved cybersecurity countermeasures.