Cyber Threats

Senators’ Plan to Secure Open Source Software Involves Agencies Using More of It

The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source code.

  • By Mariam Baksh

Senate Legislation to Secure Open Source Software Relies on Transparency Initiative

Success would depend to a significant degree on whether agencies require vendors of information and communications technology to provide a software bill of materials with their products and services.

  • By Mariam Baksh

Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds

An audit conducted by the VA’s Office of Inspector General found unaddressed security vulnerabilities and deficient devices at the Harlingen VA Health Care Center.

  • By Edward Graham

CISA, NSA Guidance Tries to Reduce Alternatives for Securing Industrial Control Systems

Policymakers in Congress and the administration are grappling with how to set a performance bar for companies' mitigation of cyber threats against critical infrastructure they own, while allowing flexibility the companies say is needed to run their operations.

  • By Mariam Baksh

DOD’s Digital Threats Are Increasingly Interconnecting, Watchdog Warns

GAO identified six areas that require more oversight, as Defense warfighting operations and national security increasingly hinge on data security.

  • By Alexandra Kelley

Whole-of-Government Effort Targets Iranian Hackers

An unsealed indictment from the Department of Justice accompanied  sanctions and an advisory with international allies warning against government-linked Iranian hackers.

  • By Alexandra Kelley

US Trails China in Key Tech Areas, New Report Warns

Ex-Google, DOD leaders paint dire picture unless U.S. organizes to win technology races.

  • By Patrick Tucker and Lauren C. Williams

A Cyber Workforce Strategy is Coming From the White House, Along with an Implementation Body to Make Sure it Works

The Office of the National Cyber Director has a workforce plan in development that looks to address public sector and private sector gaps in the cybersecurity profession.

  • By Natalie Alms

U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania

The new rules elaborate on what kinds of cyber activities warrant sanctions designation.

  • By Mariam Baksh

How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats

Federal officials remain on guard against foreign meddling in U.S. elections, as CISA and other agencies work to strengthen partnerships and intelligence sharing efforts with state and local election administrators.

  • By Edward Graham

High-Tech Financial Crimes Warrant Coordinated Digital Identity Efforts, FinCEN Warns

Leaders at the Financial Crimes Enforcement Network noted that stronger authentication measures are critical and spurred by emerging technologies.

  • By Alexandra Kelley

DHS Report Offers Electromagnetic Pulse Protection Measures for Critical Infrastructure

The report uses approaches for safeguarding the National Public Warning System as a blueprint for defending other vital systems and services from electromagnetic pulses.

  • By Edward Graham

White House Attributes Attack on Albania’s Critical Infrastructure to Iran 

A statement from the National Security Council noted the potential for deviations from international norms to escalate conflict and promised accountability.

  • By Mariam Baksh

Army Updates Cyber Training After Some Graduates Weren’t Ready for Their Jobs

New classes and updated curriculum reflect evolving threats and lessons from the Ukraine war.

  • By Lauren C. Williams
Featured eBooks
The IT Modernization Mission
Read Now

Ransomware Threat

Read Now

What's Next For Government Cloud

Read Now

Federal Agencies Exploring Computing at the Edge

Read Now

Treasury Reissues Rules to Enforce Cyber Sanctions on Foreign Adversaries  

The rules could apply to any new executive order related to the national security emergency President Obama declared in 2015, in advance of a cybersecurity agreement with China.

  • By Mariam Baksh

NTSB Only Federal Agency Lacking a CISA-Mandated Vulnerability Disclosure Policy

CISA’s 2020 directive required that federal agencies under its authority develop policies allowing researchers to report bugs and flaws in public-facing systems.

  • By Edward Graham

New Guide to Secure Software Development Passes on Content but Fails on Communication, Industry Official Says

The lengthy document may miss its target audience altogether, one industry observer notes.

  • By Mariam Baksh

Housing Agency Didn't Complete Cyber Orders From DHS, Report Says

The agency said that some of its websites failed to comply with binding operational directives from the Department of Homeland Security.

  • By Natalie Alms

NIST to Launch New Guidance on Security Risks of Telehealth and Smart Home Integration

The agency notes that “user experience” improvements may come with less control over privacy and security.

  • By Alexandra Kelley

Much-hyped Effort to Help DHS Land Cyber Talent is Slow to Make Hires

So far about four hires have been made under the Cybersecurity Talent Management System, with the agency hoping to make offers to 150 new cyber specialists by the end of September.

  • By Natalie Alms

House Lawmaker Asks 9 Entities to Illuminate Crypto’s Security Concerns

Rep. Raja Krishnamoorthi issued nine letters to regulatory agencies and crypto trading platforms alike asking for future plans, emphasizing consumer protections.

  • By Alexandra Kelley