Cybersecurity
CISA: SolarWinds Is Not the Only Way Hackers Got Into Networks
The agency also warned that getting attackers out of networks will be complex—especially because they are monitoring IT and cybersecurity employees’ emails.
Cybersecurity
GAO Issues ‘Wake-Up Call’ Report on Agencies’ Lax Supply Chain Security Management
The bottom line is that none of the 23 agencies audited fully implemented foundational risk management practices.
Cybersecurity
Pentagon Preps for First CMMC Pilots in 2021
The Pentagon’s Cybersecurity Maturity Model Certification program will begin including security requirements in select solicitations starting next year.
Cybersecurity
What We Know About the SolarWinds Breach
The White House invoked Presidential Policy Directive-41 to coordinate a "whole of government" response.
Cybersecurity
Senate Bill Targets Government’s Response to Agency-Involved Cyber Incidents
Agencies would see new reporting requirements to keep Congress and impacted individuals more informed about security breaches.
Ideas
The Pandemic May Be the Catalyst for the Digital Government We All Want
As citizens clamor for more online government services, they’re equally and rightfully clear on the need for strong security.
Cybersecurity
CISA Orders Federal Agencies to Turn Off SolarWinds Products
A critical flaw in software used throughout government was reportedly used to breach a major security company and at least two federal agencies.
Cybersecurity
Reports: Suspected Russian Hackers Breach Commerce, Treasury Departments
U.S. officials are investigating what data may have been stolen and whether the hack is more widespread.
Ideas
Your Robot Vacuum Could Spy on You
Researchers managed to recover speech data with high accuracy.
Cybersecurity
Presidential Advisers Make the Case for a New Cybersecurity Center for Sharing Threats
Current federal efforts to help mitigate threats against privately operated critical infrastructure fall short, according to a National Infrastructure Advisory Council report.
Cybersecurity
FBI, CISA, State Leaders Warn Schools About Ransomware Threats
The percentage of ransomware attacks perpetrated against schools more than doubled in 2020.
Cybersecurity
Beware of COVID-19 Vaccine Scammers, FTC Warns
The Federal Trade Commission expects some opportunists to attempt to bilk the public when COVID-19 vaccines are made available.
Ideas
Insecure Communications Like WhatsApp Are Putting U.S. National Security at Risk
The proliferation of consumer-grade communications applications has given rise to widespread, unsanctioned use throughout the military community.
Cybersecurity
NSA Warns That Russian Hackers Are Targeting Virtual Workspaces
The agency urges administrators to prioritize mitigation of a vulnerability affecting six VMware products.
Cybersecurity
CISA Warns of Iran’s Offensive Cyber Capabilities
One observer suggests the alert is meant more for the adversary than defenders.
Cybersecurity
Senate Passes Bill to Stop Scams and Fraud Around Student Debt Relief
It makes some of these sorts of malicious moves punishable by fines or prison.
Cybersecurity
CISA, FBI Warn that U.S. Think Tanks Are in Hackers’ Crosshairs
The agencies share guidance for shoring up defenses in a remote work environment that can disguise attackers.
Cybersecurity
What DOD’s Cyber Certification Program Reveals About Info-Sharing Challenges
As the new regime takes effect, the tech industry’s lead trade association would rather higher level certifications be done by the department than independent third parties.
Cybersecurity
Biden Team Highlights Cybersecurity Focus With First Cabinet Picks
Familiar faces will likely have to revisit efforts around information sharing and establishing global norms.
Cybersecurity