Homeland Security

CISA, FBI Warn Iran-based Threat Actor May Be Planning Ransomware Attacks 

The attacker is targeting virtual private networks and cloud computing vulnerabilities, and has been present in victim networks for several months.

Hackers Connected to China Have Compromised U.S. Government Systems, CISA says

Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.

Bill Would ‘Jumpstart’ Planning Process for Beefing up Border Security Tech

The bill, announced by Rep. Elissa Slotkin, would require the Homeland Security Department to develop a comprehensive border security technology strategy.

Diving into Government’s Trusted Internet Connections Standard 3.0 

The policy lays out the framework for security, but allows agencies to fill in the details based on their unique missions.

COVID Could Spur Reduced Reliance on Classified Sources of Cyber Intelligence

CISA officials highlighted cloud configuration and VPN vulnerabilities in assessing threats associated with the pandemic.

DHS Files Rule Proposing Increasing Scope of Biometric Information Collection 

The Homeland Security Department posted the full text of a proposal to the Federal Register that would give it the ability to collect more biometric information from immigrants.

DHS, USCIS Want to Collect More Biometric Information from Immigrants

The Homeland Security Department will propose a rule change that would allow U.S. Citizenship and Immigration Services  to collect voice, iris and facial recognition scans. 

Customs Deploying Biometric Tech at Ports Without Fully Addressing Privacy Requirements, GAO Finds

A new audit shows Customs and Border Protection isn’t providing enough transparency to travelers regarding facial recognition technology at ports.

OMB Starts Clock on Agencies Implementing Policies to Welcome Public Security Research

CISA also released a binding operational directive and will start scanning government systems for the policies when time is up in six months.

What Agencies Need to Know About TIC 3.0 and Enabling Technology

The third version of the Trusted Internet Connection policy brings government IT closer to the capabilities available to the private sector. 

CISA, International Counterparts Highlight Mistakes Organizations Make After a Cyber Intrusion

A lot of what’s necessary to appropriately respond to a cyber incident should happen way in advance.

DHS Shares People’s Personal Information with 11 Government Programs, Saving Taxpayers Millions

The agency released its annual report on automated data sharing, touting the economic benefits by reducing costs and erroneous and duplicative payments.

Cyber Defenders

In this ebook, Nextgov talks to top cyber-focused officials about the programs that aim to secure federal information and networks.

Federal Agencies Warn North Korean Hackers Have Upgraded Their Cash-Out Schemes

A joint alert shared details of tactics and malware used by a state subgroup the U.S. government calls the BeagleBoyz.

Critical Update: Why a Government Vulnerability Disclosure Program Is a Big Deal

The new policy could change the government’s relationship with hackers but some agencies have reservations.  

CISA Warns of Vulnerabilities in Popular Domain Name System Software 

Security advisories note attackers could remotely exploit flaws to cause a denial of service.