Vulnerability

Postal Service Watchdog Finds New Vulnerability During Security Audit

The inspector general warned exposure could “have a serious negative impact to the Postal Service brand.”

CISA: Small Planes Vulnerable to Flight Data Manipulation

Pilots would be unable to tell the difference between the real and fake readings, “which could result in loss of control of the affected aircraft,” CISA officials warned.

Census Chief Assures Lawmakers IT and Cyber Risks are Under Control

But with less than a year until the 2020 count kicks off, the bureau still has little room for error, the Government Accountability Office warns.

Government May Tap Older Tech to Secure Modern Infrastructure

There might be something to keeping physical switches in power grids.

FDA Warns Certain Insulin Pumps Could Be Hacked

The Food and Drug Administration warned that some Medtronic insulin pumps could be manipulated by bad actors. 

Report: Code Responsible for Equifax Breach Downloaded 21 Million Times Last Year

The situation highlights the challenge of securing open source software, which underlies virtually every IT system in government.

Agencies Are Leaving Sensitive Data Vulnerable to Hackers, Congress Says

Amid growing threats from China, Iran and Russia, most agencies are struggling to put in place even the most basic cybersecurity measures, according to congressional researchers.

Bill Advances to Create Vulnerability Disclosure for Federal Internet of Things

Once established, federal agencies would have to make sure vendors were participating and in compliance before purchasing IoT-capable devices.

Cyber Weaknesses That Led to Breaches at NASA’s JPL Persist, Says IG

The federally-funded research center is at the forefront of space exploration but continues to struggle with some basic cybersecurity practices.

NIST Asks for Input on Building Secure Software

The draft framework is intended to both instruct developers on building safe tech and help IT buyers, like the government, know which companies they can trust.

Featured eBooks

NSA Issues Warning to Patch Legacy Windows Systems Over ‘Wormable’ Threat

The National Security Agency is warning Microsoft Windows administrators to patch and update systems due to a new vulnerability called “BlueKeep.”

NSA Deflects Blame for Baltimore Ransomware Attack

The city of Baltimore had more than two years to defend itself against the attack, and it’s officials’ fault they dropped the ball, according to NSA cyber chief Rob Joyce.

EPA Cybersecurity Weaknesses Are Going Untracked and Unpatched

One EPA employee said their office was tracking vulnerabilities on their own to avoid oversight from other agency components.

Inside the Government's Open Source Software Conundrum

How do agencies make sure the crowdsourced code that underlies nearly every piece of tech on the market is safe to use?

CISA Cuts Deadline For Patching Critical Weaknesses In Half

A new binding operational directive requires agencies to patch critical vulnerabilities in just over two weeks.

Researchers: Flaws In Vendor Security Software Could Leave Some Federal Buildings Vulnerable

Poor credential management could let bad actors enter secure buildings, lock doors and download or change federal employee and contractor data.

The Pentagon Has More than 250 Cyber Gaps in Its Networks, Watchdog Says

The Defense Department has a lot of work to do to remedy some years-old cyber issues.