Vulnerability

DHS Asks for Feedback on Vulnerability Disclosure Program

Officials plan to create a public form where security researchers can submit weaknesses they uncover in the agency’s IT infrastructure.

App Failure Led to Long Airport Lines In Third CBP System Crash In Three Years

Technicians were able to reboot the system in a matter of hours but the crash led to significant delays for travelers Friday.

New Tool Reveals Big Vulnerabilities In Mobile Apps That Use Multiple Clouds

The remote servers that power thousands of popular apps harbor a rats’ nest of vulnerabilities.

Postal Service Watchdog Finds New Vulnerability During Security Audit

The inspector general warned exposure could “have a serious negative impact to the Postal Service brand.”

CISA: Small Planes Vulnerable to Flight Data Manipulation

Pilots would be unable to tell the difference between the real and fake readings, “which could result in loss of control of the affected aircraft,” CISA officials warned.

Census Chief Assures Lawmakers IT and Cyber Risks are Under Control

But with less than a year until the 2020 count kicks off, the bureau still has little room for error, the Government Accountability Office warns.

Government May Tap Older Tech to Secure Modern Infrastructure

There might be something to keeping physical switches in power grids.

FDA Warns Certain Insulin Pumps Could Be Hacked

The Food and Drug Administration warned that some Medtronic insulin pumps could be manipulated by bad actors. 

Report: Code Responsible for Equifax Breach Downloaded 21 Million Times Last Year

The situation highlights the challenge of securing open source software, which underlies virtually every IT system in government.

Agencies Are Leaving Sensitive Data Vulnerable to Hackers, Congress Says

Amid growing threats from China, Iran and Russia, most agencies are struggling to put in place even the most basic cybersecurity measures, according to congressional researchers.

Featured eBooks

Bill Advances to Create Vulnerability Disclosure for Federal Internet of Things

Once established, federal agencies would have to make sure vendors were participating and in compliance before purchasing IoT-capable devices.

Cyber Weaknesses That Led to Breaches at NASA’s JPL Persist, Says IG

The federally-funded research center is at the forefront of space exploration but continues to struggle with some basic cybersecurity practices.

NIST Asks for Input on Building Secure Software

The draft framework is intended to both instruct developers on building safe tech and help IT buyers, like the government, know which companies they can trust.

NSA Issues Warning to Patch Legacy Windows Systems Over ‘Wormable’ Threat

The National Security Agency is warning Microsoft Windows administrators to patch and update systems due to a new vulnerability called “BlueKeep.”

NSA Deflects Blame for Baltimore Ransomware Attack

The city of Baltimore had more than two years to defend itself against the attack, and it’s officials’ fault they dropped the ball, according to NSA cyber chief Rob Joyce.

EPA Cybersecurity Weaknesses Are Going Untracked and Unpatched

One EPA employee said their office was tracking vulnerabilities on their own to avoid oversight from other agency components.

Inside the Government's Open Source Software Conundrum

How do agencies make sure the crowdsourced code that underlies nearly every piece of tech on the market is safe to use?