Author Archive
David DiMolfetta
Cybersecurity Reporter, Nextgov/FCW
David DiMolfetta covers cybersecurity for Nextgov/FCW. Previously, he researched The Cybersecurity 202 and The Technology 202 newsletters at The Washington Post and covered AI, cybersecurity and technology policy for S&P Global Market Intelligence. He holds a BBA from The George Washington University and an MS from Georgetown University. Get in touch with him on X/Twitter: @ddimolfetta
Cybersecurity
DHS cyber review board cleaned out in Trump move to eliminate ‘misuse of resources’
The board was actively investigating a Chinese hack into telecommunications systems.
- By David DiMolfetta
People
2 CIOs elevated to acting agency heads as Trump takes office
The tech leaders at USDA and USAID will head their agencies in an acting capacity until the Senate confirms Trump’s nominees for the permanent roles.
- By David DiMolfetta
People
TSA head who oversaw pipeline cyber rules pushed out by Trump
The TSA under David Pekoske oversaw sweeping pipeline and rail cybersecurity directives as part of a broader Biden-era push to bolster U.S. cyber posture. It’s unclear why he was asked to leave.
- By David DiMolfetta
People
Trump’s DHS pick says CISA is ‘far off-mission’ and should be smaller
Current South Dakota Gov. Kristi Noem wants CISA to be “refocused” on critical infrastructure and to no longer address mis- or disinformation efforts online.
- By David DiMolfetta and Edward Graham
Cybersecurity
US sanctions Chinese firm behind sweeping Salt Typhoon telecom hacks
The Treasury Department also sanctioned an individual involved in recent Chinese hacks into its own systems.
- By David DiMolfetta
Cybersecurity
Space companies say cyber threat intelligence is often overclassified, unactionable
Space and aerospace industry feedback from a series of government-run workshops noted that such threat intelligence is difficult to translate into actionable cyber efforts.
- By David DiMolfetta
Cybersecurity
Biden signs executive order inspired by lessons from recent cyberattacks
The order gives CISA more eyes to hunt cyber threats on government networks and directs agencies and contractors to be more transparent about the security of their software stockpiles.
- By David DiMolfetta
People
Trump pick for CIA chief pledges to remain apolitical amid past controversies
John Ratcliffe was questioned over whether he’d remain an impartial national security official after past incidents as Trump’s former director of national intelligence.
- By David DiMolfetta
Cybersecurity
FBI deleted Chinese malware from 4,200 US computers
The malware’s command server appears to be based in Tokyo and was accessed by French authorities who helped craft the code needed to remove the infection.
- By David DiMolfetta
Cybersecurity
Forthcoming executive order seeks to plug holes in federal cyber practices
The eleventh-hour cybersecurity executive action asks agencies to rethink software procurement, supply chains and AI, among other things.
- By Natalie Alms, David DiMolfetta and Alexandra Kelley
Cybersecurity
US has ‘a lot of work to do’ on cyber defenses, departing cyber czar says
Outgoing National Cyber Director Harry Coker thinks his office needs more influence over the federal cyber budget but not necessarily more authority on offensive cyber operations.
- By David DiMolfetta
Featured eBooks
Cybersecurity
White House unveils Cyber Trust Mark program for consumer devices
The label is designed to help consumers make more cybersecure choices when they pick products off the shelf.
- By David DiMolfetta
Exclusive
Cybersecurity
GAO mulls cost evaluation of nationwide telecom hardware replacement
One major vulnerability exploited by China’s Salt Typhoon hacking unit is a Cisco hardware flaw that can’t be patched and requires physical replacement, according to a person with knowledge of the intrusions.
- By David DiMolfetta
Cybersecurity
US sanctions Chinese company that helped facilitate espionage hacks
Integrity Technology Group, known to researchers as Flax Typhoon, contracted with China’s Ministry of State Security to carry out infiltrations into internet of things devices, the FBI previously said.
- By David DiMolfetta
Cybersecurity
Lawmakers request briefing from Treasury secretary on Chinese hack
The compromised third-party offering was a commercial remote services tool not listed in the marketplace for FedRAMP, the government’s cloud security compliance framework.
- By David DiMolfetta
Cybersecurity
Chinese-sponsored hackers accessed Treasury documents in ‘major incident’
The incident comes in the final days of the Biden presidency and as officials work to root out China-tied hackers from U.S. telecommunications systems.
- By David DiMolfetta
Cybersecurity
Major cyber news drops under the buzzer for 2024
A ninth U.S. telecommunications provider fell onto Salt Typhoon’s victim list, and the UN’s controversial cybercrime treaty was adopted.
- By David DiMolfetta
Cybersecurity
Hundreds of organizations were notified of potential Salt Typhoon compromise
Some of the exploited vulnerabilities have had fixes available for several years. One provider’s management system was protected with a basic numeric password.
- By David DiMolfetta
Cybersecurity
US charges Israeli-Russian national with making software for LockBit ransomware gang
LockBit has made headlines for years, allowing purveyors of its malware to haul away millions of dollars from victims.
- By David DiMolfetta
Cybersecurity
Congress approves 2025 NDAA with important cyber provisions
Left out was language that would have helped clarify the scope and reach of a controversial surveillance power that was renewed in April.
- By David DiMolfetta