Author Archive
Cybersecurity
Hackers Take Data for Further Reconnaissance in Breach of Federal Agency
Initial access to the agency’s system was possibly due to failure to fix a known VPN vulnerability, a patch for which was released in April 2019.
Cybersecurity
FBI Director: Feeding DOD’s Cyber Offense Operations Is Crucial to New Strategy
Senator says legislation is moving forward to thwart intellectual property theft from China and defend federal networks from cyberattacks.
Cybersecurity
Watchdog Highlights Need for Better Cyber Coordination Across Government
A pair of reports point to confusion about the State Department’s new cyber bureau and the vacuum left behind by the eliminated White House cyber coordinator position.
Cybersecurity
FERC Asks Energy Sector to Report Huawei, ZTE Usage
Amid fears over having to replace equipment, Energy official noted no set timeline for implementing next steps on a related executive order.
Cybersecurity
Government Employees May Need to Update Threat Hunting Perspectives
As Congress considers expanding threat hunting programs into the private sector, a majority of federal workers surveyed last year didn’t seem to have a clue about such efforts within their own agencies.
Cybersecurity
CISA Orders Immediate Action to Fix Vulnerability in Windows Directory
The agency has seen code designed to exploit the vulnerability in a system used to permit access to network resources.
Cybersecurity
CISA Data Shows Federal Civilian Agencies Faster Than Industry at Patching
The nation’s risk adviser continues to expand its role in what it’s dubbed the year of vulnerability management.
Cybersecurity
FBI Fights Intellectual Property Theft from University Offices
Director Christopher Wray noted the importance of attribution in the bureau’s strategy amid growing difficulty investigating cyber crime.
Cybersecurity
CISA, FBI Warn Iran-based Threat Actor May Be Planning Ransomware Attacks
The attacker is targeting virtual private networks and cloud computing vulnerabilities, and has been present in victim networks for several months.
Cybersecurity
What's Next for the House-Passed IoT Security Bill
Some security professionals point to broad exemptions in the Senate version of the legislation that could undermine the effort to guide federal procurement decisions.
Cybersecurity
Hackers Connected to China Have Compromised U.S. Government Systems, CISA says
Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.
Featured eBooks
Cybersecurity
DOD Cybersecurity Certification Body Moving Forward Despite Uncertain Funding
It’s unclear where money for crucial tools such as continuous monitoring will come from.
Cybersecurity
Managers Who Stay Connected to Remote Employees Could Reduce Insider Threats, State Official Says
Pandemic-related stress and isolation could push some employees over the edge.
Cybersecurity
Cyber Commission Suggests Reforms to Allow Flexible Pay, Hiring to Boost Workforce
Prospective federal employees might be turned off by cybersecurity jobs being classified as IT.
Cybersecurity
COVID Could Spur Reduced Reliance on Classified Sources of Cyber Intelligence
CISA officials highlighted cloud configuration and VPN vulnerabilities in assessing threats associated with the pandemic.
Cybersecurity
FCC Estimates Replacing Chinese Telecom Equipment Will Cost at Least $1.6 Billion
A key lawmaker echoed calls from the agency’s chairman for Congress to appropriate the money.
Cybersecurity
Big Tech Moves Against Certification as a Government Solution for Cybersecurity
The trade association for the industry’s largest companies recommends relying on vendor declarations.
Cybersecurity
OMB Starts Clock on Agencies Implementing Policies to Welcome Public Security Research
CISA also released a binding operational directive and will start scanning government systems for the policies when time is up in six months.
Cybersecurity
CISA, International Counterparts Highlight Mistakes Organizations Make After a Cyber Intrusion
A lot of what’s necessary to appropriately respond to a cyber incident should happen way in advance.
Cybersecurity