Mike Duffy, acting deputy director for the Department of Homeland Security’s Federal Network Resilience Division, said today that many Federal agencies are expecting to have all of their .gov domains protected from email spoofing campaigns, ahead of an October 16 deadline to do so. […]

The Department of Justice (DoJ) announced yesterday that Yanjun Xu, a Chinese Ministry of State Security (MSS) operative, was extradited to the United States Tuesday on charges of conspiring and attempting to commit economic espionage and steal trade secrets from U.S. aviation and aerospace companies–including GE Aviation. […]

McAfee and the Center for Strategic and International Studies (CSIS) today released a new report about modernizing Social Security Numbers (SSN) in light of growing privacy and security concerns over using SSNs as a de facto personal identifier. The […]

The Department of Justice (DoJ) announced today that Romeo Vasile Chita, a Romanian national, was returned to the United States last Friday to face Federal charges of racketeering, wire fraud conspiracy, conspiracy to launder money, and conspiracy to traffic in counterfeit services charges. […]

A new survey from One Identity, a maker of identity and access management (IAM) solutions, finds that 77 percent of IT security professionals polled in the United states, Europe, and elsewhere said it would be “easy” for them to steal sensitive information from their companies if they were to leave those organizations. […]

The Department of Homeland Security’s (DHS) deadline for agencies to adopt Domain-based Message Authentication, Reporting, and Conformance (DMARC) and have policies set to “enforcement” levels is one week away, and new research from Valimail says only half of agencies have deployed the new standards. […]

Gov. Jerry Brown on Sept. 28 signed into law S.B. 327, which will ban companies from selling Internet-connected devices with weak or default passwords, such as “Password” or “1234567.” Instead, beginning on Jan. 1, 2020, all devices must have a “preprogrammed password [that] is unique to each device manufactured.” A primary concern with weak pre-programmed passwords is that users don’t change them to strong, unique passwords after purchasing the device. […]

Apple told congressional leaders in a letter dated today that a story last week by Bloomberg Businessweek–reporting that chips made by a Chinese firm and used in Apple equipment were engineered to enable backdoor data transmissions to China–is “not true.” […]

A new, stealthy Internet of Things (IoT) botnet has emerged with the capability of stealing information from a wide range of devices, underscoring the need for the Federal government to provide guidance on how agencies can reduce risks associated with the deployment of their IoT networks. […]

Christopher Krebs, Department of Homeland Security under secretary for the National Protection and Programs Directorate (NPPD), said Thursday that NPPD is focusing on the cybersecurity fight of both today and tomorrow, through the various coordinating centers that fall under NPPD’s purview. […]

The Department of Justice (DoJ) today announced that a grand jury has indicted seven officers, all Russian nationals and residents, in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation. […]

Following the long-awaited passage of the Cybersecurity and Infrastructure Security Agency (CISA) Act in the Senate, the head of the organization set to be elevated as the nation’s official cybersecurity agency expressed his satisfaction at how congressional approval of a simple name change will reinforce the authority of the Federal government’s lead organization in cyberspace. […]

The Senate passed the Cybersecurity and Infrastructure Security Agency Act (CISA Act) on Wednesday by unanimous consent but included some amendments, setting up a few remaining steps before the bill reaches President Trump’s desk. […]

California Governor Jerry Brown on Sept. 29 signed S.B. 1001 into law. The legislation prohibits automated accounts–colloquially known as bots–from pretending to be human when attempting to “incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election.” […]

The Office of Personnel Management (OPM) will in the coming weeks release a new regulation that will allow the Federal government to directly hire cybersecurity personnel, significantly slimming a lengthy hiring process that has bogged down the Federal government. […]

At the National Association of Corporate Directors Global Board Leaders Summit on Monday, Federal Bureau of Investigations (FBI) Director Christopher Wray stressed that the FBI and corporate executives must work together to keep companies safe from cybercrime. Wray called on executives to report cyber incidents to the FBI as soon as possible, explaining that the FBI needed the info to have a clear understanding of the current threat landscape. […]

President Trump on Friday declared October 2018 as National Cybersecurity Awareness Month – marking the 15th consecutive year of that designation. […]

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) yesterday issued a warning that cyber actors are increasingly exploiting the Remote Desktop Protocol (RDP) to conduct malicious activity. […]

The Senate Homeland Security and Governmental Affairs Committee on Wednesday voted to approve a handful of bills that place a strong emphasis on cybersecurity, IT supply chain security, and the enhancement of digital citizen services. […]

The Senate Armed Services Committee’s cybersecurity and personnel subcommittees held a joint hearing today to examine the cyber operational readiness of the Department of Defense and heard from leaders of both the military and civilian side of the DoD cyber force about the mounting challenges they face. […]

The software industry group BSA | The Software Alliance offered its support for the Cybersecurity and Infrastructure Act in the Senate. […]

The Department of Justice (DoJ) announced Friday that Ruslans Bondars, the operator of counter- antivirus service “Scan4you,” was sentenced to 14 years in prison. […]

A new survey conducted by the International Information System Security Certification Consortium, also known as (ISC)², found that 50 percent of well-performing organizations surveyed have successfully recruited government cybersecurity talent. […]

The National Cyber Strategy policy document released by the White House late Thursday tracks in tone and wording with the tough stance adopted in the Defense Department’s cyber strategy announced earlier this week–including its adoption of a more offensive-minded position than previous written policies–and appears to respond in tone to demands from across the political spectrum that the U.S. fashion policy that will do a better job in creating a deterrence effect against adversaries. […]

The general election in 2016 was a watershed moment for Federal, state, and local election officials. […]

According to a new study prepared for the National Institute of Standards and Technology (NIST), the agency’s development of the Advanced Encryption Standard (AES) has created an estimated $250 billion in economic impact over the last 20 years. […]

The Department of Defense released the latest chapter of its cyber strategy on Tuesday, which takes a more offensive stance than its 2015 predecessor and directs DoD to “defend forward, shape the day-to-day competition, and prepare for war” in cyberspace. […]

Researchers at cybersecurity firm Tenable published an advisory Monday revealing a software vulnerability affecting a popular brand of surveillance cameras, whcih could be exploited to gain access to video feeds and potentially “allow attackers to remotely view feeds and tamper with recordings.” […]

Sen. John Cornyn, R-Texas, today introduced the Advancing Cybersecurity Diagnostics and Mitigation Act in the Senate. The House version of the bill (HR 6443), sponsored by Rep. John Ratcliffe, R-Texas, passed the House earlier this month. […]

Department of Homeland Security Secretary Kirstjen Nielsen today swore in eight new members to the the Homeland Security Advisory Council (HSAC): Jayson P. Ahern, Stewart A. Baker, Frank J. Cilluffo, Mark J. Dannels, Carol DiBattiste, Cathy Lanier, Wendy Smith-Reeve, and Chad Sweet. […]