The Biden administration took formal steps today to pin the Microsoft Exchange software supply chain hack disclosed earlier this year on people connected with the Chinese government’s Ministry of State Security (MSS). […]
Major General Ryan Heritage was named commander of the United States Marine Corps (USMC) Cyberspace Command July 7, the unit announced. He will report directly to Gen. Paul Nakasone, who heads up the U.S. Cyber Command. […]
Rep. John Katko, R-N.Y., ranking member of the House Committee on Homeland Security, called for increased funding for the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), saying CISA “needs to be a $5 billion agency in the next five years.” […]
The U.S. State Department said on July 15 it is offering up to $10 million in reward money for information that leads Federal authorities to anyone who is conducting cyberattacks against U.S. critical infrastructure at the behest of foreign governments. […]
The Senate Homeland Security and Governmental Affairs Committee on July 14 voted to approve the Civilian Cyber Security Reserve Act which would establish a pilot program to create a civilian reserve of cybersecurity experts that could be deployed to the Federal government as “surge capacity” in the event of significant security incidents. […]
The Department of Justice (DoJ) and Department of Homeland Security (DHS) have launched a one-stop shop at StopRansomware.gov for individuals, businesses, and organizations to help combat the increasing trend of ransomware attacks, the DoJ announced today. […]
With many more people teleworking in 2020 due to the COVID-19 pandemic, cyberattack surfaces changed and expanded, and as many worked from home with Internet of Things (IoT) devices abandoned at the office, threat actors took advantage. Part of the fallout from those realities, according to two Zscaler studies, was that malware attacks on IoT devices connected to corporate networks increased by 700 percent year-over-year in 2020, compared to the firm’s 2019 study. […]
The Department of Defense’s (DoD) efforts to defend the cybersecurity of critical infrastructure in the U.S. require a stronger implementation strategy in its collaboration efforts with the Department of Homeland Security (DHS), according to an audit by the Office of the Inspector General (OIG). […]
The Senate Homeland Security and Governmental Affairs Committee today approved two bills that aim to improve the cybersecurity of K-12 education institutions and to train Federal employees to better protect supply chains. […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on July 13 ordering Federal agencies to disable the Microsoft Windows Print Spooler service, after discovering a vulnerability that allows attackers to remotely take over systems and enable adversaries to compromise the entire identity infrastructure of an agency. […]
The House Appropriations Committee spent July 13 marking up the fiscal year 2022 (FY2022) budgets for the Department of Homeland Security (DHS) and the Department of Defense (DoD). […]
Websites on the dark web associated with ransomware gang REvil disappeared on July 13, according to analysts. It is not immediately clear who is responsible for the takedowns. […]
NASA is looking for a contractor who can provide cybersecurity and privacy support for all of its centers and facilities, according to a recent request for proposals (RFP) on SAM.gov. […]
Department of Defense cybersecurity veteran Maj. Gen. Neil Hersey has been named the new deputy commanding general for Operations at Army Cyber Command. He transitioned to the role in June, after two years as commanding general at the Army Cyber Center of Excellence in Fort Gordon, Ga., according to his bio. […]
President Biden said today he was “optimistic” after speaking with Russian President Vladimir Putin about the United States government’s expectations for cooperation from Russia in the event of ransomware attacks that emanate from Russian territory. […]
A Department of Defense (DoD) Office of Inspector General (OIG) report found that 3D printers pose a cybersecurity risk to the agency, after discovering DoD employees were not properly securing the IT systems used to develop 3D products, and were unaware the 3D printers even had IT systems that could be hacked. […]
White House national security staff took the Biden administration’s strategic thinking on ransomware prevention to the local government mayors this week, as administration advisors continued to work through a long list of policy items aimed at curbing the attacks and making them less profitable. […]
After conducting its first bug bounty program last year, the Defense Advanced Research Projects Agency (DARPA) announced that it is open sourcing the Finding Exploits to Thwart Tampering (FETT) Bug Bounty evaluation platform. […]
According to a joint advisory from the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and U.K.’s National Cyber Security Centre (NCSC), hackers from the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit – widely known as Fancy Bear or APT28 – utilized Kubernetes clusters to infiltrate targets in their global brute force campaign from mid-2019 through early 2021. […]
The White House and key Federal agencies have been working since July 2 to assist in the response to the Kaseya ransomware attack, as President Biden gets set to meet this week with an interagency group taking a longer look at the ransomware problem. […]
The Department of Homeland Security (DHS) onboarded over 300 new cybersecurity employees, and made an additional 500 tentative job offers, during its 60-day Cybersecurity Workforce Sprint, exceeding the sprint’s original goal by 50 percent. […]
The SolarWinds software supply chain hack represented a seismic shift in cybersecurity awareness for public and private sector organizations. The attack, which compromised thousands of organizations, including at least nine Federal agencies – laid bare the reality that organizations may be compromised even if they don’t know it yet, and even if they are diligent about cybersecurity. […]
The recent Executive Order on Improving the Nation’s Cybersecurity directs agencies to move to zero trust security architectures, in which no person or device is automatically trusted. However, many agencies were already well on their way to zero trust, said Drew Epperson, senior director of Federal engineering and chief architect for Palo Alto Networks Federal. In a new MeriTV interview, Epperson addresses the current state of zero trust in the Federal government and offers practical steps agencies can take to accelerate zero trust adoption. […]
In light of recent cyberattacks against Federal agencies, the Department of Defense (DoD) is increasing its requirements for private sector contractors to ensure they are adequately securing and protecting contractor and DoD data. […]
Jen Easterly will be confirmed as the next director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) when the Senate reconvenes on July 12, according to Sen. Angus King, I-Maine. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released a request for information (RFI) to identify potential vendors to support the secure and reliable operation of the dot-gov top-level domain (TLD). […]
Sens. Gary Peters, D-Mich., and Ron Johnson, R-Wis., introduced bipartisan legislation on July 1 that would create a cyber training program for Federal employees, aimed to help protect the Federal government against cyberattacks and supply chain security vulnerabilities. […]
The United States remains the global leader in cyber capabilities, retaining its “clear superiority” over other nations, but China may soon leave the “second-tier” of cyber power with its growing digital infrastructure, according to a new report. […]
The Government Accountability Office (GAO), in summarized testimony prepared for a House Veterans Affairs Committee on July 1, said the Department of Veterans Affairs (VA) has made much progress in recent years to address GAO recommendations on improving cybersecurity, but still has a significant to-do list to tackle on the security front. […]
While cybersecurity has been a hot topic stateside for years, a survey from the International Telecommunication Union (ITU) finds that many national governments around the world also are increasingly engaged, with about half of them having adopted national cyber incident response plans – a figure that has risen 11 percent since 2018. […]