While some may question the rationale behind indicting people in countries that are unlikely to extradite to the U.S., the Federal Bureau of Investigations (FBI) sees value in the activity as one aspect in a national strategy of deterrence, said Tonya Ugoretz, deputy assistant director in the Cyber Division of the FBI. […]
Sens. Marco Rubio, R-Fla., and Chris Van Hollen, D-Md., on April 3 introduced an updated version of their Defending Elections from Threats by Establishing Redlines Act (DETER Act), which they said promises “swift and severe consequences” to Russia and other “foreign actors” if they attack U.S. political candidates, campaigns, or voting infrastructure. […]
As Tax Day approaches, Proofpoint called attention to an increase in tax-related malware and phishing campaigns in a blog post on Wednesday. […]
In a blog post Thursday, Trustwave detailed a new sextortion scam making the rounds. […]
Making artificial intelligence (AI) explainable to the general public has come with its challenges in recent years and knowing where to start includes identifying high-consequence sectors that need future research and policymaker consideration. […]
Defense Department (DoD) officials today underscored the importance of the agency’s ongoing electronic health records (EHR) modernization efforts at a Senate Appropriations Committee Defense Subcommittee hearing on the Defense Health Program FY2020 budget request. […]
The Office of Personnel Management (OPM) will increase the authority CIOs have over direct hiring decisions, according to a post on Federal Register. […]
The Federal Bureau of Investigation’s (FBI) Cyber Guardian program, which provides cyber-attack victim notification services, is operating with “incomplete and unreliable” data, and as a result the FBI is unable to determine whether all such victims are being notified, according to a report released April 1 by the Justice Department’s Office of Inspector General. […]
The General Services Administration (GSA) announced today that it has modernized the Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) to include additional cybersecurity services. […]
According to a new survey by the International Information System Security Certification Consortium (ISC)², women make up about 24 percent of the U.S. cybersecurity workforce currently, as measured among cybersecurity workforce and IT professionals who spend at least 25 percent of their time on security work. […]
The city of Albany, N.Y., confirmed on March 30 that it was hit by a ransomware attack that affected municipal government computers. […]
Chairman of the Committee on Homeland Security, Representative Bennie Thompson, D-Miss., sent a letter to Acting Federal Emergency Management Agency (FEMA) Administrator Peter Gaynor last week to address the sensitive personal data of hurricane and wildfire survivors that was mistakenly shared with contractors. […]
A survey released by cybersecurity technology provider Venafi of 517 IT security professionals finds that 73 percent of those believe that countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. “This is not rocket science; backdoors inevitably create vulnerabilities that can be exploited by malicious actors,” said Kevin Bocek, a vice president at […]
The Federal Trade Commission (FTC) announced Wednesday that Office Depot agreed to pay $25 million to settle allegations that the company “tricked customers into buying millions of dollars’ worth of computer repair and technical services by deceptively claiming their software had found malware symptoms on the customers’ computers.” Support.com, Office Depots’ software supplier, agreed to pay $10 million to settle the same allegations. […]
Women make up less than a quarter of the cybersecurity workforce and while efforts are underway to boost that number, success has been limited. New America, a non-partisan think tank, released a report on Thursday detailing the current status of women in the cyber workforce, efforts to increase the number of women in the field, and steps that can be taken to improve hiring and retention across the industry. […]
In a report released Wednesday, Kaspersky Lab found that malicious activity targeting industrial control systems (ICS) impacted nearly half (47.2 percent) of all computers under its protection in 2018, up from 44 percent in 2017. […]
On Tuesday and Wednesday of this week, the European Union Agency for Law Enforcement Cooperation, better known as Europol, met with the European Cybercrime Centre Advisory Groups on Financial Services, Internet Security and Communication Providers to discuss phishing attacks and how to fight and prevent them. […]
President Trump on March 26 said he was extending by one year–to April 2020–the national emergency regarding cybersecurity threats that was declared by President Obama in 2015 under Executive Order 13694, and amended in 2016 by Executive Order 13757. […]
Congress must take action to ensure that consumer data is being adequately protected at consumer reporting agencies (CRAs), witnesses said at Tuesday’s House Committee on Oversight and Reform Subcommittee on Economic and Consumer Policy hearing. […]
In one of many budget hearings taking place on the Hill this week, the House Appropriations Subcommittee on Financial Services and General Government heard from Russell T. Vought, acting director of the Office of Management and Budget (OMB) regarding the agency’s FY2020 budget request. While the bulk of the hearing didn’t address IT issues, Vought did touch on IT spending, IT modernization, and the President’s Management Agenda (PMA). […]
Ransomware strain LockerGoga has struck two U.S.-based companies in recent days. On March 22, Hexion, a provider of thermoset resins, and Momentive, a provider of silicones and advanced materials, both announced they were the victims of a ransomware attack, which experts believe is the LockerGoga strain. […]
Norwich University Applied Research Institutes (NUARI) has been awarded $5.9 million by the Department of Homeland Security’s (DHS) Science and Technology Directorate (S&T) to expand its Distributed Environment for Critical Infrastructure Decision-Making Exercises (DECIDE) cyber-training platform. […]
The Department of Homeland Security (DHS) issued an alert last week after it was discovered that as many as 750,000 medical heart devices contain critical cybersecurity vulnerabilities. […]
Two men were found guilty on Wednesday of charges related to an international cyber fraud scheme. […]
At the quarterly meeting of the National Institute of Standards and Technology’s (NIST) Information Security and Privacy Advisory Board, researchers said that NIST was working on a new effort to emphasize secure software development on its Cybersecurity Framework. […]
Forcepoint announced Wednesday that the Federal Bureau of Investigation awarded it a 5-year Blanket Purchase Agreement (BPA) worth $23.5 million. […]
The National Security Agency is broadening the menu of technologies it wants to help the private sector develop. […]
Norsk Hydro, an aluminum producer based in Norway, was hit hard by a ransomware attack on Tuesday. […]
The Office of Management and Budget (OMB) said today that cybersecurity-related spending is due to rise by five percent in FY2020 on a government-wide basis under President Trump’s FY2020 budget proposal. […]
The Office of Inspector General (OIG) Export-Import Bank ((EXIM Bank) of the United States released KPMG’s independent audit report on EXIM Bank’s information security program for FY2018 on March 13. In the report, KPMG, a public accounting firm, provided 14 recommendations that “should strengthen…EXIM’s information security program.” […]