The recent Department of Homeland Security alert describing ongoing cyberattacks on global managed service providers highlights the need for the U.S. government to take a lead role in protecting internet infrastructure, according to some industry cybersecurity experts. […]
Senators Richard Blumenthal, D-Conn., and Marco Rubio, R-Fla., asked the chief executive officer of Super Micro Computer in an Oct. 9 letter whether the company has ever found evidence of tampering of components or firmware that targeted the company’s products, among other questions stemming from a Bloomberg Businessweek article reporting that chips made by a Chinese firm and allegedly used by numerous U.S. companies and government agencies were engineered to enable backdoor data transmissions to China. […]
Mike Duffy, acting deputy director for the Department of Homeland Security’s Federal Network Resilience Division, said today that many Federal agencies are expecting to have all of their .gov domains protected from email spoofing campaigns, ahead of an October 16 deadline to do so. […]
Three Senate Democrats asked Federal Trade Commission (FTC) Chairman Joseph Simons in an Oct. 10 letter to open an investigation into Google’s disclosure earlier this week that it discovered and patched in March a vulnerability in its Google+ social media platform that may have exposed profile data on up to 500,000 accounts, but did not inform users of the vulnerability in a timely way. […]
The Department of Justice (DoJ) announced yesterday that Yanjun Xu, a Chinese Ministry of State Security (MSS) operative, was extradited to the United States Tuesday on charges of conspiring and attempting to commit economic espionage and steal trade secrets from U.S. aviation and aerospace companies–including GE Aviation. […]
McAfee and the Center for Strategic and International Studies (CSIS) today released a new report about modernizing Social Security Numbers (SSN) in light of growing privacy and security concerns over using SSNs as a de facto personal identifier. The […]
A Defense Department spokesperson responded late Tuesday to a report from the Government Accountability Office that DoD faces challenges in protecting weapons systems from cyber attacks by saying the agency is “continuously strengthening” its defense cybersecurity posture. […]
The Department of Justice (DoJ) announced today that Romeo Vasile Chita, a Romanian national, was returned to the United States last Friday to face Federal charges of racketeering, wire fraud conspiracy, conspiracy to launder money, and conspiracy to traffic in counterfeit services charges. […]
A new survey from One Identity, a maker of identity and access management (IAM) solutions, finds that 77 percent of IT security professionals polled in the United states, Europe, and elsewhere said it would be “easy” for them to steal sensitive information from their companies if they were to leave those organizations. […]
The Department of Homeland Security’s (DHS) deadline for agencies to adopt Domain-based Message Authentication, Reporting, and Conformance (DMARC) and have policies set to “enforcement” levels is one week away, and new research from Valimail says only half of agencies have deployed the new standards. […]
A new report from a group of Federal government and private sector experts details how “precision agriculture,” or agriculture that uses connected technology to improve efficiency, faces new cybersecurity threats and a low degree of awareness in the industry to combat them. […]
Gov. Jerry Brown on Sept. 28 signed into law S.B. 327, which will ban companies from selling Internet-connected devices with weak or default passwords, such as “Password” or “1234567.” Instead, beginning on Jan. 1, 2020, all devices must have a “preprogrammed password [that] is unique to each device manufactured.” A primary concern with weak pre-programmed passwords is that users don’t change them to strong, unique passwords after purchasing the device. […]
Google announced today plans to shut down its Google+ social media platform in August 2019, and that it patched a vulnerability in the service in March that potentially exposed Google+ user data. […]
Apple told congressional leaders in a letter dated today that a story last week by Bloomberg Businessweek–reporting that chips made by a Chinese firm and used in Apple equipment were engineered to enable backdoor data transmissions to China–is “not true.” […]
A new, stealthy Internet of Things (IoT) botnet has emerged with the capability of stealing information from a wide range of devices, underscoring the need for the Federal government to provide guidance on how agencies can reduce risks associated with the deployment of their IoT networks. […]
Christopher Krebs, Department of Homeland Security under secretary for the National Protection and Programs Directorate (NPPD), said Thursday that NPPD is focusing on the cybersecurity fight of both today and tomorrow, through the various coordinating centers that fall under NPPD’s purview. […]
On Wednesday, officials from the Department of Homeland Security (DHS) and the Department of Energy (DoE) met with the Oil and Natural Gas Sector Coordinating Council and announced a collaborative initiative to improve pipeline cybersecurity. […]
The Department of Justice (DoJ) today announced that a grand jury has indicted seven officers, all Russian nationals and residents, in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation. […]
Following the long-awaited passage of the Cybersecurity and Infrastructure Security Agency (CISA) Act in the Senate, the head of the organization set to be elevated as the nation’s official cybersecurity agency expressed his satisfaction at how congressional approval of a simple name change will reinforce the authority of the Federal government’s lead organization in cyberspace. […]
The Senate passed the Cybersecurity and Infrastructure Security Agency Act (CISA Act) on Wednesday by unanimous consent but included some amendments, setting up a few remaining steps before the bill reaches President Trump’s desk. […]
California Governor Jerry Brown on Sept. 29 signed S.B. 1001 into law. The legislation prohibits automated accounts–colloquially known as bots–from pretending to be human when attempting to “incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election.” […]
The Office of Personnel Management (OPM) will in the coming weeks release a new regulation that will allow the Federal government to directly hire cybersecurity personnel, significantly slimming a lengthy hiring process that has bogged down the Federal government. […]
At the National Association of Corporate Directors Global Board Leaders Summit on Monday, Federal Bureau of Investigations (FBI) Director Christopher Wray stressed that the FBI and corporate executives must work together to keep companies safe from cybercrime. Wray called on executives to report cyber incidents to the FBI as soon as possible, explaining that the FBI needed the info to have a clear understanding of the current threat landscape. […]
President Trump on Friday declared October 2018 as National Cybersecurity Awareness Month – marking the 15th consecutive year of that designation. […]
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) yesterday issued a warning that cyber actors are increasingly exploiting the Remote Desktop Protocol (RDP) to conduct malicious activity. […]
Facebook said it informed users on Friday the company discovered attackers using a new technique to potentially take over user accounts–putting 50 million accounts at risk and forcing the company to take preventative action on 90 million accounts. […]
The Senate Homeland Security and Governmental Affairs Committee on Wednesday voted to approve a handful of bills that place a strong emphasis on cybersecurity, IT supply chain security, and the enhancement of digital citizen services. […]
The Senate Armed Services Committee’s cybersecurity and personnel subcommittees held a joint hearing today to examine the cyber operational readiness of the Department of Defense and heard from leaders of both the military and civilian side of the DoD cyber force about the mounting challenges they face. […]
The House late Tuesday voted to approve H.R. 6735, a bill that directs the Homeland Security Secretary to establish a vulnerability disclosure policy for the agency’s websites. […]
The software industry group BSA | The Software Alliance offered its support for the Cybersecurity and Infrastructure Act in the Senate. […]