A new survey from One Identity, a maker of identity and access management (IAM) solutions, finds that 77 percent of IT security professionals polled in the United states, Europe, and elsewhere said it would be “easy” for them to steal sensitive information from their companies if they were to leave those organizations. […]
The Department of Homeland Security’s (DHS) deadline for agencies to adopt Domain-based Message Authentication, Reporting, and Conformance (DMARC) and have policies set to “enforcement” levels is one week away, and new research from Valimail says only half of agencies have deployed the new standards. […]
A new report from a group of Federal government and private sector experts details how “precision agriculture,” or agriculture that uses connected technology to improve efficiency, faces new cybersecurity threats and a low degree of awareness in the industry to combat them. […]
Gov. Jerry Brown on Sept. 28 signed into law S.B. 327, which will ban companies from selling Internet-connected devices with weak or default passwords, such as “Password” or “1234567.” Instead, beginning on Jan. 1, 2020, all devices must have a “preprogrammed password [that] is unique to each device manufactured.” A primary concern with weak pre-programmed passwords is that users don’t change them to strong, unique passwords after purchasing the device. […]
Google announced today plans to shut down its Google+ social media platform in August 2019, and that it patched a vulnerability in the service in March that potentially exposed Google+ user data. […]
Apple told congressional leaders in a letter dated today that a story last week by Bloomberg Businessweek–reporting that chips made by a Chinese firm and used in Apple equipment were engineered to enable backdoor data transmissions to China–is “not true.” […]
A new, stealthy Internet of Things (IoT) botnet has emerged with the capability of stealing information from a wide range of devices, underscoring the need for the Federal government to provide guidance on how agencies can reduce risks associated with the deployment of their IoT networks. […]
Christopher Krebs, Department of Homeland Security under secretary for the National Protection and Programs Directorate (NPPD), said Thursday that NPPD is focusing on the cybersecurity fight of both today and tomorrow, through the various coordinating centers that fall under NPPD’s purview. […]
On Wednesday, officials from the Department of Homeland Security (DHS) and the Department of Energy (DoE) met with the Oil and Natural Gas Sector Coordinating Council and announced a collaborative initiative to improve pipeline cybersecurity. […]
The Department of Justice (DoJ) today announced that a grand jury has indicted seven officers, all Russian nationals and residents, in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation. […]
Following the long-awaited passage of the Cybersecurity and Infrastructure Security Agency (CISA) Act in the Senate, the head of the organization set to be elevated as the nation’s official cybersecurity agency expressed his satisfaction at how congressional approval of a simple name change will reinforce the authority of the Federal government’s lead organization in cyberspace. […]
The Senate passed the Cybersecurity and Infrastructure Security Agency Act (CISA Act) on Wednesday by unanimous consent but included some amendments, setting up a few remaining steps before the bill reaches President Trump’s desk. […]
California Governor Jerry Brown on Sept. 29 signed S.B. 1001 into law. The legislation prohibits automated accounts–colloquially known as bots–from pretending to be human when attempting to “incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election.” […]
The Office of Personnel Management (OPM) will in the coming weeks release a new regulation that will allow the Federal government to directly hire cybersecurity personnel, significantly slimming a lengthy hiring process that has bogged down the Federal government. […]
At the National Association of Corporate Directors Global Board Leaders Summit on Monday, Federal Bureau of Investigations (FBI) Director Christopher Wray stressed that the FBI and corporate executives must work together to keep companies safe from cybercrime. Wray called on executives to report cyber incidents to the FBI as soon as possible, explaining that the FBI needed the info to have a clear understanding of the current threat landscape. […]
President Trump on Friday declared October 2018 as National Cybersecurity Awareness Month – marking the 15th consecutive year of that designation. […]
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) yesterday issued a warning that cyber actors are increasingly exploiting the Remote Desktop Protocol (RDP) to conduct malicious activity. […]
Facebook said it informed users on Friday the company discovered attackers using a new technique to potentially take over user accounts–putting 50 million accounts at risk and forcing the company to take preventative action on 90 million accounts. […]
The Senate Homeland Security and Governmental Affairs Committee on Wednesday voted to approve a handful of bills that place a strong emphasis on cybersecurity, IT supply chain security, and the enhancement of digital citizen services. […]
The Senate Armed Services Committee’s cybersecurity and personnel subcommittees held a joint hearing today to examine the cyber operational readiness of the Department of Defense and heard from leaders of both the military and civilian side of the DoD cyber force about the mounting challenges they face. […]
The House late Tuesday voted to approve H.R. 6735, a bill that directs the Homeland Security Secretary to establish a vulnerability disclosure policy for the agency’s websites. […]
The software industry group BSA | The Software Alliance offered its support for the Cybersecurity and Infrastructure Act in the Senate. […]
Sen. James Lankford, R-Okla., told Politico to expect an updated version of the Secure Elections Act to hit the Senate floor next month. […]
The Department of Justice (DoJ) announced Friday that Ruslans Bondars, the operator of counter- antivirus service “Scan4you,” was sentenced to 14 years in prison. […]
The General Services Administration (GSA) today announced that it awarded a $2 million contract to HackerOne for the facilitation of GSA’s bug bounty programs. […]
The National Cyber Strategy policy document released by the White House late Thursday tracks in tone and wording with the tough stance adopted in the Defense Department’s cyber strategy announced earlier this week–including its adoption of a more offensive-minded position than previous written policies–and appears to respond in tone to demands from across the political spectrum that the U.S. fashion policy that will do a better job in creating a deterrence effect against adversaries. […]
The general election in 2016 was a watershed moment for Federal, state, and local election officials. […]
According to a new study prepared for the National Institute of Standards and Technology (NIST), the agency’s development of the Advanced Encryption Standard (AES) has created an estimated $250 billion in economic impact over the last 20 years. […]
Researchers at cybersecurity firm Tenable published an advisory Monday revealing a software vulnerability affecting a popular brand of surveillance cameras, whcih could be exploited to gain access to video feeds and potentially “allow attackers to remotely view feeds and tamper with recordings.” […]
Sen. John Cornyn, R-Texas, today introduced the Advancing Cybersecurity Diagnostics and Mitigation Act in the Senate. The House version of the bill (HR 6443), sponsored by Rep. John Ratcliffe, R-Texas, passed the House earlier this month. […]