The Department of Homeland Security’s National Cybersecurity & Communications Integration Center (NCCIC) released a new alert yesterday highlighting five publicly available tools frequently observed in cyber incidents worldwide. […]

Later this month government and private sector leaders will gather for a frank discussion about redefining government cybersecurity. The conversation could hardly be more timely: the Federal government is facing seemingly endless challenges, from evolving threats and aging legacy systems to budget constraints and workforce gaps.






[…]

The recent Department of Homeland Security alert describing ongoing cyberattacks on global managed service providers highlights the need for the U.S. government to take a lead role in protecting internet infrastructure, according to some industry cybersecurity experts.






[…]

Cybersecurity flag

Senators Richard Blumenthal, D-Conn., and Marco Rubio, R-Fla., asked the chief executive officer of Super Micro Computer in an Oct. 9 letter whether the company has ever found evidence of tampering of components or firmware that targeted the company’s products, among other questions stemming from a Bloomberg Businessweek article reporting that chips made by a Chinese firm and allegedly used by numerous U.S. companies and government agencies were engineered to enable backdoor data transmissions to China. 






[…]

Mike Duffy, acting deputy director for the Department of Homeland Security’s Federal Network Resilience Division, said today that many Federal agencies are expecting to have all of their .gov domains protected from email spoofing campaigns, ahead of an October 16 deadline to do so.






[…]

Google HQ

Three Senate Democrats asked Federal Trade Commission (FTC) Chairman Joseph Simons in an Oct. 10 letter to open an investigation into Google’s disclosure earlier this week that it discovered and patched in March a vulnerability in its Google+ social media platform that may have exposed profile data on up to 500,000 accounts, but did not inform users of the vulnerability in a timely way.






[…]

The Department of Justice (DoJ) announced yesterday that Yanjun Xu, a Chinese Ministry of State Security (MSS) operative, was extradited to the United States Tuesday on charges of conspiring and attempting to commit economic espionage and steal trade secrets from U.S. aviation and aerospace companies–including GE Aviation.






[…]

US Federal CIO Suzette Kent OMB MeriTalk CCXB
social-security-administration (1)-min

McAfee and the Center for Strategic and International Studies (CSIS) today released a new report about modernizing Social Security Numbers (SSN) in light of growing privacy and security concerns over using SSNs as a de facto personal identifier. The






[…]

data privacy, people, personal data, binary

The Senate Commerce, Science, and Transportation Committee heard testimony today detailing the workings of data privacy laws in Europe and California–specifically the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)–amid a growing groundswell for Congress to work on a national data privacy law for the U.S.






[…]

The Department of Justice (DoJ) announced today that Romeo Vasile Chita, a Romanian national, was returned to the United States last Friday to face Federal charges of racketeering, wire fraud conspiracy, conspiracy to launder money, and conspiracy to traffic in counterfeit services charges.






[…]

Cybersecurity cyber

A new survey from One Identity, a maker of identity and access management (IAM) solutions, finds that 77 percent of IT security professionals polled in the United states, Europe, and elsewhere said it would be “easy” for them to steal sensitive information from their companies if they were to leave those organizations.






[…]

Machine learning AI modernization

The Department of Homeland Security’s (DHS) Science and Technology Directorate (S&T) recently founded an artificial intelligence (AI) community of interest (COI) for anyone in DHS with an “interest in the subject.”






[…]

cloud computing concept -min
.gov website cybersecurity government

The Department of Homeland Security’s (DHS) deadline for agencies to adopt Domain-based Message Authentication, Reporting, and Conformance (DMARC) and have policies set to “enforcement” levels is one week away, and new research from Valimail says only half of agencies have deployed the new standards.






[…]

rural internet broadband

A new report from a group of Federal government and private sector experts details how “precision agriculture,” or agriculture that uses connected technology to improve efficiency, faces new cybersecurity threats and a low degree of awareness in the industry to combat them.






[…]

California Gov. Jerry Brown

Gov. Jerry Brown on Sept. 28 signed into law S.B. 327, which will ban companies from selling Internet-connected devices with weak or default passwords, such as “Password” or “1234567.” Instead, beginning on Jan. 1, 2020, all devices must have a “preprogrammed password [that] is unique to each device manufactured.” A primary concern with weak pre-programmed passwords is that users don’t change them to strong, unique passwords after purchasing the device.






[…]

Google HQ
Apple

Apple told congressional leaders in a letter dated today that a story last week by Bloomberg Businessweek–reporting that chips made by a Chinese firm and used in Apple equipment were engineered to enable backdoor data transmissions to China–is “not true.”






[…]