Cybersecurity
New tech, personnel will help CISA with coming rush of cyber incident reports
CISA said “an automated mechanism” could help it better process and review a coming deluge of new cyber incident reports but could not be accounted for in its current budget.
Cybersecurity
NIST may not resolve vulnerability database backlog until early 2025, analysis shows
A new dashboard underscores the severity of the logjam that’s plagued the agency since February.
Cybersecurity
Summer-only sessions helped blunt CrowdStrike outage impact on US schools
K-12 school districts across the country were impacted in last week’s CrowdStrike-based IT outage, a person familiar says. The effects would have been much worse if school was in session.
Cybersecurity
FBI, Mandiant designate advanced North Korean hackers stealing US defense secrets
The group — now known as APT45 — has targeted information stored in U.S. government nuclear facilities and research institutions, as well as missile systems, uranium processing and other R&D intel.
Cybersecurity
Crowdstrike IT outage linked to update using new threat detection system
A routine update intended to enhance clients’ security capabilities clashed with a new cyberthreat classification framework rolled out in February, causing affected systems to crash.
Exclusive
Cybersecurity
House lawmaker demands answers from AT&T on recent data breach
Rep. Abigail Spanberger wants AT&T’s CEO to open up about the company’s incident response plans and a reported payment to hackers in exchange for deleting the stolen data.
Cybersecurity
How the CrowdStrike outage carved out new opportunities for hackers
Former U.S. officials and security practitioners are wondering how a defective CrowdStrike patch for Windows systems fell through the cracks and created more cascading security risks.
Cybersecurity
In reversal, AT&T says most FirstNet customers impacted in data breach disclosed last week
“We now believe the proportion of FirstNet numbers included in the data is similar to that of our broader customer base,” the company said in a statement.
Updated
Cybersecurity
Biden briefed on CrowdStrike IT outage as multiple federal systems impacted
Social Security offices are closed for the day due to the incident. It will be “time-consuming” for all affected systems to undo the damage because the process is manual, one expert says.
Cybersecurity
New US cyber official wants ‘brutal honesty’ on industry collaboration efforts
CISA’s new cybersecurity official Jeff Greene wants to know where the agency can improve on collaboration efforts that have been previously criticized for their misdirection.
Cybersecurity
Judge dismisses key claims in SEC lawsuit on 2020 SolarWinds hack
The original lawsuit faced pushback from dozens of cybersecurity executives.
Exclusive
Cybersecurity
US taps IBM for 5-year deal to boost European, Eurasian allies’ cyber posture
Officials are concerned that a lack of institution building in such nations will allow digital adversaries to gain a larger foothold in allied countries’ networks.
Cybersecurity
Dozens of federal agencies’ call data potentially exposed in AT&T breach
AT&T is a prime contractor on the government's $50 billion telecom contract vehicle and supplies infrastructure and bandwidth for the FirstNet public safety communications program.
Cybersecurity
Several DOD IT programs still don’t have a cyber strategy, watchdog finds
Cyber strategy requirements in the Defense Department’s IT business unit date back to at least 2014. A government watchdog thinks it's time for an update.
Cybersecurity
NIST will fire the ‘starting gun’ in the race to quantum encryption
Experts in the public and private sectors highlighted how to proactively transition networks to quantum-resilient standards.
Cybersecurity
US, allies take down Kremlin-backed AI bot farm
The bot farm allegedly originated from a deputy manager at RT — a Russian state-backed news agency — and spread disinformation on the X social media platform.
Exclusive
Cybersecurity
Patchwork cyber laws cost the government money, Amazon security chief says
An exclusive conversation with Amazon CSO Steve Schmidt unpacks his views on cyber policy themes this year.
Cybersecurity
China is seeking ways to disrupt daily American life should a conflict erupt, Pentagon’s IT leader says
The DISA director also wants more transparency from the IT companies it hires.
Cybersecurity
Half of critical open source projects contain memory-unsafe code, U.S. cyber agency says
The findings come after recent hijacking attempts into major open-source tools.
Cybersecurity
NYPD officer database had security flaws that could have let hackers covertly modify officer data
The NYPD said no officer data was ever compromised, but it’s unknown how long the vulnerability existed.
Almost There!
Help us tailor content specifically for you: