Cybersecurity
Researchers race to document voting machine vulnerabilities ahead of November
Voting machines are key physical targets in election fraud schemes. At the DEF CON hacking conference, cybersecurity experts have been working to safeguard them.
DARPA edges closer to using AI to expose cyber vulnerabilities
Next year, seven teams will compete to polish off a best-case model that meshes AI and cybersecurity to detect and fix open-source vulnerabilities in critical infrastructure.
How the White House cyber czar is working to breathe new life into America’s cybersecurity workforce
The national cyber director wants to prepare the next generation of cyber warriors. It starts with touring schools.
Former NSA chief wants academia to play larger role in national security
Paul Nakasone is pushing for new initiatives to bolster national security research and workforce recruitment. It begins with a new institute at Vanderbilt University next month.
Trump campaign allegedly hacked, blames Iran for stealing internal communications
Iranian hacking activities are aligning more with legacy Russian cyber operations, a former top CISA official said.
Iran is accelerating US election influence operations, Microsoft research says
One Iran-linked disinformation collective staged covert news websites that focused on politically divisive topics. Another group breached a low-level account in a county-level swing state.
Nearly 200 firms have signed pledge to build more secure software, top cyber official says
The initial tally began at around 70 companies when CISA first headlined the initiative at RSA Conference in San Francisco.
Top US cyber agency hasn’t seen infamous Chinese hackers breach election infrastructure
A pervasive hacking collective being tracked by U.S. intelligence agencies hasn’t been seen breaking into any election infrastructure, but visibility into the group’s activities still isn’t clear, according to CISA Director Jen Easterly.
Proposal for a federal cyber training institute study passes key Senate committee
It’s one among several cybersecurity workforce-focused bills on the Hill this Congress.
Cyberattacks still ravage schools, defying White House efforts launched last year
Thousands of school districts have tapped into resources committed by the private sector to shore up their cyberdefenses.
Senate confirms first-ever Pentagon cyber policy chief
The new position would help the DOD increase its public-facing cyber outreach efforts.
Critical infrastructure group launches effort to aid federal agencies’ cyber defenses
The federal government’s cybersecurity posture has been spotlighted several times since last decade’s OPM breach.
Featured eBooks
Senate panel advances cyber regulatory harmonization bill
The bill aims to address overlapping cyber laws that CISOs say have caused compliance headaches.
New NSA-powered AI tool would help industry optimize cyberdefense testing
Autonomous Penetration Testing would overhaul manual work needed to check the cyber armor of firms that service the DOD community, said Cyber Command and NSA head Gen. Timothy Haugh.
New tech, personnel will help CISA with coming rush of cyber incident reports
CISA said “an automated mechanism” could help it better process and review a coming deluge of new cyber incident reports but could not be accounted for in its current budget.
NIST may not resolve vulnerability database backlog until early 2025, analysis shows
A new dashboard underscores the severity of the logjam that’s plagued the agency since February.
Summer-only sessions helped blunt CrowdStrike outage impact on US schools
K-12 school districts across the country were impacted in last week’s CrowdStrike-based IT outage, a person familiar says. The effects would have been much worse if school was in session.
FBI, Mandiant designate advanced North Korean hackers stealing US defense secrets
The group — now known as APT45 — has targeted information stored in U.S. government nuclear facilities and research institutions, as well as missile systems, uranium processing and other R&D intel.
Crowdstrike IT outage linked to update using new threat detection system
A routine update intended to enhance clients’ security capabilities clashed with a new cyberthreat classification framework rolled out in February, causing affected systems to crash.
Exclusive