Ideas
The FBI Is Breaking into Corporate Computers to Remove Malicious Code – Smart Cyber Defense or Government Overreach
The actions raise questions about the power of courts to regulate cybersecurity without the consent of the owners of the targeted computers.
Cybersecurity
Federal Agencies Detail Russian Tactics Used in Recent Cyber Intrusions
The FBI, Homeland Security Department and Cybersecurity and Infrastructure Security Agency issued an alert on Russian government cyber tradecraft and mitigation techniques for targets.
Cybersecurity
How the Federal CISO Views Zero Trust
Federal Chief Information Security Officer Chris DeRusha and other federal officials also advocated moving away from siloed cybersecurity budgeting for agencies.
Cybersecurity
CISA Issues Deadline for Federal Agencies to Address Pulse Secure Vulnerabilities
The vulnerabilities led to the compromise of government agencies early last summer and, together with a newly disclosed flaw, continue to be exploited.
Cybersecurity
White House Stands Down Coordination Effort on SolarWinds, Microsoft Exchange Hacks
The leading cybersecurity official on the National Security Council shared lessons learned as agencies reach patching goals.
Cybersecurity
The Hack Roundup: White House Sanctions Russia over SolarWinds
Agencies involved in response also issued advisories on the hackers' tactics while Microsoft offered federal customers free trials of an auditing tool.
Cybersecurity
Pentagon Not Compromised by SolarWinds, Microsoft Exchange Hacks, Official Says
The official urged continued patching of on-premises Microsoft Exchange servers.
Cybersecurity
Agencies Have Till Midnight April 15 to Apply New Microsoft Exchange Patches
Four of the 95 vulnerabilities Microsoft released as part of its monthly “patch Tuesday” were identified by the National Security Agency.
Cybersecurity
Former DHS Secretary Details SolarWinds Hackers’ Access to His Email
Chad Wolf said the information was all unclassified but the compromise was still disturbing.
Cybersecurity
White House to Seek Industry Input on New Software Security Rules, NSC Official Says
The administration wants to make sure the private sector has the ability to weigh in on procurement standards in an impending executive order.
Cybersecurity
Top Homeland Security Senators Want Details on Agencies Hit in SolarWinds, Microsoft Intrusions
Sens. Gary Peters and Rob Portman also request more information on key defensive programs and federal cyber leadership.
Cybersecurity
DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack
The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector.
Cybersecurity
CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers
The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.
Cybersecurity
Director Says NSA’s Domestic Surveillance Authority ‘Rightly’ Limited
Gen. Paul Nakasone, who oversees both the intelligence agency and U.S. Cyber Command, stressed the need for greater visibility through private-sector information streams.
Cybersecurity
New Software Vendor Standards Coming Within Weeks, CISA Head Says
The White House is leading an interagency effort focused on software development that will determine federal procurement of information technology.
Cybersecurity
CISA Will Use New Authority Over Internet Service Providers to Fight Ransomware, Official Says
Acting CISA Director Brandon Wales praised the government’s coordination absent a national cyber director.
Cybersecurity
CISA, FBI Officials Say Federal Payroll Facility Was Not Targeted in Hacking Campaigns
CISA’s acting director identified ways the government is working to improve information sharing about cybersecurity incidents between agencies.
Cybersecurity
Official: Executive Order to Address Cloud Security Through Procurement
Lawmakers question why basic security features are not already the default.
Cybersecurity
White House Is Developing a Plan to Secure Industrial Control Systems
An upcoming executive order in response to the hacking campaign that involved SolarWinds will include standards to improve software transparency.
Cybersecurity
CISA Official Calls for Update of Identity Management Guidance in Wake of SolarWinds Compromise
"Identity is everything now," a technical strategist told NIST advisers in a briefing on the hacking campaign.
Almost There!
Help us tailor content specifically for you: