Cybersecurity
CISA directs agencies to mitigate widespread VPN bugs
Two unpatched flaws in Ivanti's Connect Secure VPN are being exploited by hackers in the wild.
Artificial Intelligence
How hackers can 'poison' AI
A new paper from NIST offers a standard taxonomy of cyber attacks dedicated to contaminating the data AI models use to learn.
Cybersecurity
OMB takes aim at internet of things cybersecurity
The Office of Management and Budget’s recent FISMA guidance notes the importance of the Cybersecurity and Infrastructure Security Agency’s ability to scan agencies for vulnerabilities on an ongoing basis.
Cybersecurity
Data on active-duty servicemembers is a available for purchase online, report says
A new study from Duke University sheds light on how easy it is to find U.S military personnel online for a price.
Cybersecurity
ICE’s ‘outdated and overly permissive’ device policy left the agency vulnerable, watchdog warns
A spring audit of agency mobile devices found several banned and outdated applications installed on personnel and contractor smartphones.
Cybersecurity
SEC sues SolarWinds for allegedly fraudulent cybersecurity statements
The company says it will "vigorously oppose" the lawsuit.
Cybersecurity
US, Japan warn of China-backed hackers lurking in networking gear
The joint advisory cautioned that a China-backed threat group called BlackTech is exploiting weaknesses in routers to hack government and industrial targets.
Cybersecurity
CDM policies provide a vital shield against climate-driven cyberattacks, experts say
Cybercriminals are increasingly leveraging extreme weather events to launch attacks on critical infrastructure sectors.
Cybersecurity
Russian cyber group unleashes new malware campaign on Ukrainian military targets
A new report says a cyber threat actor within Russia’s military intelligence service leveraged a novel malware campaign targeting Android devices used by the Ukrainian military.
Cybersecurity
National intelligence office issues cyber warning for government and commercial satellites
The warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to successfully hack a government satellite in orbit.
Cybersecurity
Threat actor targeted DOD contracting website
Malware leveraging flaws in edge routers has been spying on military contracting websites, according to research from Lumen's Black Lotus Labs.
Digital Government
IRS must speed up efforts to resolve IT security weaknesses across the agency, watchdog says
The IRS’s failure to expeditiously resolve weaknesses in its IT systems puts the agency “at risk for exploitation by threat actors,” according to an audit by the Treasury Inspector General for Tax Administration.
Cybersecurity
North Korea's cyber-enabled sanction evasion requires tougher response, lawmakers and experts say
Pyongyang’s growing reliance on cybercrimes to circumvent international sanctions should push the U.S. and its allies to fully enforce existing sanctions and review whether more regulations are needed to govern digital currencies.
Cybersecurity
SEC announces new cyber reporting rules for companies
After noting the increasing number of cyberattacks on U.S. networks, the SEC is asking company leadership for quick cyber incident disclosures and more documentation.
Ideas
There’s something DHS can do to help civilian agencies fight cyberattacks
The Homeland Security Department has the power to do a lot more than just issue words of warning.
Cybersecurity
No 'systemic risk' to government networks from latest breach, CISA says
The nation’s cyber defense agency confirmed it was providing assistance to several federal agencies that have been impacted in an apparent global cyberattack.
Cybersecurity
Interior faces 'disturbing' cyber risks due to cracked passwords and vulnerable assets
Recent reports reveal the Department of Interior is not enforcing multifactor authentication for its high-value assets and has a range of other significant cybersecurity risks.
Artificial Intelligence
AI and China are ‘defining challenges of our time,’ CISA director says
Artificial intelligence’s potential as an “extinction event” for humanity prompted CISA Director Jen Easterly to advise companies to “think about self-regulation” for product security and safety.
Cybersecurity
Unmonitored networks put US nuclear arsenal at risk, GAO finds
A Government Accountability Office report found that the Energy Department cannot effectively monitor potential insider threats to U.S. nuclear security because department staff “have not identified the total number of DOE’s stand-alone classified networks.”
Cybersecurity
Agencies Warn of State-Sponsored Volt Typhoon’s Hacking Tactics
In collaboration with international and private sector partners, CISA released a new advisory warning network defenders of PRC-linked Volt Typhoon’s infiltration tactics.
Almost There!
Help us tailor content specifically for you: