The Cybersecurity and Infrastructure Security Agency has ordered federal civilian agencies to secure their networked management interfaces exposed to the public-facing internet. In a recently issued binding operational directive, CISA called on the agencies to remove the devices that can be managed remotely via the public internet from their networks. Such devices include routers, switches, […]
The director of the Cybersecurity and Infrastructure Security Agency said Ukraine’s information-sharing model is a good example of how United States operators should exchange adversarial threat details. According to 2023 Wash100 awardee Jen Easterly, Ukrainian officials were quick to share information about Russian cyber operations in Ukraine and potential threats to U.S. targets. Easterly said […]
The White House will publish a national cybersecurity strategy that would hold large companies accountable for failing to take reasonable steps to secure their software. At a recent CyberScoop event, Camille Stewart Gloster, the deputy national cyber director for technology and ecosystem security, said shifting the liability toward larger players that can make systems secure […]
Brig. Gen. Reid Novotny, special assistant to the director of the Air National Guard for U.S. Cyber Command J5 matters, has revealed that a hunt-forward operation was conducted by the U.S. Cyber National Mission Force somewhere in the U.S. Southern Command’s area of responsibility. CYBERCOM has not revealed precisely where the exercise took place. SOUTHCOM’s […]
Kemba Walden, the acting head of the Office of the National Cyber Director, has said the White House’s national cybersecurity strategy can lessen potential harms from generative artificial intelligence, a type of algorithm that can learn from data to produce new content. Speaking at the Amazon Web Services Summit on June 7, Walden highlighted the […]
Reps. Don Davis and Zachary Nunn have introduced the Cybersecurity for Rural Water Systems Act of 2023 in a bid to provide cybersecurity protection for the country’s water systems. The bill seeks to allocate $7.5 million annually as cybersecurity assistance through the Circuit Rider program, which, according to the U.S. Department of Agriculture, provides technical […]
The U.S. Army has awarded post-quantum security solutions provider QuSecure a potential Small Business Innovation Research Phase II Federal Government contract to continue research and development efforts for quantum-resilient software solutions. Under the SBIR contract, QuSecure will develop encryption technologies and solutions that would benefit Army users. The company will also identify how quantum technologies […]
The Cybersecurity and Infrastructure Security Agency and the FBI have warned that the CL0P ransomware gang is exploiting a structured query language injection vulnerability in Progress Software’s MOVEit Transfer online applications. CISA and the FBI published a joint cybersecurity advisory to inform organizations about CL0P’s tactics, techniques and procedures and indicators of compromise to help […]
The General Services Administration has approved cybersecurity firm AttackIQ’s Security Optimization Platform and its availability through Four Inc.’s GSA Federal Schedule. In a press release, AttackIQ highlighted how its solution fits in with the national cybersecurity strategy’s emphasis on performance-based regulations with cyber defense measures evaluated based on effectiveness against adversary tactics. One organization currently […]
The Cybersecurity and Information Security Agency and its partners have released the Guide to Securing Remote Access Software, which informs organizations on how to identify and defend against threat actors working to exploit remote access software vulnerabilities. The joint guide covers common exploitation methods and tactics, techniques and procedures hackers use to infiltrate systems. It […]
