Cybersecurity
Ransomware payment debate resurfaces amid Change Healthcare incident
Expert views don’t entirely align on whether victims should pay ransomware hackers.
Cybersecurity
U.S. still finding victims of advanced China-linked hacking campaign, NSA official says
The Volt Typhoon hacking collective, backed by the Chinese People’s Liberation Army, has been working to burrow into sensitive U.S. systems, officials previously said.
Cybersecurity
FCC approves cyber labeling program for IoT devices
The move is one of several directives underpinning a sweeping Biden administration plan to shore up U.S. cybersecurity.
Cybersecurity
CISA rolls out secure software attestation form
A repository for software attestation submissions will be available later in March.
Cybersecurity
HHS launches probe into UnitedHealth over ransomware attack on subsidiary
The probe will examine the company's compliance with laws safeguarding patient data.
Cybersecurity
China, Russia and Iran capable of disrupting 2024 elections, intel assessment warns
Three nations have the means of deploying campaigns attempting to scramble election outcomes in November, according to the intelligence community’s annual worldwide threat assessment.
Cybersecurity
CISA targeted through Ivanti VPN vulnerabilities, reports say
The DHS agency has been issuing warnings about Ivanti products since at least 2020.
Cybersecurity
Lawmakers try again with FISMA reform
The House Oversight and Accountability Committee passed a FISMA modernization proposal on to the full floor on Thursday.
Exclusive
Cybersecurity
Flaws in public records management tool could let hackers nab sensitive data linked to requests
The GovQA platform, created by IT company Granicus, contained vulnerabilities that could have let cybercriminals retrieve tranches of sensitive files tied to public records requests, a security researcher revealed to Nextgov/FCW.
Cybersecurity
Government facilities were third largest ransomware target in 2023, FBI says
The FBI’s IC3 findings also show government official impersonation scams are on the rise.
Cybersecurity
House panel to weigh bill barring data brokers from making transfers to foreign rivals
The measure, backed by the House Energy and Commerce Committee’s leaders, considers similar data types listed in a recently signed data security executive order.
Cybersecurity
CISA is coordinating with election security partners for Super Tuesday voting
The principal agency responsible for election security is asking public and private sector election administrators to share potential threat information as voters go to the polls.
Cybersecurity
Biden’s new data security order leaves industry officials, privacy advocates scratching their heads
Implementing the executive order will involve crafting new legal mechanisms for data transfers while assuaging ongoing privacy concerns.
Cybersecurity
FCC staff targeted in phishing attack that cloned agency login site
A cybercriminal group built a duplicate webpage used by employees to validate their login credentials.
Cybersecurity
Nearly 300 comment on proposed CMMC rule
The Defense Department now has to process and respond to the comments before it issues the final version of the industry-wide rule in the fall.
Cybersecurity
Biden executive order aims to stop adversaries from obtaining, exploiting Americans’ personal data
Data brokers under the order are barred from selling bulk caches of sensitive Americans’ data to multiple foreign countries, including China and Russia.
Cybersecurity
Energy to fund 16 infrastructure cybersecurity projects
The White House’s cybersecurity strategy implementation plan asks the agency to identify pilot projects for energy infrastructure security.
Cybersecurity
NIST debuts the finalized update to its Cybersecurity Framework
The streamlined blueprint has already gotten positive feedback from private sector organizations.
Cybersecurity
White House urges software developers to use memory-safe programming languages
A number of headline-making cyberattacks started with memory safety flaws, a White House cyber official said.
Cybersecurity
New cloud security task force presses for stakeholder accountability
A team convened to focus on cloud security is challenging industry, Congress and the executive branch to address longstanding concerns.
Almost There!
Help us tailor content specifically for you: