National Supply Chain Integrity Month
Intel Agencies Warn of ‘More Destructive and Disruptive’ Cyber Attacks on Infrastructure
"Our adversaries are realizing that there are blind spots to conduct intrusions," NSA director says. Keep Reading
CISA Issues Emergency Directive Requiring Federal Agencies to Check Pulse Connect Secure Products
The directive is in response to observed active exploitation using disclosed vulnerabilities in Pulse Connect Secure products. Keep Reading
You might be interested in
Greg Touhill Named Director of Carnegie Mellon University’s Software Engineering Institute CERT Division
Touhill was appointed by former President Barack Obama to be the first chief information security officer (CISO) of the United States. Previously he served in the Department of Homeland Security as deputy assistant secretary, Office of Cybersecurity and Communications, National Programs and Protection Directorate. Keep Reading
PERSPECTIVE: Securing the Software Supply Chain from Process Risks
Government agencies are rethinking the ways they approach risk management, especially when it comes to protecting the software supply chain. Keep Reading
Neuberger: Government Standing Down Surge Response to SolarWinds and Microsoft Exchange Incidents
The innovations from the Exchange UCG and the lessons learned from these responses will be used to improve future unified, whole of government responses to significant cyber incidents. Keep Reading
National Supply Chain Integrity Month
Information Technology and Cybersecurity: Significant Attention Is Needed to Address High-Risk Areas
The federal government spends more than $100 billion on IT and cyber-related investments annually—but many of them have failed or performed poorly, have been poorly managed, and have security weaknesses. Keep Reading
Latest from HS Today
NSA Launches LPS Qubit Collaboratory
The LQC offers a mechanism for collaborative research between LPS and academia, industry, FFRDCs, and Government Laboratories. Keep Reading
Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks
This advisory is being released alongside the U.S. Government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. Keep Reading
Biden Beefs Up Cyber Team with NSA, DHS Veterans in Key Roles at White House, CISA, DHS
Former NSA Deputy Director Chris Inglis picked to be the first national cyber director, former NSA deputy for counterterrorism Jen Easterly picked to lead CISA, and Rob Silvers, former assistant secretary for cyber policy at DHS, chosen as DHS undersecretary for policy. Keep Reading
Flat DHS Budget in Biden Request Includes Increases for Cyber Threats, Domestic Terror
Immigration increases include USCIS funding and Office of Professional Responsibility to process CBP, ICE complaints. Keep Reading
Texas Militia Forum Member Charged with Plotting to Blow Up Virginia Data Center
Pendley allegedly told the undercover FBI employee he planned to attack web servers that he believed provided services to the FBI, CIA, and other federal agencies. He said he hoped to bring down “the oligarchy” currently in power in the United States. Keep Reading
Cybersecurity Service Provider Program Passes Another Milestone
The DOJ Justice SOC (JSOC) passed the assessment with flying colors, meeting all required standards and exceeding them in 35 of the 40 cybersecurity evaluation areas. Keep Reading
Coronavirus
Verizon Mobile Security Index: COVID-19 Unearths New Cyber Threats for Businesses
The COVID-19 pandemic forced businesses to quickly support remote working practices, often without proper security measures in place. Keep Reading
Learn More About Digital Transformation and Navy Needs
Digital technologies are changing almost every aspect of how we live and work. People and machines are increasingly interconnected; a growing number of tasks can be automated; data and insights are the new gold. Keep Reading
Army Developing Tool for U.S. Cities to Practice Cyberattack Response
The Army Cyber Institute is building a portable, tailorable platform for cities to practice responding to cyberattacks targeting critical infrastructure. Keep Reading
OIG Initiates Audit of IT Services Contracts at DOT
IT services comprise one of the top categories of contract spending in the federal government, and the cost of contractor-supplied IT products and services is predicted to reach $116 billion by fiscal year 2024. Keep Reading
OIG: DoD Components Did Not Consistently Implement Cybersecurity Controls in Telework Shift
In March 2020, the DoD established the DoD Telework Readiness Task Force, led by the DoD Chief Information Officer (CIO), to ensure DoD networks remain telework‑ready and secure to support DoD missions during the maximum telework period. Keep Reading
Microsoft Security Report Says Firmware Exploits Are on the Rise
Microsoft cites a recently commissioned study on firmware security investments compiled by Security Signals. It shows that over 80 percent of businesses have experienced a firmware attack within the past two years. Keep Reading
CISA Releases Supplemental Direction on Emergency Directive for Microsoft Exchange Server Vulnerabilities
CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Keep Reading
Mayorkas Lays Out Cybersecurity Plan for DHS: Industry Partners, CISA Strength, ‘Sprints’
The first sprint will focus on fight against ransomware, which DHS secretary said "now poses a national security threat." Keep Reading