CISA Order Highlights Persistent Risk at Network Edge

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in...

Continue reading
0 Comments
Tags:
Adam Boileau Barracuda Networks CISA CVE-2023-27997 Cybersecurity and Infrastructure Security Agency Fortinet Fortra GoAnywhere Latest Warnings Mandiant MOVEit Transfer Patrick Gray Progress Software Risky Business podcast The Coming Storm Time to Patch

SolarWinds Hack Could Affect 18K Customers

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, ...

Continue reading
0 Comments
Tags:
Alan Paller Andrew Morris Center for Strategic and International Studies CISA Cybersecurity and Infrastructure Security Agency Data Breaches FireEye GreyNoise Intelligence James Lewis microsoft Orion software SANS Institute SolarWinds breach U.S. Securities and Exchange Commission Vinoth Kumar

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s custom...

Continue reading
0 Comments
Tags:
APT29 Cybersecurity and Infrastructure Security Agency Data Breaches Department of Commerce FireEye hack microsoft Orion Reuters SolarWinds breach The Coming Storm U.S. Treasury Department

Trump Fires Security Chief Christopher Krebs

President Trump on Tuesday fired his top election security official Christopher Krebs (no relation). The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud. Chris Krebs. Image: CISA. Krebs, 43, is a former Microsoft...

Continue reading
0 Comments
Tags:
A Little Sunshine Christopher Krebs CISA Cybersecurity and Infrastructure Security Agency President Trump Rumor Control Sen. Angus King Sen. Richard Burr U.S. Department of Homeland Security Y2K

U.S. Govt. Makes it Harder to Get .Gov Domains

The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get the...

Continue reading
0 Comments
Tags:
.gov Cybersecurity and Infrastructure Security Agency John Levine Other The Internet for Dummies U.S. Department of Homeland Security U.S. General Services Administration

It’s Way Too Easy to Get a .gov Domain Name

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience sugge...

Continue reading
0 Comments
Tags:
CISA Cybersecurity and Infrastructure Security Agency DOTGOV Bill dotgov.gov exeterri.gov John Levine The Coming Storm town.exeter.ri.us U.S. Department of Homeland Security U.S. General Services Administration Web Fraud 2.0

logo color

Quick Links

Resources