CISA, FBI Issue Joint Alert to Address Directory Traversal Vulnerabilities

The Cybersecurity and Infrastructure Security Agency and the FBI have issued the Eliminating Directory Traversal Vulnerabilities in Software Secure by Design alert. The move follows recent cyberattacks, including the ones on ConnectWise and Cisco’s applications, that exploited companies’ traversal vulnerabilities, compromising critical infrastructure such as health care institutions and disrupting critical services such as hospital […]

Posted on May 6, 2024 by Xavier Dolan

Senators Introduce Bipartisan Bill to Strengthen AI Security

Sens. Mark Warner, D-Va., and Thom Tillis, R-N.C., are co-sponsoring the Secure AI Act of 2024 to strengthen safeguards against cyberthreats involving artificial intelligence. The proposed legislation focuses on updating existing vulnerability reporting mechanisms, including the National Institute of Standards and Technology’s National Vulnerability Database and the Cybersecurity and Infrastructure Security Agency’s Common Vulnerabilities and […]

Posted on May 3, 2024 by Xavier Dolan

New KBR Contract With US Naval Research Laboratory Extends to Cybersecurity

The U.S. Naval Research Laboratory has placed a new task order with Houston, Texas-based science, technology and engineering company KBR for operations, maintenance and security at its facilities in Washington, D.C. The new indefinite-quantity/indefinite-quantity recompete contract, valued at an estimated $34 million, covers five years and expands KBR’s scope and services to include the NRL […]

Posted on May 3, 2024 by Arthur McMiler

Advisory Warns Against Russia-Backed Cyberattack on Water Facilities

An advisory from various federal agencies has warned of a possible Russia-backed cyberattack on the water systems in North America and Europe. According to the advisory, pro-Russia activists are targeting the facilities due to their poor security standards. It added that operations have been observed since 2022 and as recently as April. Hackers usually target […]

Posted on May 3, 2024 by Brianne Monterey

Carahsoft, QuintessenceLabs Partner to Offer Quantum-Safe Cybersecurity Solutions to Government Agencies

Carahsoft will serve as QuintessenceLabs’ public sector distributor in a new partnership aimed at strengthening government agencies’ cybersecurity posture. The partnership is a response to the evolving threat landscape, including the ones potentially caused by quantum computers, Carahsoft said. To address such emerging threats, QuintessenceLabs helps agencies build adaptable cybersecurity infrastructure, protecting sensitive data across […]

Posted on May 1, 2024 by Xavier Dolan

White House Memo Aims to Improve Critical Infrastructure Security

A White House memo aims to intensify the federal government’s efforts to improve the cyber posture of the nation’s critical infrastructure sector. On Tuesday, the White House National Security Council issued the “National Security Memorandum on Critical Infrastructure Security and Resilience,” a document that builds on the achievements of the Cybersecurity and Infrastructure Security Agency […]

Posted on May 1, 2024 by Brianne Monterey

CISA Budget Hike to Enhance Cyber Defense Programs’ Capabilities Against Chinese Hackers

The Cybersecurity and Infrastructure Security Agency plans to improve three of its cyber defense programs for critical infrastructures, particularly the systems against Chinese cyberattacks, Jen Easterly, CISA director, told a hearing of the House Appropriations homeland security subcommittee on Tuesday. Easterly, a 2024 Wash100 award winner, pointed out to the lawmakers that the improvement plan […]

Posted on May 1, 2024 by Arthur McMiler

FTC Expands Health Data Breach Rules to Cover Apps, Similar Tech

The Federal Trade Commission has widened protections for consumers’ health data collected by digital health tools through its final revisions of the Health Breach Notification Rule. The updated HBNR broadens its reach to encompass health apps and similar technologies not covered by the Health Insurance Portability and Accountability Act. It means companies that fall under […]

Posted on April 29, 2024 by Xavier Dolan

DOD Official Unveils New Approach in Hiring Cyber Workforce

The Department of Defense is taking a new approach to attracting cyber talent. In an interview with Federal News Network at the recent West 2024 conference, Matthew Isnor, the branch chief for cyber workforce development in the department’s Office of the Chief Information Officer, said that the Pentagon is thinking outside the box in talent […]

Posted on April 29, 2024 by Brianne Monterey

CISA Touts Cyber Hygiene’s Role in Reducing Ransonware-Related Vulnerabilities

The Cybersecurity and Infrastructure Security Agency is addressing the growing number of ransomware attacks targeting various organizations through cyber hygiene. Through the Ransomware Vulnerability Warning Pilot, CISA aims to promote a proactive approach to cybersecurity, preventing malicious actors from accessing and deploying ransomware on networks. CISA emphasized the critical role to be played by its […]

Posted on April 29, 2024 by Brianne Monterey

Cybersecurity | GovCon News | POC | Page 10