The Cybersecurity and Infrastructure Security Agency has added 17 new entries to its list of actively exploited cyber vulnerabilities. CISA’s Known Exploited Vulnerabilities Catalog includes software flaws that have previously been abused and are required to be patched by federal civilian agencies, Bleeping Computer reported. The agency published the catalog’s first entries on Nov. 3, […]
Richard Glick, the commissioner of the Federal Energy Regulatory Commission, said during a hearing on Wednesday that he is supporting a piece of legislation that would create an organization within the Department of Energy that would oversee pipeline cybersecurity. The legislation was proposed by Rep. Bobby Rush, chairman of the energy panel at the House […]
President Joe Biden signed a national security memorandum granting the National Security Agency the power to order concerned agencies to implement updates and other remedial measures to national security systems through binding operational directives patterned after those currently being employed by the Cybersecurity and Infrastructure Security Agency, Nextgov reported Wednesday. Through the memo, Biden called […]
Sens. Gary Peters, chairman of the Senate Homeland Security and Governmental Affairs Committee, and John Cornyn have proposed legislation seeking to improve the commercial satellite sector’s access to cybersecurity resources. The Satellite Cybersecurity Act would direct the Cybersecurity and Infrastructure Security Agency to develop recommendations for satellite companies on how to best protect their systems. […]
The Government Accountability Office has released its report on the SolarWinds and Microsoft Exchange incidents, describing how federal agencies reacted to the two high-profile cybersecurity incidents that affected the U.S. government. The congressional watchdog found that federal agencies took several steps to coordinate and respond to the incidents, including forming two Cyber Unified Coordination Groups, […]
The Federal Bureau of Investigation is warning individuals about malicious quick response codes that cybercriminals are using to steal victims’ login and financial credentials. According to the notice posted on the Internet Crime Complaint Center, bad actors would replace original digital and physical QR codes with tampered ones that would take unknowing users to phishing […]
U.S. federal security agencies, including the FBI, are ramping up their efforts to counter cyber threats without solely resorting to criminal indictments, according to an official from the bureau. Bryan Vorndran, deputy assistant director of the FBI’s Criminal Investigative Division, said the agency is more now more prudent in timing its indictments and in deciding […]
The Federal Bureau of Investigation wants to be among the first agencies to be notified in the event of a major cyber breach, and it wants that to be explicitly stipulated in the law. Late in 2021, the House hurriedly passed incident reporting legislation that requires affected organizations to report cyber incidents to the Cybersecurity […]
The chairwoman of the Federal Communications Commission wants to amend the agency’s rules on telecommunications companies’ duty to notify customers and government authorities about data breaches. FCC Chair Jessica Rosenworcel circulated a notice of proposed rulemaking to align the commission’s breach disclosure policy with recent developments in state and federal legislation, the FCC said Wednesday. […]
The U.S. Cyber Command posted over a dozen malware samples to the VirusTotal website on Wednesday to inform organizations about potential Iranian cyberattacks. USCYBERCOM said in a statement that the samples represent open-source tools that Iranian actors use around the world. The list refers to MuddyWater, a label for suspected Iranian government hacking activities that […]
