The White House’s National Security Telecommunications Advisory Committee is calling on the federal government to adopt new programs to incentivize critical infrastructure operators that adhere to cybersecurity standards. The group, composed of representatives from U.S. telecommunications and cybersecurity companies, said the need to introduce new incentive programs comes from the fact that current market forces […]
The FBI’s Internet Crime Complaint Center has released a report showing that health care and public health institutions, manufacturing establishments and government facilities were the top three ransomware attack targets in 2023. The ranking was based on the 1,193 incident reports that the IC3 received from U.S.-designated critical infrastructures, with metrics like financial losses also […]
IBM has opened the IBM X-Force Cyber Range, a facility that allows trainees to engage in exercises to fend off cyberthreats and dangers posed by artificial intelligence. The facility can simulate various scenarios, including AI code poisoning, deepfake zero-day attacks and other cyber intrusions. Trainees can engage in crisis response exercises, cyber wargames and offensive […]
The National Security Agency has released “Advancing Zero Trust Maturity Throughout the Network and Environment Pillar,” a Cybersecurity Information Sheet that provides recommendations on how to use zero trust principles to strengthen internal network control and contain network intrusions. According to the CSI, the network and environment pillar, one of the pillars that compose the […]
The Department of the Treasury has sanctioned entities connected to the Predator spyware. Brian Nelson, the department’s sanctions lead, said the penalties are meant to discourage the use of commercial surveillance tools that could pose national security risks, CyberScoop reported. Researchers previously found that malicious actors used Predator to target dissidents, journalists and officials. The […]
The Department of Energy has announced Rockwell Automation’s entry into the Cyber Testing for Resilient Industrial Control Systems program, tasking the company to assess critical infrastructure components for vulnerabilities. CyTRICS is the testing arm of Energy Cyber Sense, a White House initiative to develop cybersecurity risk management capabilities and resources for the national energy sector […]
The Cybersecurity and Infrastructure Security Agency issued an advisory on Thursday about ransomware deployed by the Phobos hacking group. According to CISA, Phobos is a ransomware-as-a-service group that targets municipal and county governments, emergency services, educational institutions, public health agencies and other critical infrastructure sectors. The agency also noted that Phobos targets state, local, tribal […]
The Cybersecurity and Infrastructure Security Agency, along with the FBI and other partners, have issued a new advisory warning on the multiple vulnerabilities within the Ivanti Connect Secure and Ivanti Policy Secure gateways. The advisory provides detection methods, such as Volexity’s open-source YARA, which network defenders can use to hunt for malicious activity. To deter […]
Military-grade cyber range and training provider SimSpace has announced that Carahsoft Technology will distribute its solutions to the public sector through reseller partners and contract vehicles. Government agencies will gain access to advanced cybersecurity training and simulated environments, SimSpace said. The SimSpace Cyber Force platform, already available to the public sector through Carahsoft’s partnership with […]
The Cybersecurity and Infrastructure Security Agency is exploring ways of prompting state and local governments to count university cybersecurity clinics as funding candidates under the State and Local Cybersecurity Grant Program that the Department of Homeland Security initiated in 2022. The awarding of the grants is among the proposed steps in a guide CISA published […]
