Civilian

Water treatment facilities named in joint cyber advisory

To help water and wastewater utilities protect their IT and operational technology systems from cyberattack, the FBI, Cybersecurity and Infrastructure Agency, Environmental Protection Agency and National Security Agency have outlined steps facilities can to take steps to defend themselves.

CISA releases final TIC 3.0 remote user use case

The guidance gives federal agencies instructions on applying network and multi-boundary security for remote users.

How the cloud eased the VA's pains during the pandemic

During the height of the pandemic, the Department of Veteran Affairs moved its increasingly popular video telehealth service to the cloud, one of about 100 applications scheduled to be migrated by the end of 2024.

VA readies cloud-based data platform

VA Data Commons features computing infrastructure, co-located data and commonly used software services, tools, and apps for managing, analyzing and sharing data.

NSA, CISA issue Kubernetes security guidance

A new report, “Kubernetes Hardening Guidance,” details threats to the container orchestration environment and provides configuration guidance to minimize risk.

FBI wants more help from hacked companies

Without regular, prompt and transparent participation of the private sector, the FBI will “have a heck of a time winning this conflict," Director Chris Wray told Senate appropriators.

Homeland Security begins aggressive cyber workforce expansion

Department of Homeland Security launched its 60-day workforce sprint with an aggressive campaign to hire 200 cyber personnel by July 1.

DHS, White House turn spotlight on ransomware

The Department of Homeland Security and the White House are putting the spotlight on combatting ransomware, actively developing plans to confront the issue.

CISA issues warning on exploited VPN flaw

A Chinese hacking campaign is using known flaws in a virtual private network application to breach entity networks and implant the SUPERNOVA malware.

NIST issues draft election security framework

The National Institute of Standards and Technology has published a draft framework that takes NIST's pre-existing cybersecurity best practices and applies them to the voting equipment and information systems supporting elections.

NIST charting federal vulnerability disclosure policy

To design a software vulnerability program for the federal government, the National Institute of Standards and Technology is reviewing work done by the Defense and Homeland Security Departments.

NIST posts enhanced requirements for protecting CUI

The National Institute of Standards and Technology has published requirements that can help organizations protect controlled unclassified information against nation-state backed threats.

Validating the security of contact tracing apps

The Department of Homeland Security has tapped a startup to ensure that contact tracing apps protect users’ security, privacy and civil liberties.

In search of a smarter Einstein

If the Einstein intrusion detection system was unlikely to have detected the malware that was delivered via the SolarWinds Orion update, how can it be fixed?

SolarWinds hackers accessed DOJ email

Suspected Russian intelligence agents are believed to have accessed "around" 3% of email inboxes, but not any classified systems, according to a Justice Department spokesman.

CISA updates on SolarWinds compromise

To help agency leaders mitigate the SolarWinds Orion software compromise, the Cybersecurity and Infrastructure Security Agency issued new guidance and posted two new resources.

Coast Guard may soon be carrying handheld translators

Department of Homeland Security has awarded Phase 1 funding to Kynamics to build a portable, standalone language translator.