Cybersecurity

Watchdog calls out EPA for continued cybersecurity concerns

The EPA has still not implemented GAO’s 2019 recommendation to develop a process for conducting an organization-wide cybersecurity risk assessment. 

CISA would get millions for cyber workforce outreach to underserved communities under new bill

The measure comes amid concerns from cybersecurity officials and professionals over how workforce diversity gaps may threaten U.S. cyber defenses.

VA is warning veterans about Change Healthcare cyberattack, secretary says

“There’s no confirmation yet” that veterans’ data was leaked by the ransomware attack, according to the VA secretary, but the department is proactively alerting millions of veterans and beneficiaries to be safe. 

Federal CIO defends Login security after health agency dropped it from grantee system

Clare Martorana doubled down on Login’s capabilities, saying the government “needs to continue to rely” on the tool.

HHS removed Login from its grantee payment system after funding theft

Hackers used data from a federal contracting hub to steal funding from seven grantee organizations in an HHS breach that occurred last year. Both HHS and GSA say that Login.gov was not compromised or connected to the theft.

Russian hackers accessed federal agencies' emails in Microsoft breach, CISA says

The alert comes a week after Microsoft was faulted in a Homeland Security Department report for fostering a security culture that enabled a similar China-backed cyberattack last year.

Congress tries again for comprehensive data privacy bill

The bill would establish national data privacy standards, with the Federal Trade Commission crafting rules for enforcement.

The Pentagon wants to help boost cybersecurity for small contractors

A new strategy outlines how the Defense Department plans to increase security and strengthen relationships across the industrial base.

U.S. accuses Chinese hackers of a 14-year campaign targeting government officials

The coordinated charges include sanctions on Chinese government-affiliated hackers and an up to $10 million reward for information about the defendants.

U.S. still finding victims of advanced China-linked hacking campaign, NSA official says

The Volt Typhoon hacking collective, backed by the Chinese People’s Liberation Army, has been working to burrow into sensitive U.S. systems, officials previously said.

Ex-NSA innovation chief’s new startup looks to future-proof federal agencies against cyberthreats

Kevin Keaton’s Eyris would fuse blockchain technologies into advanced security solutions to defend federal agencies, the Pentagon and others against cyber threats.

CISA targeted through Ivanti VPN vulnerabilities, reports say

The DHS agency has been issuing warnings about Ivanti products since at least 2020.

Biden's $1.67 trillion budget boosts tech, AI

The Biden administration’s FY2025 budget request provides agencies with $3 billion “to responsibly develop, test, procure and integrate transformative AI applications across the federal government.”

Lawmakers try to reform federal cybersecurity again

The House Oversight and Accountability Committee passed a FISMA modernization proposal on to the full floor on Thursday.

New bill aims to bring SNAP card security up to credit card standards

Security standards for SNAP cards have not kept pace with industry advancements, lawmakers say.

Government facilities were third largest ransomware target in 2023, FBI says

The FBI’s IC3 findings also show government official impersonation scams are on the rise.