Cybersecurity
U.S. still finding victims of advanced China-linked hacking campaign, NSA official says
The Volt Typhoon hacking collective, backed by the Chinese People’s Liberation Army, has been working to burrow into sensitive U.S. systems, officials previously said.
FCC approves cyber labeling program for IoT devices
The move is one of several directives underpinning a sweeping Biden administration plan to shore up U.S. cybersecurity.
CISA rolls out secure software attestation form
A repository for software attestation submissions will be available later in March.
HHS launches probe into UnitedHealth over ransomware attack on subsidiary
The probe will examine the company's compliance with laws safeguarding patient data.
China, Russia and Iran capable of disrupting 2024 elections, intel assessment warns
Three nations have the means of deploying campaigns attempting to scramble election outcomes in November, according to the intelligence community’s annual worldwide threat assessment.
CISA targeted through Ivanti VPN vulnerabilities, reports say
The DHS agency has been issuing warnings about Ivanti products since at least 2020.
Lawmakers try again with FISMA reform
The House Oversight and Accountability Committee passed a FISMA modernization proposal on to the full floor on Thursday.
Exclusive
Flaws in public records management tool could let hackers nab sensitive data linked to requests
The GovQA platform, created by IT company Granicus, contained vulnerabilities that could have let cybercriminals retrieve tranches of sensitive files tied to public records requests, a security researcher revealed to Nextgov/FCW.
Government facilities were third largest ransomware target in 2023, FBI says
The FBI’s IC3 findings also show government official impersonation scams are on the rise.
House panel to weigh bill barring data brokers from making transfers to foreign rivals
The measure, backed by the House Energy and Commerce Committee’s leaders, considers similar data types listed in a recently signed data security executive order.
CISA is coordinating with election security partners for Super Tuesday voting
The principal agency responsible for election security is asking public and private sector election administrators to share potential threat information as voters go to the polls.
Biden’s new data security order leaves industry officials, privacy advocates scratching their heads
Implementing the executive order will involve crafting new legal mechanisms for data transfers while assuaging ongoing privacy concerns.
FCC staff targeted in phishing attack that cloned agency login site
A cybercriminal group built a duplicate webpage used by employees to validate their login credentials.
Featured eBooks