The National Security Agency has released a joint advisory with three other agencies detailing how cyber actors associated with the Russian Foreign Intelligence Service, or SVR, continue to exploit victim networks. The advisory, titled “Further TTPs associated with SVR cyber actors,” included input from the U.K. National Cyber Security Centre, the Cybersecurity and Infrastructure Security […]
A ransomware attack believed to have been carried out by a Russian criminal group has forced Colonial Pipeline to temporarily shut down its operations. According to the pipeline’s operator, the attack crippled the company’s computer systems. Colonial Pipeline assured that it has already taken certain systems offline to contain the threat, The Maritime Executive reported. […]
The Biden administration will likely retain a Trump-era directive that outlines ways to secure space systems from cybersecurity threats. Space Policy Directive 5, which was issued last September, is currently under review for possible addition of new updates, Nextgov reported. The original directive lists five cybersecurity principles for space systems. These include integrating risk-based, cybersecurity-informed […]
The Cyber Readiness Institute has called on President Joe Biden to place immediate measures that will protect small- and medium-sized businesses from cyberattacks. On May 6, the institute published a white paper noting that SMBs must have easier access to cybersecurity resources as well as human behavior-focused “easy-to-adopt” programs that impact daily operations. The nonprofit […]
Two lawmakers have introduced a bill aimed at empowering the National Guard to better respond to cyber threats. The National Guard Cybersecurity Support Act would give governors more authority over the deployment of National Guard forces against attacks on water supplies, electrical systems and agencies, C4ISRNET reported Thursday. “Being ready to tackle the next generation […]
Ivanti has released a software update to resolve the recently disclosed zero-day authentication bypass vulnerability affecting the Pulse Connect Secure VPN software. The software update addresses a security flaw tracked as CVE-2021-22893, which cyber actors are currently exploiting to gain access to compromised devices. The patch is the only known solution to remediate the issue, […]
The U.S. Cyber Command is shifting the priorities of its Joint Task Force-Ares to combat today’s threats. The majority of JTF-Ares will shift its focus from conducting counterterrorism operations against the Islamic State group to battling nation-state actors. The move to shift the team’s focus comes amid nation-state actors’ increasing development of cyber and information-related […]
The Department of Defense has expanded its Vulnerability Disclosure Program and allowed white hat hackers to target all of the department’s publicly accessible information systems. Ethical hackers were originally limited to the Pentagon’s public-facing websites. They may now also research and report vulnerabilities related to frequency-based communication, the internet of things, industrial control systems and […]
The U.S. needs to upgrade the nuclear command, control and communications system that functions as the link between nuclear forces and presidential authority to get rid of cyber attacks, according to Sen. Angus King. On May 1, King, chairman of the Senate Armed Services Committee’s subcommittee on strategic forces, and a bipartisan group of senators […]
Mark Bowling, a former FBI agent, has been named ExtraHop’s new vice president of security response services. In a statement, Raja Mukerji, co-founder and chief customer officer at ExtraHop, touted Bowling’s expertise in managing cyber risk and security incident response. He believes that Bowling’s insights will be critical to the company’s expansion into the network […]
