The Cybersecurity and Infrastructure Security Agency’s EINSTEIN intrusion detection system found that remote-access tool exploitation, fileless Trojan malware and cryptocurrency mining software accounted for 90% of the observed threat activity against civilian federal systems and networks in May.
A pilot program has demonstrated a way to speed the expensive and time-consuming security compliance checks required for mobile apps developed or used by federal agencies.
Agencies must adopt rigorous means to secure their data by sharing responsibilities with cloud service providers and deploying zero trust for accessing network resources.
A recent survey of bug bounty participants found that they don’t hunt bugs for the money, but motivated by the work’s flexible hours and chances to improve their skills.
The Department of Energy is gearing up to lock down the nation’s electric grid by prequalifying vendors of bulk power equipment.
As work-from-home mandates went into effect, many agencies were forced to speed up their cloud migration projects, introducing additional security vulnerabilities and increasing the attack surface.
The Department of Homeland Security is expanding its insider threat program to encompass "all those with past or current access to DHS facilities, information, equipment, networks, or systems" according to a new Privacy Impact Assessment.
The key to moving the Nuclear Regulatory Commission’s workforce from 98% onsite to 98% remote when work-from-home orders were issued was preparation.
Congress has put forward a number of bills designed to address cyber fraud during and after the pandemic.
By studying previous attacks, and identifying how the attacker’s behavior deviates from the norm, artificial intelligence can flag suspicious activity.