Author Archive
Justin Katz
Cybersecurity
Survey shows many water utilities struggle with cybersecurity
The water industry, like most critical infrastructure sectors, shows a range of cybersecurity preparedness levels even as threats grow, according to a new survey.
Cybersecurity
Senate bill boosts penalties for cyber criminals
New legislation would create stricter penalties for cyberattacks against critical infrastructure and give the Justice Department more options for bringing charges against criminals in foreign countries.
Cybersecurity
Lawmakers grill Colonial Pipeline CEO over ransomware payment
House lawmakers on Wednesday were keen to ask Colonial Pipeline's chief executive officer what he knew about the ramifications of making a ransom payment and how it might affect the company's finances.
Cybersecurity
What to make of the Supreme Court's ruling on unauthorized system access
The high court's ruling last week decided a police officer did not violate a 1980s anti-hacking law, but the court ultimately left open questions about the Computer Fraud and Abuse Act's applicability for other purposes such as cybersecurity research.
Cybersecurity
SolarWinds hackers launch phishing attack
In some cases, the attackers disguised their phishing emails to look as though they came from the U.S. Agency for International Development.
Emerging Tech
Should TSA be regulating pipeline cybersecurity?
In the wake of the ransomware attack on Colonial Pipeline's business systems, lawmakers and government officials are re-examining where the responsibility for the cybersecurity of energy pipelines should be housed.
Cybersecurity
Cyber EO lays a foundation for securing government
The Biden administration’s long-anticipated cybersecurity executive order lays the groundwork for modernizing cyber defenses and protecting critical services from attack by improving incident response and information sharing between the public and private sectors.
Infrastructure
Pipeline attack highlights ransomware threats to infrastructure
The cyberattack against Colonial Pipeline, which led to the precautionary shutdown of fuel pipelines serving the East Coast, underscores the dangers of ransomware.
Cybersecurity
DOE 'totally focused' on cyber, Granholm says
The Energy secretary said DOE is committed to getting industry partners the tools, the intelligence and cyber response they need to address today's threats.
Cybersecurity
DHS pushes to hire 200 cyber pros
Department of Homeland Security launched its 60-day workforce sprint with an aggressive campaign to hire 200 cyber personnel by July 1.
Cybersecurity
DHS, White House turn spotlight on ransomware
The Department of Homeland Security and the White House are putting the spotlight on combatting ransomware, actively developing plans to confront the issue.
Featured eBooks
Cybersecurity
CISA tests cloud log aggregation to ID threats
The Cybersecurity and Infrastructure Security Agency is testing how well aggregated cloud logs can feed its cybersecurity analysis efforts and improve cloud network visibility.
Infrastructure
Joint advisory warns of Russian operations targeting cloud, email
A new advisory describes how organizations can counter tactics and techniques used by Russia’s SVR foreign intelligence service, the attackers behind the intrusion involving SolarWinds.
Cybersecurity
CISA issues warning on exploited VPN flaw
A Chinese hacking campaign is using known flaws in a virtual private network application to breach entity networks and implant the SUPERNOVA malware.
Cybersecurity
U.S. agencies compromised by VPN flaws
A number of federal agencies were compromised through vulnerabilities found in virtual private networking software made by Pulse Connect Secure, the Cybersecurity and Infrastructure Security Agency confirmed.
Cybersecurity
White House stands down SolarWinds, Microsoft Exchange cyber response groups
The White House is suspending the two interagency groups tasked with managing the government's response to the cybersecurity incidents involving SolarWinds and Microsoft Exchange, citing improving trends in patching.
Cybersecurity
Russia sanctioned over SolarWinds, election interference -- even as cyber espionage continues
The White House announced a range of sanctions against Russia, and security agencies warned of software vulnerabilities that Russian intelligence services are actively exploiting.
Cybersecurity
NSA spots new Exchange CVEs, Microsoft issues patches
While the new vulnerabilities are separate from the four zero-day exploits found in March, the National Security Agency is urging organizations to immediate apply the Microsoft patches.
Cybersecurity
APT threat exploits Fortinet OS flaws, CISA, FBI warn
Old vulnerabilities in enterprise software from Fortinet is allowing advanced persistent threat actors to gain access to government and industry networks.
Cybersecurity