Author Archive

Justin Katz

Cybersecurity Reporter

Justin Katz is a former staff writer at FCW.


Survey shows many water utilities struggle with cybersecurity

The water industry, like most critical infrastructure sectors, shows a range of cybersecurity preparedness levels even as threats grow, according to a new survey.


Senate bill boosts penalties for cyber criminals

New legislation would create stricter penalties for cyberattacks against critical infrastructure and give the Justice Department more options for bringing charges against criminals in foreign countries.


Lawmakers grill Colonial Pipeline CEO over ransomware payment

House lawmakers on Wednesday were keen to ask Colonial Pipeline's chief executive officer what he knew about the ramifications of making a ransom payment and how it might affect the company's finances.


What to make of the Supreme Court's ruling on unauthorized system access

The high court's ruling last week decided a police officer did not violate a 1980s anti-hacking law, but the court ultimately left open questions about the Computer Fraud and Abuse Act's applicability for other purposes such as cybersecurity research.


SolarWinds hackers launch phishing attack

In some cases, the attackers disguised their phishing emails to look as though they came from the U.S. Agency for International Development.

Emerging Tech

Should TSA be regulating pipeline cybersecurity?

In the wake of the ransomware attack on Colonial Pipeline's business systems, lawmakers and government officials are re-examining where the responsibility for the cybersecurity of energy pipelines should be housed.


Cyber EO lays a foundation for securing government

The Biden administration’s long-anticipated cybersecurity executive order lays the groundwork for modernizing cyber defenses and protecting critical services from attack by improving incident response and information sharing between the public and private sectors.

Cloud & Infrastructure

Pipeline attack highlights ransomware threats to infrastructure

The cyberattack against Colonial Pipeline, which led to the precautionary shutdown of fuel pipelines serving the East Coast, underscores the dangers of ransomware.


DOE 'totally focused' on cyber, Granholm says

The Energy secretary said DOE is committed to getting industry partners the tools, the intelligence and cyber response they need to address today's threats.


DHS pushes to hire 200 cyber pros

Department of Homeland Security launched its 60-day workforce sprint with an aggressive campaign to hire 200 cyber personnel by July 1.


DHS, White House turn spotlight on ransomware

The Department of Homeland Security and the White House are putting the spotlight on combatting ransomware, actively developing plans to confront the issue.


CISA tests cloud log aggregation to ID threats

The Cybersecurity and Infrastructure Security Agency is testing how well aggregated cloud logs can feed its cybersecurity analysis efforts and improve cloud network visibility.

Cloud & Infrastructure

Joint advisory warns of Russian operations targeting cloud, email

A new advisory describes how organizations can counter tactics and techniques used by Russia’s SVR foreign intelligence service, the attackers behind the intrusion involving SolarWinds.


CISA issues warning on exploited VPN flaw

A Chinese hacking campaign is using known flaws in a virtual private network application to breach entity networks and implant the SUPERNOVA malware.


U.S. agencies compromised by VPN flaws

A number of federal agencies were compromised through vulnerabilities found in virtual private networking software made by Pulse Connect Secure, the Cybersecurity and Infrastructure Security Agency confirmed.


White House stands down SolarWinds, Microsoft Exchange cyber response groups

The White House is suspending the two interagency groups tasked with managing the government's response to the cybersecurity incidents involving SolarWinds and Microsoft Exchange, citing improving trends in patching.


Russia sanctioned over SolarWinds, election interference -- even as cyber espionage continues

The White House announced a range of sanctions against Russia, and security agencies warned of software vulnerabilities that Russian intelligence services are actively exploiting.


NSA spots new Exchange CVEs, Microsoft issues patches

While the new vulnerabilities are separate from the four zero-day exploits found in March, the National Security Agency is urging organizations to immediate apply the Microsoft patches.


APT threat exploits Fortinet OS flaws, CISA, FBI warn

Old vulnerabilities in enterprise software from Fortinet is allowing advanced persistent threat actors to gain access to government and industry networks.


DHS to launch cyber sprints

The Department of Homeland Security will embark on a series of 60-day sprints to move forward on ransomware and cybersecurity workforce issues as well as defense of industrial control systems, transportation systems and election infrastructure.