Government News, Articles and Updates

DHS Secretary Kirstjen Nielsen asserts White House is committed to election security

Speaking today at RSA 2018, Homeland Security Secretary Kirstjen Nielsen offered public assurances that the Trump White House is committed to defending U.S. election infrastructure against foreign influence and hackers, despite concerns that the administration is not taking the threat seriously enough.

U.K. intel director discloses offensive cyber campaign against ISIS, lambastes Russia

In his first public speech, the U.K.'s GCHQ Director Jeremy Fleming acknowledged that the agency recently coordinated a major cyber offensive operation against ISIS, significantly crippling the terrorist group's ability to recruit and coordinate attacks online.

Government cyber defenses should look to AI, behavior analytics, Cisco report

As threat actors weaponize more technology, Cisco researchers warn government agencies should look to behavior analytics in order to face new threats.

Report: Secret Service warns of crooks swapping out chips on stolen debit cards

Financial institutions were reportedly warned in a memo by the U.S. Secret Service of a new scam whereby thieves intercept debit cards in the mail, remove their chips and replace them with older or invalid ones, and begin using the stolen chips when their rightful owner activates the sabotaged card.

U.S. Department of Interior CIO office fails IG cybersecurity inspection

The U.S. Department of the Interior Office of the Chief Information Officer (OCIO) essentially received a failing grade from its own Office of the Inspector General (IG) when it comes to following NIST for incident detection and response.

Russia takes Telegram to court over refusal to release encryption keys

The Russian government retaliated against the Telegram messaging app by filing a lawsuit that would stop or limit access to the app in that country after the company refused a request by the government to turn over its encryption keys to the FSB.

DHS acknowledges unauthorized foreign Stingray use in Washington D.C.

The United States government for the first time publicly acknowledged the existence of what appear to be stingray devices used by foreign intelligence in the U.S. capital region

Alleged LinkedIn hacker Yevgeniy Nikulin extradited to U.S., pleads not guilty

The U.S. successfully extradited accused Russian hacker Yevgeniy Nikulin from the Czech Republic last week, winning a political tug-of-war with Moscow, which sought to return him to his home country.

Leaked Documents claim Cambridge Analytica Affiliate Gave Facebook Data to John Bolton

A whistleblower has released documents bolstering claims the U.K. company at the center of the Facebook-Cambridge Analytical scandal didn't destroy user data.

Airbnb China announces it will share user data with government

Airbnb is notifying its users in China that the company will share guest's information with authorities to comply with national laws and regulations.

Hack the State Department bill introduced

Two congressmen have introduced a bill that would create a bug bounty program to challenge ethical hackers to find cyber weaknesses in the State Department.

DDoS round-up: Russia claims election website was attacked; New tool offers memcached amplification attacks

Russian officials are claiming their Central Election Commission's website repelled a distributed denial of attack last Sunday during the country's national elections, which incumbent President Vladimir Putin predictably won in a landslide victory.

Suspected Chinese cyberespionage group targets U.S. engineering, maritime Industries

The suspected Chinese cyberespionage group dubbed "TEMP.Periscope" is targeting U.S. engineering and maritime Industries in its latest campaign.

Cellebrite competitor GrayKey raises security concerns with iPhone unlocking device

A product made by Cellebrite competitor GrayKey is raising security concerns over a standalone device capable of unlocking iPhones.

Middleboxes in Turkish telecom redirecting users to nation-state spyware

Security researchers have uncovered how deep packet inspection middleboxes are being used either to expose Turkish nationals to nation-state spyware or to redirect Egyptian Internet users to ads and browser cryptocurrency.

Survey: Government workers fear doctors and dentists over data breaches; ghosts and aliens not far behind

A recent survey of 110 U.S. government employees who hold a security clearance at their organization found that more respondents listed heights, food poisoning and doctor/dentist visits as one of their biggest fears than having their company's files stolen in a breach.

Cyber-attacks against Russia may follow attempted nerve agent killing in UK

Offensive cyber-attacks against Russia are reported to be among options under consideration by the UK if it is dissatisfied with Russia's explanation by midnight today of the use in this country of Russian nerve agent Novichok.

Chinese Ministry of State Security caught manipulating critical CVE data

Early warnings arrive late: Newly published research from Recorded Future reveals that China has been manipulating critical vulnerability data, and then back dating CVEs to cover up the evidence.

Report: Hope Hicks testified that email account was hacked

Prior to announcing her impending resignation on Feb. 28, former White House communications director Hope Hicks told federal lawmakers in private testimony that one of her email accounts was hacked, according to NBC News.

Security clearances for Jared Kushner, other White House officials downgraded

President Donald Trump's senior advisor and son-in-law Jared Kushner had his security clearance downgraded.

USPS introduces snail mail alerts to help secure Informed Delivery service

Having recently introduced a new "Informed Delivery" service that could potentially allow snoops to read scanned images of another person's or business' mail, the U.S. Postal Service is reportedly now sending out snail mail notifications to individuals to make sure that they knowingly have been signed up for the program.

Senator says Facebook should clean up bots or face fines

Sen. Amy Klobuchar, D-Minn., said social media companies should be fined if they can't get rid of bots on their platforms.

Nation state cyber-attacks on the rise - detect lateral movement quickly

Line between cyber-criminals and nation state hackers increasingly blurred. The volume and intensity of cyber-attacks hit a new high in 2017 alongside the increasing level of sophistication of hacks.

SEC issues cybersecurity guidance disclosure

The Security and Exchange Commission's cybersecurity guidance doesn't go far enough, critics say.

California Department of Fish and Wildlife says insider exposed employee and vendor records

California's Department of Fish and Wildlife has reportedly issued an internal memo warning that a former employee downloaded worker and vendor records to a personal device without authorization, and stored them on an insecure network.

Rep. Walz appeals to DOJ to investigate Veterans Affairs Secretary's hacking claims

In light of claims from Department of Veterans Affairs Secretary Davis Shulkin that his top aide's email was hacked, U.S. Rep. Tim Walz of Minnesota has reportedly sent a letter to Attorney General Jeff Sessions asking the Justice Department to investigate.

Olympics Malware attack may have been part of larger cyberespionage scheme

Researchers discovered new details in the "Olympic Destroyer" malware which targeted the Winter Olympics in n Pyeongchang, South Korea.