Government News, Articles and Updates

Pawn Storm readied attacks against U.S. senators, political and Olympic targets

The cyberespionage gang Pawn Storm had an extremely active second half of 2017 with targets ranging from the Olympic Wintersports Federations to various political targets.

Taiwanese police reward malware laced USB sticks as prizes for cybersecurity quiz

Taiwanese police handed out malware-laden USB sticks as prizes for a security quiz given during an infosec conference in December 2017.

Proposed law would levy substantial penalties on breached credit reporting agencies

A newly proposed legislation introduced by two Democratic U.S. senators aims to impose stiff, mandatory penalties on credit reporting agencies (CRAs) like that fail to protect consumers' sensitive information from data breaches.

North Carolina introduces data breach legislation, after incidents rise in 2017

More than 5.3 million residents of North Carolina were victims of data breaches in 2017 - an escalating trend that has prompted state Attorney General Josh Stein (D) and state Rep. Jason Saine (R) to introduce newly proposed legislation to prevent further incidents and protect the public.

India's 1.2 billion citizen national database reportedly breached

India's national ID database containing the information of nearly 1.2 billion people was breached with cybercriminals selling access to the information for $8.

New Jersey State Police spent $850,000 on Harris Corp. stingray devices

Information obtained via right-to-know request revealed The New Jersey State Police spent at least $850,000 on stingray devices from Harris Corp.

Anderson Cooper's Twitter hacked to insult Trump after Moore loss

Anderson Cooper said he woke Wednesday morning to find his Twitter account had been hacked.

U.S. House passes legislation to create Cybersecurity and Infrastructure Security Agency

The U.S. House of Representatives on Monday unanimously passed H.R. 3359, a legislation that would redesignate DHS' National Protection and Programs Directorate as the Cybersecurity and Infrastructure Security Agency.

Former NSA employee pleads guilty for stealing classified data, related to Kaspersky incident

A former NSA employee pleaded guilty to taking classified national defense information that was later stolen by Russian spies.

Senators demand answers from Uber after breach debacle

U.S. senators on both sides of the aisle have sent letters to Uber demanding answers in the wake of the transportation company's disclosure that it had concealed an October 2016 hacking incident that compromised the information of 57 million customers and drivers.

FCC Chairman submits plan to end net neutrality; New York AG claims agency is hindering probe

The FCC chairman has announced a draft of his plan to dismantle net neutrality rules, prompting outcries from the digital rights community, as well as New York AG Eric Schneiderman, who claims the FCC is impeding a probe into fraudulent comments left on the agency's website.

Amazon Web Services launches hosting service for Secret-level government documents

Amazon Web Services has launched a new cloud-based hosting service that can accommodate government intelligence, files and work product classified as Secret or below.

Defending Digital Democracy Project issues guidebook for securing election campaigns

The Defending Digital Democracy Project on Monday released its first edition of "The Cybersecurity Campaign Playbook," a guide to help election campaign operatives, even those without technical backgrounds, protect their candidates from hacker interference.

Manhattan DA speaks on burden of hiring hackers to beat smartphone encryption

Cy Vance spoke on the lack of federal legislation to force tech giants to make exceptions in smartphone encryption for when judicial warrants are issued.

Colorado implements Risk-Limiting Audit process to verify election results

Colorado is implementing a Risk-Limiting Audit Process to verify election results in hopes of building more confidence in the outcome of its elections.

DHS, FBI analyze North Korean Hidden Cobra, FallChill

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have officially revealed the IP addresses that the agencies say are used by the North Korean government to administer the RAT FallChill.

Maine IT Office leaks foster child data

The Maine Office of Information Technology is notifying approximately 2,100 foster parents that their personal data was briefly exposed on a third party site.

Trump tweeted about hacked emails after WikiLeaks sent request his son

The correspondence was part of a series of communications between the President's son and Wikileaks that that Trump, Jr., handed over to congressional investigators.

Michigan to implement 211 cybercrime hotline

A Michigan non-profit is working with federal, state, and local law enforcement to add services to the already established 211 system to serve victims of cybercrimes.

Estonia suspends national 760,000 ID cards found prone to encryption vulnerability

Estonia on Friday blocked the certificates of 760,000 national ID cards in response to a cryptographic vulnerability that researchers have discovered is even more dangerous than originally reported.

Texas National Guard spent $373,000 on stingray equipment

The Texas National Guard last year spent more than $373,000 to install two of its DRT 1301C "portable receiver systems" in two RC-26 secretive surveillance aircraft.

Hilton to pay $700,000 in data breach settlement with New York, Vermont

Hilton hotels has reached a $700,000 joint settlement with the New York Attorney General's office for a pair of data breaches that were discovered in 2015, including one that exposed more than 350,000 credit card numbers.

New EU framework reportedly will allow member nations to consider cyberattacks acts of war

A forthcoming policy framework from the European Union will declare that cyberattacks from hostile actors can be considered an act of war that under the most serious of circumstances justifies a response with conventional weapons.

McAfee won't allow government code reviews as Kaspersky offers more transparency

McAfee announced it will no longer permit foreign governments to scrutinize its product source code for hidden backdoors.

Anonymous targets Spanish government sites in Catalan independence controversy

Hackers from the vigilante group Anonymous targeted websites run by Spain's Ministry of Public Works and Transport on Oct. 21 in support of the Catalan independence movement.

Company offers cybersecurity scholarships for returning vets

Engility Holdings and the Center for Cyber Safety and Education are offering a scholarship program to help returning veterans gain cybersecurity certifications to reenter the workforce.

UK to open second investigation into Equifax breach

The UK Financial Conduct Authority (FCA) has opened an investigation into the massive Equifax data breach that exposed almost 700,000 British citizens and 145.5 million worldwide.

Research: U.S. slower than China at recording bugs in national vulnerability database

China's National Vulnerability Database (CCNVD) is much faster than its U.S. counterpart when it comes to reporting the latest confirmed product vulnerabilities, according to newly published research from Recorded Future.