Government | SC Media

Government

OMB: Federal agencies reported 8 percent fewer cybersecurity incidents in FY 2019

A new report issued by the U.S. Office of Management and Budget (OMB) says federal agencies reported eight percent fewer cybersecurity incidents in fiscal year 2019, compared to 2018 — an improvement it attributes to the recent “maturation of agencies’ information security programs.” High-value IT assets (HVAs) remain a work in progress, however: In FY…

‘Sandworm Team’ hackers from Russia are exploiting Exim, warns NSA

The U.S. National Security Agency on Thursday issued an advisory alleging that hackers from Russia’s Main Intelligence Directorate (GRU) have been actively exploiting a remote code execution vulnerability in Exim Mail Transfer Agent (MTA) software, found in Unix-based systems. Researchers and analysts reacting to the agency’s warning say the announcement is an important reminder that…

Kentucky is 6th state to disclose leak of unemployment claims amid Covid-19

Kentucky has become the sixth state to disclose a data leak related to unemployment-related forms that has taken place during the Covid-19 pandemic. The Kentucky Education & Workforce Development Cabinet (EWDC) on Thursday acknowledged that a vulnerability in its Unemployment Insurance Portal caused a data leak that allowed insurance claimants to view the identity verification…

Execs, dignitaries call on nations to help end cyberattacks on health care orgs

The CyberPeace Institute and dozens of international leaders and dignitaries on Tuesday collectively urged the world’s governments in an open letter to help put an end to cyberattacks on hospitals and health care institutions that are already under the incredible strain of combatting the Covid-19 pandemic. “Over the past weeks, we have witnessed attacks that…

Colorado, Florida & Ohio become latest states to disclose PUA program data leaks

Colorado, Ohio and Florida have become the latest states to disclose the accidental exposure of information belonging to citizens who applied to the federal Pandemic Unemployment Assistance program as a means of seeking some financial security during the ongoing COVID-19 crisis. In all cases, the states said a very limited number of people inadvertently gained…

Alleged Collection 1 hacker nabbed; ransomware campaign targeting hospitals disrupted

The Ukrainian Secret Service on Tuesday announced the arrest of a man who they say is the hacker who amassed hundreds of millions of stolen credentials and then used an internet message board to announce their availability as a data set known as Collection 1. And in another significant win for law enforcement officials, Romania…

Low unemployment

Arkansas, Illinois COVID-19 unemployment websites leak data

Arkansas and Illinois both reportedly exposed sensitive citizen data after failing to adequately secure web services that the states urgently propped up in order to process applications for the federal Pandemic Unemployment Assistance program. Experts say the hurried pace of setting up these digital services could very well have resulted in glitches and overlooked gaps…

Online leak undermines Torrance’s claim that no personal data was affected by cyberattack

A new online post by the DoppelPaymer gang further suggests that a cyberattack experienced by Torrance, California in late February-early March was a case of ransomware — one that appears to have affected personal data, despite the Los Angeles-area city’s claims otherwise. Brett Callow, threat analyst at Emsisoft, shared several examples of sensitive data published…

U.S. offers up to $5M for info on North Korean cyber activity

Four U.S. federal agencies on Wednesday jointly issued an advisory that warns of ongoing North Korea-sponsored cyberthreat operations, and offers a reward of up to $5 million for information on such operations. The communication, issued by the State Department, the Department of Homeland Security, the Treasury Department and the FBI, details the Democratic People’s Republic…

Next post in Coronavirus