Department of Homeland Security

STAR Webcast: Spooky RYUKy: The Return of UNC1878

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

| | alex holden, Charles Carmakal, Department of Homeland Security, FBI, Health and Human Services, Hold Security, Latest Warnings, Mandiant, Ransomware, Reuters, Ryuk, The Coming Storm
On Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems ...
Krebs on Security
Feds Propose ‘911’ Emergency Call for Reporting Security Flaws; Experts Warn It’s Easier Said Than Done

Feds Propose ‘911’ Emergency Call for Reporting Security Flaws; Experts Warn It’s Easier Said Than Done

| | 9/11, bug bounty, bug bounty program, cisa, Department of Homeland Security, directive, Federal, government, Industry News, responsible disclosure, vulnerability, Vulnerability Disclosure
CISA drafts directive to create a vulnerability disclosure policy for government websites and apps Agency seeks to centralize the effort via a standard vulnerability disclosure platform service next spring Cybersecurity veteran Katie ...
HOTforSecurity

Department of Homeland Security Cybersecurity: Top 10 Vulnerabilities Still Being Exploited

| | Apache Struts2, Cybersecurity and Infrastructure Security Agency, Department of Homeland Security, Struts2 vulnerability, Vulnerabilities
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) recently released a list of the top 10 most commonly exploited software vulnerabilities across the last four years. Apache Struts ...
Sonatype Blog
US Homeland Security Wants Subpoena Power to Get Data from ISPs about Vulnerable Systems

US Homeland Security Wants Subpoena Power to Get Data from ISPs about Vulnerable Systems

| | cisa, Cyber Security, Department of Homeland Security, DHS, Industry News
The US Cybersecurity and Infrastructure Security Agency (CISA), in charge of leading national cybersecurity and infrastructure resilience programs, wants a change to federal law that would allow it to inspect systems behind ...
HOTforSecurity
FEC: Campaigns Can Use Discounted Cybersecurity Services

FEC: Campaigns Can Use Discounted Cybersecurity Services

| | A Little Sunshine, Adav Noti, Campaign Legal Center, Dan Petalas, Defending Digital Campaigns, Department of Homeland Security, Eric Geller, FBI Director Christopher Wray, Federal Election Commission, Garvey Schubert Barer, Microsoft Corp., Politico, Sen. Ron Wyden, Senate Majority Leader Mitch McConnell, The New York Times
The U.S. Federal Election Commission (FEC) said today companies can offer discounted cybersecurity services to political campaigns without running afoul of existing campaign finance laws, provided they already do the same for ...
Krebs on Security
Williams F1 Leverages Dtex User Behavior Intelligence to Manage Insider Threats and Secure IP

11/19/18: Dtex, Insider Threat, Privacy News Blog: Trump Signs CISA Legislation; Defending Against Culture; Surveillance: Freedom’s Killer

| | Act, BRUCE SCHNEIER, cisa, CSO, Cybersecurity, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency Act of 2018, Dark Reading, Department of Homeland Security, Dtex, Edward Snowden, Federal News Network, Graeme Hackland, H.R. 3359, Harris Poll, Info Security Magazine, insider threat, Jory Heckman, Kacy Zurkus, Negligent Insider, Phishing, Privacy, Roger Grimes, Williams F1 Racing, wired
Happy Thanksgiving! The holiday may equate to a short work week in the US but there is certainly no shortage of news breaking about cybersecurity, privacy and the insider threat. The biggest ...
Dtex Systems
US Homeland Security’s ICE demands Twitter release data on cryptic Flash Gordon account

US Homeland Security’s ICE demands Twitter release data on cryptic Flash Gordon account

| | Data breach, Data Privacy, Department of Homeland Security, Flash Gordon, Industry News, Twitter
Flash Gordon (@s7nsins), a mysterious Twitter user based in New Zealand, announced in a tweet that the US Department of Homeland Security’ Immigration and Customs Enforcement (ICE) sent Twitter an export enforcement ...
HOTforSecurity
security testing

Equifax Confirms Hackers Broke In Through Apache Struts Flaw

| | android, Apache Struts, CVE-2017-5638, Data breach, Department of Homeland Security, Equifax, ExpensiveWall, Kaspersky Lab, Malware, vulnerability
U.S. credit reporting bureau Equifax confirmed Wednesday that the theft of personal information of more than 143 million consumers from its systems in May was the result of a vulnerability in the ...