Connect with us
The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source code. Leading cybersecurity...
The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source code. Leading cybersecurity...
A new phishing campaign targets US and New Zealand job seekers with malicious documents installing Cobalt Strike beacons for remote access to victims’ devices. The attack...
The Department’s Federal Insurance Office—together with the Cybersecurity and Infrastructure Security Agency—is soliciting feedback in preparation for a report to Congress. The Treasury Department’s Federal Insurance...
Success would depend to a significant degree on whether agencies require vendors of information and communications technology to provide a software bill of materials with their...
An audit conducted by the VA’s Office of Inspector General found unaddressed security vulnerabilities and deficient devices at the Harlingen VA Health Care Center. An IT...
The VA’s Office of Inspector General found “critical and high-risk vulnerabilities on 37% of the devices” at the Louisiana-based medical center. An audit conducted by the...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs exploited...
The National Security Agency (NSA) and CISA have issued guidance on how to secure operational technology (OT) and industrial control systems (ICSs) part of U.S. critical...
Key members of the House and Senate are altering proposals for identifying systemically important critical infrastructure and securing the software supply chain. An important set of...
