The Cybersecurity and Infrastructure Security Agency, the FBI, the National Security Agency and international partners jointly released an advisory on how to mitigate vulnerabilities of the Apache Log4j software library. CISA said
MoreThe Federal Risk and Authorization Management Program is seeking public comment on the initial draft of its baseline security measures that align with the National Institute of Standards and Technology’s updated cloud
More by Naomi Cooper
The Cybersecurity and Infrastructure Security Agency has released an emergency directive asking federal civilian agencies to mitigate Apache Log4j vulnerabilities in their internet-facing networks. CISA said Friday multiple threat actors are exploiting
More by Jane Edwards
The Enduring Security Framework working group, a public-private team led National Security Agency and the Cybersecurity and Infrastructure Security Agency, has released part four of guidance on protecting 5G cloud infrastructure. Part
MoreThe Department of Homeland Security (DHS) has launched a bug bounty program that seeks to discover cybersecurity vulnerabilities in DHS systems. DHS said Tuesday that its Hack DHS program invites cybersecurity researchers
MoreAlex Stamos, partner at the Krebs Stamos Group and a federal advisory committee member at the Cybersecurity and Infrastructure Security Agency, said he believes basic security functions should not be sold as
More by Jane Edwards
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said CISA has added a critical vulnerability involving the log4j software library to its “catalog of known exploited vulnerabilities” to incite federal
More by Jane Edwards
The Cybersecurity and Infrastructure Security Agency has introduced new guidance providing ways to ensure the security of social media accounts operated by organizations. The measures outlined in the Capacity Enhancement Guide seek
More by Jane Edwards
Top cybersecurity officials of the Biden administration and technology company executives discussed ways to increase collaboration between the federal government and industry to strengthen U.S. cyber defenses in a meeting held Monday.
More by Naomi Cooper
The Government Accountability Office (GAO) has recommended that the Department of Defense improve communication with industry on the Cybersecurity Maturity Model Certification (CMMC) program and come up with outcome-oriented performance measures to
More by Jane Edwards