agencies
-
Blog
Five Eyes cyber agencies issue guidance on edge device vulnerabilities
A host of cybersecurity agencies have teamed up to offer guidance on how to secure edge devices from ever-increasing threats. The advice covers network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers and internet-facing operational technology (OT) systems. Issued by the UK’s National Cyber Security Centre (NCSC), CISA,…
Read More » -
Blog
CISA orders agencies to patch Linux kernel bug exploited in attacks
CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks. Tracked as CVE-2024-53104, the security bug was first introduced in kernel version 2.6.26 and was patched by Google for Android users on Monday. “There are indications that CVE-2024-53104 may be under limited, targeted exploitation,” the Android February 2025…
Read More » -
Blog
Cyber agencies share security guidance for network edge devices
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. Such devices, including firewalls, routers, virtual private networks (VPN) gateways, internet-facing servers and operational technology (OT) systems, and Internet of Things (IoT) devices,…
Read More » -
Blog
Trump tasks federal agencies with drafting a new AI action plan within 180 days – Computerworld
“This Executive Order establishes the commitment of the United States to sustain and enhance America’s dominance in AI to promote human flourishing, economic competitiveness, and national security,” Trump said in the order. Repealing Biden-era AI restrictions The new order reverses a 2023 executive order by then-President Joe Biden that imposed stringent regulations on AI developers. Biden’s policy required companies to…
Read More » -
Blog
Australian Government Agencies Failing to Keep Up With Cyber Security Change
More Australian government agencies failed to meet the required levels of cyber security maturity in 2024 than in 2023, according to an assessment by the Australian Signals Directorate. The ASD reported that only 15% of entities achieved Maturity Level 2 on Australia’s Essential Eight cyber security framework in 2024 — a sharp decline from 25% in 2023. Under Australia’s Protective…
Read More » -
Blog
CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the Binding Operational Directive (BOD) 22-01, after being added to CISA’s Known Exploited Vulnerabilities catalog, U.S. federal agencies must secure their networks against ongoing attacks targeting the flaw within three weeks by February 3.…
Read More » -
Blog
CISA orders federal agencies to secure Microsoft 365 tenants
CISA has issued this year’s first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their cloud environments by implementing a list of required secure configuration baselines (SCBs). While CISA has only finalized the SCBs for Microsoft 365, it plans to release additional baselines for other cloud platforms, starting with Google Workspace (anticipated to enter scope in Q2 of…
Read More » -
Blog
White House tells intelligence agencies: Use more AI
In a first, US President Joseph R. Biden Jr. issued a national security memorandum today telling federal intelligence agencies they need to pilot and deploy artificial intelligence (AI) in an effort to boost the nation’s security. The memo is directed at the National Security Agency, the Federal Bureau of Investigation, the Department of Defense, and the Department of Energy and…
Read More » -
Blog
UK, US, and Canadian defense agencies team up to drive cybersecurity research
The UK’s Ministry of Defence (MoD) is teaming up with the US Defense Advanced Research Projects Agency (DARPA) and Canadian Department of National Defence to work together on cybersecurity. The idea is to jointly research, develop, test and evaluate technologies for AI, cyber, resilient systems, and information-related technologies in the defense sector, all based on real-world challenges. “Our international research…
Read More » -
Blog
FBI disrupts 260,000-strong botnet targeting universities and government agencies in US
The FBI has disrupted a vast botnet being used by a Chinese threat group to target universities, government agencies, and other organizations in the US. The Five Eyes intelligence alliance recently issued a joint advisory warning organizations to take protective action after identifying the botnet being used to deploy DDoS attacks against or compromise US organizations. Talking at the Aspen…
Read More »