The Cybersecurity and Infrastructure Security Agency issued an advisory on Thursday about ransomware deployed by the Phobos hacking group. According to CISA, Phobos is a ransomware-as-a-service group that targets municipal and county governments, emergency services, educational institutions, public health agencies and other critical infrastructure sectors. The agency also noted that Phobos targets state, local, tribal […]
The Cybersecurity and Infrastructure Security Agency, along with the FBI and other partners, have issued a new advisory warning on the multiple vulnerabilities within the Ivanti Connect Secure and Ivanti Policy Secure gateways. The advisory provides detection methods, such as Volexity’s open-source YARA, which network defenders can use to hunt for malicious activity. To deter […]
Military-grade cyber range and training provider SimSpace has announced that Carahsoft Technology will distribute its solutions to the public sector through reseller partners and contract vehicles. Government agencies will gain access to advanced cybersecurity training and simulated environments, SimSpace said. The SimSpace Cyber Force platform, already available to the public sector through Carahsoft’s partnership with […]
The Cybersecurity and Infrastructure Security Agency is exploring ways of prompting state and local governments to count university cybersecurity clinics as funding candidates under the State and Local Cybersecurity Grant Program that the Department of Homeland Security initiated in 2022. The awarding of the grants is among the proposed steps in a guide CISA published […]
The National Institute of Standards and Technology has released its updated Cybersecurity Framework designed for all organizations in any sector, large or small. CSF 2.0, which supersedes the first framework NIST issued in 2014, added the Govern function to the previous guidepost’s five key functions: Identify, Protect, Detect, Respond and Recover. The expanded core guidance […]
The National Security Agency, in partnership with the UK National Cyber Security Centre and other organizations, has issued a cybersecurity advisory about Russian actors targeting cloud-hosted infrastructure to gain access to data. According to the “SVR Cyber Actors Adapt Tactics for Initial Cloud Access” CSA, the Russian hacking group APT29 uses automated system accounts and […]
The Intelligence Advanced Research Projects Activity has awarded Peraton a contract to validate cyberpsychology-based defenses under the Reimagining Security with Cyberpsychology-Informed Network Defenses program. According to the Office of the Director of National Intelligence, ReSCIND, expected to run for four years, aims to identify the decision-making biases and cognitive vulnerabilities of cyber actors and use […]
The U.S. Navy has expressed its commitment to improving the readiness of the Fleet Cyber Command to meet the U.S. Cyber Command requirements. Craig Clapperton, commander of Fleet Cyber Command, 10th Fleet at the Navy Space Command, said in an interview with DefenseScoop that the service has been working with USCYBERCOM to coordinate training to […]
The Joint Ransomware Task Force is continuing its work to address ransomware by increasing its collaboration with various government agencies and the private sector. In a recent interview, Eric Goldstein, CISA’s executive assistant director for cybersecurity, said that the collaboration is centered on gathering various kinds of information, including how malicious actors target U.S. critical […]
The 16th Air Force has partnered with the Poland Cyber Command, a Polish Armed Forces organization dedicated to advanced information and cryptographic capabilities. Led by Lt. Gen. Kevin Kennedy, the U.S. Air Force unit is responsible for information warfare and cryptologic activities, DVIDS reported Friday. The Poland Cyber Command and the 16th Air Force aim […]
