Pentagon left AWS databases publicly exposed

A database containing 1.8 billion scraped internet posts over a span of eight years was left publicly exposed, according to researchers from the cybersecurity firm UpGuard.

government news

Experts ask: Why does the VEP cut out health care agencies?

by Shaun Waterman • 2 days ago

"I totally get that you have to draw the line somewhere...they are drawing it in the wrong place."

China hides homegrown hacks from its vulnerability disclosure process

by Patrick Howell O'Neill • 2 days ago

New research shows that Chinese vulnerability disclosure process is stalled if the flaws are linked to hacking groups with Chinese ties.

Experts say government's information sharing program is all take and no give

by Shaun Waterman • 3 days ago

Cyberthreat information sharing among private sector companies and with the federal government suffers from a tragedy of the commons, lawmakers were told Wednesday — everyone wants to receive, but few are prepared to make the effort to give back.

White House unveils process behind disclosing software vulnerabilities

by Greg Otto • 3 days ago

The White House released a charter Wednesday that will give more clarity and bring more transparency to how the government disseminates information on software flaws.

DHS nominee Kirstjen Nielsen gets committee nod 11-4

by Shaun Waterman • 4 days ago

The nomination now moves onto the full Senate despite concerns from Democrats on the committee.

Freedom House: Governments are turning cyberweapons on their own people

by Shaun Waterman • 4 days ago

More and more governments are using cyberweapons like malware and DDoS attacks against internal critics and dissidents, making them them the second-most-common form of repression after actual arrests, according to a new report from human rights group Freedom House.

U.S. CERT issues report on remote hacking tool used by North Korea

by Patrick Howell O'Neill • 4 days ago

"North Korea keeps trying to find ways to come in under threshold deterrence, response, retaliation," one expert said.

DHS prepares for possible legal action over Kaspersky directive

by Patrick Howell O'Neill • 4 days ago

Representatives from the Department of Homeland Security are preparing for legal action over their directive to remove the anti-virus software from government systems.

DHS nomination vote postponed again amid ethics violation allegations

by Shaun Waterman • 4 days ago

A Senate committee vote on the nomination of Kirstjen Nielsen to be the next secretary of Homeland Security has been postponed a third time amid ethics concerns and requests by Democrats for a second hearing.

Watchdog complains about consultant helping Nielsen's DHS confirmation

by Shaun Waterman • 5 days ago

A nonprofit government ethics watchdog is calling for an investigation into potential violations of federal laws and ethics regulations by DHS Nominee Kirstjen Nielsen, following CyberScoop reports that a consultant representing companies with hundreds of millions of dollars at stake had volunteered to help run her confirmation preparation.

Russians, other foreigners, spoofing unprotected .gov email addresses, report says

by Shaun Waterman • 5 days ago

Thousands of web domains belonging to hundreds of federal departments and agencies are being spoofed by email hackers — cyberspies and online fraudsters trying to trick message recipients into clicking on malicious links or downloading malware — including many from Russia and other adversary nations, according to new figures this week.

Microsoft's Smith adds 'cyber Red Cross' to his 'digital Geneva Convention' call

by Shaun Waterman • 1 week ago

Microsoft President Brad Smith renewed his call for a "digital Geneva convention," adding a new wrinkle: the suggestion that the world's IT companies and their cyber first responders should be recognized as kind of "tech Red Cross" — neutral players who should remain unmolested by combatants on the cyber-battlefield.

Senate Dems want second confirmation hearing for DHS secretary nominee Nielsen

by Shaun Waterman • 1 week ago

Democrats on the Senate Homeland Security and Government Affairs Committee have questions after a report that the acting DHS secretary was being pushed out.

Sen. Dianne Feinstein wants to bring back bill that bans strong encryption

by Patrick Howell O'Neill • 1 week ago

Feinstein's Compliance with Court Orders Act of 2016 was never formally introduced in a previous go-around.

What's lurking in federal mobile tech? Apps, devices could hold nasty surprises.

by Shaun Waterman • 1 week ago

When federal agencies have for the first time to include mobile devices and apps in their information security reporting for FY2018 starting this October, they may be in for a nasty surprise, if the experience of the Department of Homeland Security is anything to go by.

Army must empower next generation to succeed in cyber, senior official says

by Chris Bing • 1 week ago

To quickly develop the Army's cyber capabilities requires that leadership consider unique options while also adjusting for a different culture brought in by recruits who are inherently digitally savvy, according to Col. Chris Wade, director of the Army's Task Force Cyber Strong.

Huawei tried to acquire technology from the winners of the Cyber Grand Challenge

by Chris Bing • 1 week ago

The apparent interest shown by Huawei underscores China's quest to lean on artificial intelligence for its cyber operations.

Senators postpone quick vote on Nielsen

by Shaun Waterman • 1 week ago

A Senate committee vote on Kirstjen Nielsen's nomination to become the next secretary of Homeland Security was postponed until at least next week.

NATO will establish new cyber command centers

by Patrick Howell O'Neill • 1 week ago

NATO will establish new cyber command centers allowing the transatlantic alliance to incorporate cyber weapons and security across the board in operational planning, NATO Secretary-General Jens Stoltenberg announced on Wednesday.

Feds upping their email security game in wake of DHS order

by Shaun Waterman • 1 week ago

The number of federal agencies employing a security protocol that stops email spoofing has more than doubled since the Department of Homeland Security instituted a binding government-wide policy last month.

Continue to CyberScoop.com