Cyber
DHS launches third phase of remote identity verification tech
The U.S. Department of Homeland Security’s Science and Technology Directorate (S&T) announced it has entered the third phase of the Remote Identity Validation Rally (RIVR). This phase is a series of challenges hosted by DHS S&T that allows the tech industry to test and improve its identity... Read More »
Chinese man accused of hacking arrested in Italy
Xu Zewei, a Chinese national wanted on a nine-count indictment in the Southern District of Texas, was arrested on July 3 in Italy and faces extradition proceedings, according to the Justice Department. Xu and co-defendant Zhang Yu hacked into thousands of computers worldwide between February... Read More »
Action taken against North Koreans who were employed illegally in IT
The Justice Department recently took action regarding the Democratic People’s Republic of North Korea (DPRK) government’s schemes to fund its regime through remote information technology (IT) work for U.S. companies. Actions include searches of 29 known or suspected “laptop farms” in 16... Read More »
CISA, other agencies point to potential cyberattack from Iran
According to a report from Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA), Iran may target United States with a cyberattack. In response to the June 20 bombing of Iranian nuclear... Read More »
Legislation to develop an AI security playbook introduced in the House
U.S. Reps. Darin LaHood (R-IL), John Moolenaar, (RMI) Raja Krishnamoorthi (D-IL) and Josh Gottheimer (D-NJ) have introduced legislation that would require the National Security Agency to create a plan to protect AI against foreign adversaries. LaHood, a member of the House Permanent Select... Read More »
Legislation would require federal contractors to adhere to cybersecurity guidelines
Bipartisan legislation recently introduced in the U.S. Senate would require federal contractors to adhere to National Institute of Standards and Technology guidelines. The Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025 would require the Office of Management and Budget to... Read More »
Warrants unsealed for seizure of malicious domains
The Justice Department recently unsealed two warrants that authorizes the seizure of five internet domains used by malicious cyber actors to operate the LummaC2 information-stealing malware service. LummaC2’s administrators used the seized websites to distribute LummaC2, an... Read More »
Legislation would extend the Cybersecurity Information Sharing Act
Bipartisan legislation recently introduced in the U.S. Senate would extend the Cybersecurity Information Sharing Act (CISA) of 2015 for an additional 10 years. CISA incentivizes companies to voluntarily share cybersecurity threat indicators with the Department of Homeland Security (DHS). Threat... Read More »
Internet crimes increased 33 percent in 2024
In 2024, there were 859,532 complaints of suspected internet crime and reported losses exceeding $16 billion, a 33 percent increase in losses from 2023, according to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center’s (IC3) annual internet crime report. Other... Read More »
Industrial sector experienced more than 1,400 ransomware attacks in 2024, study finds
UK-based NCC Group, an IT company assessing and managing cyber threats, recently released the third edition of its Global Cyber Policy Radar report on cyber security regulation trends. In 2024, the industrial sector experienced 1,424 ransomware attacks, up from 2023, making it the most targeted... Read More »
Legislation introduced to combat Chinese-backed cyberattacks
U.S. Reps. Andy Ogles (R-TN), Mark Green, MD (R-TN) and Andrew Garbarino (R-NY) reintroduced legislation that would help combat Chinese-backed cyberattacks. The legislation, Strengthening Cyber resilience Against State-Sponsored Threats Act, would require the federal government to assess and... Read More »
Agencies warn of fast flux enabled malicious activities
Cybersecurity service providers, internet service providers, and organizations were warned Wednesday of the ongoing threat of fast flux enabled malicious activities. “Fast flux” exploits a gap commonly found in network defenses, making the tracking and blocking of malicious fast flux... Read More »
DOJ seizes cryptocurrency intended to fund Hamas
Officials with the U.S. Department of Justice said a court-authorized seizure of more than $200,000 in cryptocurrency will disrupt an ongoing Hamas funding scheme. According to a press release from the DOJ, the office seized $201,400 in cryptocurrency held in wallets and accounts intended to... Read More »
U.S. Cyber Command holds Cyber Guard exercise
The U.S. Cyber Command held the largest joint Cyber Guard exercise earlier this month, officials said. The annual command exercise coordinated with the Joint Staff to perform the first phase of its 11th annual command exercise; part of a larger joint force exercise series designed to simulate... Read More »
DARPA’s AI Cyber Challenge gears up for final competition
The Defense Advanced Research Projects Agency (DARPA) and the Advanced Research Projects Agency for Health recently released a procedures and scoring guide for the final competition of the AI Cyber Challenge (AIxCC), which will award $8.5 million in prizes. The AI Cyber Challenge final... Read More »
Rep. Garbarino urges DHS to examine Cyber Safety Review Board
U.S. Rep. Andrew Garbarino (R-NY) urges the U.S. Department of Homeland Security to look into the structure of the Cyber Safety Review Board (CSRB) as the Trump administration considers reconstituting it. In a letter to DHS Secretary Kristi Noem, Garbarino, the chair of the House Homeland... Read More »
Republicans ask for information about TSA’s cybersecurity measures
Republicans in the House Homeland Security Committee are requesting information from the Transportation Security Administration on its measures and resiliency following recent cybersecurity incidents. U.S. Reps. Mark Green, MD (R-TN), Carlos Gimenez (R-FL), Andre Garbarino (R-NY), and Sheri... Read More »
Legislation would assess how terrorists groups use technology
Legislation recently introduced in the U.S. House of Representatives would examine how foreign terrorist organizations use the internet and emerging technology to recruit, radicalize, and inspire attacks in the homeland. The Generative AI Terrorism Risk Assessment Act would require the... Read More »
Legislation introduced to combat online radicalization
In response to the treat posed to the U.S. by terrorist organizations like ISIS and al Qaeda, U.S. Rep. August Pfluger (R-TX) introduced legislation to examine how foreign terrorist organizations use the internet and other technology to recruit and radicalize members against the U.S. Pfluger,... Read More »
Homeland Security Committee advances Cyber Pivott Act
The Cyber Pivott Act, legislation strengthening the cybersecurity workforce, advanced out of the House Committee on Homeland Security this week. The legislation, formally H.R. 1000, the Providing Individuals Various Opportunities for Technical Training to Build a Skills-Based Cyber Workforce... Read More »
Justice Department fines companies $11M for cybersecurity violations
The U.S. Department of Justice said Health Net Federal Services Inc. (HNFS) and Centene Corporation will pay more than $11 million to resolve claims they violated cybersecurity requirements. The DOJ said HNFS, based in Rancho Cordova, Calif., and its parent company Centene, based in St. Louis,... Read More »
Cyber PIVOTT legislation reintroduced in Congress
U.S. Rep. Mark Green (R-TN), chair of the U.S. House Committee on Homeland Security, has reintroduced the Cyber PIVOTT Act to address the country’s cybersecurity workforce shortage. First introduced in the 118th Congress, the Cyber PIVOTT Act would establish a new full-scholarship program for... Read More »
Legislation would conduct study of certain foreign technologies
Bipartisan legislation recently reintroduced in the U.S. House of Representatives would safeguard communications networks from foreign adversary-controlled technology. The Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act would require the Department of... Read More »
Justice Department participating in multinational operation to snag cybercrime marketplaces
The Justice Department is participating in a multinational operation to disrupt and disable Cracked and Nulled’s, two online cybercrime marketplaces, infrastructure. The operation is in conjunction with Operation Talent, a multinational law enforcement operation supported by Europol to... Read More »
DARPA, U.S. Army join forces to evaluate Cyber Threat Detection technologies
Recently, major military organizations came together to test and evaluate new cyber threat detection technologies, the agencies said Monday. As part of a joint operation with the U.S. Army Cyber Command Technical Warfare Center, the Defense Advanced Research Projects Agency (DARPA) and the... Read More »
DHS unveils framework for AI deployment in critical infrastructure
In a first-of-its-kind collaboration with industry and the AI supply chain, the U.S. Department of Homeland Security released its recommendations for the development and deployment of Artificial Intelligence (AI) in critical infrastructure Thursday. The recommendations lays out clear guidance... Read More »
CISA launches Critical Infrastructure Security and Resilience Month
The Cybersecurity and Infrastructure Security Agency (CISA), the agency tasked with cyber defense and the national coordinator for critical infrastructure security, recently launched Critical Infrastructure Security and Resilience (CISR) Month. CISA uses CISR Month to educate and engage the... Read More »
RTX awarded DARPA cyber resiliency contract
The Defense Advanced Research Projects Agency (DARPA) awarded RTX’s BBN Technologies a contract Thursday that will support the agency’s Compartmentalization and Privilege management (COM) program. The CPM worker to enhance cyber resilience by automatically subdividing software systems into... Read More »
TSA establishes cyber risk management programs for railroads, pipelines
A new rule proposed by the Transportation Security Administration (TSA) will establish cyber risk management and reporting requirements for pipeline and railroad owners and operators. In a proposed rule published as a Notice of Proposed Rulemaking, the TSA said Wednesday that it would continue... Read More »
CISA releases international strategic plan
In a proactive move, the Cybersecurity and Infrastructure Security Agency (CISA) released its first comprehensive plan focusing on how the agency will engage international partners to strengthen infrastructure security and resilience. The 2025-2026 International Strategic Plan supports CISA’s... Read More »
DOE, NNSA work to mitigate risks of AI, improve national security
A new security memo from the White House on Artificial Intelligence, the first ever released, will galvanize the federal government in its AI National Security mission, officials said. The National Security Memorandum on Artificial Intelligence provides direction on harnessing AI models and... Read More »
Homeland Security Committee Republican request hearing on cyberattacks
On Monday, Republican members of the U.S. House Committee on Homeland Security requested a hearing from intelligence agencies about the cyberattack by Salt Typhoon on ISPs like AT&T, Verizon, and Lumen Technologies. U.S. Reps. Mark Greene (R-TN), Andrew Garbarina (R-NY), and Laurel Lee (R-FL)... Read More »
Justice Department to implement rule addressing data security
The Justice Department recently issued a notice of proposed rulemaking (NPRM) to implement an executive order President Joe Biden issued in February. The order, Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern,... Read More »
DHS Science and Technology Directorate awards $789,280 in contracts
The Department of Homeland Security Science and Technology Directorate (S&T) recently announced four contract awards, totaling $789,280, for the development of synthetic data capabilities that model and replicate the shape and patterns of real data. “Sharing sensitive data that can be used... Read More »