Workforce
CISA would get millions for cyber workforce outreach to underserved communities under new bill
The measure comes amid concerns from cybersecurity officials and professionals over how workforce diversity gaps may threaten U.S. cyber defenses.
Tech
VA is warning veterans about Change Healthcare cyberattack, secretary says
“There’s no confirmation yet” that veterans’ data was leaked by the ransomware attack, according to the VA secretary, but the department is proactively alerting millions of veterans and beneficiaries to be safe.
Tech
Federal CIO defends Login security after health agency dropped it from grantee system
Clare Martorana doubled down on Login’s capabilities, saying the government “needs to continue to rely” on the tool.
Oversight
HHS removed Login from its grantee payment system after funding theft
Hackers used data from a federal contracting hub to steal funding from seven grantee organizations in an HHS breach that occurred last year. Both HHS and GSA say that Login.gov was not compromised or connected to the theft.
Oversight
Russian hackers accessed federal agencies' emails in Microsoft breach, CISA says
The alert comes a week after Microsoft was faulted in a Homeland Security Department report for fostering a security culture that enabled a similar China-backed cyberattack last year.
Tech
Congress tries again for comprehensive data privacy bill
The bill would establish national data privacy standards, with the Federal Trade Commission crafting rules for enforcement.
Defense
The Pentagon wants to help boost cybersecurity for small contractors
A new strategy outlines how the Defense Department plans to increase security and strengthen relationships across the industrial base.
Pay & Benefits
State Department warns employees of fraud scheme targeting payroll systems
Hackers have been targeting annuity accounts to redirect payroll deposits.
Tech
U.S. accuses Chinese hackers of a 14-year campaign targeting government officials
The coordinated charges include sanctions on Chinese government-affiliated hackers and an up to $10 million reward for information about the defendants.
Tech
U.S. still finding victims of advanced China-linked hacking campaign, NSA official says
The Volt Typhoon hacking collective, backed by the Chinese People’s Liberation Army, has been working to burrow into sensitive U.S. systems, officials previously said.
Tech
Ex-NSA innovation chief’s new startup looks to future-proof federal agencies against cyberthreats
Kevin Keaton’s Eyris would fuse blockchain technologies into advanced security solutions to defend federal agencies, the Pentagon and others against cyber threats.
Tech
CISA targeted through Ivanti VPN vulnerabilities, reports say
The DHS agency has been issuing warnings about Ivanti products since at least 2020.
Tech
Biden's $1.67 trillion budget boosts tech, AI
The Biden administration’s FY2025 budget request provides agencies with $3 billion “to responsibly develop, test, procure and integrate transformative AI applications across the federal government.”
Oversight
Lawmakers try to reform federal cybersecurity again
The House Oversight and Accountability Committee passed a FISMA modernization proposal on to the full floor on Thursday.
Management
New bill aims to bring SNAP card security up to credit card standards
Security standards for SNAP cards have not kept pace with industry advancements, lawmakers say.
Tech
Government facilities were third largest ransomware target in 2023, FBI says
The FBI’s IC3 findings also show government official impersonation scams are on the rise.
Management
White House stalls on digital identity mandate, despite billions in fraud
President Biden previewed an executive order in his 2022 State of the Union meant to address identity theft and fraud in public benefit programs. As Biden gears up for his 2024 address, the order still hasn’t been released.
Tech
How the procurement process can help agencies acquire responsible AI
Buying artificial intelligence is not just about setting new policies to manage emerging technology, but applying tried-and-true processes, one expert says.
Tech
FCC staff targeted in phishing attack that cloned agency login site
A cybercriminal group built a duplicate webpage used by employees to validate their login credentials.
Tech