Agencies increasingly use, or plan to use, the biometric data PIV cards to control access to agency networks, but the rise of mobile devices has put a crimp in that, since card readers may easily be integrated into desktops or laptops, but not smartphones or tablets.
Symantec is says it's found a spear phishing attack aimed at financial, governmental and economic development organizations that is delivered via attachments that purport to come from a G20 summit representative.
The Energy Department office chief information officer has confirmed that a cyber incident in late July resulted in the unauthorized disclosure of personally identifiable information of approximately 53,000 past and current federal employees, including dependents and contractors.
NIST released the discussion draft (.pdf) Aug. 28 in anticipation of a fourth workshop on the framework set to be held in Dallas Sept. 11-13. A preliminary framework is due this October, with a finalized version due in February.
Open source advocates within government say the many eyeballs approach to creating software functionality can extend to improving system cybersecurity. But, the idea of an open source approach to security tools isn't just for software, says David Wheeler, a military open source advocate at the Institute for Defense Analyses.
A Pennsylvania hacker pled guilty Aug. 27 in federal court to one count of conspiracy and two counts of computer intrusion. The Justice Department arrested the man, Andrew James Miller, in June 2012, stating earlier this summer that he and associates hacked into multiple networks, including into Energy Department supercomputers.
Malicious actions directed against European Union member countries' electronic communications sectors affected on average far fewer users per outage than other causes such as third-party or system failures, finds an annual incident report from the European Union Agency for Network and Information Security.
First responders who use Android devices with versions 2.3.3 through 2.3.7, also known as Gingerbread, are at increased risk for malware attacks, says the Homeland Security Department and Federal Bureau of Investigation in a July 23 memo..
Proposed legislation that would center public- and private-sector cybersecurity collaboration onto a single coordinating entity would fall short in effective engagement, asserts a paper published this month by the Center for Strategic and International Studies.
A new proposed cybersecurity control overlay from the National Institute of Standards and Technology for federal agency supply chain risk management would add a new family of controls that would at minimum require tracking systems or components as they wind their way through the supply chain.