Security News

Top 10 most exploited vulnerabilities list released by FBI, DHS CISA
2020-05-15 10:33

That's just one of the vulnerabilities that the agencies are seeing being exploited this year by what they say are sophisticated foreign cyber actors. All that for 2020, and we still haven't even gotten to the meat of the report: the 10 most exploited vulnerabilities for the years 2016 through 2019.

DHS Reiterates Recommendations on Securing Office 365
2020-05-01 12:53

An alert the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency published this week reiterates previously issued recommendations on how organizations should properly secure Microsoft Office 365 deployments. In May last year, the agency issued an alert to highlight some of the common security oversights by Office 365 customers, and also included a series of recommendations on how organizations could improve their security posture.

COVID-19 prompts DHS warning to review Office 365 security
2020-05-01 10:09

Heads up, Microsoft Office 365 users: It's time to take some important steps in securing your account. The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency has released some recommendations to help secure the online productivity service.

DHS Urges Pulse Secure VPN Users To Update Passwords
2020-04-17 20:56

The Department of Homeland Security is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN. DHS warns that the Pulse Secure VPN patches may have come too late. "CISA strongly urges organizations that have not yet done so to upgrade their Pulse Secure VPN to the corresponding patches for CVE-2019-11510," according to CISA's alert.

DHS Working on Cloud-based Root-of-Trust to Secure Agency Email on Mobile Devices
2020-04-17 13:26

The DHS is partnering with BlueRISC Inc to develop Cloud-based Root-of-Trust technology to keep agency email separate and secure on corporate-owned, personally enabled devices, even when the user operates personal email from the same device. "The EPRIVO Enterprise 2.0 email system ensures the confidentiality of email in transit, in cloud storage at an email service provider, and when stored on the mobile device, providing both physical and cryptographically based protections," said Kris Carver, BlueRISC Technical Director.

NIST, DHS Publish Guidance on Securing Virtual Meetings, VPNs
2020-03-19 13:15

With people worldwide forced to work from home due to the coronavirus epidemic, NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes. The security of virtual meetings might often be an afterthought, but basic precautions can ensure that they don't lead to data breaches or other security incidents, says Jeff Greene, director of the National Cybersecurity Center of Excellence at the National Institute of Standards and Technology.

Ex-DHS Officials Charged With Stealing Software, Database
2020-03-09 19:18

A former acting inspector general of U.S. Department of Homeland Security and another government official have been indicted for allegedly stealing DHS proprietary software and databases and then attempting to resell the technology back to the government, according to the Justice Department. In their indictment, federal prosecutors allege that between October 2014 and April 2017, Edwards, Venkata and other unnamed co-conspirators began attempting to steal proprietary software used by the DHS Office of Inspector General as well as a database that contained the personally identifiable information of DHS and U.S. Postal Service employees.

5G Security: Former DHS Leader and Huawei CSO Offer Views
2020-02-28 20:03

In interviews at RSA 2020, former Department of Homeland Security Secretary Michael Chertoff and Andy Purdy, CSO for Huawei USA, offer different points of view on 5G security. With the U.S. late to the 5G race, Chertoff says that America needs to work more closely with its allies and telecom equipment makers in Europe and Asia to make next-generation technology that competes with equipment from China's Huawei more price competitive as well as improve security.

5G Security: Former DHS Director and Huawei CSO Offer Views
2020-02-28 19:03

In interviews at RSA 2020, former Department of Homeland Security Secretary Michael Chertoff and Andy Purdy, CSO for Huawei USA, offer different points of view on 5G security. With the U.S. late to the 5G race, Chertoff says that America needs to work more closely with its allies and telecom equipment makers in Europe and Asia to make next-generation technology that competes with equipment from China's Huawei more price competitive as well as improve security.

DHS Warns of Possible Iranian Cyberattacks After Killing of Qassem Soleimani
2020-01-06 12:33

The U.S. Department of Homeland Security has issued warnings about the possibility of cyberattacks launched by Iran in response to the United States killing Qassem Soleimani, a top Iranian military commander. While many - including U.S. officials - have criticized the decision to kill the leader of the Iranian Revolutionary Guards' Quds Force unit, Washington justified its actions by claiming that Soleimani had been planning an imminent attack on U.S. interests in the Middle East.