Security News

'Four horsemen of cyber' look back on 2008 DoD IT breach that led to US Cyber Command
2024-05-10 13:00

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Sensitive DoD emails exposed by unsecured Azure server
2023-02-23 19:30

A hole in a Department of Defense email server operated by Microsoft left more than a terabyte of sensitive data exposed less than a month after Office 365 was awarded a higher level of US government security accreditation. According to security researcher Anurag Sen, who discovered the issue and shared it, the openly accessible server was part of an internal mailbox system hosted on Azure Government Cloud and used by the DoD for a variety of purposes - including the processing of security clearance paperwork.

New virtual data fabric to support DoD cyber testing
2023-02-10 15:19

The Measure & Share Storage Virtual Fabric addresses a specific and critical need within the DoD to improve the efficiency and effectiveness of cyber testing, allowing accurate information sharing across organizational and classification enclaves. The Me&S Storage Virtual Fabric will enable the DoD to securely ingest, store, manage, analyze and share data in support of its cyber testing operations.

Levels of Assurance for DoD Microelectronics
2022-08-29 14:30

The NSA has has published criteria for evaluating levels of assurance required for DoD microelectronics. The introductory report in a DoD microelectronics series outlines the process for determining levels of hardware assurance for systems and custom microelectronic components, which include application-specific integrated circuits, field programmable gate arrays and other devices containing reprogrammable digital logic.

U.S. DoD tricked into paying $23.5 million to phishing actor
2022-05-02 12:45

The U.S. Department of Justice has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense. After an eight-day trial in Camden, California, Oyuntur was found guilty of conspiracy to commit wire, mail, and bank fraud, unauthorized device access, aggravated identity theft, and making false statements to federal law enforcement officers.

US DoD staffer with top-secret clearance stole identities from work systems to apply for loans
2022-01-27 23:41

A US Department of Defense staffer with top-secret clearance stole the identities of dozens of people from a work IT system to fraudulently apply for loans totaling nearly a quarter of a million dollars. Lee, who worked for Uncle Sam's Defense Contract Management Agency as an analyst, raided the organization's Microsoft SharePoint system for people's private data to pull off his greedy scheme.

Sarcos Defense and BAE Systems enhance autonomous platforms to benefit DoD operations
2021-08-16 23:15

Sarcos Defense and BAE Systems announced that the companies are partnering to develop advanced perception and sensing capabilities for autonomous platforms for Air Force Research Laboratory, to benefit Department of Defense operations. This platform will aim to address the complex issues that involve the coordination of both individual and multiple cooperating heterogeneous autonomous platforms, including unmanned aircraft systems and unmanned ground vehicles equipped with standard multi-modal sensors, such as cameras, radar, and LiDAR. The expected result will coalesce multiple environmental inputs and combine with artificial intelligence and machine learning technologies to enable unmanned systems to work together in greater harmony, both alone and coordinating with each other in "Swarm" scenarios.

U.S. DoD approves two (ISC)² certifications as requirements for cybersecurity staff
2021-06-29 07:19

announced that its healthcare security and cloud security certifications have been approved by the U.S. Department of Defense as prerequisites of employment for certain security workforce categories. Following approval by the DoD Senior Information Security Officer and a recommendation by the Cyber Workforce Advisory Group Certification Committee, the HealthCare Information Security and Privacy Practitioner and the Certified Cloud Security Professional certifications are the latest additions to the DoD 8570 Approved Baseline Certifications table that is publicly available on the DoD Cyber Exchange website.

GSA awards Booz Allen $674M contract to support growth of DoD’s Advana data analytics platform
2021-06-04 22:15

Booz Allen Hamilton was awarded a 5-year, $674M contract by the General Services Administration to maintain and support the exponential growth of the Department of Defense's Advana data analytics platform to improve decision making across the organization. Advana, led by the Office of the Under Secretary of Defense, integrates hundreds of business systems across the DoD - from financial and medical data to personnel and logistics - to make data widely accessible, understandable and usable.

What contractors should start to consider with the DoD’s CMMC compliance standards
2021-05-06 05:00

While the CMMC doesn't completely replace the National Institute of Standards and Technology SP 800-171, it does include and build on these standards for a clear purpose. Enter the CMMC. With this new regulation, the DoD establishes five levels of cybersecurity preparedness, ranging from level one to level five.