Security News

In the wake of the ransomware attack against Colonial Pipeline, the Department of Homeland Security has revealed new requirements aimed at all pipeline owners and operators in the U.S. Announced by DHS' Transportation Security Administration on Thursday, the security directives are designed to better detect and combat cyber threats against companies in the pipeline industry. First, owners and operators of critical pipeline facilities will have to report both confirmed and potential cybersecurity incidents to DHS' Cybersecurity and Infrastructure Security Agency.

The United States Department of Homeland Security has published a guide to the terrifying risks that businesses will expose themselves to if they use tech created in the Peoples' Republic of China or engage in any business activity with the Middle Kingdom. The fifteen-page "Data Security Business Advisory" [PDF] opens by warning "Businesses expose themselves and their customers to heightened risk when they share sensitive data with firms located in the PRC, or use equipment and software developed by firms with an ownership nexus in the PRC.".

They also provided a set of extensive mitigation measures to be immediately implemented by think tank organizations' leaders, staff, and IT staff to strengthen their security posture and defend against ongoing attacks by nation-state hacking groups. The FBI also issued a 'TLP:WHITE' private industry notification in April 2020 regarding the continued targeting of US think tanks by state-backed APT groups since at least 2014, with the end goal of gaining access to and exfiltrating sensitive information.

An unsealed warrant in a case involving alleged pedophile R&B star R. Kelly has shown how the Feds can get Google to hand over the details of people who make specific web search queries. Fast forward to this week, and Robert Snell of Detroit News uncovered the aforementioned search warrant [PDF] showing how Homeland Security investigators in June enlisted Google and Verizon Wireless to connect Williams, who lives in the state of Georgia, to the scene of the crime in Florida.

The Department of Homeland Security has given system administrators until today to patch a critical vulnerability in Windows Server that could allow an attacker to hijack federal networks, via a flaw in the Netlogon authentication system. On 18 September, the DHS's cybersecurity division issued an emergency directive giving government agencies a four-day deadline to patch the CVE-2020-1472 vulnerability, also known as Zerologon, citing the "Unacceptable risk" it posed federal networks.

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency on Wednesday ordered US federal agencies outside the defense and intelligence communities to develop a working vulnerability disclosure policy. "An open redirect - which can be used to give off-site malicious content the appearance of legitimacy - may not be on par with a fire, yet serious vulnerabilities in internet systems cause real-world, negative impacts every day," he said.

Following weeks of heated protests in American cities - and criticism of law enforcement's use of force, surveillance, and drone aircraft in the skies above - the US government has belatedly asked the public what it thinks. The US Department of Homeland Security wants your comments on the use of drones by police and other first responders by July 9.

The American Civil Liberties Union is suing the Department of Homeland Security over its failure to cough up details about its use of facial recognition at airports. The ACLU says that the lawsuit challenges the secrecy that shrouds federal law enforcement's use of face recognition surveillance technology.

Securonix, a leader in Next-Gen SIEM, announced that multiple Securonix Security Operations & Analytics Platform products have been approved for Network Security Management of the Department of Homeland Security's Continuous Diagnostics and Mitigation program's Approved Products List. Securonix Next-Gen SIEM and Security Data Lake products were approved for Network Security Management, which aims to provide tools for incident response and monitoring, ongoing assessment monitoring, and auditing data collection.

Plus: The spambot that actually DOES record screens of pr0n users Roundup Here is your friendly summary of recent happenings at the front line of information security beyond everything else we've...