Security News

"Drinking water and wastewater systems are a lifeline for communities, but many systems have not adopted important cybersecurity practices to thwart potential cyberattacks," said EPA Administrator Michael S. Regan. The National Security Council and the Environmental Protection Agency have invited governors to a virtual meeting on March 21 to strengthen collaboration between government entities and water systems and establish a Water Sector Cybersecurity Task Force.

The Biden administration and US lawmakers are turning up the pressure on UnitedHealth group to ease medical providers' pain after the ransomware attack on Change Healthcare, by expediting payments to hospitals, physicians and pharmacists - among other tactics. In a letter addressed to "Health care leaders" on Sunday, the heads of both the US Department of Health and Human Services and the US Department of Labor called on UnitedHealth Group to "Take responsibility to ensure no provider is compromised by their cash flow challenges" following the cyber attack, and expedite funds to all impacted providers.

A new White House report focuses on securing computing at the root of cyber attacks - in this case, reducing the attack surface with memory-safe programming languages like Python, Java and C# and promoting the creation of standardized measurements for software security. Memory safety vulnerabilities a concern in programming languages.

The Biden Administration has asked a court, rather than Congress, to renew controversial warrantless surveillance powers used by American intelligence and due to expire within weeks. US Senator Ron Wyden railed at the US Department of Justice's decision to seek a year-long extension of Section 702 of the Foreign Intelligence Surveillance Act, which is set to end in mid-April unless Congress reauthorizes it.

The White House is asking the technical community to switch to using memory-safe programming languages - such as Rust, Python, Swift, C#, Java, and Go - to prevent memory corruption vulnerabilities from entering the digital ecosystem. To help with the transition, the White House Office of the National Cyber Director has released a report outlining why memory-safe programming languages and memory-safe hardware is needed, and outlines formal methods to give software developers greater assurance that entire classes of vulnerabilities - not just memory safety bugs - are absent.

The White House Office of the National Cyber Director urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. Such vulnerabilities are coding errors or weaknesses within software that can lead to memory management issues when memory can be accessed, written, allocated, or deallocated.

According to the letter, a surveillance program now known as Data Analytical Services has for more than a decade allowed federal, state, and local law enforcement agencies to mine the details of Americans' calls, analyzing the phone records of countless people who are not suspected of any crime, including victims. Using a technique known as chain analysis, the program targets not only those in direct phone contact with a criminal suspect but anyone with whom those individuals have been in contact as well.

The executive order features wide-ranging guidance on maintaining safety, civil rights and privacy within government agencies while promoting AI innovation and competition throughout the U.S. Although the executive order doesn't specify generative artificial intelligence, it was likely issued in reaction to the proliferation of generative AI, which has become a hot topic since the public release of OpenAI's ChatGPT in November 2022. Any company developing " any foundation model that poses a serious risk to national security, national economic security, or national public health and safety " must keep the U.S. government informed of their training and red team safety tests, the executive order states.

Order the development of a National Security Memorandum that directs further actions on AI and security, to be developed by the National Security Council and White House Chief of Staff. Protect Americans' privacy by prioritizing federal support for accelerating the development and use of privacy-preserving techniques-including ones that use cutting-edge AI and that let AI systems be trained while preserving the privacy of the training data.

Assurances include watermarking, reporting about capabilities and risks, investing in safeguards to prevent bias and more. Some of the largest generative AI companies operating in the U.S. plan to watermark their content, a fact sheet from the White House revealed on Friday, July 21.