Tag Archives: multifactor authentication

CISA, FBI Recommend Steps to Mitigate Risk of Ransomware Attacks; Eric Goldstein Quoted

Eric Goldstein

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an advisory outlining mitigation measures that organizations in public and private sectors can implement to reduce the risk of ransomware attacks and other cyber incidents. CISA and the bureau have observed a rise in ransomware attacks during holidays and weekends.

Read More »

Cyber Nominees Chris Inglis, Jen Easterly Talk Ransomware at Senate Confirmation Hearing

Ransomware

Chris Inglis, the Biden administration’s nominee for the role of national cyber director, and Jen Easterly, the president’s pick to lead the Cybersecurity and Infrastructure Security Agency (CISA), both described ransomware as a “scourge” that poses a threat to national security and suggested ways on how to protect critical infrastructure during a Senate confirmation hearing Thursday.

Read More »

GSA Offers Identity Proofing Support for Federally Funded Programs Under State, Local Govt’s

General Services

The General Services Administration’s (GSA) Technology Transformation Services (TTS) is seeking state and local government participants to leverage the login.gov portal’s authentication services for the execution of programs funded by the federal government. GSA said Thursday that it seeks to partner with state and local authorities seeking to administer federally-funded initiatives through login.gov’s identity proofing features.

Read More »

CISA Warns Organizations of Techniques Used by Hackers to Compromise Cloud Services

AWS Secret Region IL-6

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an analysis report in response to cyber attacks on cloud services of various organizations. The agency also found that hackers take advantage of email forwarding rules created by users to gain access to sensitive data. CISA has recommended several measures to help organizations protect cloud environments.

Read More »

CISA, FBI Release Joint Advisory on Threat Actors Targeting Think Tanks

FortiOS Vulnerabilities

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are warning that advanced persistent threat actors are exploiting vulnerabilities in internet-facing devices and remote connections and using spear-phishing emails to access networks of U.S. think tanks. The advisory from CISA and the bureau listed several tactics, techniques and procedures APT actors used to target think tanks. 

Read More »

CISA, FBI Issue Joint Advisory on Threat Actors Targeting Federal, State, Local IT Networks

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have warned that advanced persistent threat actors are exploiting legacy vulnerabilities in internet-facing infrastructure devices to gain access to networks of federal and state, local, tribal and territorial government agencies. "Vulnerability chaining exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application,” CISA and FBI stated.

Read More »

DISA Backs Telework With Endpoint Security, Cloud Services Expansion

DISA

The Defense Information Systems Agency (DISA) is expanding its cloud offerings and improving endpoint security to continue supporting telework arrangement. DISA also has broadened the use of multifactor authentication pilots as part of the agency’s endpoint security improvement efforts.

Read More »

DHS CISO Paul Beckman Advises Use of Multifactor Authentication

Paul Beckman, chief information security officer at the Department of Homeland Security, said agencies must adopt multifactor authentication to prevent unauthorized access, Cyberscoop reported Tuesday. Beckman said at the Zero Trust Security Summit that he uses a second factor as an additional layer of security for email account logins. Second factor examples include authentication text messages.

Read More »