The Cybersecurity and Infrastructure Security Agency (CISA) has issued an analysis report in response to cyber attacks on cloud services of various organizations. The agency also found that hackers take advantage of email forwarding rules created by users to gain access to sensitive data. CISA has recommended several measures to help organizations protect cloud environments.
Read More »DOE’s Greg Sisson Warns Public on Social Engineering Scams
Greg Sisson, acting deputy chief information officer for cybersecurity and chief information security officer at the Department of Energy (DOE), said the public must be wary of scams that use social engineering tactics amid the pandemic. Sisson explained that social engineering scams use human interaction through texts, phone calls, emails and online platforms to obtain personal information.
Read More »NASA Sees Uptick in Cyber Threats as Employees Shift to Remote Work; Jeff Seaton, Paul Martin Quoted
NASA officials told the House Space Subcommittee o n Friday that the transition to telework due to the COVID-19 pandemic has led to new cybersecurity challenges. Paul Martin, NASA inspector general, told the House subpanel during the hearing that the space agency has seen an increase in cyber threats including phishing attempts during the period.
Read More »NIST Introduces New Method to Assess Phishing Cases
The National Institute of Standards and Technology (NIST) has created a new method that organizations may use to protect themselves from phishing, a cyber attack that uses emails with malicious links potentially containing malware. The method, known as The Phish Scale, is designed to inform explanations behind the click rates of links found in phishing emails.
Read More »Maria Roat, Deputy Federal CIO, Discusses Federal IT Modernization
Maria Roat, deputy federal chief information officer (CIO) and 2020 Wash100 Award recipient, recently discussed how developing emerging technologies, such as quantum computing, could invalidate encryption methodologies in the future. She added that federal systems must evolve to support innovation. Roat noted that investing in modern zero-trust security architectures and flexible, scalable cloud-solutions is essential to agencies.
Read More »US, UK Issue Joint COVID-19 Cybersecurity Advisory; CISA’s Bryan Ware Quoted
The Cybersecurity and Infrastructure Agency and its U.K. counterpart are urging the public to be cautious of malicious actors that use the current health crisis to conduct scams and other cyber attacks.
Read More »IRS Cautions Taxpayers on Coronavirus-Related Phishing Scams; Charles Rettig Quoted
The Internal Revenue Service is calling on taxpayers to be wary of fraudsters using social media posts, emails, texts and calls to obtain financial information amid the current public health crisis, The Hill reported Thursday.
Read More »Energy Dept Asks Gov’t, Industry Partners to Maintain Cyber Awareness Amid COVID-19
The Department of Energy’s office of cybersecurity, energy security and emergency response has advised partners in the government and energy industry to be vigilant to phishing attacks, malicious emails and other cyber threats amid the new coronavirus pandemic. CESER is calling on corporate leaders to advise their employees to be aware of risks associated with phishing, external emails and social engineering, DOE said Thursday.
Read More »IBM Releases X-Force Threat Intelligence Index 2020 to Outline Cyber Vulnerabilities; Wendi Whitmore Quoted
IBM Security has released the IBM X-Force Threat Intelligence Index 2020 to provide insight into how cybercriminals' techniques have evolved after decades of access to over 10 billion corporate and personal records and more than 100 thousand software flaws, the company reported on Tuesday.
Read More »CISA Issues Warning on Email Phishing Attacks
The Cybersecurity and Infrastructure Security Agency is urging the public to be cautious of emails that look similar to National Cyber Awareness System notifications and contain malicious threats. CISA said Tuesday that the email phishing scam deploys a spoofed email address and tricks users into downloading malware through attachments that mimic Department of Homeland Security alerts.
Read More »