The National Security Agency and Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity information sheet, “Selecting a Protective DNS Service." This publication details the benefits of using a Protective Domain Name System (PDNS), which criteria to consider when selecting a PDNS provider, and how to effectively implement PDNS.
CISA has issued Emergency Directive (ED) 21-02 and Alert AA21-062A addressing critical vulnerabilities in Microsoft Exchange products. Successful exploitation of these vulnerabilities could allow an attacker to access on-premises Exchange servers, enabling them to gain persistent system access and control of an enterprise network.
The Cybersecurity and Infrastructure Security Agency's (CISA) second annual President’s Cup Cybersecurity Competition concluded last week, with the final rounds taking place over a three-day period. The President’s Cup is a national competition designed to identify, challenge, and reward the best cybersecurity talent in the federal workforce. This year’s competition featured two individual tracks – one focused on incident response and forensic analysis and the other focused on vulnerability exploitation analysis – and a team track. The first rounds of the competition started in August.
The Cybersecurity and Infrastructure Security Agency (CISA) and AVANGRID, a sustainable energy company providing services in 24 states, conducted a virtual tabletop exercise to test and identify the safety procedures AVANGRID has implemented since the beginning of the COVID-19 pandemic and identify additional procedures necessary to ensure employee safety operations and business continuity in the out years.
The Cybersecurity and Infrastructure Security Agency (CISA), the nation’s first federal cybersecurity agency, is kicking off a series of virtual hiring events in 2021 for job seekers, while aiming to further increase the representation among women, minorities, and persons with disabilities in order to more fully realize the goal of using the talents of all segments of society.
In response to recent events where unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment facility, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation, the Environmental Protection Agency (EPA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released joint Cybersecurity Advisory AA21-042A: Compromise of U.S. Water Treatment Facility. This advisory outlines how cybercriminals exploit desktop sharing software and end-of-life operating systems to gain unauthorized access to systems.
David Pekoske, Senior Official Performing the Duties of the Deputy Secretary of Homeland Security, met with local law enforcement officials and the National Football League (NFL) to review Department of Homeland Security (DHS) operations to help ensure the safety and security of employees, players, and fans during Super Bowl LV. Dozens of federal agencies and components, including DHS, contributed to security measures seen and unseen in connection with the Super Bowl.
Extension will allow the Task Force to continue its work as outlined in its recently released Year 2 Report and position itself to support the supply chain risk management imperative in 2021
February 9, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) announced a six-month extension of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force. The Task Force, chaired by CISA and the Information Technology (IT) and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from large and small private sector organizations charged with identifying challenges and devising workable solutions and recommendations for managing risks to the global ICT supply chain.
The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques.
The Cybersecurity and Infrastructure Security Agency (CISA) announced it will pilot a new technology in support of the Next Generation Network Priority Service (NGN-PS) Phase 2 program, which provides first responders and emergency managers with priority voice, data, and video communications during emergencies and widespread outages.