Senate-passed defense spending bill includes clause giving DHS cyber agency subpoena power
The Senate version of the annual National Defense Authorization Act (NDAA) approved Thursday included a raft of measures designed to shore up federal cybersecurity, including a clause giving the Department of Homeland Security’s (DHS) cybersecurity agency subpoena power.
The provision, originally introduced by Senate Homeland Security and Governmental Affairs Committee Chairman Ron Johnson (R-Wis.) and Sen. Maggie Hassan (D-N.H.) in December, would allow DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to issue subpoenas to internet service providers compelling them to release information on cyber vulnerabilities detected on the networks of critical infrastructure organizations.
https://thehill.com/policy/cybersecurity/508805-senate-passed-defense-spending-bill-includes-clause-giving-dhs-cyber
#us #dhs #cisa #surveillance
The Senate version of the annual National Defense Authorization Act (NDAA) approved Thursday included a raft of measures designed to shore up federal cybersecurity, including a clause giving the Department of Homeland Security’s (DHS) cybersecurity agency subpoena power.
The provision, originally introduced by Senate Homeland Security and Governmental Affairs Committee Chairman Ron Johnson (R-Wis.) and Sen. Maggie Hassan (D-N.H.) in December, would allow DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to issue subpoenas to internet service providers compelling them to release information on cyber vulnerabilities detected on the networks of critical infrastructure organizations.
https://thehill.com/policy/cybersecurity/508805-senate-passed-defense-spending-bill-includes-clause-giving-dhs-cyber
#us #dhs #cisa #surveillance
Hackers Connected to China Have Compromised U.S. Government Systems, CISA says
Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.
Instead of spending resources building new malware tools, sophisticated cyber actors, including those affiliated with China’s Ministry of State Security, are using known vulnerabilities and open-source exploits and have infiltrated federal government entities, according to the Cybersecurity and Infrastructure Security Agency.
“CISA analysts continue to observe beaconing activity indicative of compromise or ongoing access to Federal Government networks,” reads an advisory the agency released Monday along with the FBI. CISA, housed within the Homeland Security Department, is responsible for overseeing cybersecurity across the nation.
https://www.nextgov.com/cybersecurity/2020/09/hackers-connected-china-have-compromised-us-government-systems-cisa-says/168455/
#US #hackers #china #CISA
Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.
Instead of spending resources building new malware tools, sophisticated cyber actors, including those affiliated with China’s Ministry of State Security, are using known vulnerabilities and open-source exploits and have infiltrated federal government entities, according to the Cybersecurity and Infrastructure Security Agency.
“CISA analysts continue to observe beaconing activity indicative of compromise or ongoing access to Federal Government networks,” reads an advisory the agency released Monday along with the FBI. CISA, housed within the Homeland Security Department, is responsible for overseeing cybersecurity across the nation.
https://www.nextgov.com/cybersecurity/2020/09/hackers-connected-china-have-compromised-us-government-systems-cisa-says/168455/
#US #hackers #china #CISA
Nextgov.com
Hackers Connected to China Have Compromised U.S. Government Systems, CISA says
Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.
Forwarded from BlackBox (Security) Archiv
Federal Agency Compromised by Malicious Cyber Actor
The Cybersecurity and Infrastructure Security Agency (CISA) responded to a recent threat actor’s cyberattack on a federal agency’s enterprise network. By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.
💡 For a downloadable copy of IOCs, see:
https://us-cert.cisa.gov/sites/default/files/publications/AR20-268A.stix.xml
👀 👉🏼 https://us-cert.cisa.gov/ncas/analysis-reports/ar20-268a
👀 👉🏼 https://www.zdnet.com/article/cisa-says-a-hacker-breached-a-federal-agency
#cisa #hacker #breach #breached #federal #agency
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
The Cybersecurity and Infrastructure Security Agency (CISA) responded to a recent threat actor’s cyberattack on a federal agency’s enterprise network. By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.
💡 For a downloadable copy of IOCs, see:
https://us-cert.cisa.gov/sites/default/files/publications/AR20-268A.stix.xml
👀 👉🏼 https://us-cert.cisa.gov/ncas/analysis-reports/ar20-268a
👀 👉🏼 https://www.zdnet.com/article/cisa-says-a-hacker-breached-a-federal-agency
#cisa #hacker #breach #breached #federal #agency
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Forwarded from BlackBox (Security) Archiv
Suspected Russian hack is much worse than first feared: Here's what you need to know
👉🏼 The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."
👉🏼 CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.
👉🏼 It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.
The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.
The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave risk to the federal government."
It added that "state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations" are also at risk.
CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.
"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," CISA said. "Removing the threat actor from compromised environments will be highly complex and challenging."
https://telegra.ph/Suspected-Russian-hack-is-much-worse-than-first-feared-Heres-what-you-need-to-know-12-18
via www.cnbc.com
#hacker #hacked #usa #russia #cybersecurity #cyberattack #compromised #cisa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox
👉🏼 The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."
👉🏼 CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.
👉🏼 It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.
The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.
The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave risk to the federal government."
It added that "state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations" are also at risk.
CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.
"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," CISA said. "Removing the threat actor from compromised environments will be highly complex and challenging."
https://telegra.ph/Suspected-Russian-hack-is-much-worse-than-first-feared-Heres-what-you-need-to-know-12-18
via www.cnbc.com
#hacker #hacked #usa #russia #cybersecurity #cyberattack #compromised #cisa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox
Telegraph
Suspected Russian hack is much worse than first feared: Here's what you need to know
eclipse_images The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated. The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave…
Biden administration officials at the U.S. Cybersecurity and Infrastructure Agency (#CISA) are urging a judge not to release a report on #Dominion #Voting Systems equipment in Georgia because it would "threaten election security."
https://justthenews.com/government/federal-agencies/biden-administration-asks-court-not-release-dominion-voting-systems
Follow 👉@News4AChange
https://justthenews.com/government/federal-agencies/biden-administration-asks-court-not-release-dominion-voting-systems
Follow 👉@News4AChange
Just The News
Biden administration asks court not to release Dominion Voting Systems report
The attorneys proposed that the government would decide when to release the report.