Tag: federal cybersecurity
-
Microsoft Security Blog: US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID
Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/27/us-department-of-labors-journey-to-zero-trust-security-with-microsoft-entra-id/ Source: Microsoft Security Blog Title: US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID Feedly Summary: Discover how the U.S. Department of Labor enhanced security and modernized authentication with Microsoft Entra ID and phishing-resistant authentication. The post US Department of Labor’s journey to Zero Trust security with Microsoft…
-
The Register: CISA worker says 100-strong Red Team fired after DOGE cancelled contract
Source URL: https://www.theregister.com/2025/03/12/cisa_staff_layoffs/ Source: The Register Title: CISA worker says 100-strong Red Team fired after DOGE cancelled contract Feedly Summary: Election infosec advisory agency also shuttered A penetration tester who worked at the US govt’s CISA claims his 100-strong team was dismissed after Elon Musk’s Trump-blessed DOGE unit cancelled a contract – and that more…
-
Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/11/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2025-21418 Microsoft Windows Ancillary Function Driver for…
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/07/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the…
-
The Register: The curious story of Uncle Sam’s HR dept, a hastily set up email server, and fears of another cyber disaster
Source URL: https://www.theregister.com/2025/01/29/opm_email_lawsuit/ Source: The Register Title: The curious story of Uncle Sam’s HR dept, a hastily set up email server, and fears of another cyber disaster Feedly Summary: Lawsuit challenges effort to create federal-wide centralized inbox expected to be used for mass firings Two anonymous US government employees have sued Uncle Sam’s HR department…
-
Wired: US Names One of the Hackers Allegedly Behind Massive Salt Typhoon Breaches
Source URL: https://www.wired.com/story/us-names-one-of-the-hackers-allegedly-behind-massive-salt-typhoon-breaches/ Source: Wired Title: US Names One of the Hackers Allegedly Behind Massive Salt Typhoon Breaches Feedly Summary: Plus: New details emerge about China’s cyber espionage against the US, the FBI remotely uninstalls malware on 4,200 US devices, and victims of the PowerSchool edtech breach reveal what hackers stole. AI Summary and Description:…