Cybersecurity

Ransomware to overtake phishing as top cause for data compromises, report says

A new report says 2021 set a record for data breaches, but increasingly notifications to victims and authorities often lack transparency, hindering investigations.

No easy fix for ID verification for government benefits

While states are looking for turnkey solutions to qualify applicants for government programs, many individuals without the right credentials can fall between the cracks.

Agencies still rely on username-password for access management

Even though more secure identity access management solutions exist, 86% of federal, state and local government respondents said that usernames and passwords are their most-used authentication method, according to a recent survey.

How the Biden administration is making gains in an uphill battle against Russian hackers

Though government-controlled hackers might persist, and criminal groups might disappear, rebuild and rebrand, the high costs imposed by the Biden administration could hinder their success.

Small cities worry cybersecurity money won't reach them

Even though small, under-resourced municipalities often fall victim to cyberattacks, many don't have the resources to put together a proposal for a share of the $1 billion in federal cybersecurity grants available through the new infrastructure law.

Think twice before scanning that QR code, FBI warns

The FBI is warning that cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

ID verification, analytics can help agencies fight fraud

Combining an automated verification system and data analytics for prevention and detection helps create a powerful tool for government IT professionals facing a flood of fraud.

Maryland Health Department hit with ransomware

For more than two weeks, COVID surveillance data wasn't released publicly, and many day-to-day operational services are still unavailable.

Top Public Sector Cybersecurity Threat No Longer is Employees

Hackers pose the greatest cyber risks for states and localities, followed by careless workers and foreign governments, according to an annual IT report.

NIST Updates Cybersecurity Engineering Guidelines

Amid constant cybersecurity threats, NIST added more insight for engineers and programmers on how to mitigate system vulnerabilities.

The metaverse offers a future full of potential – for terrorists and extremists, too

The rise of the metaverse will open new vulnerabilities and give people with malicious intent novel opportunities to exploit them.

Cities in Texas hit by QR-code phishing scam

Austin, Houston and San Antonio have been affected by a phishing scam designed to get users to pay for parking using fraudulent QR codes pasted on public meters.

FTC warns of legal risks of failing on Log4j mitigation

The Federal Trade Commission issued a warning urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.

Maintaining zero trust over time: Why set-it and forget-it won’t work

Zero trust requires continuous revalidation of trustworthiness -- of the devices, services and identities connecting into an enterprise environment, as well as the systems to which they are connecting.

Avoid being held captive by ransomware with secure, reliable backups

After a ransomware attack, tiered recovery time objectives and a thorough, practiced plan can help agencies minimize downtime.

Feds Step Up Cybersecurity Support for State Governments

Forty-two advisers have been appointed or are in the process, with eight states still needing federal-level coordinators.