Cybersecurity

How the Biden administration is making gains in an uphill battle against Russian hackers

Though government-controlled hackers might persist, and criminal groups might disappear, rebuild and rebrand, the high costs imposed by the Biden administration could hinder their success.

Small cities worry cybersecurity money won't reach them

Even though small, under-resourced municipalities often fall victim to cyberattacks, many don't have the resources to put together a proposal for a share of the $1 billion in federal cybersecurity grants available through the new infrastructure law.

Think twice before scanning that QR code, FBI warns

The FBI is warning that cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

ID verification, analytics can help agencies fight fraud

Combining an automated verification system and data analytics for prevention and detection helps create a powerful tool for government IT professionals facing a flood of fraud.

Maryland Health Department hit with ransomware

For more than two weeks, COVID surveillance data wasn't released publicly, and many day-to-day operational services are still unavailable.

Top Public Sector Cybersecurity Threat No Longer is Employees

Hackers pose the greatest cyber risks for states and localities, followed by careless workers and foreign governments, according to an annual IT report.

NIST Updates Cybersecurity Engineering Guidelines

Amid constant cybersecurity threats, NIST added more insight for engineers and programmers on how to mitigate system vulnerabilities.

The metaverse offers a future full of potential – for terrorists and extremists, too

The rise of the metaverse will open new vulnerabilities and give people with malicious intent novel opportunities to exploit them.

Cities in Texas hit by QR-code phishing scam

Austin, Houston and San Antonio have been affected by a phishing scam designed to get users to pay for parking using fraudulent QR codes pasted on public meters.

FTC warns of legal risks of failing on Log4j mitigation

The Federal Trade Commission issued a warning urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.

Maintaining zero trust over time: Why set-it and forget-it won’t work

Zero trust requires continuous revalidation of trustworthiness -- of the devices, services and identities connecting into an enterprise environment, as well as the systems to which they are connecting.

Avoid being held captive by ransomware with secure, reliable backups

After a ransomware attack, tiered recovery time objectives and a thorough, practiced plan can help agencies minimize downtime.

Feds Step Up Cybersecurity Support for State Governments

Forty-two advisers have been appointed or are in the process, with eight states still needing federal-level coordinators.

Cyber vulnerabilities could impact municipal finance

Municipal bond credit analysts consider governments unprepared for cyberattacks, a recent survey says.

Ohio adopts single sign-on for unemployment claims

The OH|ID gives users a trusted identity they can use for unemployment benefits, while offering state agencies enterprise-level identity proofing services.

5 best practices for strengthening your software supply chain with DevSecOps

Because every application is mission critical, strengthening DevSecOps processes provides needed transparency into an agency’s full portfolio of applications.