Just days before the inauguration ceremony, the outgoing Biden administration issued a sweeping cybersecurity executive order aimed primarily at improving the defenses of federal agencies and their contractors.
Two of the biggest components of the new AI rules are the implementation of mandatory AI safeguards by federal agencies, such as those used in healthcare and financial benefit systems, and expanded transparency requirements.
A joint cybersecurity alert warned that hackers breached multiple federal agencies via remote monitoring and management software in a widespread helpdesk-themed phishing campaign.
The Biden administration has taken the first step toward implementing a government-wide zero trust strategy with a memorandum addressed to all federal agencies, outlining the basic goals to be reached by the end of fiscal year 2024.
CISA directs federal agencies to adhere to the vulnerability management catalog and patch 300 exploited vulnerabilities assigned CVE IDs in 2021 within 2 weeks and 6 months for previous ones.
New Senate report reveals that the government’s biggest targets are not keeping pace with threats. Seven of eight federal agencies were found to have not made any meaningful improvements to their security since 2019.
Hackers exploited Pulse Connect Secure VPN vulnerabilities to collect passwords, install web shells, and bypass multi-factor authentication on victims’ networks, including federal agencies.
