DHS Archives - Cyber Security Minute

How the U.S. Government Views the Bright, Dark Sides of AI

Issued by: DataBreach Today

The U.S. government is testing how artificial intelligence might enhance operations while preparing for the technology’s downside, such as more dangerous hacking attempts from nation-state adversaries, a congressional panel heard Thursday. “The cybersecurity element is a great example of the bright and the dark side of AI technology,” said Arati Prabhakar, director of the White…

Malware & Threats

‘Hack DHS’ Participants Awarded $125,000 for Over 100 Vulnerabilities

Issued by: Security Week

The Hack DHS program was announced in December 2021 and it was launched several years after lawmakers passed a bill to create such a program. In the first phase of Hack DHS, vetted cybersecurity researchers were invited to find vulnerabilities in specific DHS systems. According to the DHS, more than 450 white hat hackers took…

Network Security

CISA’s Joint Cyber Defense Collaborative: Why it just might work

Issued by: CSO

The Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS) has a new director, Jen Easterly. The Senate confirmed Easterly in July, with swearing taking place on August 09, 2021. It should come as no surprise to CISOs to see Easterly dig in and immediately leverage the newly minted Joint Cyber…

Vulnerabilities

CISA Announces Vulnerability Disclosure Policy Platform

Issued by: Security Week

Working in collaboration with bug bounty platform Bugcrowd and government technology contractor Endyna, CISA introduced its VDP platform to help Federal Civilian Executive Branch (FCEB) agencies identify and address vulnerabilities in critical systems. The platform was launched in support of Binding Operational Directive (BOD) 20-01, through which the Department of Homeland Security (DHS) instructed all…

Malware & Threats

AP Sources: SolarWinds Hack Got Emails of Top DHS Officials

Issued by: Security Week

The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is not publicly known, but the symbolism is stark. Their accounts were accessed as part of what’s known as the SolarWinds intrusion and it throws into question how the U.S. government can protect individuals, companies and institutions across the country if…

Malware & Threats

DoD, DHS Warn of Attacks Involving SLOTHFULMEDIA Malware

Issued by: Security Week

SLOTHFULMEDIA is described as a dropper that deploys two files when executed, including a RAT designed to allow hackers to control compromised devices, and a component that removes the dropper once the RAT achieves persistence on the targeted computer. The RAT is capable of running arbitrary commands, terminating processes, taking screenshots, modifying the registry, and…

Network Security

US collects social media handles from select visitors

Issued by: CIO Security

Visitors to the U.S. under a visa waiver program are being asked by the Department of Homeland Security for information on their social media accounts, a plan that had drawn criticism from civil rights groups for its potential encroachment on privacy. The U.S. Customs and Border Protection unit of the DHS asked for written comments…

Vulnerabilities

IDG Contributor Network: Putting the privacy into cybersecurity at DHS

Issued by: CSO

Security and privacy have an awful lot in common; both disciplines care deeply about the confidentiality of personally identifiable information. Attend a cyber-security conference or a privacy conference, you are likely to hear the same catch phrases “[Security/privacy] is best addressed at the earliest stages of system development, not at the end when retrofitting requirements…