Collaborate Disseminate
Censys identified hundreds of devices within US federal agencies’ networks that expose their management interface to the internet.
The post Hundreds of Devices With Internet-Exposed Management Interface Found in US Agencies appeared first on SecurityWe… Continue reading Hundreds of Devices With Internet-Exposed Management Interface Found in US Agencies
With a month left on a deadline for federal government domains to implement a key email security policy, cybersecurity company Proofpoint says agencies have made significant progress, but is doubtful that each one will actually make it in time. The Department of Homeland Security issued a binding operational directive (BOD) last year ordering all agencies to have the highest level of DMARC (Domain-based Message Authentication, Reporting and Conformance) within a year. DMARC protects domains from being spoofed via email. Without it, malicious actors can send messages that appear to be, for example, a .gov website. As part of the directive, agencies are required to have a DMARC policy of “reject” — the highest of three levels — by Oct. 16. In a report published Monday, Proofpoint notes 51.9 percent of agency domains are compliant at this point. However, that’s roughly the same assessment Agari, an email security company, put out […]
The post Proofpoint: One month out from deadline, half of agency domains are DMARC compliant appeared first on Cyberscoop.
Continue reading Proofpoint: One month out from deadline, half of agency domains are DMARC compliant
Moscow-based anti-virus company Kaspersky Lab has filed a motion for a preliminary injunction in U.S. federal court in hopes of halting the Trump administration’s ongoing efforts to ban Kaspersky software from use in federal agencies, CyberScoop has learned. The move comes after Kaspersky Lab founder and CEO Eugene Kaspersky announced plans in December to sue the Department of Homeland Security (DHS), who originally launched the ban through a Binding Operational Directive (BOD) on Sept. 13 citing alleged espionage concerns. The motion was filed in the U.S. District Court for the District of Columbia. The Washington Post, New York Times and Wall Street Journal have all reported in recent months, citing anonymous U.S. intelligence officials, that Russian intelligence agencies have in the past leveraged Kaspersky Lab’s anti-virus engine to remotely steal confidential documents from targeted computers where the software is already installed. Kaspersky Lab has repeatedly and unequivocally denied all wrongdoing. The company continues […]
The post Kaspersky Lab files injunction in court, seeking to counter Trump administration ban appeared first on Cyberscoop.
Russian anti-virus maker Kaspersky Lab is suing the U.S. government for its decision to ban the company’s software in federal agencies and departments, according to an open letter written by company founder Eugene Kaspersky. Citing a lack of due process and insufficient evidence relating to the Department of Homeland Security’s Binding Operational Directive (BOD) 17-01, Kaspersky is claiming the U.S. government violated the Administrative Procedures Act and the Fifth Amendment. The Administrative Procedures Act controls how administrative agencies can propose and establish regulations, requiring organizations to provide “substantial evidence” for their decisions if questioned by a U.S. court. In September, DHS ordered civilian agencies to remove Kaspersky Lab from their computers within 90 days via the directive. Although the process had been ongoing for some time, the ban was then codified into law last week when U.S. President Donald Trump signed the National Defense Authorization Act (NDAA). The lawsuit represents […]
The post Kaspersky Lab takes U.S. government to court over federal software ban appeared first on Cyberscoop.
Continue reading Kaspersky Lab takes U.S. government to court over federal software ban
A senior U.S. official pushed back against a Democratic senator’s criticism Thursday concerning the 90-day timeframe provided by the Department of Homeland Security for federal agencies to uninstall Kaspersky Lab products after the technology was linked to Russian intelligence efforts. In an open congressional hearing Thursday, Missouri Sen. Claire McCaskill questioned why the Homeland Security Department would offer such a grace period when the threat of foreign espionage is apparently evident. She implied that the Kremlin, if found in a similar situation, would be handling the situation much more rapidly. “You’re giving them a long time,” said McCaskill. “Do you think if this happened in Russia, if they found a system of ours was looking at all their stuff, that they would give their government 90 days to remove it? Seriously? The point I am making I mean is that why don’t you just say you have to remove it […]
The post Senator questions DHS’s handling of Kaspersky software ban in federal agencies appeared first on Cyberscoop.
Continue reading Senator questions DHS’s handling of Kaspersky software ban in federal agencies