AMEO ‘concerned’ about nation-state attacks on power grids

“For the energy sectors and critical infrastructure sectors, particularly around electricity, we are concerned about nation-state actors,” says Tim Daly, chief security officer (CSO) for the Australian Energy Market Operator (AEMO). “Nation-states are looking to have capability and implants that Read More …

GSA proposes new cybersecurity reporting rules for contractors

The General Services Administration is proposing new rules shaping how contractors protect government information on the IT systems they manage. Tucked in a Friday Federal Register post detailing the Unified Agenda of Federal Regulatory and Deregulatory Actions, two proposed rules — GSAR Read More …

Critical Infrastructure & Supply Chain Remain Highly Vulnerable to Attacks

This week, the National Cyber Security Alliance (NCSA) reminds us that, “our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption Read More …

House Passes Bill Expanding DHS’ Power to Block Risky Contractors from Government Networks

The House passed legislation Tuesday that would dramatically broaden the Homeland Security Department’s power to block contractors and subcontractors that officials determine present cybersecurity and national security risks to the department’s technology supply chain. The bill, which is modeled on Read More …

Microsoft says: Lock down your software supply chain before the malware scum get in

Microsoft’s security team is urging developers to shore up their software update systems – after catching miscreants hijacking an editing application’s download channels to inject malware into victims’ PCs. In a security advisory, Redmond’s infosec gurus describe Operation WilySupply: their Read More …