The Kremlin-backed hacking outfit’s toolbox seems to grow by the month.
DOJ will sue federal contractors that hide cyberattacks and breaches
The U.S. Department of Justice has said it will launch civil legal action against federal contractors if they fail to report cyberattacks or data breaches. The Civil Cyber-Fraud Initiative, introduced by Deputy Attorney General Lisa O. Monaco this week, will leverage the existing False Claims Act (FCA) to “pursue cybersecurity-related fraud by government contractors and […]
Stairwell secures $20M Series A to help organizations outsmart attackers
Back when Stairwell emerged from stealth in 2020, the startup was shrouded in secrecy. Now with $20 million in Series A funding, its founder and CEO Mike Wiacek — who previously served as chief security officer at Chronicle, Google’s moonshot cybersecurity company — is ready to talk. As well as raising $20M, an investment round […]
The stars are aligning for federal IT open source software adoption
While the government has made a number of moves in a more open direction in recent years, the story of open source in federal IT has often seemed more about potential than reality.
To prevent cyberattacks, the government should limit the scope of a software bill of materials
There is no reason to disdain the concept of SBOM outright. Indeed, it’s heartening to see the federal government take cybersecurity so seriously.
Checkmarx acquires open source supply chain security startup Dustico
Checkmarx, an Israeli provider of static application security testing (AST), has acquired open-source supply chain security startup Dustico for an undisclosed sum. Founded in 2020, Dustico provides a dynamic source-code analysis platform that employs machine learning to detect malicious attacks and backdoors in software supply chains. The acquisition will see Checkmarx combine its AST capabilities […]
Passwordstate customers complain of silence and secrecy after cyberattack
It has been over three months since Click Studios, the Australian software house behind the enterprise password manager Passwordstate, warned its customers to “commence resetting all passwords.” The company was hit by a supply chain attack that sought to steal the passwords from customer servers around the world. But customers tell TechCrunch that they are […]