• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Data Breach

Secret Service probing breach at federal IT contractor

by Cyber360 News
November 11, 2019
in Data Breach
0
Secret Service probing breach at federal IT contractor
0
SHARES
5
VIEWS
Share on FacebookShare on Twitter

Credentials and email messages pilfered in a breach of a federal government contractor that could be used to access the contractor’s systems and those of its customers – including the U.S. Department of Transportation, the National Institutes of Health (NIH), and the U.S. Citizenship and Immigration Services (USCIS) – were auctioned off in a Russian cybercrime site in August, prompting an investigation by the U.S. Secret Service.  

The information is “all old stuff in our own internal test environment, and it is no longer valid,” a KrebsOnSecurity report cited Miracle Systems LLC CEO Sandesh Sharda as saying. The company claims to be a prime contractor to more than 20 federal agencies.

The
report noted that multiple systems of one company, Hold Security, had been
compromised three times by Emotet malware from November 2018 to July 2019.

The FISMA Act of 2002 as well as FAR 52.204-21 in 2017, respectively, require agencies to manage their security and privacy controls and make sure their contractors meet 15 security controls. “But how can a government agency efficiently test its suppliers’ information security?” said Dov Goldman, director of risk and compliance at Panorays. “What’s more, how can they manage many more subcontractors’ InfoSec?”

While “private companies with mature third-party
information security programs are increasingly aware of the need to manage security
deep in their supply chain,” smaller, more innovative providers often “have
less sophisticated infosec programs,” Goldman said, noting that the vast sprawl
of federal government contracting. “Because there are so many smaller players
as you dive deeper into the supply chain, it becomes more and more important to
implement highly automated approaches to assess suppliers’ InfoSec controls and
the integrity of their attack surface.”

The breach at Miracle Systems “seems to have caused no
harm,” but should still “serve as a wakeup call for U.S. federal government
agencies to find the most innovative, effective and automated solutions for
assessing, managing and monitoring supply chain security.”

Cyber360 News

Cyber360 News

Next Post
North Carolina Boy Scouts PII compromised

North Carolina Boy Scouts PII compromised

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In