On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp. and Board of Regents of the University System of Georgia (d/b/a the Georgia Institute of Technology) (United States v. Georgia […]
United States Cybersecurity and Infrastructure Security Agency Issues Joint International Guidance for Event Logging and Threat Detection
On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging and threat detection best practices. The guidance was published in response to the increased prevalence of threat actors employing Living of the Land (LOTL) […]
DOJ Continues to Investigate and Prosecute North Korean IT Worker Fraud Scheme
On Thursday, August 8, 2024, the United States Department of Justice (“DOJ”) announced that it had charged a Nashville man for his alleged role in assisting the Democratic People’s Republic of Korea (“DPRK” or “North Korea”) with a scheme designed to funnel money from legitimate U.S. based businesses through fraudulently hired remote IT workers. The […]
CISA Releases Findings from its AI Pilot Program on Detecting Critical Vulnerabilities
On July 28, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) announced that they piloted an Artificial Intelligence (AI)-enabled vulnerability program to help detect and remediate vulnerabilities in the U.S. government’s critical networks, systems, and software, as required by Executive Order (EO) 14110. From late 2023 to early 2024, CISA performed the pilot program to […]
CISA and JCDC Conduct First-Ever Public-Private AI Security Incident Tabletop Exercise
On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) collaborated with the Joint Cyber Defense Collaborative (JCDC) to hold the federal government’s first tabletop exercise for “AI security incidents. JCDC led the exercise and, true to JCDC’s public-private partnership model, included over 50 participants from various government agencies and private-sector companies. For those […]