AS STATED IN A NEW DIRECTIVE, all U.S. federal agencies are currently pressured by the Biden Administration, requiring them to patch hundreds of security bugs.
As of the moment, the United States and other parts of the globe are being targeted by different hacking groups. Most of these malicious actors pose international security threats, which could definitely affect various companies and government agencies.
Now, the current U.S. President Joe Biden wants all federal agencies to make efforts so that the security vulnerabilities in their systems would be fixed as soon as possible.
CISA (Cybersecurity and Infrastructure Security Agency) issued the new binding operational directive on Wednesday, Nov. 3. This allows all federal agencies in the country to patch more than 300 security bugs within six months.
However, the latest directive also forces them to fix the latest security flaws in just two weeks. Will this be a problem?
ALL U.S. Federal Agencies Must Fix Security Bugs
According to Tech Crunch's latest report, CISA's new operational directive orders federal organizations in the United States to fix the current vulnerabilities, even those security bugs dating back to 2014 and 2015.
"The Directive lays out clear requirements for federal civilian agencies to take immediate action to improve their vulnerability management practices and dramatically reduce their exposure to cyberattacks," said Jen Easterly, the CISA Director.
However, various cybersecurity experts and the U.S. government's watchdog, The Office of Management and Budget (OMB), believe that federal agencies would have a hard time fixing these security flaws.
OMB added that most of these government organizations are still struggling when it comes to cybersecurity basics. But, this would still depend on the efforts they will make. They still have six months to patch the old and new vulnerabilities in their systems.
Worst Hardware Security Flaws This 2021
Right now, hardware and software vulnerabilities are serious security threats since hackers can take advantage of them to attack the government and businesses and companies.
Recently, we reported that the FBI warned companies about their financial activities since these could trigger malicious activities. On the other hand, Microsoft also issued a warning about a new password spraying.
Now, MITRE, together with CISA, published a new report about the worst hardware security vulnerabilities. ZDNet provided a full list. But, you can check some of them below:
- CWE-1231 Improper Prevention of Lock Bit Modification
- CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection
- CWE-1189 Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
- CWE-1191 On-Chip Debug and Test Interface With Improper Access Control
For more news updates about other security threats across the world, always keep your tabs open here at TechTimes.
This article is owned by TechTimes
Written by: Griffin Davis