The Treasury Department said Integrity Technology provided Flax Typhoon actors with infrastructure between the summer of 2022 and fall of 2023 — with the state-backed groups sharing and receiving information from the company.

As of November, the CISA had issued 2,131 pre-ransomware notifications this year, nearly double the amount it issued in 2023. The agency also released almost 1,300 cyber defense alerts and advisories through the JCDC during fiscal year 2024.

While CISA has only finalized the required secure configuration baselines (SCBs) for Microsoft 365, it plans to release additional baselines for other cloud platforms, starting with Google Workspace (anticipated to enter scope in Q2 of FY 2025).

The provision, slotted into the National Defense Authorization Act for the 2025 fiscal year, seeks to secure U.S. government-issued devices used by diplomats, armed forces personnel, and staffers in the U.S. Agency for International Development.

The FCC shared a draft ruling that, if adopted, would immediately require telecommunications firms to secure their networks against unauthorized access to systems that house wiretap requests from law enforcement, according to an agency news release.

The White House hosted a meeting with executives of the U.S. telecommunications sector to share intelligence pertaining to China's "significant cyberespionage campaign targeting the sector."

DEF CON launched the Franklin Project to secure US water systems, starting with six firms. Partnering with the NRWA and University of Chicago, volunteers aim to fix vulnerabilities, raise awareness, and bolster defenses for 50,000 water suppliers.

In 2024, there were at least six incidents affecting drinking water infrastructure, according to data collected by Recorded Future News using the Freedom of Information (FOI) Act. In previous years there were no more than two.

This initiative expands the USDA's Circuit Rider Program, offering cybersecurity support and training to small drinking and wastewater treatment facilities. The goal is to assess and improve the cybersecurity capacity of rural water utilities.

The US Cybersecurity and Infrastructure Security Agency (CISA) has released its first international strategic plan to enhance collaboration in combating cyber threats to critical infrastructure.