The proposed rules of FAR Case 2021-017 and FAR 2021-019 impose extensive cybersecurity obligations on contractors and their supply chains. Non-compliance could result in liability under the False Claims Act. The rules require immediate reporting of security incidents, allow government access to contractor information, and demand the creation of Software Bills of Materials. The rules apply to all contracts and contractors are encouraged to prepare for compliance ahead of the February 2, 2024 deadline for comments.
Researchers sound alarm over hackers exploiting critical ProjectSend vulnerability
A critical vulnerability in ProjectSend was fixed in 2020, but there is still a high risk of exploitation, according to researchers. The flaw could allow
