Skip to content
July 12, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Data
    • CVE Watchtower
    • Top Exploited CVEs
    • CVE Stats by Vendor
    • Q2 2026 Report
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Cyber Security
  • Pentagon Spends $27.5 Million to Establish Isolation System to Prevent Military Secrets from Leaking
  • Cyber Security

Pentagon Spends $27.5 Million to Establish Isolation System to Prevent Military Secrets from Leaking

Do Son June 18, 2018 3 minutes read
Pentagon Military Secrets
Add Daily CyberSecurity as a preferred source on Google

The Defense Information Systems Agency (DISA) under the U.S. Department of Defense does not want Pentagon staff to use the Ministry of Defense’s internal network to browse the Internet, trying to isolate Internet and agency’s internal networks by pushing web browsing to the cloud.

The DISA’s Office of Requirements and Analysis (RAO) published an RFI on the FedBizOpps website on June 11th, 2018, about the “Cloud Based Internet Isolation Solution,” seeking to provide this Solution provider to support Department of Defense endpoint security solutions.

Image: By David B. Gleason from Chicago, IL (The Pentagon) [CC BY-SA 2.0], via Wikimedia Commons

DISA pointed out in the RFI that the contract value of this “Cloud Based Internet Isolation Solution” is about $27.5 million, and its provided cloud-based Internet isolation capabilities for various uses of the Department of Defense The network threatens end-users’ cyber attacks to provide defence.

This cloud-based Internet segregation solution will provide the Department of Defense with a system that allows US Department of Defense personnel to access the Internet while also isolating the staff’s online operations from the Department of Defense’s internal network. The system can redirect Web browsing to remote servers located in the Federal Data Center and supports all approved proxy browsers and authentication tools.

  • The system also can handle at least 3.1 million users at any time, and it must also provide a secure way to record each user’s online activities and send them back to the organisation.
  • Cloud-based Internet isolation solutions in the cloud network must meet a series of performance specifications, including minimum 10 Gbps throughput, no more than five seconds start-up time and the ability to support more than 25 browser tabs without affecting the quality.
  • Also, the system must also allow the US Department of Defense to whitelist or blacklist sites that are based on geographic location, category, and other factors.

Given the size and scope of the Pentagon’s activities, hackers and cybercriminals may launch cyber attacks against Pentagon employees. According to DISA estimates, the US Department of Defense is blocking about 36 million messages carrying malware, viruses, and phishing attacks every day. Back in 2015, to prevent phishing attacks, the US Department of Defense set the Internet links in all e-mails as “unclickable.”

The latest attempt by the US Department of Defense to isolate the Internet is to respond to cybersecurity attacks against this sector. After recording the user’s movement trajectory for a fitness application and inadvertently leaking the location of the US military base, the US Department of Defense banned mobile phones, laptops, tablet computers, and all other devices capable of transmitting and storing confidential data in May 2018.

Source: nextgov

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.


We respect your inbox. Unsubscribe anytime.

Related coverage

  • Chinese State-Sponsored Group RedJuliett Escalates Cyber Espionage Against Taiwan
  • Beyond Crypto: 8220 Gang Expands Arsenal with k4spreader
  • Western Digital suffers network security incident
  • SideWinder APT Group: Maritime & Nuclear Targets, Evolved Malware
  • “Coyote” Trojan Strikes Brazil’s Banks, Experts Warn of Next-Gen Threat
Track all actively exploited CVEs →

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: Pentagon

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-48939CVSS 10.0
    A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-56291CVSS 10.0
    The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-56271CVSS 9.8
    Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses weak hardcoded default...
  • CVE-2026-56260CVSS 9.1
    Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker...
  • CVE-2026-61447CVSS 10.0
    PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python() that...
  • CVE-2026-61445CVSS 9.9
    PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in...
  • CVE-2026-60090CVSS 9.8
    PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the...
  • CVE-2026-57827CVSS 10.0
    The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload...
  • CVE-2026-57828CVSS 9.0
    The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file...
  • CVE-2026-14480CVSS 9.9
    OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the...
  • CVE-2026-20744CVSS 9.8
    The charging station websocket endpoint accepts connections without proper authentication, which could...
  • CVE-2026-57807CVSS 9.8
    Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Top Exploited CVEs
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • DCMA
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • CVE Watchtower
    • CVE Statistics by Vendor 2026
    • Q2 2026 Report
    • Top Exploited CVEs
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.