On Tuesday, the Office of the Director of National Intelligence unveiled plans for a new approach to combatting cyber threats that encourages greater private sector participation. A document related to the strategy will be released on Monday. An overview of the plan was released at an event hosted by the
Last week, the security community was in a flurry around the disclosure of a severe vulnerability (known as CVE-2020-0601) in Microsoft’s Windows operating system. Notably, it was because the National Security Agency (NSA) tipped off Microsoft, helping the tech giant patch the flaw instead of exploiting it for national security missions. NSA was praised for its cultural shift from offense to defense, however, in my opinion, not all that glitters is gold.
A coalition of US lawmakers introduced new bipartisan legislation that aims to protect Americans from government surveillance, such as that run by the NSA. The bill, named Safeguarding Americans’ Private Records Act, was introduced today by Senators Wyden and Daines in the upper chamber while Representatives Lofgren, Davidson, and Jaypal
The US National Security Agency (NSA) has discovered and reported a bug to Microsoft. The vulnerability was tracked as CVE-2020-0601 and impacted Windows 10 and Windows Server systems. The NSA stated that this was the first time it decided to report and publicly disclose a security vulnerability pertaining to a
Most weeks, it is far outside the normal job responsibilities for cybersecurity professionals to understand what the United States (or other governments) do to find or use computer vulnerabilities. Just stay patched and keep the board of directors happy. This is not one of those weeks.
This week we learned that the National Security Agency disclosed to Microsoft that it had discovered a major vulnerability (dubbed CVE-2020-0601) in Windows 10. A Washington Post article, by veteran cyber journalist Ellen Nakashima, declared this to be a “a major shift in the NSA’s approach, choosing to put computer security ahead of building up its arsenal of hacking tools that allow the agency to spy on adversaries’ networks.”
Kaspersky has identified one of the advanced persistent threat (APT) groups mentioned in a leaked US National Security Agency (NSA) scanning tool. The python script was made public as part of the ‘Lost in Translation’ leak by the mysterious Shadow Brokers group in 2017. That leak also exposed other NSA
The US National Security Agency (NSA) and the UK National Cyber Security Centre (NCSC) warned on Monday that the Russian state-backed hacking group Turla (aka Snake or Uroburos) has been impersonating Iranian state-sponsored hackers in a campaign targeting organizations in the US, the UK and 33 other countries, many of
The US National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA) that falls under the US Department of Homeland Security (DHS) and the UK National Cyber Security Centre (NCSC) are all warning that Windows, macOS And Linux Users relying on certain Virtual Private Network (VPN) applications are at
The US National Security Agency (NSA) has established a new Cybersecurity Directorate to take over the foreign intelligence and cyber activities of the agency. According to an NSA spokesperson, the new directorate “will reinvigorate NSA’s white hat mission by sharing critical threat information and collaborating with partners and customers to
A new report by Check Point indicates that Chinese state-backed hackers set deliberate traps to steal the NSA-linked cyber weapons that were leaked by the mysterious Shadow Brokers group in 2017. Earlier this year, Symantec already found evidence that Chinese cyber espionage group Buckeye (aka APT3, UPS Team, Gothic Panda,