Hot Topics

nsa

A ball of energy with electricity beaming all over the place.

AI Adoption Prompts Security Advisory from NSA

| | AI, data science vulnerabilities, data theft, infrastructure vulnerabilities, nsa
The warning underscores the importance of a collaborative approach to AI security involving stakeholders across different domains, including data science and infrastructure ...
Security Boulevard

Declassified NSA Newsletters

| | Applied Cryptography, foia, history of cryptography, history of security, nsa, Uncategorized
Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “Tales of the Krypt,” from 1994 to 2003. There are many interesting things ...
Schneier on Security
PAM, zero-trust, ZTNA, migrating, backup data, zero-trust, security, zero-trust, business, policy container zero-trust ZTNA

NSA Issues Guidance for Enterprises Adopting Zero Trust

| | Network Security, nsa, Zero Trust Architecture
The National Security Agency (NSA) wants organizations adopt zero-trust framework principles to protect their enterprise networks and is releasing guidance to help them get there. The agency is arguing that adopting controls ...
Security Boulevard
The Ubiquiti “U” logo, with superimposed text: “SELESS”

FBI Warns: Ubiquiti EdgeRouter is STILL Not Secure

| | APT28, Botnet disruption, Botnet Takedown, botnets, CVE-2023-23397, EdgeRouter, Fancy Bear, FBI warning, GRU, IC3, IC3.gov, Military Unit 26165, nsa, NSA/CISA, NTLM, NTLM Authentication, NTLM hash, NTLM leak, ntlm relay, Russia, russia hacker, russia-based, russian, Russian Cyber Interests, Russian Cyber War, SB Blogwatch, Ubiquiti, Ubiquiti breach, Ubiquiti Inc., Ubiquiti Networks, US FBI
GRU APT28 is back again: Fancy Bear still hacking ubiquitous gear, despite patch availability ...
Security Boulevard

Volt Typhoon Malware: US Critical Infrastructure Breached

| | Advanced Persistent Threats, APTs, China's embassy, Chinese state-sponsored hacking group, cisa, Citizen Lab, collaboration, CrowdStrike report, Cybersecurity, Cybersecurity News, cybersecurity threats, defense mechanisms, FBI, Five Eyes alliance, influence campaign, LotL techniques, multi-hop proxies, nsa, operational security, PAPERWALL, Reuters, The Hacker News, US critical infrastructure, Volt Typhoon
In a recent revelation, the U.S. government disclosed that the Chinese state-sponsored hacking group, Volt Typhoon has surreptitiously infiltrated critical infrastructure networks within the country for a staggering five-year period. This embedded ...
TuxCare
Apple CEO Tim Cook, with superimposed text: “No Such Agency”

NSA iPhone Backdoor? Apple Avoids Russian Blame Game

| | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
A caricature of FBI head Christopher Wray

FBI’s Warrantless Spying on US Must Continue, Says FBI

| | 4th Amendment, Democracy, FBI, FBI Director Christopher Wray, Federal Government, FISA, Fourth Amendment, government, government access, government surveillance, Government Surveillance Reform Act (GSRA), lawful surveillance, mass surveillance, nsa, police surveillance, Privacy, SB Blogwatch, Section 702, surveillance, US Constitution, US FBI, warrantless search
Privacy, schmivacy: FBI head Christopher Wray (pictured) doesn’t see what all the fuss is about. Just renew FISA section 702 already! ...
Security Boulevard

New NSA Information from (and About) Snowden

| | Edward Snowden, Guardian, New York Times, nsa, Privacy, surveillance, Uncategorized
Interesting article about the Snowden documents, including comments from former Guardian editor Ewen MacAskill MacAskill, who shared the Pulitzer Prize for Public Service with Glenn Greenwald and Laura Poitras for their journalistic ...
Schneier on Security
NSA cybersecurity OT

NSA Releases EliteWolf GitHub Repository for Securing OT Environments

| | cisa, Cybersecurity, GitHub, nsa
The National Security Agency released a code repository in GitHub to make it easier for critical infrastructure organizations and similar entities to better identify and detect potentially malicious activities in their operational ...
Security Boulevard
credential stuffing attack

CISA and NSA Offer MFA and SSO Guidelines for Developers, Vendors

| | cisa, Cybersecurity, MFA, nsa, Phishing
Developers and tech vendors need to improve multifactor authentication (MFA) and single sign-on (SSO) tools and make them easier for organizations to use to reduce the threat of phishing, password spraying, and ...
Security Boulevard
Load more

Application Security Check Up