Security News > 2021 > July
Node.js has released updates for a high severity vulnerability that could be exploited by attackers to corrupt the process and cause unexpected behaviors, such as application crashes and potentially remote code execution. In a client-server architecture, if a client application wants to end the connection, it would send an RST STREAM frame to the server.
A number of new incidents have been reported involving CIA officers in the last year or so, a source with direct knowledge told NBC News, including a CIA officer who experienced symptoms in Poland last spring, two CIA officers allegedly hit in East Asia last fall, and incidents in London in May and December 2019. The source said the CIA, using mobile phone location data, had determined that some Russian intelligence agents who had worked on microwave weapons programs were present in the same cities at the same time that CIA officers suffered mysterious symptoms.
The U.S. National Security Agency is offering advice to security teams looking for wireless best practices to protect corporate networks and personal devices. The NSA advises turning off Bluetooth in public, lest a user be open to a range of attacks such as BlueBorne or BlueBugging - both used to access and exfiltrate corporate data on targeted devices.
The Cybersecurity and Infrastructure Security Agency today launched a new vulnerability disclosure policy platform for US federal civilian agencies. The newly launched VDP platform service allows Federal Civilian Executive Branch agencies to identify, monitor, and close security gaps in critical systems with the help of ethical hackers worldwide.
Jack Wallen teaches you how to use simple bash scripts to automate backing up your VirtualBox VMs.
Microsoft says the Windows Subsystem for Linux can now be installed on Windows 10, version 2004 or later using a single terminal command. "In the latest Windows Insider Preview builds, you can install everything you need to run WSL just by running wsl.exe -install," Windows Developer Platform Program Manager Craig Loewen said.
TechRepublic's Karen Roby interviews Brandon Vigliarolo about how the ransomware risk management calculus is changing for OT, ICS and critical infrastructure.
![S3 Ep43: Apple 0-day, pygmy hippos, hive nightmares and Twitter hacker bust [Podcast]](/static/build/img/news/s3-ep43-apple-0-day-pygmy-hippos-hive-nightmares-and-twitter-hacker-bust-podcast-small.jpg)
The time has come for me to find a new home for my cryptography library. It's about 150 linear feet of books, conference proceedings, journals, and monographs - mostly from the 1980s, 1990s, and 2000s.
TechRepublic's Karen Roby interviews Lance Whitney about a recent report that detailed how cryptomining scams targeted Android app users and stole an estimated $350,000 from more than 93,000 people.