Security News

Storage solutions provider QNAP this week published an advisory to warn customers that certain versions of QTS, the operating system for its network-attached storage devices, are affected by the Zerologon vulnerability. "If exploited, this elevation of privilege vulnerability allows remote attackers to bypass security measures via a compromised QTS device on the network. The NAS may be exposed to this vulnerability if users have configured the device as a domain controller in Control Panel > Network & File Services > Win/Mac/NFS > Microsoft Networking," the company explains.

The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides Common Vulnerabilities and Exposures known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.

Wickr announced the launch of its Federal Advisory Board to provide strategic guidance on the company's federal strategy to connect end users with secure collaboration for mission-critical needs. The Federal Advisory Board will be vital in supporting Wickr's federal strategy, capitalizing on its recent growth - including a multi-million-dollar contract award with the Air Force special operations community - by providing external guidance, expertise and strategy on how to bring the world's most secure collaboration tool to federal departments.

Michael Breslin, Strategic Client Relations director for Federal Law Enforcement at LexisNexis Risk Solutions, has been selected by the U.S. Secret Service from a small group of private sector executives, government officials and academic experts to advise the agency's investigations team on how it can better use technology to get ahead of criminals. The newly formed 16-member Cyber Investigations Advisory Board will provide the Secret Service's Office of Investigations with outside strategic input for the agency's investigative mission, including insights on the latest trends in cybercrime, financial crime, technology, and investigative techniques.

Bugcrowd announced the addition of two board advisory members, Norma Lane, chief human resources officer and executive vice president of people and places at Infoblox, and Dave Gerry, chief revenue officer and head of global operations at WhiteHat Security, a wholly-owned, independent subsidiary of NTT. Both advisors bring a broad set of operational, technical and business management expertise, providing an immediate impact to Bugcrowd as it expands its global workforce and continues to evolve its cybersecurity platform. Lane and Gerry join an advisory board composed of a deep bench of technology and cybersecurity executives.

PCI Pal has announced the formation of the company's first Advisory Committee. Neira Jones is confirmed as the inaugural Advisory Committee member.

Rew Yang has been named as chair of the advisory board for Californians for Consumer Privacy, the organization which created and championed the passage of the CCPA and is now advocating for the passage of Proposition 24, the California Privacy Rights Act, which will make California's data privacy rights laws the strongest in the United States and set a precedent for other states to follow. While CCPA was a landmark victory for privacy and data property rights, Proposition 24 will extend beyond the existing law and provide consumers the right to correct their data, restrict use of sensitive personal information, including race and sexual orientation, extend to consumers the right to prevent companies from storing their information longer than necessary, and more.

The NSA and FBI are sounding the alarm over a dangerous new strain of Linux malware being employed by Russian government hackers often dubbed the Fancy Bear crew. Uncle Sam explicitly said on Thursday the miscreants - formally known as the 85th Main Special Service Center - operate within the Russian intelligence directorate, aka the GRU. The software nasty in question is Drovorub, a rootkit designed to infect Linux systems, take control of them, and siphon off files.

Awake Security announced a cohort of enterprise and public sector leaders that have joined its advisory board. The multidisciplinary team comprises experts from across the security industry, including Richard Clarke, a leading global expert on national and cyber security; Malcolm Harkins, former chief security and privacy officer at Intel; Elena Kvochko, former security leader at Bank of America and Barclays; and DJ Patil, former United States chief data scientist.

MITRE's Center for Technology & National Security, created to enhance MITRE's engagement with senior government leadership, named five highly esteemed national security officials to its newly established advisory board. "CTNS builds on the experience and expertise of thousands of our nation's most respected scientific and engineering minds," said Bill LaPlante, senior vice president for the MITRE National Security Sector.