Security News

April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency. "This month's release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers," Microsoft said in its blog post.

Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. The flaws affect on-premise Exchange Server versions 2013 through 2019 and while there is no evidence of being exploited in the wild, Microsoft assesses that threat actors are likely to leverage them as soon as they create an exploit.

Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new critical security flaws that expose businesses to remote code execution attacks. The four new Exchange Server vulnerabilities were fixed as part of this month's Patch Tuesday bundle and because of the severity of these issues, Microsoft has joined with the U.S. National Security Agency to urge the immediate deployment of the new fixes.

President Joe Biden has selected two former senior National Security Agency officials for key cyber jobs in his administration, the White House said Monday in moving to fill out a team whose role has grown more urgent after two major hacks that have consumed the government's attention. Chris Inglis, a former NSA deputy director, is being nominated as the government's first national cyber director.

SonicWall announced the expansion of its threat protection offerings with the NSa 3700, a multi-gigabit security appliance designed to thwart attacks targeting government agencies, retail, K-12, higher education and enterprises. Powered by SonicOS 7.0, the new SonicWall NSa 3700 firewall delivers a modern UX/UI, advanced security controls, plus critical networking and management capabilities to increase visibility and help defend against today's increasingly targeted attacks.

The U.S. National Security Agency and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency this week published joint guidance on Protective DNS. Designed to translate domain names into IP addresses, the Domain Name System is a key component of Internet and network communications. Protective DNS was designed as a security service that leverages the DNS protocol and infrastructure for the analysis of DNS queries and mitigation of possible threats.

Check Point has evidence that Chinese hackers stole and cloned an NSA Windows hacking tool years before Russian hackers stole and then published the same tool. 2013: NSA's Equation Group developed a set of exploits including one called EpMe that elevates one's privileges on a vulnerable Windows system to system-administrator level, granting full control.

The U.S. National Security Agency has published guidance on how security professionals can secure enterprise networks and sensitive data by adopting a Zero Trust security model. Titled "Embracing a Zero Trust Security Model," the document details the benefits and challenges of the security model, and also provides a series of recommendations on the implementation of Zero Trust within existing networks.

The National Security Agency and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today's increasingly sophisticated threats. Google implemented zero-trust security concepts following Operation Aurora in 2009 for an internal project that became BeyondCorp. Zero Trust defense for critical networks.

A zero-day exploit said to have been developed by the NSA was cloned and used by Chinese government hackers on Windows systems years before the cyber-weapon was leaked online, it is claimed. Check Point put out a report on Monday digging into Chinese malware it calls Jian, and argues persuasively this particular software nasty was spawned sometime around 2014 from NSA exploit code that eventually leaked online in 2017.