Security News

Cyber Privacy: Who Has Your Data and Why You Should Care is the title of a new book from April Falcon Doss, a former associate general counsel for intelligence law at America's NSA. Doss spoke to The Register about her concerns with pervasive data collection and its potential for harm. Explaining why she wrote the newly published book, Doss said: "I spent years immersed in and I was constantly discovering new areas of data collection, new ways in which data is being used, new concerns for individuals, and I thought, you shouldn't have to be a data expert to understand these things."

It's said the NSA drew up a report on what it learned after a foreign government exploited a weak encryption scheme, championed by the US spying agency, in Juniper firewall software. On Wednesday, Reuters reporter Joseph Menn published an account of US Senator Ron Wyden's efforts to determine whether the NSA is still in the business of placing backdoors in US technology products.

The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others. These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant.

The bug exists in the Citrix Application Delivery Controller and Gateway, a purpose-built networking appliance meant to improve the performance and security of applications delivered over the web. Microsoft bugs are well-represented, including the BlueKeep RCE bug in Remote Desktop Services, which is still under active attack a year after disclosure.

The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides Common Vulnerabilities and Exposures known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.

The U.S. National Security Agency this week released an advisory containing information on 25 vulnerabilities that are being actively exploited or targeted by Chinese state-sponsored threat actors. The NSA notes that it has observed Chinese threat actors scanning for or attempting to exploit these vulnerabilities against multiple victims.

The NSA has blown the lid off 25 computer security vulnerabilities Chinese government hackers are using to break into networks, steal data, and so on. CVE-2019-0708: A remote code execution vulnerability exists within Microsoft Windows' Remote Desktop Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.

The U.S. National Security Agency warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests. As part of these attacks, the NSA has seen twenty-five publicly disclosed vulnerabilities exploited to gain access to networks, deploy malicious mobile apps, and spread laterally through a system while attackers steal sensitive data.

AEM introduced the Network Service Assistant with Certi-Lite, a new category of hybrid tester that bridges the gap in existing test equipment between network connectivity and standards-based cable testing. With NSA Certi-Lite, network owners no longer have to choose between wire testers for basic cable continuity, a network tester to qualify real-world multi-gig and network connectivity testing, or a cable certifier for those times when a deeper-dive test on cabling is required.

The National Security Agency has published two cybersecurity information sheets with recommendations for National Security System and Department of Defense workers and system administrators on securing networks and responding to incidents during the work-from-home period. Recommended steps to mitigate the compromise, the NSA says, include rebooting and resetting routers, disabling their remote administration functionality and updating the firmware; disconnecting infected machines from the network, resetting passwords on a different device and running anti-malware software; and removing ransomware infections and restoring a previously backed-up good state.