Security News
The China-linked crime gang APT5 is already attacking a flaw in Citrix's Application Delivery Controller and Gateway products that the vendor patched today. Citrix says the flaw, CVE-2022-27518, "Could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance" if it is configured as a SAML service provider or identity provider.
Here in 2022, we have a newly declassified 2016 Inspector General report-"Misuse of Sigint Systems"-about a 2013 NSA program that resulted in the unauthorized targeting of Americans. Given all we learned from Edward Snowden, this feels like a minor coda.
The US National Security Agency has released guidance encouraging organizations to shift programming languages from the likes of C and C++ to memory safe alternatives - namely C#, Rust, Go, Java, Ruby or Swift. "NSA recommends that organizations use memory safe languages when possible and bolster protection through code-hardening defenses such as compiler options, tool options, and operating system configurations," advised the agency.
Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. The supplier also holds a critical responsibility in ensuring the security and integrity of our software.
NSA, CISA, and the Office of the Director of National Intelligence have shared a new set of suggested practices that software suppliers can follow to secure the supply chain. "Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the supplier also holds a critical responsibility in ensuring the security and integrity of our software," the NSA said on Monday.
Tensions between the US, China, and Taiwan have far-reaching impacts beyond semiconductor saber-rattling and trade restrictions. NSA Director of Cybersecurity Rob Joyce has some critical lessons on how companies can withstand an escalation in China-Taiwan tensions and what such conflicts matter in the first place.
U.S. cybersecurity and intelligence agencies on Tuesday disclosed that multiple nation-state hacking groups potentially targeted a "Defense Industrial Base Sector organization's enterprise network" as part of a cyber espionage campaign. " actors used an open-source toolkit called Impacket to gain their foothold within the environment and further compromise the network, and also used a custom data exfiltration tool, CovalentStealer, to steal the victim's sensitive data," the authorities said.
An ex-NSA employee has been charged with trying to sell classified data to the Russians. It's a weird story, and the FBI affidavit raises more questions than it answers.
The FBI alleges it then followed the money as it moved from a cryptocurrency exchange to the NSA staffer's personal bank account. Jareh Sebastian Dalke, who was employed at the NSA as an information security systems designer from June 6 to July 1, allegedly began communicating with what he believed to be a foreign agent on July 29, according to a statement from the Department of Justice announcing his arrest in Denver on September 28.
A former U.S. National Security Agency employee has been arrested on charges of attempting to sell classified information to a foreign spy, who was actually an undercover agent working for the Federal Bureau of Investigation. Jareh Sebastian Dalke, 30, was employed at the NSA for less than a month from June 6, 2022, to July 1, 2022, serving as an Information Systems Security Designer as part of a temporary assignment in Washington D.C. According to an affidavit filed by the FBI, Dalke was also a member of the U.S. Army from about 2015 to 2018 and held a Secret security clearance, which he received in 2016.