Security News
The National Security Agency and CISA have issued guidance on how to secure operational technology and industrial control systems part of U.S. critical infrastructure.The advisory also "Notes the increasing threats to OT and ICS assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes. OT/ICS designs are publicly available, as are a wealth of tools to exploit IT and OT systems."
China has accused the U.S. National Security Agency of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi'an in June 2022. The National Computer Virus Emergency Response Centre disclosed its findings last week, and accused the Office of Tailored Access Operations at the USA's National Security Agency of orchestrating thousands of attacks against the entities located within the country.
Three former US government cyber-spies who, among other things, illicitly compromised and snooped on Americans' devices for the United Arab Emirates government have been banned from participating in international arms exports under a deal reached with Uncle Sam. Per the terms of the agreements, Ryan Adams [PDF], Marc Baier [PDF] and Daniel Gericke [PDF], all three former NSA operatives, will be "Debarred," meaning they are prohibited from participating in any activities regulated under the International Traffic in Arms Regulations for three years.
The U.S. National Security Agency and the Cybersecurity and Infrastructure Security Agency have released tips today on securing the software supply chain. "Securing the Software Supply Chain for Developers was created to help developers achieve security through industry and government-evaluated recommendations," the Department of Defense's intelligence agency said.
Abstract: In recent decades, the U.S. National Institute of Standards and Technology, which develops cryptographic standards for non-national security agencies of the U.S. government, has emerged as the de facto international source for cryptographic standards. Edward Snowden disclosed that the National Security Agency had subverted the integrity of a NIST cryptographic standardthe Dual EC DRBGenabling easy decryption of supposedly secured communications.
The National Security Agency and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines. "Blocking PowerShell hinders defensive capabilities that current versions of PowerShell can provide, and prevents components of the Windows operating system from running properly. Recent versions of PowerShell with improved capabilities and options can assist defenders in countering abuse of PowerShell".
The NSA already has classified quantum-resistant algorithms of its own that it developed over many years, said Joyce. The agency's mathematicians worked with NIST to support the process, trying to crack the algorithms in order to test their merit.
Multiple cybersecurity and law enforcement agencies from FVEY countries shared guidance for MSPs to secure networks and sensitive data against these rising cyber threats. "The UK, Australian, Canadian, New Zealand, and U.S. cybersecurity authorities expect malicious cyber actors-including state-sponsored advanced persistent threat groups-to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships," the joint advisory reads.
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild and another for which there's already a PoC and a Metasploit module. CVE-2022-24521 is a vulnerability in the Windows Common Log File System Driver that was reported to Microsoft by the National Security Agency and Adam Podlosky and Amir Bazine of Crowdstrike.
China claims it has obtained a sample of malware used by the NSA to steal files, monitor and redirect network traffic, and remotely control computers to spy on foreign targets. The NSA apparently used NOPEN to take over "a large number" of computers around the world, and the theft of data from this equipment has caused "Inestimable losses," the tabloid reported.