Security News

The US National Security Agency today published guidance on how to properly secure wireless devices against potential attacks targeting them when traveling or working remotely. The info sheet published today by the NSA can help identify potential threats and vulnerable public connections, as well to minimize risks and better secure wireless devices and data.

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency, Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and the U.K.'s National Cyber Security Centre formally attributed the incursions to the Russian General Staff Main Intelligence Directorate 85th Main Special Service Center. "The campaign uses a Kubernetes cluster in brute force access attempts against the enterprise and cloud environments of government and private sector targets worldwide," CISA said.

Rob Joyce, the director of cybersecurity at the National Security Agency, on Thursday announced that his role now has an official Twitter account. Joyce has promised to share "Insights and information about what we are up to." His first tweet after announcing the creation of the account informed followers about the cybersecurity advisory released by the NSA in collaboration with other security agencies to describe a global brute force attack campaign attributed to Russia.

The National Security Agency warns that Russian nation-state hackers are conducting brute force attacks to access US networks and steal email and files. In a new advisory released today, the NSA states that the Russian GRU's 85th Main Special Service Center, military unit 26165, has been using a Kubernetes cluster since 2019 to perform password spray attacks on US and foreign organizations, including the US government and Department of Defense agencies.

SonicWall announced three new high-performance firewall models for enterprises and large organizations - NSa 4700, NSa 6700 and NSsp 13700 - designed to accelerate network throughput, stop advanced cyberattacks like ransomware, and securely connect millions of users. The new SonicWall NSa 4700 and NSa 6700 next-generation firewalls deliver 18 and 36 Gbps of firewall throughput - three times the previous comparable SonicWall appliances.

Chris Inglis was last week appointed America's national cyber director, responsible for coordinating the government's computer security strategy and defending its networks. The United States has been lacking a government computer security chief since President Trump eliminated the position of cybersecurity advisor to the National Security Council in 2018, then held by ex-NSA exploit extraordinaire and Christmas lights enthusiast Rob Joyce.

The NSA on Thursday released guidance to help organizations secure their communication systems, specifically Unified Communications and Voice and Video over IP. UC and VVoIP are call-processing systems that are used for communications and collaboration by many enterprises, including government agencies and their contractors. The NSA has warned that if these systems are not properly secured, they are exposed to the same risks as IP systems, including software vulnerabilities and various types of malware.

The National Security Agency has shared mitigations and best practices that systems administrators should follow when securing Unified Communications and Voice and Video over IP call-processing systems. Since these communication systems are tightly integrated with other IT equipment within enterprise networks, they also inadvertently increase the attack surface by introducing new vulnerabilities and the potential for covert access to an organization's communications.

A former government contractor who was given the longest federal prison sentence imposed for leaks to the news media has been released from prison to home confinement, a person familiar with the matter told The Associated Press on Monday. Reality Winner, 29, has been moved to home confinement and remains in the custody of the federal Bureau of Prisons, the person said.

Reality Winner, the former NSA intelligence contractor who leaked evidence of Russian interference in a US Presidential election to the press, has been released from prison. Her attorney Alison Allen announced Winner, 29, had been let out on Monday early due to "Exemplary" behavior while inside.