Security News

US President Joe Biden has asked Congress to approve an extra $103 million in funding for the Cybersecurity and Infrastructure Security Agency, bringing CISA's total budget to $3 billion. "To protect against foreign adversaries and safeguard Federal systems, the Budget bolsters cybersecurity by ensuring every agency is increasing the security of public services," according to the proposal [PDF].

Microsoft has released the KB5035853 cumulative update for Windows 11 23H3 and 22H2, with 21 fixes and changes, including fixing a bug causing 0x800F0922 errors when installing updates. You can install the update now by going to Start > Settings > Windows Update and clicking on 'Check for Updates.

Microsoft has released the KB5035845 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes nine new changes and fixes. Windows 10 users can also manually download and install the KB5035845 update from the Microsoft Update Catalog.

Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws.This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution and denial of service flaws.

The Tor Project officially introduced WebTunnel, a new bridge type specifically designed to help bypass censorship targeting the Tor network by hiding connections in plain sight. Tor bridges are relays not listed in the public Tor directory that keep the users' connections to the network hidden from oppressive regimes.

"We fully support the timely disclosure of vulnerability details when a fix is released," writes Daniel Gallo, TeamCity solutions engineer at JetBrains. Following Rapid7's detailed disclosure, within hours on-premises TeamCity users were reporting being hit by ransomware attacks.

The reassignment of existing equipment takes place when employees leave the organization or receive new computers, mobile devices, printers and other assets. It is essential to follow strict guidelines for equipment reassignment so that company investments, data and privacy are protected.

Any given technological environment is useless if its main purpose for existence - the processing and sharing of information - is threatened or eliminated. With that in mind, a sound policy on how to secure business information is essential for smooth company operations and ensuring a successful future.

The reassignment of existing equipment takes place when employees leave the organization or receive new computers, mobile devices, printers and other assets. It is essential to follow strict guidelines for equipment reassignment so that company investments, data and privacy are protected.

Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in the company's products and services.Though this is lower than the $12 million Google's Vulnerability Reward Program paid to researchers in 2022, the amount is still significant, showcasing a high level of community participation in Google's security efforts.