Security News

Feds' privacy panel backs renewing Feds' S. 702 spying powers — but with limits
2023-09-28 21:15

A privacy panel within the US government today narrowly recommended that Congress reauthorize the Feds' Section 702 spying powers - but with some stronger protections for US citizens only. The Privacy and Civil Liberties Oversight Board voted 3-2 on party lines to support all 19 recommendations in the Section 702 report, including one that would tighten rules on FBI agents to get approval from the secretive Foreign Intelligence Surveillance Court to review Americans' electronic communications.

Microsoft breach led to theft of 60,000 US State Dept emails
2023-09-28 20:45

Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. During a recent Senate staff briefing, U.S. State Department officials disclosed that the attackers stole at least 60,000 emails from Outlook accounts belonging to State Department officials stationed in East Asia, the Pacific, and Europe, as Reuters first reported. Microsoft did not disclose specific details regarding the affected organizations, government agencies, or countries impacted by this email breach.

DARPA takes its long-duration Manta undersea drone for a test-dip
2023-09-28 18:36

DARPA's extended-duration unmanned undersea vehicle is having its first aquatic excursion to test if this naval drone has wings, er, fins. The splash test was part of DARPA's Manta Ray program for America's next-generation of undersea power projection, with PacMar Technologies and Northrop Grumman each building their own prototype UUVs.

Bing Chat responses infiltrated by ads pushing malware
2023-09-28 18:35

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware. In March, Microsoft began injecting ads into Bing Chat conversations to generate revenue from this new platform.

FBI: Dual ransomware attack victims now get hit within 48 hours
2023-09-28 18:14

The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. Variants used in these dual ransomware attacks include AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal.

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
2023-09-28 17:22

A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The...

How To Implement Zero Trust: Best Practices and Guidelines
2023-09-28 16:23

Implement a Zero Trust security model with confidence with these best practices and tool suggestions to secure your organization. The core components of zero trust include least privileged access policies, network segmentation and access management.

NordVPN Review (2023): Pricing, Security & Performance
2023-09-28 16:17

Is NordVPN worth it? How much does it cost and is it safe to use? Read our NordVPN review to learn about pricing, features, security, and more. Visit NordVPN. NordVPN is one of the most popular VPNs out today - and for good reason.

Cisco urges admins to fix IOS software zero-day exploited in attacks
2023-09-28 15:34

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild."An attacker could exploit this vulnerability by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker," Cisco explained in a security advisory published on Wednesday.

Cisco Catalyst SD-WAN Manager flaw allows remote server access
2023-09-28 15:15

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. Cisco Catalyst SD-WAN Manager for WAN is network management software allowing admins to visualize, deploy, and manage devices on wide area networks.