Security News

A privacy panel within the US government today narrowly recommended that Congress reauthorize the Feds' Section 702 spying powers - but with some stronger protections for US citizens only. The Privacy and Civil Liberties Oversight Board voted 3-2 on party lines to support all 19 recommendations in the Section 702 report, including one that would tighten rules on FBI agents to get approval from the secretive Foreign Intelligence Surveillance Court to review Americans' electronic communications.

Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. During a recent Senate staff briefing, U.S. State Department officials disclosed that the attackers stole at least 60,000 emails from Outlook accounts belonging to State Department officials stationed in East Asia, the Pacific, and Europe, as Reuters first reported. Microsoft did not disclose specific details regarding the affected organizations, government agencies, or countries impacted by this email breach.

DARPA's extended-duration unmanned undersea vehicle is having its first aquatic excursion to test if this naval drone has wings, er, fins. The splash test was part of DARPA's Manta Ray program for America's next-generation of undersea power projection, with PacMar Technologies and Northrop Grumman each building their own prototype UUVs.

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware. In March, Microsoft began injecting ads into Bing Chat conversations to generate revenue from this new platform.

The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. Variants used in these dual ransomware attacks include AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal.

A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The...

Implement a Zero Trust security model with confidence with these best practices and tool suggestions to secure your organization. The core components of zero trust include least privileged access policies, network segmentation and access management.

Is NordVPN worth it? How much does it cost and is it safe to use? Read our NordVPN review to learn about pricing, features, security, and more. Visit NordVPN. NordVPN is one of the most popular VPNs out today - and for good reason.

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild."An attacker could exploit this vulnerability by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker," Cisco explained in a security advisory published on Wednesday.

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. Cisco Catalyst SD-WAN Manager for WAN is network management software allowing admins to visualize, deploy, and manage devices on wide area networks.