Security News

US cybersecurity agency issues super-rare emergency directive to patch Windows Server flaw ASAP
2020-09-21 05:56

Uncle Sam's Cybersecurity and Infrastructure Security Agency has taken the unusual step of issuing an emergency directive that gives US government agencies a four-day deadline to roll out a Windows Server patch. The directive, issued on September 18, demanded that executive agencies to take "Immediate and emergency action" to patch CVE-2020-1472, the CVSS-perfect-ten-rated flaw that Dutch security outfit Secura BV said allows attackers to instantly become domain admin by subverting Microsoft's Netlogon cryptography.

US Cybersecurity agency issues super-rare Emergency Directive to patch Windows Server flaw ASAP
2020-09-21 05:56

Uncle Sam's Cybersecurity and Infrastructure Security Agency has taken the unusual step of issuing an emergency directive that gives US government agencies a four-day deadline to roll out a Windows Server patch. The directive, issued on September 18, demanded that executive agencies to take "Immediate and emergency action" to patch CVE-2020-1472, the CVSS-perfect-ten-rated flaw that Dutch security outfit Secura BV said allows attackers to instantly become domain admin by subverting Microsoft's Netlogon cryptography.

Trump Backs Proposed Deal to Keep TikTok Operating in US
2020-09-21 01:53

President Donald Trump said Saturday he's given his "Blessing" to a proposed deal that would see the popular video-sharing app TikTok partner with Oracle and Walmart and form a U.S. company. "We are pleased that the proposal by TikTok, Oracle, and Walmart will resolve the security concerns of the U.S. administration and settle questions around TikTok's future in the U.S.," TikTok said in a statement.

TikTok and WeChat to be banned from US app stores starting Sunday
2020-09-18 16:25

Users in the US would be unable to download the two Chinese-owned apps from local app stores, according to the Department of Commerce. On Friday, the Department of Commerce announced that both apps will be blocked as downloads across US app stores.

Bad news for 'cool dads' trying to bond with their teens: China-owned TikTok and WeChat face US download ban by Sunday
2020-09-18 15:20

The US Department of Commerce has threatened to ban new downloads of Chinese-owned social media platforms Tiktok and Wechat from app stores this weekend. Starting from Sunday 20 September, the two Chinese-owned apps will be banned from being hosted on US app stores.

US Bans WeChat, TikTok Citing Privacy, National Security
2020-09-18 13:01

The U.S. will ban the downloads of the Chinese apps TikTok and WeChat on Sunday, with a total ban on the use of the latter, citing national security and data privacy concerns. Some security experts have raised concerns that ByteDance Ltd., the Chinese company that owns TikTok, would maintain access to information on the 100 million TikTok users in the United States, creating a security risk.

Feeling bad about your last security audit? Check out what just happened to the US Department of Interior
2020-09-17 23:47

The US Department of the Interior spectacularly failed its latest computer security assessment, mostly for a lack of Wi-Fi defenses. The infosec experts also noted other security shortfalls, such as a lack of network segmentation that would allow intruders to casually move between systems, incomplete inventory records of wireless networks, and a reliance on pre-shared keys that could be exploited by miscreants to eavesdrop on network traffic.

Good: US boasts it collared two in Chinese hacking bust. Bad: They aren't the actual hackers, rest are safe in China
2020-09-16 19:41

Two people have been arrested in Malaysia as part of America's crackdown on the Chinese government's hackers. The two men, both Malaysian nationals, are not accused of breaking into computer networks.

Where China leads, Iran follows: US warns of 'contract' hackers exploiting Citrix, Pulse Secure and F5 VPNs
2020-09-16 18:40

Where Chinese hackers exploit, Iranians aren't far behind. So says the US Cybersecurity and Infrastructure Security Agency, which is warning that malicious persons from Iran are exploiting a slew of vulns in VPN products from Citrix, F5 Networks and Pulse Secure.

Infosec big names rally against US voting app maker's bid to outlaw unsanctioned bug hunting via T&Cs
2020-09-15 01:08

About 70 members of the computer security community on Monday challenged US voting app maker Voatz's effort to dictate the terms under which bug hunters can look for code flaws. Earlier this month, Massachusetts-based Voatz filed an amicus brief in Van Buren v. United States, a case being heard by the US Supreme Court that will determine the scope of the US Computer Fraud and Abuse Act, a cybersecurity law long criticized for its ambiguity.