Security News

Three surveillance powers available to the U.S. government are set to temporarily expire Sunday after a trio of senators opposed a bipartisan House bill that would renew the authorities and impose new restrictions. The three senators, longtime critics of government surveillance, said the House bill would still give the government too much power to surveil Americans.

Despite recent revelations that the process by which the FBI and NSA gain approval for spying on US citizens is open to abuse, the US Congress is again planning to reauthorize the USA Freedom Act that gives those measures their legal foundation. The situation is similar to two years ago, when a group of senators fiercely opposed the reauthorization of another flawed spying program without significant reforms, but were defeated when it was attached to an end-of-year spending bill: something critics characterized as "An end-run around the Constitution."

The US needs a top-level cybersecurity coordinator and a better strategy of "Deterrence" to protect against hackers and other cyber threats, a congressionally mandated commission said Wednesday. The bipartisan panel which included lawmakers and private sector experts made more than 80 recommendations ranging from reforms in the executive and legislative branches to better cooperation with allies to secure cyberspace.

Match Group, the parent company of dating apps such as Tinder, on Tuesday publicly endorsed a US bill others in the tech industry fear will erode online privacy and speech in the name of fighting child abuse. US senators unveiled the bipartisan measure last week, aiming to curb images of child sex abuse by forcing tech platforms to cooperate with law enforcement on encryption or risk losing the legal immunity for what is posted on their websites.

82% of women in cybersecurity jobs agree the industry has a gender bias problem. A significant gender gap exists in cybersecurity, with women occupying less than a quarter of the roles.

The process of constructing a holistic policy-based identity management solution can be difficult and overly complex, especially in the sensitive hospital environment with myriad identities. An integrated identity ecosystem provides a unified view across both cyber and physical security system; improving the overall hospital experience.

UNITED NATIONS - The United States, United Kingdom and Estonia accused Russia's military intelligence Thursday of conducting cyber attacks against the Georgian government and media websites in an attempt "To sow discord and disrupt the lives of ordinary Georgians." Estonian Ambassador Sven Jurgenson read a statement afterward, flanked by UK Ambassador Karen Pierce and acting U.S. deputy ambassador Cherith Norman Chalet, saying the cyber attacks "Are part of Russia's long-running campaign of hostile and destabilizing activity against Georgia and are part of a wider pattern of malign activity."

The updates were pulled, and we are waiting to see if Microsoft re-releases a more comprehensive fix this patch Tuesday. The advisory specifically stated, "The March 10, 2020 and updates in the foreseeable future will not make changes to LDAP signing or LDAP channel binding policies or their registry equivalent on new or existing domain controllers." These features will be included in the March Patch Tuesday updates, so take advantage and enable them.

US lawmakers proposed legislation Thursday that could see internet companies held legally responsible for content on their platforms if they don't do enough to police child pornography. Senators from both parties, backed by the Department of Justice, said that existing laws immunizing internet hosts like social media companies from liability for user-posted content have allowed child pornography to proliferate.

T-Mobile US was hacked by miscreants who may have stolen some customer information. The hackers gained access to employee email accounts, which contained customer account information.