Security News

US Bans Trade With Pegasus Spyware Maker
2021-11-04 18:03

NSO Group - the Israeli-based maker of the notorious, military-grade Pegasus spyware that's been linked to cyberattacks against dissidents, activists and NGOs at the hands of repressive regimes - has been blacklisted by the United States. NSO Group is one of four spyware developers or traffickers that the U.S. Commerce Department added to its "Entity List" on Wednesday, effectively banning trade with the company.

US government orders federal agencies to patch 100s of vulnerabilities
2021-11-04 16:56

In the latest effort to combat cybercrime and ransomware, federal agencies have been told to patch hundreds of known security vulnerabilities with due dates ranging from November 2021 to May 2022. In a directive issued on Wednesday, the Cybersecurity and Infrastructure Security Agency ordered all federal and executive branch departments and agencies to patch a series of known exploited vulnerabilities as cataloged in a public website managed by CISA. SEE: Patch management policy.

US Blacklists NSO Group
2021-11-04 11:52

The Israeli cyberweapons arms manufacturer - and human rights violator, and probably war criminal - NSO Group has been added to the US Department of Commerce's trade blacklist. Aside from the obvious difficulties this causes, it'll make it harder for them to buy zero-day vulnerabilities on the open market.

US Sanctions Pegasus-maker NSO Group and 3 Others For Selling Spyware
2021-11-04 00:27

The U.S. Commerce Department on Wednesday added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in "Malicious cyber activities." The agency said the two companies were added to the list based on evidence that "These entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."

US Sanctions Pegasus-maker NSO Group and 3 Others For Selling Spyware
2021-11-04 00:27

The U.S. Commerce Department on Wednesday added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in "Malicious cyber activities." The agency said the two companies were added to the list based on evidence that "These entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."

US Dept of Commerce sanctions NSO Group, Positive Technologies, other makers of snoopware
2021-11-03 20:50

The US government's Dept of Commerce on Wednesday sanctioned four companies in Israel, Russia, and Singapore for selling software used to break into computer systems and by foreign governments to suppress dissent. "The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad," said US Secretary of Commerce Gina Raimondo in a statement.

US sanctions NSO Group and three others for spyware and exploit sales
2021-11-03 15:19

The U.S. has sanctioned four companies located in Israel, Russia, and Singapore for the development of spyware or the sale of hacking tools used by state-sponsored hacking groups. Israeli companies NSO Group and Candiru are being sanctioned for creating and selling spyware used to target journalists and activists.

Yahoo becomes the next US firm to pull services out of China
2021-11-03 13:42

Yahoo is pulling its services out of China, citing an 'increasingly challenging operating environment. As Yahoo has already been undergoing a dramatic down-scale in China, announcing a total withdrawal is more of a symbolic move, signifying that the decision is final.

Data transfers between the EU and the US: Still unclear on what you're supposed to do? Here's an explainer
2021-11-01 11:30

Having struck down Safe Harbor - the agreement governing EU-US data transfers - in 2015, the Court of Justice of the European Union went on to condemn its replacement, the beleaguered EU-US Privacy Shield, to a similar fate just over a year ago. Now, it would be wrong to say that lightning struck a third time - the CJEU did not invalidate SCCs - but the Court did rule, in the same judgment that put an end to the Privacy Shield, that businesses must assess the underlying transfer of data to which the contracts apply.

US bans China Telecom Americas over national security risks
2021-10-27 15:15

China Telecom Americas is the largest foreign subsidiary of China Telecom Corporation, China's state-owned telecom company. "Indeed, the FCC's own review found that China Telecom Americas poses significant national security concerns due to its control and ownership by the Chinese government, including its susceptibility to complying with communist China's intelligence and cybersecurity laws that are contrary to the interests of the United States."