News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: NSA

Microsoft patches gaps according to NSA information
16 January 2023
| No comments
| Short news
Tenable news

Microsoft's Patchday release this month includes fixes for 98 CVEs, 11 of which are rated Critical and 87 are Major. In addition, Microsoft closes two zero-day vulnerabilities. A lot of information came from the American National Security Agency - NSA. Microsoft says this bug has already been exploited in practice as a zero day: CVE-2023-21674 is an elevation-of-privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) that simplifies interprocess communication for Windows operating system components. Serious zero-day vulnerability Although no details about the flaw were available at the time Microsoft published the advisory on Patch Tuesday, it seems…

Read more

These vulnerabilities are what Chinese hackers target the most 
16 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The US Cybersecurity and Infrastructure Security Agency - CISA for short - has created the top list of vulnerabilities that are actively used by state-sponsored cyber actors in the People's Republic of China. All companies and operators of critical infrastructure (KRITIS) should pay attention to the list. This joint Cybersecurity Advisory (CSA) contains the key common vulnerabilities and exposures (CVEs) exploited by state-sponsored cyber actors of the People's Republic of China (PRC) since 2020. The assessment was jointly prepared by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation...

Read more

FBI, CISA and NSA warn of hacker attacks on MSPs
16 May 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Members of the Five Eyes (FVEY) intelligence alliance have warned managed service providers (MSPs) and their customers that they are increasingly vulnerable to supply chain attacks. They also provide advice on how MSPs can better protect themselves with tactical measures. Several cybersecurity and law enforcement agencies from FVEY countries ( NCSC-UK , ACSC , CCCS , NCSC-NZ , CISA , NSA , and the FBI ) have collectively provided guidance for MSPs to protect networks and sensitive data against these escalating cyber threats. Warning to MSPs and their customers Today's advice includes specific measures to secure…

Read more

NSA warns of VMware vulnerability
9 January 2021
| No comments
| Short news
Tenable news

The NSA warns that Russian government-sponsored attackers are exploiting a serious VMware vulnerability. This is the second NSA warning related to government-sponsored Russian activities in 2020. An analysis by Satnam Narang, the Staff Research Engineer, Security Response at Tenable. The vulnerability was reported to VMware by the NSA, which published details in a security advisory, VMSA-23-2020, on November 0027.2rd. At this point, no patches were available, although VMware provided a number of fixes. The analysis CVE-2020-4006 is a security vulnerability caused by command injection in the administrative configurator component in ...

Read more

Comment on NSA warnings of recent OT attacks
July 27, 2020
| No comments
| Short news
Tenable news

Tenable Commentary on NSA warnings of recent attacks on Operational Technology (OT) by Marty Edwards, former Director of ICS-CERT and now Tenable's Vice President of OT Security. The background is the article published on the official website of the Department of Homeland Security: “NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems” “NSA and CISA (Certified Information Systems Auditor) are currently warning of serious attacks against Operational Technology (OT, i.e. operational technology for monitoring and/or controlling industrial plants, processes and events) and critical infrastructure….

Read more

© 2024 MedPressIT GbR
Cookie Settings