National Security Agency – PossibleThreat Articles

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

August 27, 2024 0 Comments A Little Sunshine, black lotus labs, bronze silhouette, christopher wray, cve-2024-39717, cybersecurity & infrastructure security agency, federal bureau of investigation, insidious taurus, internet of things (iot), kv-botnet, Latest Warnings, lumen technologies, michael horka, National Security Agency, ryan english, The Coming Storm, u.s. department of justice, versa director 22.1.4, volt typhoon

Credit to Author: BrianKrebs| Date: Tue, 27 Aug 2024 14:26:41 +0000

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States and Asia during any future armed conflict with China.

Independent Krebs Security

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

February 2, 2022 0 Comments cve-2021-22947, cve-2021-36976, cve-2022-21846, cve-2022-21907, dustin childs, exchange server, http protocol stack, Latest Warnings, microsoft patch tuesday january 2022, National Security Agency, rapid7, satnam narang, tenable, The Coming Storm, Time to Patch, trend micro, zero day initiative

Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.

Independent Krebs Security

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

January 13, 2020 0 Comments anne neuberger, cert coordination center, cert/cc, crypt32.dll, Microsoft, microsoft cryptoapi, National Security Agency, NSA, patch tuesday january 2020, Time to Patch, will dormann, Windows

Credit to Author: BrianKrebs| Date: Mon, 13 Jan 2020 22:17:47 +0000

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020.

MalwareBytes Security

Backdoors are a security vulnerability

August 9, 2019 0 Comments Apple, Attorney General, backdoor, Clipper Chip, Department of Justice, encryption, FBI, golden key, Google, imessage, iOS 8, iPhone, lawful intercept, luggage, National Security Agency, NSA, Privacy, signal, Transportation Security Administration, TSA, whatsapp, William Barr

Credit to Author: David Ruiz| Date: Fri, 09 Aug 2019 16:10:27 +0000

Upset by their inability to access potentially vital evidence for criminal investigations, the federal government has, for years, pushed to convince tech companies to build backdoors that will, allegedly, only be used by law enforcement agencies. The problem, cybersecurity researchers say, is that those backdoors can easily be exploited by criminals.

Categories:

Privacy

Tags: Apple Attorney General backdoor Clipper Chip Department of Justice encryption fbi golden key Google iMessage iOS 8 iPhone lawful intercept luggage National Security Agency NSA signal Transportation Security Administration TSA whatsapp William Barr

(Read more…)

The post Backdoors are a security vulnerability appeared first on Malwarebytes Labs.