NSA: cybercriminals actively exploit Citrix ADC and Gateway
US security and intelligence agency NSA warns that hackers are exploiting zero days in Citrix networking devices. The exploits abuse vulnerabilities in Citrix application delivery controller (ADC) and Citrix Gateway.
According to the NSA, cybercrime group APT5 is actively exploiting a vulnerabil... Read more
NSA warns for programming languages without integrated memory security
The US National Security Agency (NSA) urged developers to avoid programming languages that lack integrated memory security features.
According to the security agency, the memory management of applications is increasingly targeted by cybercriminals. Attackers can exploit application memory manag... Read more
Biden’s executive order allows US to review EU surveillance laws
The order establishing a new transatlantic privacy framework will allow the US to review how the EU handles surveillance.
An American executive order designed to assuage the EU’s privacy concerns will also allow the US government to review and approve European surveillance programs, according ... Read more
Biden signs executive order on US-EU privacy scheme
The new framework is designed to help US companies comply with Europe's GDPR regime.
US President Joe Biden signed an executive order on Friday that would limit the ability of American national security agencies to access people’s personal information, POLITICO reported. The order will form t... Read more
Microsoft protests awarding $10B NSA cloud contract to AWS
After going back and forth for years over the $10 billion decade-long JEDI cloud contract, Microsoft and Amazon Web Services eventually hit a wall when the former lost the deal it had initially won. There is another $10-billion cloud contract in the crosshairs.
This time, Microsoft is protesting... Read more
Four new critical vulnerabilities in Exchange
Once again, several critical Microsoft Exchange Server vulnerabilities have been found. Two of them give attackers access to a server without having to log in. Patches for the vulnerabilities are available.
Microsoft has been notified of the new Exchange vulnerabilities by the National Security ... Read more
NSA and FBI: Russia was behind SolarWinds hack
Several American security instances agree that Russia was behind the hack on SolarWinds' software. In doing so, they counter President Trump's claims that China is behind the hack.
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Office of the D... Read more
SolarWinds hack infected hundreds of US government networks
As more research is conducted into the hack on SolarWinds' Orion software, the attack's apparent scale appears to be increasing. Hundreds of networks within the US government were affected.
According to The New York Times, the hack hit up to 250 networks within the US government. Initially, this... Read more
Danish intelligence agency helped NSA spy on Europe
The National Security Agency, an American intelligence agency, has had access to Danish intelligence networks to spy on several countries in northern Europe for years.
This is reported by the Danish website DR. According to a whistleblower within the Danish intelligence service FE, the FE had an... Read more
Microsoft patches large vulnerability in Windows 10
Microsoft has fixed a large vulnerability in Windows. The vulnerability was discovered by the American National Security Agency (NSA). The problem was officially called CVE-2020-0601. It affected Windows 10, Windows Server 2016, 2019 and Server version 1803.
The error was described as a crypto l... Read more