NSA, CISA, and FBI detail Chinese State-Sponsored Actions, Mitigations

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory, Chinese State-Sponsored Cyber Operations: Observed TTPs. This advisory describes over, The NSA/CSS Public and Media Affairs Office fosters relationships with media outlets throughout the world, responding to requests for information about NSA/CSS and its missions, interviews with leadership or experts, and filming opportunities.

National Security Agency Central Security Service

Cryptographers unearth vulnerabilities in Telegram's encryption protocol - CyberScoop

An international team of computer scientists reported on Friday that they found four cryptographic vulnerabilities in the popular encrypted message app Telegram. The weaknesses range "from technically trivial and easy to exploit to more advanced and of theoretical interest," according to the security analysis.


Stop Ransomware | CISA

TIPS & GUIDANCE Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small.


Lindy Cameron outlines importance of global allies to beat online threats at international conference

The head of the UK's National Cyber Security Centre (NCSC) today used her first international speech to emphasise the importance of global partnerships to counter shared cyber threats.


US indicts four members of Chinese hacking group APT40 - The Record by Recorded Future

The US Department of Justice has unsealed charges today against four Chinese nationals for hacking companies, government agencies, and universities across the world on behalf of the Chinese government. The US said the four suspects, believed to be part of a much larger group, set up a company named Hainan Xiandun Technology Development Co., Ltd.

The Record by Recorded Future

U.S., allies accuse China of hacking Microsoft and condoning other cyberattacks

The United States, European Union, NATO and other world powers on Monday accused the Chinese government of a broad array of malicious cyber activities, blaming its Ministry of State Security and affiliated criminals for a sophisticated attack on Microsoft's widely usedemail server software earlier this year.

Washington Post

You'll want to shut down the Windows Print Spooler service (yes, again): Another privilege escalation bug found

Microsoft has shared guidance revealing yet another vulnerability connected to its Windows Print Spooler service, saying it is "developing a security update." The latest Print Spooler service vuln has been assigned CVE-2021-34481, and can be exploited to elevate privilege to SYSTEM level via file operations.


Faster and more efficient phishing detection in M92

Keeping Chrome users safe as they browse the web is crucially important to Chrome; in fact, security has always been one of our four core principles. In some cases, security can come at the expense of performance.

Chromium Blog

How the Kaseya VSA Zero Day Exploit Worked - TRUESEC Blog

This article explains the pre-auth remote code execution exploit against Kaseya VSA Server that was used in the mass Revil ransomware attack on July 2nd, 2021. On July 5th, after an initial investigation of affected organizations, Truesec contacted Kaseya and provided a detailed technical write-up of these vulnerabilities along with forensic evidence of exploitation.


TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware - CyberScoop

The Transportation Security Administration on Tuesday handed down additional cybersecurity requirements for owners of major pipelines, this time focused on ransomware. It's the second time the Department of Homeland Security's TSA has issued a security directive to critical pipeline owners since ransomware attackers struck Colonial Pipeline in May, an incident that spurred panic-buying amid fears of a gas shortage.