NSA
NSA IT staffer lands 21 years for "Russian" document sale
One month on the job; 21 years in prison.
NSA
“Bring memes”: Dave Luber takes over as NSA Director of Cybersecurity from Rob Joyce
As well as coming under immediate pressure on social media chatterati to be immediately amusing and bring his meme A-game, Luber faces other challenges too...
Kaspersky
Kaspersky burns 11,000-line “NSA” exploit: Calls 14-step iPhone attack “definitely the most sophisticated attack chain we have ever seen”
Apex Predators aside and in other news, a major telco just got hacked because it didn't have MFA set up on a critical account...
News
NSA updates software guidelines
The NSA has posted a new set of cybersecurity guidelines for government agencies
NSA
Top 10 misconfigurations: NSA checklist for CISOs flags Active Directory Certificate Services
"In some cases, the actor may be restricted or detected by advanced defense-in-depth and zero trust implementations as well, but this has been a rare finding in assessments thus far"
Cybersecurity
NSA to sysadmins: IAM keen to see hygiene improvements
Have a handy checklist...
Featured
Wanted: Chief Data Officer for the US intelligence community
Enjoy dealing with projects with “ill-defined requirements, ambiguity and high risks."
Cybersecurity
China details custom offensive tools, says NSA hacked “tens of thousands of devices”
Multiple versions of "Stoic surgeon" backdoor used in attack says CVERC
Cybersecurity
This is how Chinese hackers are breaching telcos worldwide, say US authorities
SOHO devices and unpatched enterprise switches are the way in.
Cybersecurity
BPFDoor: Chinese tool almost undetected for FIVE years is second BPF-based attack this year
Researchers warn of risks from extending BPF beyond Linux.
Cybersecurity
NSA Cybersecurity boss: Attackers put in time to know network, devices better than defenders
Here with a handy 'top 5' list of security practices...
Cybersecurity
Russia is exploiting these five publicly known vulnerabilities to target the US and Allies
Check your networks for indicators of compromise related to all five vulnerabilities