Cyber Essentials is a UK government scheme that outlines the basic steps that organisations can take to secure their systems. Implementing its five controls effectively will help you prevent about 80% of cyber attacks. In…
More Biden Cybersecurity Nominations
News: President Biden announced key cybersecurity leadership nominations Monday, proposing Jen Easterly as the next head of the Cybersecurity and Infrastructure Security Agency and John “Chris” Inglis as the first ever national cyber director (NCD).…
Chinese Hackers Stole an NSA Windows Exploit in…
Check Point has evidence that (probably government affiliated) Chinese hackers stole and cloned an NSA Windows hacking tool years before (probably government affiliated) Russian hackers stole and then published the same tool. Here’s the timeline:…
Military Cryptanalytics, Part III
The NSA has just declassified and released a redacted version of Military Cryptanalytics, Part III, by Lambros D. Callimahos, October 1977. Parts I and II, by Lambros D. Callimahos and William F. Friedman, were released…
NSA on Authentication Hacks (Related to SolarWinds Breach)
The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected data in the cloud.” This is related to the SolarWinds hack I have…
Google Responds to Warrants for “About” Searches
One of the things we learned from the Snowden documents is that the NSA conducts “about” searches. That is, searches based on activities and not identifiers. A normal search would be on a name, or…
The NSA is Refusing to Disclose its Policy…
Senator Ron Wyden asked, and the NSA didn’t answer: The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures…
NSA Advisory on Chinese Government Hacking
The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese…
Former NSA Director Keith Alexander Joins Amazon’s Board…
This sounds like a bad idea.Read more: schneier.com