Government - Page 1Government - Page 1.3 - Results from #6

Discover Government News

CISA Orders Federal Agencies to Patch Looney Tunables Linux Bug

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

On May 10th, 2019, the US Congress passed an order requiring federal agencies to patch a Linux bug that can be used to gain root access. The bug, known as "Looney Tunables," was discovered by security researchers in January and allows attackers to change the value of any kernel parameter on Linux systems running the 3.10 kernel or earlier.

Brittany Day
Nov 25, 2023

Law Enforcement Agencies Dismantled the Illegal Botnet Proxy Service IPStorm

The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm.

Brittany Day
Nov 17, 2023

Article 45 Will Roll Back Web Security by 12 Years

The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from enforcing modern security requirements on certain CAs without the approval of an EU member government. Which CAs?

Brittany Day
Nov 08, 2023

APT36 Using Customized Malware to Attack Indian Government Linux and Windows Servers

APT36 is a highly sophisticated APT (Advanced Persistent Threat) group known for conducting targeted espionage in South Asia and is strongly linked to Pakistan.

Brittany Day
Sep 16, 2023

SELinux In Linux 6.6 Removes References To Its Origins At The US NSA

Security Enhanced Linux (SELinux) has been part of the mainline kernel for two decades to provide a security module implementing access control security policies and is now widely-used for enhancing the security of production Linux servers and other systems. Those that haven't been involved with Linux for a long time may be unaware that SELinux originates from the US National Security Agency (NSA). But now with Linux 6.6 the NSA references are being removed.

Brittany Day
Sep 03, 2023

Monti Ransomware Deploying New Linux Encryptor

A ransomware campaign by the recently emerged Monti ransomware group is targeting victims with a new Linux variant of its malware. The threat group is the latest in a growing number of ransomware groups finding profit in going after Linux infrastructure.

Brittany Day
Aug 23, 2023

US Government Launches Cyber Contest to Harness AI for National Security

The White House launched a multimillion-dollar cyber contest to use artificial intelligence (AI) to detect and fix security vulnerabilities in the U.S. government's digital infrastructure in response to hackers' growing use of AI.

Brittany Day
Aug 14, 2023

US Government Extends Software Security Deadline Because Vendors Aren't Ready

The Biden Administration has extended the deadline for federal agencies to submit documentation proving that the software they use was developed with appropriate security practices, because the form for reporting on such matters isn't complete.

Brittany Day
Jun 18, 2023

India Bans Open Source Messaging Apps for Security Reasons. FOSS Community Says Good Luck

India's government has reportedly banned 14 messaging apps on national security grounds, including some open source services.

Brittany Day
May 12, 2023

The Cyber Resilience Act Threatens Open Source

Society and governments are struggling to adapt to a world full of cybersecurity threats. Case in point: the EU CRA — Cyber Resilience Act — is a proposal by the European Commission to enact legislation with a noble goal: protect consumers from cybercrime by having security baked in during design.

Brittany Day
Apr 23, 2023

Pakistan-Based Hackers are Trying to Hack the Indian Government

A technical report published by Uptycs security earlier this week revealed that a Pakistan-based advanced persistent threat (APT) actor called Transparent Tube attempted to deliver a Linux backdoor malware dubbed Poseidon on Indian government agency systems using a fake two-factor authentication tool.

Brittany Day
Apr 19, 2023

Linux Foundation Janssen Project Earns Digital Public Good Status

The Linux Foundation Janssen Project, a low-code digital ID software platform developed in partnership with Gluu, has been adjudged as a digital public good (DPG) following a review by the Digital Public Good Alliance (DPGA).

Brittany Day
Apr 07, 2023

OpenSSF Aimed to Stem Open Source Security Problems in 2022

In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch.

Brittany Day
Jan 25, 2023

Exploited Control Web Panel Flaw Added to CISA 'Must-Patch' List

The US government’s cybersecurity agency CISA is giving federal agencies an early February deadline to patch a critical -- and already exploited -- security vulnerability in the widely used CentOS Control Web Panel utility.

Brittany Day
Jan 19, 2023

DISA Issues Security Technical Implementation Guide for TOSS 4 Operating System

The Defense Information Systems Agency has released a security technical implementation guide to ensure the secure installation of the Tri-Lab Operating System Stack 4.

Brittany Day
Jan 15, 2023

Government Issues ‘High’ Severity Security Alert for THESE Google Users

As per the latest CERT-In security alert, multiple vulnerabilities have been reported in the Linux-based operating system designed by Google

Brittany Day
Dec 14, 2022

The US Securing Open Source Software Act of 2022 Is a Step in the Right Direction

Cybersecurity continues to be a hot topic. More and more organizations are getting hit by ransomware attacks, critical open software vulnerabilities are making news, and we’re seeing industries and governments coming together to discuss initiatives to improve software security.

Brittany Day
Dec 14, 2022

NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)

The C and C++ languages are unsafe. Instead, the U.S. National Security Agency would like devs to use memory-safe languages—because most security vulnerabilities are caused by bugs in memory usage.

Brittany Day
Nov 27, 2022

NSA’s and CISA’s Recent Security Guidance: The Good and the Bad

The NSA and CISA released the guide “Securing the Software Supply Chain: Recommended Practices Guide for Developers” last month and while David Wheeler, the director of open-source supply chain security at the Linux Foundation and OpenSS, welcomes it, he said there are some questionable requirements.

Brittany Day
Oct 22, 2022

New Cyber Bill Aims To Fix Open-Source Security in Government

Federal legislators have begun the process of better securing the open-source software used by government agencies with a new bill titled “Securing Open Source Software Act of 2022.”

Brittany Day
Oct 10, 2022

Government - Page 1.3

German State Abandons Microsoft for Linux and LibreOffice

White House Warns: Move to Memory-Safe Languages

European Court of Human Rights Declares Backdoored Encryption Illegal