nsa – Page 8 – WindowsTechs.com

Ecuador’s Attempt to Resettle Edward Snowden

Posted on June 29, 2022 by Bruce Schneier

Someone hacked the Ecuadorian embassy in Moscow and found a document related to Ecuador’s 2013 efforts to bring Edward Snowden there. If you remember, Snowden was traveling from Hong Kong to somewhere when the US revoked his passport, stranding h… Continue reading Ecuador’s Attempt to Resettle Edward Snowden→

On the Subversion of NIST by the NSA

Posted on June 23, 2022 by Bruce Schneier

Nadiya Kostyuk and Susan Landau wrote an interesting paper: “Dueling Over DUAL_EC_DRBG: The Consequences of Corrupting a Cryptographic Standardization Process“:

Abstract: In recent decades, the U.S. National Institute of Standards and Technology (NIST), which develops cryptographic standards for non-national security agencies of the U.S. government, has emerged as the de facto international source for cryptographic standards. But in 2013, Edward Snowden disclosed that the National Security Agency had subverted the integrity of a NIST cryptographic standardthe Dual_EC_DRBGenabling easy decryption of supposedly secured communications. This discovery reinforced the desire of some public and private entities to develop their own cryptographic standards instead of relying on a U.S. government process. Yet, a decade later, no credible alternative to NIST has emerged. NIST remains the only viable candidate for effectively developing internationally trusted cryptography standards…

Continue reading On the Subversion of NIST by the NSA→

How to find information that NSA trolls on Stack downvote? [closed]

Posted on May 23, 2022 by ProfessorManhattan

I’m just curious and I’m not saying this has ever happened to me. But what if Stack Security was actually under an active supply-chain attack in the form of trolls under "NSA" payroll or spiritually "NSA"-aligned entiti… Continue reading How to find information that NSA trolls on Stack downvote? [closed]→

The NSA Says that There are No Known Flaws in NIST’s Quantum-Resistant Algorithms

Posted on May 16, 2022 by Bruce Schneier

Rob Joyce, the director of cybersecurity at the NSA, said so in an interview:

The NSA already has classified quantum-resistant algorithms of its own that it developed over many years, said Joyce. But it didn’t enter any of its own in the contest. The agency’s mathematicians, however, worked with NIST to support the process, trying to crack the algorithms in order to test their merit.

“Those candidate algorithms that NIST is running the competitions on all appear strong, secure, and what we need for quantum resistance,” Joyce said. “We’ve worked against all of them to make sure they are solid.”…

Continue reading The NSA Says that There are No Known Flaws in NIST’s Quantum-Resistant Algorithms→

Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

Posted on April 12, 2022 by Zeljka Zorz

On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit mod… Continue reading Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)→

US says it disrupted Russian botnet ‘before it could be weaponized’

Posted on April 6, 2022 by Joe Warminsky

The botnet was being assembled by Russia’s foreign intelligence agency, the GRU, Attorney General Merrick Garland said at a news conference.

The post US says it disrupted Russian botnet ‘before it could be weaponized’ appeared first on CyberScoop.

Continue reading US says it disrupted Russian botnet ‘before it could be weaponized’→

KSOC announces that its Kubernetes security platform supports hardening NSA/CISA guidelines

Posted on March 30, 2022 by Industry News

KSOC announced that their platform satisfies the Kubernetes hardening guidelines issued by the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA). The newly released guidelines recommend the following mitigation … Continue reading KSOC announces that its Kubernetes security platform supports hardening NSA/CISA guidelines→

What is required to use a cryptographic algorythm backdoor?

Posted on March 9, 2022 by Andrew Savinykh

David Wong in his book Real-World Cryptography writes:

In 2013, following revelations from Edward Snowden, it was discovered that NSA
had purposefully and successfully pushed for the inclusion of backdoor algorithms in
standards (see “Dua… Continue reading What is required to use a cryptographic algorythm backdoor?→

Details of an NSA Hacking Operation

Posted on March 3, 2022 by Bruce Schneier

Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group).
…the sc… Continue reading Details of an NSA Hacking Operation→

Dragos partners with NSA and CISA to increase OT cybersecurity for United States critical infrastructure

Posted on February 16, 2022 by Industry News

Dragos has announced initiatives with the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) to strengthen security and visibility for United States critical infrastructure through Dragos’s Neighborhood Keepe… Continue reading Dragos partners with NSA and CISA to increase OT cybersecurity for United States critical infrastructure→