Subterms
The developers of the open source SaltStack Salt management framework, used in data centers and cloud servers, have warned users to update their builds following the discovery of critical remote code execution vulnerabilities. Researchers from F-Secure disclosed the bugs on Thursday. Tracked as CVE-2020-11651 and CVE-2020-11652, the vulnerabilities have been issued high-severity ratings and are […] More
Children across the country will have the opportunity to crack codes, fix security flaws and examine the trails left behind by cyber criminals as part of a new learning experience they can take part in from home. The initiative from the Department for Culture Media and Sport (DCMS), the National Cyber Security Centre (NCSC), the […] More
The Ninja Forms WordPress plugin harbored a severe security flaw that could be used for website takeover through the creation of new administrator accounts. Ninja Forms is a drag-and-drop contact form creator for websites running on the WordPress Content Management System (CMS). The plugin accounts for over one million active installations. The Wordfence Threat Intelligence […] More
Image: Jon Tyson The Dreambot malware botnet appears to have gone silent and possibly shut down, according to a report published today by the CSIS Security Group, a cyber-security firm based in Copenhagen, Denmark. The company is reporting that the Dreambot’s backend servers have gone down in March; about the same time when the cybersecurity […] More
The Attorney-General’s Department has provided further information on Australia’s pending Telecommunications Legislation Amendment (International Production Orders) Bill 2020 (IPO Bill), specifically around granting foreign law enforcement bodies with data that could be used to condemn an individual to death. “Australia maintains a long-standing, bipartisan policy of opposition to the death penalty, in all circumstances, for all people,” […] More
Google has raised a handful of concerns with Australia’s pending Telecommunications Legislation Amendment (International Production Orders) Bill 2020 (IPO Bill), including the Commonwealth’s choice of phrasing, the avenues proposed for record-sharing, and the Bill being at odds with the purpose of the United States’ Clarifying Lawful Overseas Use of Data Act (CLOUD Act). The IPO Bill […] More
Shadow Assistant Communications Minister and Shadow Assistant Cyber Security Minister Tim Watts Screenshot: Stilgherrian A UK-style national Active Cyber Defence program (ACD) and a volunteer-driven Civilian Cyber Corps (C3) are two key components of a cyber resilience program being discussed by the Australian Labor Party. “It’s not just about critical infrastructure or government departments, although […] More
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced today that it intends to run DoH (DNS-over-HTTPS) and DoT (DNS-over-TLS) DNS resolution servers for official government use, however, it advises agencies to disable DoH and DoT support on employees’ browsers until official CISA servers are available. The agency issued a memorandum […] More
