This is a remarkable ruling, and not in a good way.
"The judge’s order puts limits on a number of executive agencies with a wide range of responsibilities across the federal government, including the #DOJ, State Department, #HHS, and #CDC. It also names more than a dozen individual officials, including #DHS Secretary Alejandro Mayorkas and Jen Easterly, who leads #CISA."
A 2nd #Trump admin could #weaponize existing government agencies to dismantle democracy itself.
This article is part of “Project 2025: The Plot Against #America,” a Nation special issue devoted to unpacking the right’s vast & chilling program for a 2nd Trump term.
In the section on the #DHS …there’s a plan to eliminate the ability of the agency that monitors #ElectionSecurity to prevent the spread of #disinformation about voting & #vote counting.
…Think back to Nov 2020, when #Trump was developing his #BigLie about the #election he’d lost. Trump’s false assertion the election had been characterized by “massive improprieties & fraud” was tripped up by #ChrisKrebs, who served as dir of the #Cybersecurity & Infrastructure #Security Agency (#CISA) in the DHS.
In Mandate’s chapter on the #DHS, Ken Cuccinelli writes, “Of the utmost urgency is immediately ending CISA’s counter-mis / #disinformation efforts. … #Project2025 document declares that “the entirety of the #CISA#Cybersecurity Advisory Committee should be dismissed on Day One.”
…This is just one way that Project 2025’s cabal of “experts” is scheming to thwart honest discourse about #elections & #democracy.
Meiner Meinung nach wird in der Open-Source Szene die IT-Sicherheit nicht versprochen, sondern meistens rasch umgesetzt und frei verteilt. Auch wenn das hier nun anders ist.
»Linux – root-Lücke wird aktiv missbraucht:
Die IT-Sicherheitsbehörde CISA warnt vor aktiven Angriffen auf eine Linux-Lücke. Angreifer verschaffen sich damit root-Rechte.«
Just your periodic update from Ivanti regarding their CVE-2023-46805 (8.2 high) and CVE-2024-21887 (9.1 critical) zero-days (both disclosed 10 January 2024 as exploited in the wild, has Proofs of Concept, mass exploitation):
"Update 26 January: The targeted release of patches for supported versions is delayed, this delay impacts all subsequent planned patch releases. We are now targeting next week to release a patch for Ivanti Connect Secure (versions 9.1R17x, 9.1R18x, 22.4R2x and 22.5R1.1), Ivanti Policy Secure (versions 9.1R17x, 9.1R18x and 22.5R1x) and ZTA version 22.6R1x.
Patches for supported versions will still be released on a staggered schedule. Instructions on how to upgrade to a supported version will also be provided. The timing of patch release is subject to change as we prioritize the security and quality of each release. Please ensure you are following this article to receive updates as they become available."
🔗 https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
Just got to meet #CISA director and personal hero Jen Easterly at BSides Las Vegas and discussed cyber workforce development and K-12 education. A huge moment to meet someone who just gets it and is in a position of authority to help and is also just an awesome human being. #schoolboard#bvsd
Welp, my extended vacation time has come to an end. It's been a fun couple of months, but today, I'm stoked to start at #CISA, aka the Cybersecurity and Infrastructure Security Agency. I'm very much looking forward to US #government service work.
While I've spent pretty much all of my career involved in #opensource, #public work in #cybersecurity, it's always been under the aegis of corporate sponsorship, so there was always some tension between giving away my work for free versus quarter over quarter earnings and profits and all that.
Now, I'm really leaning into living that #socialist lifestyle and taking a break from capitalism -- let's see how this #publicsector life goes!
CISA is a very, very young bureaucracy; it was founded in 2018, so we're just now figuring out how this whole "America's Cyber Defense" business works, and I'm excited to be a part of that.
Unfortunately, although I'm now a government official, I can't fix your parking tickets or get you out of jury duty. Please stop asking.
CISA and FBI released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware.
🔗 https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-016a
A #PumpStation in #Aliquippa#Pennsylvania was hacked by #IranianHackers simply because they used electronics made in #Israel. Obviously, they were just probing to gain #intel for a future attack against a larger critical infrastructure target. Thankfully, no one was hurt, and the town's water supply isn't tainted. The #hackers even threatened that "Israel-made gear is fair game" pointing to continued aggressions.
Woke up to an advisory from #CISA on #UnitronicPLCs using in Water and Wastewater Systems: Cyber threat actors are targeting #PLCs associated with #WWS facilities, including an identified Unitronics PLC, at a U.S. water facility.
Hot off the press! CISA adds CVE-2023-4762 (8.8 high Google Chrome Type Confusion in V8 JavaScript Engine) to the Known Exploited Vulnerabilities Catalog.
🔗 (to be replaced later) https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Hot off the press! CISA adds CVE-2023-43770 (6.1 medium) Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to the Known Exploited Vulnerabilities (KEV) Catalog.
🔗 (to be replaced later) https://www.cisa.gov/known-exploited-vulnerabilities-catalog
CISA, on behalf of the collective group of industry and government partners that comprise the Joint Cyber Defense Collaborative (JCDC), released JCDC’s 2024 Priorities. Similar to the 2023 JCDC Planning Agenda, JCDC’s 2024 Priorities will help focus the collective group on developing high-impact and collaborative solutions to the most pressing cybersecurity challenges.
A new ICSNPP-Synchrophasor parser for Synchrophasor Data Transfer for Power Systems (IEEE C37.118) has been integrated.
We've also got a plethora of component version updates, including Arkime to v4.3.0, Capa to v5.1.0, Fluent Bit to v2.1.2, NetBox to v3.5.0, NGINX to v1.22.1, Supercronic to v0.2.24, Suricata to v6.0.10, Yara to v4.3.0, and Zeek to v5.2.1.
Check out the release on GitHub or grab my ISO builds at malcolm.fyi.
So, who's lying and who's doing a PR stunt? :birdsite:
If the SEC had failed to enable two-factor authentication — as the statement from X claimed — the agency would be in violation of federal government guidance. A December 2021 advisory from the Cybersecurity and Infrastructure Security Agency urges federal agencies to enforce multi-factor authentication for their social media accounts, among other actions.
For the three reporters who have written articles about this, and the one who provided invaluable guidance, my gratitude is endless. This post doesn't apply to you, nor "the feds", the cybersecurity experts, or #lawyers (including and especially @eff), who were extremely helpful. The rest, however, should take note.
I've willingly laid my neck on a chopping block, unprotected, for over six months.
My outreach has been exhaustive:
• Attempted to engage with over 150 journalists and #news organizations,
• Coordinated frequently with the Cybersecurity and Infrastructure Security Agency (#CISA or "the feds"),
• Consulted with numerous cybersecurity experts,
• Sought advice from multiple lawyers,
• Spoke with ten state and state court CISOs,
• Attempted to talk to several dozen state and county court clerks and judges,
• Sent emails to every Florida State Senator, State Representative, and Supreme Court justice, and to multiple governors,
• Discussed with the staff of multiple U.S. Senators and U.S. Representatives,
• Contacted twelve vendors and over 40 employees
I've offered to write articles -- for free.
I've had no fewer than eight background checks done on me.
I've been cyberstalked by the Arizona Supreme Court.
I've put my job and my family's livelihood at risk in more ways than one.
I've made a grand total of $0; in fact, I've invested several hundred.
When I'm able to sleep, it's with one eye open, always waiting for "that" knock on the door.
After my first #disclosure, I prepared for a week to deal with what I expected to be a #media circus. What I received was one preemptive email from a state court #CISO (who was not affected) and one kind person (who is not a #journalist) on the #fediverse.
I've spent over 900 hours discovering, documenting, reporting, and disclosing vulnerabilities, trying to get this fixed on a mass scale, and attempting to contact the above list. I see no signs of this slowing down any time soon. All of this for what is merely a #hobby.
I've done my part. It's time for reporters to step up. The real-world harm these vulnerabilities have caused — and continue to cause — cannot be overstated. The need for widespread awareness and action is urgent.