150 matches found
NSA Ghidra 安全漏洞
NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Previous versions of NSA Ghidra, up to version 12.1.1, contained security vulnerabilities. These vulnerabilities stemmed from the Mach-O binary parser,...
National Security Agency Ghidra 资源管理错误漏洞
National Security Agency Ghidra is a software reverse-engineering framework developed by the National Security Agency NSA. Versions of National Security Agency Ghidra prior to version 12.1 contained a resource management vulnerability. This vulnerability stemmed from the use of the...
National Security Agency Ghidra 路径遍历漏洞
National Security Agency Ghidra is a software reverse-engineering framework developed by the National Security Agency NSA. Versions of National Security Agency Ghidra prior to 12.0.4 contained a path traversal vulnerability. This vulnerability stemmed from the theme import feature not verifying...
National Security Agency Ghidra 安全漏洞
National Security Agency Ghidra is a software reverse-engineering framework developed by the National Security Agency NSA. Versions of National Security Agency Ghidra prior to 12.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the rustdemangle function, which allocated...
Disneyland Now Uses Face Recognition on Visitors
Plus: The NSA tests Anthropic’s Mythos Preview to find vulnerabilities, a Finnish teen is charged over the Scattered Spider hacking spree, and more...
GRASSMARLIN 代码问题漏洞
GRASSMARLIN is an open-source network security posture awareness tool for industrial control systems developed by the NSA Cybersecurity Directorate. Version GRASSMARLIN v3.2.1 contains a code vulnerability. This vulnerability stems from insufficient hardening of the XML parsing process, which may...
PT-2026-34832
Critical vulnerability in Anthropic Mythos and reported NSA adoption CVE-2026-21841 https://t.co/ZwHNBc0RF8 machinelearning ai...
Using a VPN May Subject You to NSA Spying
US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance...
Sen. Wyden Warns of Another Section 702 Abuse
Sen. Ron Wyden is warning us of an abuse of Section 702: Wyden took to the Senate floor to deliver a lengthy speech, ostensibly about the since approved with support of many Democrats nomination of Joshua Rudd to lead the NSA. Wyden was protesting that nomination, but in the context of Rudd being...
Who Coordinates U.S. Cyber Defense? A Co-Authorship Network Analysis of Joint Cybersecurity Advisories (2024--2025)
Cyber threats increasingly demand joint responses, yet the organizational dynamics behind multi-agency cybersecurity collaboration remain poorly understood. Understanding who leads, who bridges, and how agencies coordinate is critical for strengthening both U.S. homeland security and allied defen...
MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems
China on Sunday accused the U.S. National Security Agency NSA of carrying out a "premeditated" cyber attack targeting the National Time Service Center NTSC, as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace." The Ministry of State Security MSS, in a...
1965 Cryptanalysis Training Workbook Released by the NSA
In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term "Stethoscope" to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts. The term appears in the newly declassified...
SIGINT During World War II
The NSA and GCHQ have jointly published a history of World War II SIGINT: "Secret Messengers: Disseminating SIGINT in the Second World War." This is the story of the British SLUs Special Liaison Units and the American SSOs Special Security Officers...
The NSA’s “Fifty Years of Mathematical Cryptanalysis (1937–1987)”
In response to a FOIA request, the NSA released "Fifty Years of Mathematical Cryptanalysis 1937-1987," by Glenn F. Stahly, with a lot of redactions. Weirdly, this is the second time the NSA has declassified the document. John Young got a copy in 2019. This one has a few less redactions. And nothi...
Emissary 加密问题漏洞
Emissary is a distributed P2P data-driven workflow framework open-sourced by the National Security Agency. An encryption issue vulnerability exists in versions of Emissary prior to 8.24.0 that stems from the use of insecure encryption algorithms resulting in a security risk...
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a...
NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems
The U.S. National Security Agency NSA on Thursday released guidance to help organizations detect and prevent infections of a Unified Extensible Firmware Interface UEFI bootkit called BlackLotus. To that end, the agency is recommending that "infrastructure owners take action by hardening user...
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that...
CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)
Today, CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the Multi-State Information Sharing and Analysis Center MS-ISAC published an updated version of the StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initia...
SA44574 - 2020-08: Out-of-Cycle Advisory: FBI and NSA Expose New Linux Malware Drovorub
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. The United States National Security Agency and Federal Bureau of Investigation have released a Cybersecurity Advisory regarding the Drovorub malware. Drovorub is Linux malware that...