Posts

NSWC Crane Division Manager Awarded Civilian Service Commendation Medal > Naval Sea Systems Command > Saved News Module

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Clint Seyer, Naval Surface Warfare Center, Crane Division’s (NSWC Crane) manager for the Expeditionary Electronic Warfare (EW) Systems Division, was recently  awarded the Department of the Navy (DON) Civilian Service Commendation Medal (CSCM) in recognition of significant contributions to the United States (U.S.) Navy. Seyer was recognized for significant efforts during his 18-year career at NSWC Crane Division.  He developed short and long term strategies that resulted in national leadership recognition in the Electronic Warfare (EW) mission area.

Seyer’s award commendation letter reads, “…your dedication and supervision to the Expeditionary EW mission resonates in every aspect of your leadership and drive…”

CSCM recognizes performance well above what is expected of an individual, and above the degree of excellence reflected in a performance evaluation. Performance is at the equivalent level of the Navy and Marine Corps Commendation Medal.

Seyer began his career at Crane in 2003 as the Quality/Safety Focal Point where he provided quality systems and safety support to the Electro-Optics/Chemical and Bio Sensors Division. He was selected as the Chief Strategist for the Spectrum Warfare Department in 2013. In that position, he was responsible for the department’s strategic planning efforts where he successfully worked to develop short and long term strategies resulting in achievement of national leadership in the EW mission area. In 2018, Mr. Seyer was selected as the Division Manager for the Expeditionary EW Systems Division where he is responsible for management and oversight of a division team supporting several expeditionary EW Systems and direct workload execution of multiple Acquisition Category (ACAT) II programs impacting U.S. Navy, U.S. Marines, and U.S. Special Forces positioned around the globe.

As the Chief Strategist, Mr. Seyer positioned NSWC Crane to be a leader in EW Systems among the Department of Defense, working directly with the Spectrum Warfare Systems Department Director to make strategic plans that have enabled successful execution of our Command’s strategic intent. As the Division…

Source…

Kaspersky finds zero-day exploit in Desktop Window Manager

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Early 2021, Kaspersky’s researchers, upon further analysis into the already reported CVE-2021-1732 exploit used by the BITTER APT group, have managed to discover another zero-day exploit. The experts are currently unable to link this exploit to any known threat actor.

A zero-day vulnerability is basically an unknown software bug. Upon identification and discovery, they allow attackers to conduct malicious activities in the shadows, resulting in unexpected and destructive consequences.

While analyzing the CVE-2021-1732 exploit, Kaspersky experts found another such zero-day exploit and reported it to Microsoft in February. After confirmation that it is indeed a zero-day, it received the designation CVE-2021-28310.

According to the researchers, this exploit is used in the wild, potentially by several threat actors. It is an escalation of privilege (EoP) exploit, found in Desktop Window Manager, allowing the attackers to execute arbitrary code on a victim’s machine.

It is likely that the exploit is used together with other browser exploits to escape sandboxes or obtain system privileges for further access.

Kaspersky’s initial investigation has not revealed the full infection chain, so it is yet not known whether the exploit is used with another zero-day or coupled with known, patched vulnerabilities.

“The exploit was initially identified by our advanced exploit prevention technology and related detection records. In fact, over the past few years, we have built a multitude of exploit protection technologies into our products that have detected several zero-days, proving their effectiveness time and time again. We will continue to improve defenses for our users by enhancing our technologies and working with third-party vendors to patch vulnerabilities, making the internet more secure for everyone,” comments Boris Larin, security expert at Kaspersky.

More information about BITTER APT and IOCs are available to customers of the Kaspersky Intelligence Reporting service. Contact: [email protected]

A patch for the elevation of privilege vulnerability CVE-2021-28310 was released on April 13th, 2021.

Kaspersky products detect this exploit with the following verdicts:

Source…

Tripwire expands multi-cloud capabilities for Tripwire Configuration Manager

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Tripwire announced expanded multi-cloud capabilities for Tripwire Configuration Manager. Tripwire’s SaaS application now helps organizations effectively manage security across AWS (Amazon Web Services), Microsoft Azure and GCP (Google Cloud Platform), including greater data privacy management through storage configuration monitoring.

Tripwire Configuration Manager simplifies the monitoring, remediation, and automation of cloud account configurations for multi-cloud organizations through a single console.

Users can monitor and enforce secure configuration policies across a multi-cloud environment and determine where they stand against Center for Internet Security Foundations benchmarks.

Misconfigurations are a leading cause of data breaches and security incidents involving the cloud. Tripwire Configuration Manager helps ensure your cloud accounts are in a known and trusted state by enforcing security policies.

Its automated remediation feature will reset a configuration that is out of compliance to its previous state, ensuring user cloud accounts are configured correctly, and the services and workloads they host in the cloud are safe.

The updated service also enables storage monitoring and provides an in-depth view of storage configuration across multi-cloud accounts, making it easier to define public vs. private data.

Users can break down data privacy settings to address specific areas of concern, such as encryption, and enforce increased levels of privacy for more important data.

“As companies continue to expand operations into the cloud, they are left open to significant security, privacy, and regulatory threats, often caused by misconfigurations,” said Tim Erlin, vice president of product management and strategy at Tripwire.

“Most teams have limited personnel to defend the network and need support to determine which problems are most pertinent. Secure configuration management is a basic but critical security practice to ensure gaps in security are realized and that companies are protected from devastating and costly impacts caused by cloud-related attacks.”

Tripwire Configuration Manager is easy to implement and operate. A free trial is available that…

Source…

Microsoft officially launches ‘Autofill’ password manager for iOS and other platforms


Microsoft today officially launched the new Autofill solution, which lets users easily store and manage their website passwords across different devices — including iPhone, iPad, Mac, Windows PCs, and Android phones.

Autofill was already available as part of a beta program, but now Microsoft is making the tool available to all users through the Microsoft Authenticator app, a Google Chrome extension, and also Microsoft Edge. Just like iCloud Keychain, Microsoft Autofill stores your passwords and makes it easy to enter them on websites.

The announcement was made today on the official Microsoft Experience blog:

Autofill stores your passwords under your Microsoft account. To get started with autofill on mobile, open the Microsoft Authenticator app, and then sign-in on the Passwords tab with your Microsoft account. If you have passwords saved under your Microsoft account on Microsoft Edge, they will sync to the Authenticator app.

If you’re on a Mac, Autofill can be used through the Microsoft Edge web browser or with a Google Chrome extension. Users coming from other password managers can import them into Microsoft Autofill using a CSV file. In iOS, the app also lets you protect your passwords with a PIN code, Touch ID, or Face ID.

The Microsoft Authenticator app is available for free on the App Store. It requires an iPhone or iPad running iOS 11 or later.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

Source…