FISA Section 702 renewal approved by House The Register

Infosec in brief US Congress nearly killed a reauthorization of FISA Section 702 last week over concerns that it would continue to allow warrantless surveillance of Americans, but an amendment to require a warrant failed to pass.
Section 702 of the Foreign Intelligence Surveillance Act has long been contentious for its provisions which indirectly allow surveillance of US citizens without a warrant.
That's why a group of Republican holdouts joined Democrats in the House this week to block a floor vote on the bill to reauthorize the measure.
The sticking point was that FISA Section 702 only technically authorizes the US to spy on foreigners overseas considered a threat, but if those foreigners communicate with US citizens, then those citizens' electronic communications can also be used for intelligence gathering.
After an amendment was proposed Friday morning, the holdouts fell in line - sending the Section 702 renewal bill to the House floor for a full vote.
The full bill to reauthorize Section 702 surveillance - which was rushed through the House to prevent it from lapsing on April 19 - later passed the House with bipartisan support despite all the clamoring to end warrantless surveillance.
Dutch chipmaker Nexperia admitted Friday that its IT systems were attacked in March, but offered few details as to the extent of the attack.
CVSS 9.8 - Multiple CVEs: Juniper Networks has patched Junos OS versions prior to 23.4R1-S1, 23.4R2 and Junos OS Evolved to resolve multiple vulnerabilities in its cURL implementation.
CVSS 9.8 - Multiple CVEs: Juniper Networks has resolved a number of vulnerabilities in Junos cRPD versions prior to 23.4R1, several of which are critical.
CVSS 9.8 - Multiple CVEs: Juniper Networks has resolved a number of issues in its Cloud Native Router versions prior to 23.4, several of which are critical.
CVSS 9.8 - Multiple CVEs: Siemens Scalance W1750D access points contain several vulnerabilities allowing for classic buffer overflow.
CVSS 9.4 - A single CVE for FortiClientLinux version 7.0 and 7.2 that would expose a user visiting a malicious website to an improper control of generation of code attack.
CVSS 8.8 - Multiple CVEs: Siemens TeleControl Server Basic V3 contains a bunch of vulnerabilities related to inadequate encryption.
CVSS 8.7 - CVE-2024-2424: Rockwell Automation 5015-AENFTXDT ethernet adapters contain an input validation vulnerability that could be used to crash devices.
CVSS 8.6 - CVE-2024-3313: SUBNET's PowerSYSTEM Server and Substation Server 2021 contain vulnerabilities in third-party components that could allow DoS, RCE, and privilege escalation.
CVSS 8.2 - Multiple CVEs: Siemens RUGGEDCOM APE1808 application hosting platform contains a number of vulnerabilities that can allow various issues.
The US Cybersecurity and Infrastructure Security Agency released an update to its malware analysis system this week that allows anyone to submit malware samples or fishy files for analysis.
While anyone can submit content for analysis, CISA said only authorized and registered users will receive analytics in return - so no checking your home-brewed malware to see if it's tough to detect.
Malware Next-Gen can be accessed on the web from CISA's website.
On Friday CISA also issued an attack alert about data analytics biz Sisense, and admins have been scrambling over the weekend to reconfigure their systems.


This Cyber News was published on go.theregister.com. Publication date: Mon, 15 Apr 2024 02:28:03 +0000


Cyber News related to FISA Section 702 renewal approved by House The Register

FBI's latest defense of warrantless S. 702 snooping is China The Register - Analysis The FBI's latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the Chinese government. Wray cited an example he's used previously about how, last ...
10 months ago Go.theregister.com
FBI Director: FISA 702 warrant requirement 'de facto ban' The Register - FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702. This controversial ...
1 year ago Theregister.com
Competing Section 702 surveillance bills on collision path The Register - Two competing bills to reauthorize America's FISA Section 702 spying powers advanced in the House of Representatives committees this week, setting up Congress for a battle over warrantless surveillance before the law lapses in the New Year. At stake ...
1 year ago Go.theregister.com
Competing Section 702 surveillance bills on collision path The Register - Two competing bills to reauthorize America's FISA Section 702 spying powers advanced in the House of Representatives committees this week, setting up Congress for a battle over warrantless surveillance before the law lapses in the New Year. At stake ...
1 year ago Theregister.com
FISA Section 702 renewal approved by House The Register - Infosec in brief US Congress nearly killed a reauthorization of FISA Section 702 last week over concerns that it would continue to allow warrantless surveillance of Americans, but an amendment to require a warrant failed to pass. Section 702 of the ...
8 months ago Go.theregister.com
The House Intelligence Committee's Surveillance 'Reform' Bill is a Farce - Earlier this week, both the House Committee on the Judiciary and the House Permanent Select Committee on Intelligence marked up two very different bills, both of which would reauthorize Section 702 of the Foreign Intelligence Surveillance Act-but in ...
1 year ago Eff.org
The SAFE Act to Reauthorize Section 702 is Two Steps Forward, One Step Back - Section 702 of the Foreign Intelligence Surveillance Act is one of the most insidious and secretive mass surveillance authorities still in operation today. The Security and Freedom Enhancement Act would make some much-needed and long fought-for ...
9 months ago Eff.org
Congressional leaders seek to extend contested surveillance program until April - The life of foreign spying tools set to expire in a few weeks could be briefly extended until April 19 after congressional leaders inserted a short-term renewal into the annual defense policy bill. The decision to attach a temporary renewal of ...
1 year ago Therecord.media
Proposed US surveillance regime would enlist more businesses The Register - Many US businesses may be required to assist in government-directed surveillance - depending upon which of two reform bills before Congress is approved. Under rules being considered, any telecom service provider or business with custodial access to ...
1 year ago Go.theregister.com
The Surveillance Showdown That Fizzled - Like the weather rapidly getting colder outside, the fight over renewing, reforming, or sunsetting the mass surveillance power of Section 702 has been put on ice until spring. In the last week of legislative business before the winter break, Congress ...
1 year ago Eff.org
Understanding the Implications of the Renewal of FISA Section 702 for CISOs - In today's world of constant connection, multinational companies are operating in and across multiple countries. Those doing business in the United States should be aware of Section 702 of the Foreign Intelligence Surveillance Act, which outlines the ...
1 year ago Csoonline.com
Section 702 Surveillance Reauthorization May Get Slipped Into 'Must-Pass' NDAA - House majority leader Steve Scalise and House minority leader Hakeem Jeffries did not respond to WIRED's requests for comment, nor did any senior members of the House and Senate armed services committees. Republican staffers tell WIRED that extending ...
1 year ago Wired.com
US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses' - The FBI and the Biden administration at large have lobbied Congress to reauthorize the 702 program as is, ignoring calls for reform that have grown louder since the beginning of the year, manifesting this month in the form of a comprehensive privacy ...
1 year ago Wired.com
The Pentagon Tried to Hide That It Bought Americans' Data Without a Warrant - United States officials fought to conceal details of arrangements between US spy agencies and private companies tracking the whereabouts of Americans via their cell phones. Obtaining location data from US phones normally requires a warrant, but ...
10 months ago Wired.com
A Powerful Tool US Spies Misused to Stalk Women Faces Its Potential Demise - The federal law authorizing a vast amount of the United States government's foreign intelligence collection is set to expire in two months, a deadline that threatens to mothball a notoriously extensive surveillance program currently eavesdropping on ...
1 year ago Wired.com
Sinking Section 702 Wiretap Program Offered One Last Lifeboat - A bill introduced by senators Dick Durbin and Mike Lee to reauthorize the Section 702 surveillance program is the fifth introduced in the US Congress this winter. With or without Congress, the Biden administration is seeking court approval to extend ...
9 months ago Wired.com
New Surveillance Reform Bill Raises Concerns Regarding Americans Data Privacy - Spies might be made out of regular employees at US companies if the recently proposed and approved legislation by the House Intelligence Committee greatly expands the federal government's surveillance powers, experts warn. Section 702 was enacted to ...
1 year ago Cysecurity.news
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
7 months ago Tenable.com
CVE-2024-47716 - In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP ...
2 months ago Tenable.com
Senate Leaders Plan to Prolong NSA Surveillance Using a Must-Pass Bill - Roughly a quarter of a million people are targeted by the program each year, and it is estimated that the number of individual messages collected reaches into the hundreds of millions. While the NSA is not allowed to target the communications of "US ...
1 year ago Wired.com
Leak of Russian 'Threat' Part of a Bid to Kill US Surveillance Reform, Sources Say - The latest botched effort at salvaging a controversial US surveillance program collapsed this week thanks to a sabotage campaign by the United States House Intelligence Committee, crushing any hope of unraveling the program's fate before Congress ...
10 months ago Wired.com
US Lawmakers Want to Use a Powerful Spy Tool on Immigrants and Their Families - The 702 program is slated to expire on January 1, 2024. Lawmakers in the House and Senate are rushing to find a solution that would enable the program to continue despite growing mistrust from lawmakers and the public following years of unauthorized ...
1 year ago Wired.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)