CISA extends funding to ensure ‘no lapse in critical CVE services’
CISA says the U.S. government has extended MITRE’s funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. “The CVE Program is invaluable to cyber community and a priority of CISA,” the U.S. cybersecurity agency told BleepingComputer. “Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners’ and stakeholders’ patience.” BleepingComputer has learned that the extension of the contract is for 11 months.
SSL/TLS certificate lifespans reduced to 47 days by 2029
The CA/Browser Forum has voted to significantly reduce the lifespan of SSL/TLS certificates over the next 4 years, with a final lifespan of just 47 days starting in 2029. The CA/Browser Forum is a group of certificate authorities (CAs) and software vendors, including browser developers, working together to establish and maintain security standards for digital certificates used in Internet communications. Its members include major CAs like DigiCert and GlobalSign, as well as browser vendors such as Google, Apple, Mozilla, and Microsoft.
New Android Security Feature Aims to Keep Snoops Out of Your Phone
Google introduced an important security feature for its users this week, making it harder for snoops to access data stored on Android phones. “Google System updates make your Android devices more secure and reliable, and give you new and useful features,” says the tech giant. “They include updates from Google to the Android operating system, Google Play Store, and Google Play services.” The latest Google Play services update (version 25.14) includes the usual bug fixes and enhancements in areas like Account Management, Device Connectivity, Location & context, Security & Privacy, System Management, Utilities, and Wallet.
Brit soldiers tune radio waves to fry drone swarms for pennies
British soldiers have successfully taken down drones with a radio-wave weapon. The demonstrator weapon, a type of Radiofrequency Directed Energy Weapon (RF DEW), uses high-frequency radio waves to disrupt the electronic components inside drones, resulting in the devices malfunctioning. “RF DEW systems can defeat airborne targets at ranges of up to 1 km and are effective against threats which cannot be jammed using electronic warfare,” the Ministry of Defence (MOD) said.
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools, could the technology one day replace passwords? Blockchain is a secure way to maintain, encrypt, and exchange digital records of transactions. Its security benefits stem from its decentralized nature: this distributed ledger can be accessed by participants across various nodes, and is unalterable. All users retain control as a group, meaning no single person can change the ledger.
This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops
American police departments near the United States-Mexico border are paying hundreds of thousands of dollars for an unproven and secretive technology that uses AI-generated online personas designed to interact with and collect intelligence on “college protesters,” “radicalized” political activists, and suspected drug and human traffickers, according to internal documents, contracts, and communications that 404 Media obtained via public records requests. Massive Blue, the New York–based company that is selling police departments this technology, calls its product Overwatch, which it markets as an “AI-powered force multiplier for public safety” that “deploys lifelike virtual agents, which infiltrate and engage criminal networks across various channels.”
