"I cannot believe that we're seeing command injection vulnerabilities in 2024 in any products, let alone a secure remote access product that's supposed to have additional vetting for use by the US government," says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy and a former NSA hacker. "They are some of the easiest bugs to identify and remediate at this point."
"We wouldn't leave our homes, our offices, unlocked and yet our critical infrastructure-the private companies owning and operating our critical infrastructure-often do not have the basic cybersecurity practices in place that would make our infrastructure riskier, costlier, and harder for countries and criminals to attack," Anne Neuberger, deputy national security adviser for cyber and emerging technology, said on Friday.
Collection
[
|
...
]