Fast Feed

This Week in Security: No More CVEs, 4chan, and Recall Returns

1 min read

Summary

  • On 16 April this year the US National Vulnerabilities Database (NVD) almost ran out of funding, as its custodians, the MITER Corporation, nearly saw their contract expire.
  • The looming deadline sparked a debate about cyber vulnerabilities and the responsibility of the US government in mitigating them.
  • Eventually, at the last minute, the US Cybersecurity and Infrastructure Security Agency (CISA) announced a further 11 months of funding.
  • Also this week Android devices are set to get an automatic reboot feature, to strengthen their security.
  • After three days of inactivity the phones will reboot, restoring a more secure state and resetting the encryption keys.
  • The controversy around 4chan, the notorious message board, has deepened this week after a major hack impacted the site.
  • Using ancient PHP code and outdated libraries, it is assumed that the site was exploited via a chain of exploits.
  • The consequences of the attack include the leakage of internal discussions and administrative email addresses.
  • Microsoft’s controversial Recall feature, which takes automated screenshots of a user’s activity on Windows, is set to return in a future Windows 11 update, albeit with improvements.

By Jonathan Bennett

Original Article