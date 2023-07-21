The U.S. Department of Defense would be required to establish a dedicated cyber intelligence center in the version of the fiscal 2024 National Defense Authorization Act approved by the Senate Armed Services Committee late last month, reports DefenseScoop.
Such a center, which would have to support the needs of the Cyber Command and other military departments, could be created within the Defense Intelligence Agency, according to the legislation.
Establishing a military cyber intelligence center has been prioritized by Congress upon the realization that none of the intelligence-focused agencies have been tackling nation-state cybersecurity threats from a military standpoint, noted a defense official.
"It became evident during the Russia invasion into Ukraine that the traditional intel rolls within the DIA could not handle the volume of work needed to support this combatant command. DIA could fill the role but they require restructuring their HR system to provide experts in the technical arena. Some they have but they're not near enough," the official said.
BleepingComputer reports that internet-exposed Windows and Linux Redis servers that have not been patched against the critical Lua sandbox escape flaw, tracked as CVE-2022-0543, have been targeted by the new Rust-based P2PInfect worm malware, which features self-propagation capabilities.
Malicious NPM package dependencies and repository invitations have been leveraged by North Korean state-backed hacking operation Lazarus Group, also known as TraderTraitor and Jade Sleet, in limited social engineering attacks against cybersecurity, cryptocurrency, blockchain, and online gambling developers in GitHub, reports BleepingComputer.