Cybersecurity |
Sponsored by |
|
Kicking off the sixth annual National Cybersecurity Awareness Month this October, the Department of Homeland Security (DHS) has urged computer users to practice good "cyber hygiene". The campaign was given a boost Wednesday when the Senate passed resolution 285 to support its goal to make U.S. citizens more aware of how to secure the internet. DHS has also announced that is has been given new authority to recruit and hire up to 1,000 cybersecurity professionals across the department to fill roles such as: cyber risk and strategic analysis; cyber incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering. more
"China Sets New Tone in Drafting Cybersecurity Rules," By Eva Dou in Beijing and Rachael King in San Francisco reporting in the Wall Street Journal. more
StopBadware.org and Consumer Reports WebWatch have announced today the full launch of BadwareBusters.org, a new online community for people looking for help preventing and countering viruses, spyware, and other "badware" on their computers and websites. Maxim Weinstein, manager of StopBadware.org at Harvard University's Berkman Center for Internet & Society, says the site is not only a useful destination, but also a piece of a bigger puzzle. "BadwareBusters.org is part of StopBadware's strategy to bring together the people, the organizations, and the data that allow us to fight back against the spread of badware," Weinstein said. "The collective wisdom of the BadwareBusters community will inform not only individuals, but the entire technology industry." more
CENTR, the association which represents European country code top-level domain name registries (ccTLDs), such as .de for Germany or .no for Norway, has provided feedback to the United Nations' initiative on a Global Digital Compact (GDC). The GDC seeks to "outline shared principles for an open, free and secure digital future for all", and invites multistakeholder participation in the consultation phase. more
Pioneering cryptographer Whitfield 'Whit' Diffie has joined the Internet Corporation for Assigned Names and Numbers (ICANN) as Vice President for Information Security and Cryptography. Diffie will provide advice on general security matters related to ICANN's mandate, and to ICANN in the design, development and implementation of security methods for ICANN-managed networks. He will oversee the continuous improvement and 'best practices' process for information security and cryptography. more
According to a recent analysis, the cyber threat landscape has changed dramatically one year since the Russian invasion of Ukraine. Google TAG, Mandiant, and Trust & Safety have released a report titled, Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape, based on analysis from Google’s Threat Analysis Group (TAG), Mandiant, and Google Trust & Safety. more
The U.S. Department of Justice and the FBI announced on Wednesday that they have taken actions to disable an international botnet of more than two million infected computers responsible for stealing corporate data including user names, passwords and financial information. more
Europol's Innovation Lab released a Tech Watch Flash report on Monday, sounding the alarm on the potential misuse of large language models such as ChatGPT. Entitled 'ChatGPT - the Impact of Large Language Models on Law Enforcement,' the report provides an urgent overview of the implications of ChatGPT for criminals and law enforcement, as well as an outlook of what may still be to come. more
New security report has revealed at least 48 companies involved in research, development, manufacturing of chemicals and advanced materials have been victims of a coordinated cyberattack traced to a source in China. The purpose of the attacks, code named Nitro, appear to be industrial espionage, collecting intellectual property for competitive advantage, according to Symantec. more
According to a new security report released today by SANS Institute, TippingPoint and Qualys, the number of vulnerabilities found in applications in the last few years is far greater than the number of vulnerabilities discovered in operating systems. "On average, major organizations take at least twice as long to patch client-side vulnerabilities as they take to patch operating system vulnerabilities. In other words the highest priority risk is getting less attention than the lower priority risk." more
The Canadian Security Intelligence Service (CSIS) is reported to have warned companies about an increasing risk of cyber espionage and attacks on pipelines, oil storage and shipment facilities. more
Routing security is vital to the future and stability of the Internet, but it's under constant threat. Mutually Agreed Norms for Routing Security (MANRS) is a global initiative, driven by the networking community and supported by the Internet Society, aiming to reduce the most common threats to the Internet's routing system through technical and collaborative action. more
A study comparing best-of-breed computer security vendors suggests more than half of active malware and phishing threats on the Internet go undetected, with an average detection rate of 37% for malware and 42% for phishing. "Given the dynamic nature of today's online threats and the traditionally reactive approach taken by today's malware and phishing detection technology, conventional signature-based solutions are inherently at a disadvantage to keep up," said Panos Anastassiadis, CEO and Chairman of Cyveillance. "Because the majority of damage occurs during the first 24 hours of an attack, early detection of attacks is crucial." more
The National Institute of Standards and Technology (NIST) issued today its first Guidelines for Smart Grid Cyber Security, which includes high-level security requirements, a framework for assessing risks, an evaluation of privacy issues at personal residences, and additional information for businesses and organizations to use as they craft strategies to protect the modernizing power grid from attacks, malicious code, cascading errors, and other threats. more
A long time ago, I worked in a secure facility. I won't disclose the facility; I'm certain it no longer exists, and the people who designed the system I'm about to describe are probably long retired. Soon after being transferred into this organization, someone noted I needed to be trained on how to change the cipher door locks. We gathered up a ladder, placed the ladder just outside the door to the secure facility, popped open one of the tiles on the drop ceiling, and opened a small metal box with a standard, low-security key. more
A World-Renowned Source for Internet Developments. Serving Since 2002.