Advertise with my Blog

Security

How US national security agencies hold the internet hostage

How US national security agencies hold the internet hostage

July 18, 2019

Team Telecom, a shadowy US national security unit tasked with protecting America’s telecommunications systems, is delaying plans by Google, Facebook and other tech companies for the next generation of international fiber optic cables.

Team Telecom comprises representatives from the departments of Defense, Homeland Security, and Justice (including the FBI), who assess foreign investments in American telecom infrastructure, with a focus on cybersecurity and surveillance vulnerabilities.

Team Telecom works at a notoriously sluggish pace, taking over seven years to decide that letting China Mobile operate in the US would “raise substantial and serious national security and law enforcement risks,” for instance. And while Team Telecom is working, applications are stalled at the FCC.

The on-going delays to submarine cable projects, which can cost nearly half a billion dollars each, come with significant financial impacts. They also cede advantage to connectivity projects that have not attracted Team Telecom’s attention – such as the nascent internet satellite mega-constellations from SpaceX, OneWeb and Amazon .

Team Telecom’s investigations have long been a source of tension within Silicon Valley. Google’s subsidiary GU Holdings Inc has been building a network of international submarine fiber-optic cables for over a decade. Every cable that lands on US soil is subject to Team Telecom review, and each one has faced delays and restrictions.

Source link

Read More
Google will now pay bigger rewards for discovering Chrome security bugs

Google will now pay bigger rewards for discovering Chrome security bugs

July 18, 2019

Bug hunting can be a lucrative gig. Depending on the company, a serious bug reported through the proper channels can earn whoever found it first tens of thousands of dollars.

Google launched a bug bounty program for Chrome in 2010. Today, they’re increasing the maximum rewards for that program by 2-3x.

Rewards in Chrome’s bug bounty program vary considerably based on how severe a bug is and how detailed your report is — a “baseline” report with fewer details will generally earn less than a “high-quality” report that does things like explain how a bug might be exploited, why it’s happening and how it might be fixed. You can read about how Google rates reports right here.

But in both cases, the potential reward size is being increased. The maximum payout for a baseline report is increasing from $5,000 to $15,000, while the maximum payout for a high-quality report is being bumped from $15,000 to $30,000.

There’s one type of exploit that Google is particularly interested in: those that compromise a Chromebook or Chromebox device running in guest mode, and that aren’t fixed with a quick reboot. Google first offered a $50,000 reward for this type of bug, increasing it to $100,000 in 2016 after no one had managed to claim it. Today they’re bumping it to $150,000.

They’ve also introduced a new exploit category for Chrome OS rewards: lockscreen bypasses. If you can get around the lockscreen (by pulling information out of a locked user session, for example,) Google will pay out up to $15,000.

Google pays additional rewards for any bugs found using its “Chrome Fuzzer Program” — a program that lets researchers write automated tests and run them on lots and lots of machines in the hopes of finding a bug that only shows up at much …

Read More

How Security Can Help Your Business Grow

July 18, 2019


A business that is negatively impacted by crime can’t grow, and will inevitably shrink and possibly collapse. Companies should consider investing in security, mainly because of how crime can adversely affect a business’ long-term growth projections.

Criminal activity tends to impact the performance of small and medium enterprises negatively. As the journal Tourism Economics reports, a study based in Latin America finds that there is a negative correlation between increased crime rate and small business growth. How then does a business deal with the problem of crime while at the same time remaining profitable? The key to this discussion lies in how the business approaches its security.

Physical security measures

The first thing a small business must secure is its operating location. The real-world situation of a company is of extreme importance to its growth. Securing that property should be the business’ first step. There are several ways companies can go about securing their premises, including:

Industrial strength locks

The standard locks that a commercial building comes with are usually not made to deal with dedicated criminals. Most commercial rental properties will allow tenants to change locks, once the owner also gets a key. Replacing the standard bolts that a location has with more sophisticated locks, designed for being difficult to break into should be among the first changes a business should make to ensure its continued security.

Security cameras

Surveillance of a commercial property can add to the safety of the premises as well as serve as a deterrent to criminals. It is important to note, according to Security Instrument, that a commercial grade security camera is different from a consumer-grade camera and one should not be used to replace the other. Security cameras offer peace of mind, and many systems come with an option for the user …

Read More
Microsoft has warned 10,000 victims of state-sponsored hacking

Microsoft has warned 10,000 victims of state-sponsored hacking

July 17, 2019

Microsoft said it has notified close to 10,000 people in the past year that they have been targeted by state-sponsored hackers.

The tech giant said Wednesday that the victims were either targeted or compromised by hackers working for a foreign government. In almost all cases, Microsoft said, enterprise customers were the primary targets — such as businesses and corporations. About one in 10 victims are consumer personal accounts, the company said.

Microsoft said its new data, revealed at the Aspen Security Forum in Colorado, demonstrates the “significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics, or achieve other objectives.”

On top of that the company also said it has made 781 notifications of state-sponsored attacks on organizations using its AccountGuard technology, designed for political campaigns, parties and government institutions.

Almost all of the attacks targeted U.S.-based organizations, the company said, but a spokesperson would not disclose the percentage of successful attacks.

Most of the attacks were traced back to activity by hacking groups believed to be associated with Russia, North Korea and Iran.

One such group, the so-called APT 33 group operating out of Iran — which Microsoft calls Holmium — has been in Microsoft’s cross-hairs before. In March the company said the Tehran-backed hackers stole corporate secrets and destroyed data in a two-year-long hacking campaign. Weeks later the company sued to obtain a restraining order for another Iranian hacker group, APT 35, or Phosphorus. A year earlier it took similar legal action against Russian hackers, known as APT 28, or Fancy Bear, which was blamed for disrupting the 2016 presidential election.

“Cyberattacks continue to be a significant tool and weapon wielded in cyberspace. In some instances, those attacks appear to be related to ongoing efforts to attack the democratic …

Read More
Snyk brings in new CEO to help lead future expansion

Snyk brings in new CEO to help lead future expansion

July 17, 2019

Startup founders typically face a management challenge. They often began their careers in technical engineering jobs, and are thrust into the CEO role when starting a company. Sometimes it makes sense to bring in a more experienced executive to guide a fast-growing startup, and that is what Snyk announced it’s doing today, shifting founder/CEO Guy Podjarny to president and chairman of the board, while bringing in board member and investor Peter McKay as CEO.

Over the past 18 months the company has grown significantly, moving from just 18 employees to 150 as its open-source software development approach to security has taken hold in the marketplace. McKay is someone who makes sense for the job, given he has been involved with the company as an investor since its early days, and has known Podjarny in various roles for 15 years. The two talked about having a good working relationship, something that Podjarny said was essential to this transition.

“I think I would be going through many sleepless nights if I was bringing just somebody we interviewed into the company for a role like this at a time like this,” he said. He added that having known and worked with McKay for so long has helped ease the role changes.

As important as the working relationship between the two is going to be, McKay brings an executive pedigree that includes stints as co-CEO at Veeam and general manager of Americas at VMware, where he managed an operation with $4 billion in annual revenue.

McKay says that he and Podjarny have had many conversations about how they will handle their new roles moving forward. “Guy and I have spent a great deal of time talking through a lot of [issues] before we ever said that we were going to move forward with this …

Read More
The Commerce Department will accept applications from companies that want to supply Huawei, but it remains blacklisted

No technical reason to exclude Huawei as 5G supplier, says UK committee

July 15, 2019

A UK parliamentary committee has concluded there are no technical grounds for excluding Chinese network kit vendor Huawei from the country’s 5G networks.

In a letter from the chair of the Science & Technology Committee to the UK’s digital minister Jeremy Wright, the committee says: “We have found no evidence from our work to suggest that the complete exclusion of Huawei from the UK’s telecommunications networks would, from a technical point of view, constitute a proportionate response to the potential security threat posed by foreign suppliers.”

Though the committee does go on to recommend the government mandate the exclusion of Huawei from the core of 5G networks, noting that UK mobile network operators have “mostly” done so already — but on a voluntary basis.

If it places a formal requirement on operators not to use Huawei for core supply the committee urges the government to provide “clear criteria” for the exclusion so that it could be applied to other suppliers in future.

Reached for a response to the recommendations, a government spokesperson told us: “The security and resilience of the UK’s telecoms networks is of paramount importance. We have robust procedures in place to manage risks to national security and are committed to the highest possible security standards.”

The spokesperson for the Department for Digital, Media, Culture and Sport added: “The Telecoms Supply Chain Review will be announced in due course. We have been clear throughout the process that all network operators will need to comply with the Government’s decision.”

In recent years the US administration has been putting pressure on allies around the world to entirely exclude Huawei from 5G networks — claiming the Chinese company poses a national security risk.

Australia announced it was banning Huawei and another Chinese vendor ZTE from providing kit for its 5G networks …

Read More

First 5 Steps to Secure Your New Website

July 14, 2019


But, you should never roll out a personal or business website without properly securing it first. Not only is dealing with the fallout from being hacked a headache, as the owner of the website, you are responsible for the content on its pages as well as the mechanisms that people will use to interact with it.

If you plan to store user information, such as passwords or phone numbers, then it is critical that you safeguard that data appropriately. How critical? You could be subject to data breach fines under certain legislation.

Here are the five most important steps that you need to take to secure your new website.7/14/2019 10:00 am

1. Choose a reliable host.

In the early days of the World Wide Web, individuals and companies would obtain and maintain their own servers in a localized data center or office. The cloud computing movement radically shifted that model and the majority of websites are now hosted through a third-party provider.

Cloud computing reduces overhead costs and responsibilities for website owners, but it brings some security concerns along with it. Essentially, you have to trust an outside organization with the data on your website as well as with its overall stability and reliability.

If you choose the wrong cloud hosting provider, it could leave your website exposed to an array of different vulnerabilities. The provider could suffer a data breach or its entire data center could go down, in which case your website might lose critical information.

Not to scare you off of cloud computing, but it’s not risk-free.

2. Obtain an SSL certificate.

If you plan to transmit any sensitive user data on your web servers, then a secure sockets layers (SSL) certificate is a necessity. SSL is an encryption protocol that occurs at the browser level and …

Read More
TrickBot malware learns how to spam, ensnares 250M email addresses

TrickBot malware learns how to spam, ensnares 250M email addresses

July 12, 2019

Old bot, new tricks.

TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts.

The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers in an effort to grab passwords and credentials — eventually with an eye on stealing money. It’s highly adaptable and modular, allowing its creators to add new components. In the past few months it was adapted for tax season to try to steal tax documents for making fraudulent returns. More recently the malware gained cookie-stealing capabilities, allowing attackers to log in as their victims without needing their passwords.

With these new spamming capabilities, the malware — which researchers are calling “TrickBooster” — sends malicious emails from a victim’s account, then removes the sent messages from both the outbox and the sent items folders to avoid detection.

Researchers at cybersecurity firm Deep Instinct, who found the servers running the malware spamming campaign, say they have evidence that the malware has collected more than 250 million email addresses to date. Aside from the massive amounts of Gmail, Yahoo and Hotmail accounts, the researchers say several U.S. government departments and other foreign governments — like the U.K. and Canada — had emails and credentials collected by the malware.

“Based on the organizations affected it makes a lot of sense to get as widely spread as possible and harvest as many emails as possible,” Guy Caspi, chief executive of Deep Instinct, told TechCrunch. “If I were to land on an end point in the U.S. State Department, I would try to spread as much as I can and collect any address or credential possible.”

If a victim’s computer is …

Read More
T-Mobile quietly reported a sharp rise in police demands for cell tower data

T-Mobile quietly reported a sharp rise in police demands for cell tower data

July 12, 2019

T-Mobile has reported a small decline in the number of government data requests it receives, according to its latest transparency report, quietly published this week.

The third-largest cell giant in the U.S. reported 459,989 requests during 2018, down by a little over 1% on the year earlier. That includes an overall drop in subpoenas, court orders and pen registers and trap and trace devices used to record the incoming and outgoing callers; however, the number of search warrants issued went up by 27% and wiretaps increased by almost 3%.

The company rejected 85,201 requests, an increase of 7% on the year prior.

But the number of requests for historical call detail records and cell site information, which can be used to infer a subscriber’s location, has risen significantly.

For 2018, the company received 70,224 demands for historical call data, up by more than 9% on the year earlier.

Historical cell site location data allows law enforcement to understand which cell towers carried a call, text message or data, and therefore a subscriber’s historical real-time location at any given particular time. Last year the U.S. Supreme Court ruled that this data was protected and required a warrant before a company is forced to turn it over. The so-called “Carpenter” decision was expected to result in a fall in the number of requests made because the bar to obtaining the records is far higher.

T-Mobile did not immediately respond to a request asking what caused the increase.

Call records requests by police. (2017 above, 2018 below). Source: T-Mobile.

The cell giant also reported that the number of tower dumps went up from 4,855 requests in 2017 to 6,184 requests in 2018, an increase of 27%.

Tower dumps are particularly controversial because these include information for all subscribers whose calls, messages …

Read More
FEC says political campaigns can now get discounted cybersecurity help

FEC says political campaigns can now get discounted cybersecurity help

July 12, 2019

In a long-awaited decision, the Federal Elections Commission will now allow political campaigns to appoint cybersecurity helpers to protect political campaigns from cyberthreats and malicious attackers.

The FEC, which regulates political campaigns and contributions, was initially poised to block the effort under existing rules that disallow campaigns to receive discounted services for federal candidates because it’s treated as an “in kind donation.”

For now the ruling allows just one firm, Area 1 Security, which brought the case to the FEC, to assist federal campaigns to fight disinformation campaigns and hacking efforts, both of which were prevalent during the 2016 presidential election.

Campaigns had fought in favor of the proposal, fearing a re-run of 2016 in the upcoming presidential and lawmaker elections in 2020.

FBI director Christopher Wray said last April that the recent disinformation efforts were “a dress rehearsal for the big show in 2020.”

In an opinion published Thursday, the FEC said the rules would be relaxed because Area 1 “would offer these services in the ordinary course of business and on the same terms and conditions as offered to similarly situated non-political clients.” In other words, political campaigns are not given a special deal but are offered the same price as others on its lowest tier of service.

Several other companies, like Facebook and Google-owned Jigsaw, have already offered free services to campaigns to fight disinformation and foreign hacking efforts.

However, many political campaigns still are not taking basic security precautions, researchers found.

A spokesperson for Area 1 did not return a request for comment.

Source link

Read More
Advertise with my Blog