Iran indicts 14 for scientist’s killing


None of the suspects names or nationalities were revealed, although the Islamic Republic continues to blame Israel for the assassination of Dr. Mohsen Fakhrizadeh. 

By Erin Viner

Tehran’s Attorney-General Ali Salehi has announced that indictments have been issued “14 persons” involved in the that the Islamic Republic has attributed to Israel.

The individuals have been charged with “corruption on the earth,” “involvement in intelligence and espionage cooperation with the Zionist regime,” “collusion with the purpose of undermining the security of the country,” and “action against national security,” the Tehran Times cited the top prosecutor as saying.

Fakhrizadeh, who was considered the father of Iran’s nuclear program, served as Iran’s Deputy Defense Minister after having been a General in Iran’s Islamic Revolutionary Guards Corps (IRGC) and earned a Ph.D. in nuclear physics. He was killed in a multi-pronged terrorist attack on 27 November 2020  while driving with his wife to their country home just outside Tehran.

Secretary of Iran’s Supreme National Security Council Ali Shamkhani has publicly blamed on “terrorists from the Mujahedin-e Khalq Organization (MKO/MEK), Jerusalem and the Israeli Mossad intelligence agency. Other Ayatollah Regime officials have at various times accused Western intelligence operatives or Saudi Arabia with involvement in the attack.

The Islamic Republic has long threatened to avenge Fakhrizadeh’s killing.

In September 2021, the New York Times has published a report alleging that Israel assassinated the senior nuclear scientist with a state-of-the-art remotely controlled “killer robot.”

According to the article, Israel had held Fakhrizadeh in its sights for at least 14 years as part of its ongoing campaign to prevent Iran from obtaining nuclear weapons. The following year, the paper said that then-Israeli Prime Minister Ehud Olmert played a recording in Jerusalem for visiting-President George W. Bush of what 3 people who heard the tape said was Fakhrizadeh speaking “explicitly about his ongoing effort to develop a nuclear warhead.” While exposing a secret Iranian nuclear…

Source…

Extortion Economics: Ransomware’s New Business Model


Did you know that over 80% of ransomware attacks can be traced to common configuration errors in software and devices? This ease of access is one of many reasons why cybercriminals have become emboldened by the underground ransomware economy.

And yet, many threat actors are working within a limited pool of ransomware groups. Although ransomware is a headline-grabbing topic, it’s ultimately being driven forward by a relatively small and interconnected ecosystem of players. The specialization and consolidation of the cybercrime economy has fueled ransomware as a service (RaaS) to become a dominant business model — enabling a wider range of criminals to deploy ransomware regardless of their technical expertise. This, in turn, has forced all of us to become cybersecurity defenders.

When Microsoft is developing threat intelligence, we don’t just rely on open forum monitoring and ransomware claims to identify emerging cybercrime trends. We also observe end-to-end events as they occur. This has allowed us to identify patterns in cybercriminal activity and turn cybercrime into a preventable disruption to business. Once businesses can address the problems and network gaps that industrialized tools rely on to succeed, they can better strengthen their cybersecurity position. Here are some of our top tips.

Understanding how RaaS works

Before you can defend against ransomware, you must first know how it operates. Ransomware is not targeted. Instead, ransomware takes advantage of existing security compromises in order to gain access to internal networks. Cybercriminals have adopted a maximum-efficiency approach when it comes to ransomware. In the same way that businesses hire gig workers to cut down on costs, cybercriminals have turned to renting or selling their ransomware tools for a portion of the profits rather than performing the attacks themselves.

This flourishing RaaS economy allows cybercriminals to purchase access to ransomware payloads and data leakage as well as payment infrastructure. What we think of as ransomware “gangs” are in reality RaaS programs like Conti or REvil, used by the many different actors who switch between RaaS programs and…

Source…

Integrated Security for Telco Cloud Edge and Private 5G


Telcos and enterprises are realizing the need to move toward the edge and deploy edge cloud solutions to leverage the massive advances in transmission offered by 5G. Benefits such as speed, low-latency, capacity will drive major transformation for telcos and enterprises opening new revenue opportunities and business models.

Telcos and enterprises are exploring new use cases by deploying edge clouds and bringing content and applications closer to the users and billions of IoT devices to meet the low-latency requirements. The Ericsson 2022 mobility report forecasts that over 30 billion Internet of Things (IoT) connected devices will be connected by 2027.

The 5G core network functions could be deployed as a microservice in a private data center of the CSP and enterprise network or a public cloud, the shift to the edge and deploying telco cloud edge services and enterprise hybrid private 5G networks introduce new security threats that are associated with the 5G and edge deployment.

Even though there are security risks with 3G/4G, these risks are mainly associated with external attacks. However, with 5G/MEC/IoT architecture, this risk becomes larger and more serious. 5G core and edge sites can be attacked from the internal network in an “inside-to-outside” approach. Considering that 5G provides high-speed internet broadband, connecting a massive number of consumer and IoT devices, it can be considered as a new point of attack for the 5G cloud edge architecture.

Such massive transformation is forcing telcos and enterprises deploying cloud edge and private 5G services to re-think their security and network protection. There are many challenges in how telcos and enterprises deploy security solutions today as they cannot provide integrated 5G core and security solutions to adapt with cloud-edge use cases. For example, moving to the edge will require a low footprint, automation, scaling and simplified lifecycle management (LCM). Given the increase in the number of edge sites that may be deployed, it will be very complex to manually manage and scale different security solutions. The typical deployments of…

Source…

2022 FAIR Conference to Explore Scaling Risk Management Practices to Tackle Growing Cyber Threats



Get instant alerts when news breaks on your stocks. Claim your 1-week free trial to StreetInsider Premium here.


Hybrid in-person and virtual event on Sept. 27-28 in Washington, D.C., and online

Media Passes: To access FAIRCON22 event sessions in person or online, contact Luke Bader, director, membership and programs, FAIR Institute, [email protected]; or Eskenzi PR: Avery MacGregor, [email protected], 978.290.2970; or Cathy Morley Foster, [email protected], 925.708.7893.

RESTON, Va., Sept. 26, 2022 (GLOBE NEWSWIRE) —  What: As financial stakes in cybersecurity grow higher, FAIR Institute, the non-profit professional organization that advances measuring and managing risk, is doubling down to help businesses and organizations protect their most valuable assets with its 2022 FAIR Conference (FAIRCON22). The annual event, this year themed, “Scale: Risk Management to the Next Level,” will bring together thought leaders in cyber and operational risk management to discuss best FAIR™ (Factor Analysis of Information Risk) practices to develop increased value and alignment with business goals.

When: This premiere global risk management conference will be held in-person at the Mandarin Oriental Hotel, Washington, D.C., and virtually Tuesday, Sept. 27, and Wednesday, Sept. 28. Program line-up features dynamic keynote addresses, interactive C-suite panels, and expert case study sessions.

Who: Open to professionals in risk management and offers beginner and advanced session tracks.

  • Speakers: Jack Jones, chairman, FAIR Institute; Mark Tomallo, senior vice president, CISO, Victoria’s Secret; Mary Elizabeth Faulkner, CISO, Thrivent Financial; Jeff Norem, Deputy CISO, Freddie Mac; Matthew Tolbert, senior cybersecurity specialist, supervision and regulation, Federal Reserve Bank of Cleveland; and James Lam, public and private board director; National Association of Corporate Directors (NACD) certified director and D100 honoree; ERM consultant, author, and speaker; and Derek Johnson senior reporter, SC Media; among others.
  • In-person and Virtual: “This year, we are pleased to welcome attendees back in person and to virtual events for FAIRCON22. The conference focus is on ‘Scale,’ demonstrating how to…

Source…