Tag Archive for: aims

Biden admin’s bug fix mandate aims to prevent the next major cybersecurity attack

/in


The Biden administration is requiring civilian federal agencies to fix hundreds of cybersecurity flaws, as reported earlier by The Wall Street Journal. As the WSJ states, the BOD 22-01 directive from the Cybersecurity and Infrastructure Security Agency (CISA) covers around 200 known threats that cybersecurity experts discovered between 2017 and 2020, as well as 90 more flaws that were found in 2021. Federal agencies have six months to patch older threats and just two weeks to fix the ones that were discovered within the past year.

The WSJ report points out that federal agencies are usually left to their own devices when it comes to security, sometimes resulting in poor security management. The goal is to force federal agencies to fix all potential threats, whether they’re major or not, and establish a basic list for other private and public organizations to follow. While zero-day vulnerabilities that exploit previously unknown openings get major headlines, addressing “the subset of vulnerabilities that are causing harm now” can get ahead of many incidents.

Previously, a 2015 order gave federal agencies one month to fix threats deemed “critical risk.” This was changed in 2019 to include threats categorized as “high risk,” as pointed out by the WSJ. The new mandate distances itself from prioritizing specific threat levels and instead acknowledges that small holes can quickly cause larger problems if hackers can find a way to take advantage of them.

“The Directive lays out clear requirements for federal civilian agencies to take immediate action to improve their vulnerability management practices and dramatically reduce their exposure to cyber attacks,” says CISA director Jen Easterly. “While this Directive applies to federal civilian agencies, we know that organizations across the country, including critical infrastructure entities, are targeted using these same vulnerabilities. It is therefore critical that every organization adopt this Directive and prioritize mitigation of vulnerabilities listed in CISA’s public catalog.”

CISA’s newly released list of known vulnerabilities notably includes the…

Source…

China’s ByteDance aims for Hong Kong IPO despite tech crackdown

/in


ByteDance updates

ByteDance, the owner of short-video app TikTok, has revived a plan to go public despite a widening regulatory assault targeting Chinese technology companies, aiming for a Hong Kong listing by early next year.

The Chinese group, which raised about $5bn in December at a $180bn valuation, is planning to list in either the fourth quarter of this year or early 2022, said three people with knowledge of the company’s plans.

After postponing its overseas listing this year, ByteDance has spent the past few months addressing Chinese regulators’ data security concerns, one of the people said, including providing more detail to authorities on how it stores and manages consumer information.

“We are expecting final guidance from ByteDance in September. They are submitting all the filings with Chinese authorities right now and are going through the review process,” the person added. ByteDance declined to comment.

ByteDance, whose video app TikTok is incredibly popular in the west, shelved its plan to list overseas, most likely in the US, this year after Beijing widened a months-long crackdown on the country’s largest tech groups for alleged violations of data security and monopoly laws.

Chinese officials have vowed stricter oversight of overseas listings as part of the government’s focus on national security.

ByteDance’s decision to pause its initial public offering bought it more goodwill than Didi Chuxing, the Chinese ride-hailing app, which pressed ahead with a $4.4bn New York listing in June despite the country’s internet regulator raising concerns about its data security practices, one of the people added.

The Cybersecurity Administration of China announced an investigation into Didi almost immediately after its IPO, while its main app was ordered to be removed from Chinese app stores.

The regulator then released rules that require any company with more than 1m users to pass a data security review before being approved for an overseas listing to ensure that sensitive user information cannot be obtained by foreign regulators.

ByteDance was “in similar meetings as…

Source…

Infinite Group aims to fight ‘cyber warfare’ with Nodeware product as client incidents increase

/in


() () recently rebranded as IGI Cybersecurity, President and COO Andrew Hoyen tells Proactive the Pittsford, New York-based group is working to help its clients fight ‘cyber warfare.’

Hoyen says the group has seen incident response increase amongst its clients.

It leverages its product Nodeware to identify gaps in environments to identify vulnerabilities to be better prepared if something does happen.

Add related topics to MyProactive

Create your account: sign up and get ahead on news and events

NO INVESTMENT ADVICE

The Company is a publisher. You understand and agree that no content published on the Site constitutes a recommendation that any particular security, portfolio of securities, transaction, or investment strategy is…

In exchange for publishing services rendered by the Company on behalf of named herein, including the promotion by the Company of in any Content on the Site, the Company receives from said issuer annual cash…

FOR OUR FULL DISCLAIMER CLICK HERE

Source…

New Website Aims To Shine A Light On Where Ransomware Payments Go

/in


It’s estimated that total global ransomware payments approached $350 million last year, up more than 300% from 2019. To stem the rising tide of ransomware attacks, a new site wants to shed some much-needed light on where payments from victims are going.

Cleverly called Ransomwhere, the site is the creation of security researcher Jack Cable. Cable worked with the Cybersecurity and Infrastructure Security Agency (CISA) as security advisor for the 2020 elections. He’s also spent years hunting bug bounties and working as a red team hacker — acting as an adversary to help organizations discover and mitigate weaknesses in their cyber defenses.

In an interview with TechCrunch, Cable states that he was inspired to create Ransomwhere after reading a tweet from Red Canary Director of Intel Katie Nickels. Responding to a question about whether the infosec community could estimate total losses tied to the notorious TrickBot malware, Nickels noted that “No one knows the real impact.” She added that it’s therefor difficult to know whether specific victim actions — like paying or refusing to pay ransoms — makes a difference.

Cable chimed in, adding that it “would be awesome to have raw data or a dashboard tracking payments by strain.” Since no such thing existed he set about creating one… and Ransomwhere was born.

To date, Ransomwhere has tracked over $56 million in ransomwhere payments. So far, Netwalker dominates the leaderboard with more than 520 payments made. That includes several payments of hundreds of Bitcoin — the two biggest converting to $7.4 and $8.6 million at today’s exchange rate.

The largest single payment: 413 Bitcoin — or just shy of $14 million — sent to the operators of the RagnarLocker ransomware in July of 2020.

The data that powers Ransomwhere is crowdsourced, and all reports must include a screenshot of the ransom demand for verification purposes. Currently, Cable is verifying submissions personally.

All of the information that is entered into the Ransomwhere database is made freely available for other security professionals to download and analyze. No data about the victims is ever shared.

Not all…

Source…