Tag Archive for: Approach

HackersEra are taking over challenges of automotive security with their revolutionary approach

/in


HackersEra is India’s first-ever vehicle pentest company that understands the need for security of vehicles and has been successful in providing comprehensive solutions and planning out strategies to protect the various assets of an organization, shares Vikash Chaudhary, the CEO of HackersEra. Being the experts in Penetration Testing, HackersEra has now taken over the challenges of Automotive Security.

The Age of Automobile Hacking: A Closer Look to Automotive Security!

Automotive security discusses the branch of computer security that is fixated on the cyber threats associated with the automotive background. The gradually increasing number of ECUs in automobiles and, along with that, the application of several diverse means of communication from and to the vehicle in remote and wireless means led to the requirement of a branch of cybersecurity devoted to the coercions related to the vehicles.

Vehicles are nowadays also linked with devices with Bluetooth, incorporated cellular communication and Wi-Fi for a far-flung start, locate my car, and various other applications. Automobile to set-up, automobile to automobile, automobile to cloud, and automobile to everything technology also make cars exposed to hackers.

It is a moderately new notion for the Indian markets. Nevertheless, it is not going to go anywhere, Automakers are getting themselves ready for automotive security. The notice of Tesla entering the Indian market has the people thrilled and also curious regarding automotive security in a lot of ways. Although there are not a lot of professionals in this field, there is one Indian firm that has come out to be an innovator in Automotive Security, which is HackersEra.

Vehicle Pentesting: The Need for Tomorrow!

In a world that constantly moves around the internet, there is probably not a single thing that you cannot do with the snap of a finger via the internet. In such times, the necessity to empower vehicle-to-internet communication and other remote availability has suggestively enlarged the outbreak surface of an up-to-date car.

While vehicle pentesting is still something that the automakers are trying to attain to accomplish Automotive Security, pentesting…

Source…

Security flaws in Microsoft email software raise questions over Australia’s cybersecurity approach

/in


Credit: Dreamstime

On March 2, 2021, Microsoft published information about four critical vulnerabilities in its widely used Exchange email server software that are being actively exploited. It also released security updates for all versions of Exchange back to 2010.

Microsoft has told cybersecurity expert Brian Krebs it was notified of the vulnerabilities in “early January”. The Australian Cyber Security Centre has also issued a notice on the vulnerabilities.

The situation has been widely reported in the general media as well as specialist cybersecurity sites, but often inaccurately. But the situation also highlights a contradiction in government cybersecurity policy.

When governments find flaws in widely used software, they may not publish the details in order to build up their own offensive cybersecurity capabilities, i.e. the ability to target computers and networks for spying, manipulation and disruption. Operations like this often rely on exploiting vulnerabilities in commercial software — thus leaving their own citizens vulnerable to attack as a consequence.

What happened?

Source…

NSA, Microsoft promote a Zero Trust approach to cybersecurity

/in


The National Security Agency (NSA) and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today’s increasingly sophisticated threats.

The concept has been around for a while and centers on the assumption that an intruder may already be on the network, so local devices and connections should never be trusted implicitly and verification is always necessary.

Cybersecurity companies have pushed the zero-trust network model for years, as a transition from the traditional security design that considered only external threats.

The model was created in 2010 by John Kindervag, who also coined the term “zero trust,” principal analyst at Forrester Research at the time but talks about it had started in early 2000s. Google implemented zero-trust security concepts following Operation Aurora in 2009 for an internal project that became BeyondCorp.

Zero Trust defense for critical networks

The recent SolarWinds supply-chain attack, also attributed to a nation-state actor, renewed the discussion on the benefits of the zero trust security architecture for sensitive networks.

Microsoft President Brad Smith advocated for the zero-trust model in his U.S. Senate testimony regarding the SolarWinds cyberattack, saying that this concept is the best approach for an organization or agency to ensure the security of identity in their networks.

Talking about the security of U.S. government networks targeted by the attack, Smith said:

“Basic cyber hygiene and security best practices were not in place with the regularity and discipline we would expect of federal customers with the agencies’ security profiles. In most cases, multi-factor authentication, least privileged access, and the other requirements to establish a “zero trust” environment were not in place. Our experience and data strongly suggest that had these steps been in place, the attacker would have had only limited success in compromising valuable data even after gaining access to agency environments” – Brad Smith, Microsoft President

Now, both the NSA and Microsoft are recommending the zero-trust security model for critical networks (National Security Systems,…

Source…

Veterans charity CEO calls for reset on approach to funding

/in


Veterans charity CEO calls for reset on approach to funding

Sir Keir later made the point that money was “being sprayed at companies that don’t deliver” | Credit: PA Images

‘Make online contributions to charities that are struggling’ was the Prime Minister’s plea to MPs in a recent exchange about Government support for veterans organisations. As the Government pledges another £254m to tackle rough sleeping, now more than ever, it is important to target spending wisely.

In a recent Armistice Day exchange about government spending, Labour leader Keir Starmer invited the Prime Minister and fellow MPs to praise the ‘remarkable work’ of veterans’ charities – singling out two of the nation’s largest and most well-known for mention.

Sir Keir pointed out that they had seen a significant drop in funding since the start of the pandemic – to the point where they were having to make ‘difficult decisions’ about redundancies and keeping facilities open.

Of course this is also true of the wider charity sector, to which my points are equally relevant.

The exchange provoked a rightfully enthusiastic and positive response, but it was a general one; predicated, I suspect, on an assumption that veterans’ charities were homogenous and equally engaged in providing practical and immediate support for struggling veterans.

This clearly isn’t the case and I want to push for greater thought about this area prior to any allocation of new funding. 

Government support for charities in the present climate must be needs driven. This is a time of crisis, in which financing of non-essential services seems very  inappropriate.

The Joseph Rowntree Foundation predicts that 2.5m households are worried about paying rent over winter, with 700,000 already in arrears and 350,000 at risk of eviction. This will only be compounded by a rise in unemployment, predicted to be the sharpest for half a century. Naturally, some of those affected will be ex-servicemen and women.

Let’s get much smarter about how Government money is used to address social exclusion. 

To date Veterans Aid has provided 275 days of uninterrupted service…

Source…