Tag Archive for: Combat

UK unis implement new IP traffic policies to combat ransomware

/in


Jisc, the non-profit that supports the UK higher education and research community with shared digital infrastructure and services such as the Janet network, has announced that it will start blocking traffic originating from outside the UK from accessing the Remote Desktop Protocol (RDP) remote-access feature from 28 March 2023, to better protect its users from ransomware attacks.

The move follows a 2021 consultation with its users, and reflects the fact that 50% of major ransomware incidents experienced by UK higher education institutions in the past two years began when attackers exploited the RDP feature.

Going forward, said Jisc, inbound traffic to port 3389 – the default port used for RDP – that originates from outside the UK will be blocked, and only inbound traffic from UK IP addresses will be allowed to proceed. Currently, this blocking is possible via Jisc as an opt-in measure, but it will now be by default.

“The use of ransomware against our sector, and globally, has ramped up over the past couple of years, and some attacks against colleges and universities have been devastating,” said John Chapman, director of information security policy and governance at Jisc.

“Organisations can still opt out of restrictions to specific IP addresses if they wish to, but they must accept the greater risk of a serious cyber security incident. Controlling access to a known attack vector will help protect the sector as a whole against this type of attack.”

Originally developed by Microsoft, RDP is a supposedly-secure network communications protocol that is intended to help IT admins diagnose problems remotely, and let users access their physical work desktops from other devices.

This is done by deploying RDP client software to connect to the system or server running RDP server software, and open a socket on the desired system to accept authenticated inbound traffic through port 3389. The user can then access all their applications and files just as if they were physically present in the workplace.

Legitimate use of RDP soared in 2020 during the Covid-19 pandemic, as millions of people were forced to work from home by lockdown restrictions, a policy that for many…

Source…

How to combat voice security issues in collaboration platforms

/in


Internet-based telephony lets employees communicate with anyone at anytime, anywhere. While these modern voice services make workplaces more efficient and flexible, they also open a potential minefield of voice security issues. In this tip, we’ll explore several potential voice threats generated by modern enterprise collaboration platforms and discuss methods to address them.

Voice security challenges in modern collaboration platforms

Ironically, many of today’s voice threats stem from the technologies that make enterprise collaboration voice accessible from everywhere. While these collaboration systems are no doubt convenient, they create risks that were not plausible on traditional closed systems:

1. Compromised BYOD. Desktop and smartphone apps are now the de facto method of making and receiving internal and external business calls. In many cases, employees and contractors can use their personal laptops, phones and tablets to connect to business collaboration platforms. What keeps many cybersecurity professionals up at night is the potential that a hacker could access the corporate network through a voice collaboration app loaded on an unsecure personal device. Because organizations don’t own these devices, they can’t adequately manage BYOD OS and application updates.

2. SaaS platform compromises. SaaS voice applications can hamstring the ability of companies to oversee call manager platforms. Having a third party handle the responsibility of building, maintaining and securing voice and collaboration services is both a blessing and a curse. On one hand, outsourcing these operations frees up the organization from managing servers, network operating systems and voice/collaboration services. On the other, it requires companies to place a tremendous trust in that service provider to properly manage and secure the service.

Additionally, large collaboration providers are a much bigger and potentially more lucrative target for bad actors. Thus, these providers are likely to be threatened with zero day vulnerabilities, DDoS attacks, malware and social engineering attempts. And because these companies serve a multitude of customers, a successful attack on a single provider has the…

Source…

Resistant AI and ComplyAdvantage Launch AI Transaction Monitoring Solution To Combat Fraud and Money Laundering

/in


Holvi, the digital banking service for small businesses, is among the initial group of customers to implement the AI-driven solution to manage their financial crime risk

LONDON, Oct. 11, 2022 /PRNewswire/ — Resistant AI, the AI and machine learning financial crime prevention specialists, and ComplyAdvantage, the financial industry’s leading source of AI-driven financial crime risk data and detection technology, today announced the general availability of their solution for fighting financial crime across the U.S. and Europe.

New Research: AI for Financial Crime Risk Detection
New Research: AI for Financial Crime Risk Detection

Financial crime is a multi-trillion-dollar problem. According to the United Nations, the estimated amount of money laundered globally in one year is 2 – 5% of global GDP, or 800 billion – 2 trillion US dollars. While the cost of fraud and money laundering to financial organizations and other businesses is significant, the cost and damage to economies and society as a whole is immeasurable.

Adding Resistant AI’s capabilities to ComplyAdvantage’s transaction risk monitoring platform extends anti-money laundering (AML) and anti-fraud protections offered to financial institutions and other businesses by:

  • Enabling them to detect previously unknown patterns of behavior and identify new risks faster.
  • Delivering alert prioritization so organizations can focus on the highest risk areas and make the best use of their investigative resources.

With these capabilities, organizations can transition to a more dynamic approach to financial crime that uncovers novel behavior as it happens.

“Effectiveness and efficacy are key to scaling,” comments Valentina Butera, Head of AML and AFC Operations at Holvi. “Integrating an AI-driven transaction monitoring solution means we can grow our customer base without growing our headcount at the same rate. With Resistant AI and ComplyAdvantage, we can manage our known risks more efficiently while also identifying and adapting to previously unknown risks.”

Martin Rehak, founder and CEO at Resistant AI, commented, “We are delighted that our joint solution is now available to drive game-changing efficiency gains. Alert prioritization, the ability to make systems more…

Source…

Mercury’s new electronic warfare combat training pod begins

/in


mP_0074

ANDOVER, Mass., July 14, 2022 (GLOBE NEWSWIRE) — Mercury Systems, Inc. (NASDAQ: MRCY, www.mrcy.com), a leader in trusted, secure mission-critical processing technologies for aerospace and defense, today announced that its new mPOD, a rapidly reprogrammable electronic attack (EA) training system designed to train pilots using realistic, near-peer jamming capabilities, is currently undergoing final flight testing.

Why It Matters:
To sharpen their combat skills, pilots need to train in mock air-to-air combat with other pilots operating as adversaries. Using mPOD, “adversary” pilots can emulate enemy jamming techniques accurately, conditioning aircrews to evolving threat scenarios and better preparing them for real combat.

“Alternative electronic attack training solutions are difficult to obtain and update,” said Mark Bruington, vice president, Mercury Mission Systems. “Our innovative mPOD is a commercial solution that can be programmed quickly and will help the U.S. and our allies’ military pilots develop tactics to maintain a strategic advantage over adversaries. It will also increase pilot and aircraft survivability and save millions of dollars in training costs through integrated threat presentations.”

Built with proven technology for electronic warfare training, test and evaluation

  • Simultaneously emulate multiple National Air and Space Intelligence Center (NASIC)-validated threats with proven Filthy Buzzard digital RF memory (DRFM) technology developed and validated over 35 years in partnership with the U.S Air Force and Navy
  • Quickly reprogram missions and threats for different aircraft and radar systems in minutes via an intuitive software interface
  • Speed integration with the aircraft display and control panel using the user interface or an integrated cockpit control panel
  • Attach the mPOD to any aircraft weapon’s pylon or integrate it within the aircraft to reduce drag and maintain aircraft performance
  • Decrease overall sustainment cost through a scalable and modular design with six swappable, high MTBF hardware components including a wideband Meggitt antenna

Mercury envisions, creates, and delivers innovative technology solutions purpose-built to meet their…

Source…