Tag Archive for: defense

Industry launches hacking policy council, legal defense fund to support security research and disclosures

/in


Google and other companies will develop and stand up a pair of new initiatives that will provide policy guidance to governments and legal protection to security researchers engaged in “good faith” vulnerability research and disclosure, while the tech giant also said it would formalize an internal policy to be publicly transparent when bugs in Google products are exploited in the wild.

The moves include the establishment of an industry-led Hacking Policy Council, which would be designed to bring “like minded organizations and leaders who will engage in focused advocacy new policies and regulations support best practices for vulnerability management and disclosure and do not undermine our user’s security,” as well as a planned nonprofit that would fund legal costs for security researchers who are sued or prosecuted while conducting vulnerability research and disclosure, according to a blog published alongside the announcements Wednesday.

The council will include representatives from bug bounty firms HackerOne, BugCrowd, Intigriti and Luta Security, as well as Venable, a law firm that specializes in cybersecurity law and policy matters, and Intel.

“I think it’s very much a coalition of the willing,” said Charley Snyder, head of security policy at Google, when asked how the council chose its initial membership. “There was no real criteria [for membership]…this is a fairly specialized area of policy, and these companies are ones that are really invested in getting it right.”

Snyder and Tim Willis, head of Google’s Project Zero, which conducts research on zero-day vulnerabilities, mentioned a trio of information security standards from the International Organization for Standardization (ISOs 27001, 27002 and 30179) as examples of the kind of standards and best practices that will guide the council’s recommendations.

The formation of the council comes at a time when the United States and other nations are showing an increased willingness to regulate the cybersecurity choices of businesses and other entities to prevent cyberattacks from significantly disrupting or spreading through a particular sector, critical infrastructure and other essential services.

The use of…

Source…

Technion under ransomware attack | Israel Defense

/in


The Technion, Israel’s prestigious technology research university, located in Haifa, has fallen victim to a cyber attack. The institution confirmed the attack yesterday (Sunday) on Twitter.

“The scope and nature of the attack are under investigation,” said the Technion’s tweet. “In order to carry out the process of collecting and handling the information, we are utilizing the best experts in the field, both in and outside the Technion, and are coordinated with the authorized authorities.”

The Technion also announced that, as part of the investigation, it has proactively blocked all communication networks. As of yet, its website is offline.

The attack appears to have happened between Saturday night and Sunday morning. Israeli press reports that an unknown threat group called DarkBit is behind this attack, and has demanded a ransom of 80 bictoin – the equivalent of $1.7 million, or NIS 6.2 million.

“There could be several reasons for the motivation behind stealing data from the Technion. The first reason could be political. Countries like Iran, China and Russia, for example, could benefit greatly from this data,” said Alex Steinberg, Product Manager at ESET. “In addition, the attackers might have wanted to steal the data in order to sell it to the highest bidder.”

In their ransomware note, the attackers seem to be asking for a large sum of money – but this could also be a disguise for other purposes.

“The cyber attack against the Technion has showed us, once again, how vulnerable Israeli organizations are to hackers– whether the motivations are financial or ideological, against the State of Israel,” commented Eddie Aviad, Deputy Manager and Head of Financial Solutions at Aon Israel.

“This isn’t the first time an academic institution in Israel has experienced a significant attack. As organizations holding extensive sensitive data, academic institutions are an easy target – this is because, unlike most critical state infrastructure organizations and commercial organizations that enjoy large budgets, the IT security system of academia, in most cases, isn’t strong enough.

“We should soon be hearing the question of whether the Technion was…

Source…

2023 NFL conference title picks, odds: Bengals defense keeps Chiefs in check, Eagles exploit 49ers’ weaknesses

/in


Just four teams remain standing in the NFL playoffs, and on Sunday our matchup for Super Bowl LVII will be finalized. This postseason has been a profitable one for us over here as we’ve pegged the playoff bracket perfectly, picking each game on the money line exactly. Our 7-2-1 ATS mark in the postseason — which includes a 3-1 ATS record in the divisional round last week — isn’t too shabby either. 

Now that I’m done jinxing myself with that pat on the back, we’ll look to keep those good vibes rolling all the way to Arizona for the Super Bowl. First, let’s hammer out these picks for Championship Weekend where only one No. 1 seed survives. 

2022 record

Playoffs
ATS: 7-2-1
ML: 10-0-0

Regular season
Locks of the Week ATS: 41-45-4
ATS: 125-137-9
ML: 172-97-2

All NFL odds via Caesars Sportsbook

Featured Game | Philadelphia Eagles vs. San Francisco 49ers

The improbable Cinderella run by Brock Purdy and the 49ers has been one of the more enjoyable aspects of the 2022 season, but I see this story coming to a close on Sunday at Lincoln Financial Field. The Eagles are a tough draw for San Francisco because they are well-equipped to attack the 49ers’ few weaknesses. 

Philadelphia’s offense should be able to throw on this Niners secondary, particularly deep. Kyle Shanahan’s defense ranks in the bottom five in the NFL in completion percentage, touchdown-to-interception ratio, and passer rating against throws 25+ yards down the field. Meanwhile, that’s part of what Jalen Hurts does best. The Eagles quarterback has a passer rating of 125.0 on throws 25 or more yards downfield and has 10 touchdowns to just one interception on those throws. After a quiet divisional round, A.J. Brown should be the main beneficiary of Philly’s attempt to exploit that weakness, especially with seven of his 11…

Source…

Battle of the breach: Prioritizing proactive ransomware defense

/in


Editor’s note: The following is a guest article from Sebastian Goodwin, chief information security officer at Nutanix. 

Over the last decade, ransomware has become the de facto tactic of cybercriminals looking to make a quick buck.

And why not? Average ransomware payments are nearing the $1 million mark, and many criminal groups are now selling their tools and services on specialty ransomware as a service marketplaces.

With nearly every business already permanently connected to the internet, global ransomware damage is expected to reach an annual impact of $265 billion within this decade.

In practical terms, this means that we will soon face a reality where organizations are attacked every two seconds by threat actors that continue to evolve their tools and tactics. 

Doing business in such a world can seem overwhelming, but modern cybersecurity approaches are working to keep up with the growth of ransomware.

As a result, CISOs looking to apply advanced thinking to ransomware defense can integrate new processes and tactics as they formulate their cybersecurity strategies. 

What’s in a name? Ransomware types by description 

Today’s ransomware can come from many specialized groups and threat actors. To make things more complicated, some criminal groups even sell their tools through a ransomware as a service business model, letting anyone with a bank account or cryptocurrency wallet automate ransomware attacks via the dark web. 

Most common types of ransomware fall into six distinct categories: 

  • Crypto ransomware: After breaching individual workstations and systems, this type of ransomware finds and encrypts files, rendering them unusable. Victims are encouraged to pay a ransom or lose access to their data permanently, often by having it completely deleted off their system. 
  • Locker ransomware: While crypto-style ransomware blocks access to individual files, Locker-type ransomware affects whole machines, preventing a user from accessing any files or programs until a ransom is paid. In general, this type of ransomware affects computer systems, though some are specifically made to lock IoT and smart home…

Source…