Tag Archive for: establishes

CISA Establishes Ransomware Vulnerability Warning Pilot Program

/in


Recognizing the persistent threat posed by ransomware attacks to organizations of all sizes, the Cybersecurity and Infrastructure Security Agency (CISA) announces today the establishment of the Ransomware Vulnerability Warning Pilot (RVWP) as authorized by the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022. Through the RVWP, CISA will determine vulnerabilities commonly associated with known ransomware exploitation and warn critical infrastructure entities with those vulnerabilities, enabling mitigation before a ransomware incident occurs.

The RVWP will identify organizations with internet-accessible vulnerabilities commonly associated with known ransomware actors by using existing services, data sources, technologies, and authorities, including our free Cyber Hygiene Vulnerability Scanning service. Organizations interested in enrolling can email [email protected].

CISA recently initiated the RVWP by notifying 93 organizations identified as running instances of Microsoft Exchange Service with a vulnerability called “ProxyNotShell,” which has been widely exploited by ransomware actors. This initial round of notifications demonstrated the effectiveness of this model in enabling timely risk reduction as we further scale the RVWP to additional vulnerabilities and organizations.

“Ransomware attacks continue to cause untenable levels of harm to organizations across the country, including target rich, resource poor entities like many school districts and hospitals” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations. We encourage every organization to urgently mitigate vulnerabilities identified by this program and adopt strong security measures consistent with the U.S. government’s guidance on StopRansomware.gov.”

The RVWP will be coordinated by and aligned with the Joint Ransomware Task Force (JRTF), an inter-agency body established by CIRCIA and co-led by CISA and the FBI.

For more information on RVWP and other available…

Source…

TECNO establishes Security Response Center to improve the security ecosystem

/in


TECNO Mobile recently established official security response center (SRC), a platform for cooperation and exchanges between TECNO and security industry experts, researchers and organizations. This remarks a strategic move that reiterates TECNO’s consistent commitment on security and help upgrade TECNO’s security ecosystem to a higher level.

TECNO SRC has launched a bug bounty program to encourage external security researchers to submit vulnerabilities detected to the security team, and reporters are entitled to get an up to $7,000 reward based on the evaluation of the impact of vulnerabilities. More than 45 models under TECNO Mobile’s four smartphone lines -PHANTOM, CAMON, SPARK and POVA are listed for the bug bounty program.

Stephen Ha, general manager of TECNO said: “ At TECNO, our first priority is offering the most secure mobile experience to our users. SRC is of strategic significance for TECNO to create a comprehensive upgrade of TECNO’s security ecology. Through SRC, we have gone one solid step further on mobile security protection for our users in over 70 global emerging markets.” 

John Peng, head of security department said: “We understand that under current social circumstance, users’ privacy and information security are vital. TECNO has been continuously executing diversified plans in terms of enhancing our product security. By cooperating with international security professionals through the establishment of SRC, we are sure that we  can provide users more secure mobile using experience.”

Starting from coding, application and firmware, the security department carries out security management and audits at each stage of product design, development, testing and release. This is to ensure that all software installed on each device can pass a series of rigorous security checks, including the tests of TECNO security scanning platform, Google Play Protect, GMS BTS and VirusTotal. In addition, TECNO has been regularly sending 90-day security patch updates to users to ensure product safety and protect user equipment from malicious software.

Moving forward, TECNO plans to reach cooperation with the international vulnerability public testing platform…

Source…

Connecticut Expands Data Breach Notification Requirements And Establishes A Cybersecurity “Safe Harbor” – Technology

/in



United States:

Connecticut Expands Data Breach Notification Requirements And Establishes A Cybersecurity “Safe Harbor”


To print this article, all you need is to be registered or login on Mondaq.com.

On June 16 and July 6, 2021, Connecticut Governor Ned Lamont
signed two new cybersecurity laws that continue the national trend
of expanding cyber incident disclosure obligations, shortening
notification timelines, and incentivizing the implementation of
recognized cybersecurity standards. Both laws take effect on
October 1, 2021.

“An Act Concerning Data Privacy Breaches” Amends
Connecticut’s Existing Data Breach Law

The amended data breach law includes three key changes:

  • The time businesses have to notify affected Connecticut
    residents and the Office of the Attorney General of a data breach
    has been shortened from 90 days to no later than 60 days after
    discovery of the breach;


  • If notice cannot be effected within the new 60-day window, a
    novel and significant amendment requires companies to provide
    preliminary substitute notice to individuals, and follow up with
    direct notice as soon as possible; and


  • The law significantly expands the definition of “personal
    information” that may trigger notification obligations to
    include an IRS identity protection personal identification number,
    certain medical information, biometric information, a user name or
    email address in combination with a password or security question
    and answer (regardless of whether or not the individual’s name
    is accessed in combination with it), and a number of other data
    elements commonly included in other states’ data breach notice
    laws.

“An Act Incentivizing the Adoption of Cybersecurity
Standards for Businesses” Establishes a Cybersecurity
“Safe Harbor” Statute

The new law will establish…

Source…

US establishes Cyber Unified Coordination Group to respond to SolarWinds compromise. Report on Chinese influence ops delayed.

/in


The US Government and a large number of private organizations continue to assess the extent of the SolarWinds incident. The scope and extent of the damage are known to be large, but just how large, and who specifically was affected, remains under investigation. An op-ed by former US Homeland Security Advisor Bossert probably has it right in saying that the breach is “hard to overestimate.”

A joint statement yesterday from the US FBI, CISA, and ODNI says that the Government has invoked Presidential Policy Directive (PPD) 41 to establish a Cyber Unified Coordination Group to coordinate a whole-of-Government response to the Russian cyber operation that exploited SolarWinds’ Orion platform.

According to KrebsOnSecurity, FireEye, Microsoft, and GoDaddy cooperated on a response to the SolarWinds compromise by establishing a killswitch to disable Sunburst backdoor instances still beaconing to their original domain. As FireEye said in widely quoted statement, “this actor moved quickly to establish additional persistent mechanisms to access to [sic] victim networks beyond the SUNBURST backdoor,” so the killswitch is far from representing a thorough remediation. BleepingComputer has a summary of what’s publicly available so far.

Bloomberg reports that the US Director of National Intelligence said yesterday that the Intelligence Community will not meet tomorrow’s deadline to report to Congress about Chinese influence operations in the 2020 election season. That there were attempts seems clear enough, but how extensive they were, and how much prominence they should be given, remains a matter of disagreement among the agencies in the Intelligence Community.

Source…