Tag Archive for: Guest

MSNBC Guest Suggests Trump Might ‘Turn Off the Internet’ for Political Purposes if Re-Elected

/in


A former Trump administration official is claiming his old boss might seek to use wartime powers for political purposes.

On Thursday, former national security official Miles Taylor claimed there is “a lot” former President Donald Trump can do “bubble-wrapped in legalese that would be damaging to the republic.”

Taylor went on to reference a so-called “Doomsday Book” in the White House that outlines the powers a president has in the event of a foreign invasion.

He argued, “[Trump] could invoke powers we’ve never heard a President of the United States invoke, potentially to shut down companies or turn off the internet or deploy the U.S. military on U.S. soil.”

Watch the video below:

Trending:

New York Times Blasted for Leaving Out Key Word of Hunter Biden’s Statement

Several people on X, formerly Twitter, focused on Miles’ mention of Trump potentially shutting down the internet to roast his comments.

The Federalist’s Emily Jashinsky wrote, “But [Trump] loves the internet.”

“of all the things to say here based on what trump says and has done, you go with trump may ‘turn off the internet?’” asked one user.

Conservative writer John Hasson posted, “Trump built an entire social media platform because he couldn’t live without Twitter But sure, he’s going to turn off the internet.”

Taylor later reacted to the clip of his comments, writing, “I’d love for the internet to be turned off for a bit … just not by a demented, Putin-loving hack wielding emergency…

Source…

Guest Perspective: Geofences can let businesses build a digital moat around sensitive data

/in


Carl Mazzanti

E-commerce is a wonderful development: utilizing the power of the web for commercial transactions has meant that even the smallest business can easily connect with existing and potential customers across the world. But the very ability to wipe out border barriers and turbocharge sales has also exposed enterprises to new, potentially deadly threats.

Consider the case of an East Coast municipality that — like many others have done — opened its website to international traffic and allowed anyone to log in, regardless of location. In theory, this open e-door policy would help the municipality get the message out to a global audience about its desirability as a live, work and play destination.

The move did indeed attract visitors, but some were state-sponsored hackers who tried to seize control of the municipality’s bank accounts. Fortunately, quick-thinking local officials contacted the FBI, Homeland Security, and other agencies and quashed the ransomware attempt.

In the wake of the attack, the municipality sent out a Request for Proposal (RFP), seeking help to secure their systems and sensitive data. eMazzanti Technologies answered the RFP and won the contract. After scrubbing their systems and ensuring that the hijacking viruses were completely erased, our professionals input a series of cyber defenses. We recommended a custom-designed suite of antivirus programs, password enhancements, and other security measures — and, most importantly, advised the municipality to set up a geofence.

Securing the Perimeter

A geofence is a firewall-based feature that lets an organization control entry into its digital domain. It starts by determining the physical location or origination point of incoming traffic or network requests by automatically reviewing the visitor’s IP address and comparing that to a digital list of prohibited places. If the entity is trying to enter from a forbidden spot, it will be blocked from the system.

Geofences, along with other digital security systems, are increasingly important as more state-sponsored hackers target U.S.-based entities. In 2021, the FBI announced it had logged more than 791,790 reports of suspected internet

Source…

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

/in


APIs have become a security nightmare for SMBs and enterprises alike.

Hackers don’t discriminate based on the number of employees or the size of the IT budget. The same types of security risks impact businesses, whatever their size.

Related: Using employees as human sensors

Day in and day out, small-to-medium businesses are targeted by cyberattacks. They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. A primary culprit of these attacks is the lack of understanding of application programming interfaces, or APIs.

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.”

These types of attacks can allow hackers to steal massive amounts of sensitive data, disrupt operations, and even take down websites. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning. The sheer number of options has a direct impact on the budget.

The fact that there are so many different APIs is the main challenge for enterprises when it comes to API security. Storing authentication credentials for the API is a significant issue. This can be compounded by certain enterprises using the Internet of Things (IoT) that don’t have good security.

Sitbon

Companies are realizing that they have to keep putting out fires on personal devices, leaving them vulnerable to attacks. The other issue with APIs is that once one is compromised, it’s likely that all of your accounts are affected because whoever does gain access will just use your username and password to log in to other sites, apps, etc.

The threat that API security breaches pose to enterprises should not be taken lightly. A breach should always trigger a comprehensive crisis communication plan involving the board, C-suite, and other stakeholders. This communication plan should specify how governing bodies will stay informed should there be a data breach…

Source…

GUEST ESSAY: Here’s why castle-wall defenses utterly fail at stopping deceptive adversaries

/in


When it comes to cyber attacks, most businesses think: “It could never happen to us,” but some plots are just hitting a little too close to home.

Related: T-Mobile breach reflects rising mobile device attacks

DevOps Experience

For instance, if you’ve ever played Grand Theft Auto, you know the goal is quite simply mass destruction: Use whatever resources you have at your disposal to cause as much damage as you possibly can and just keep going.

Not familiar with Grand Theft Auto? Let’s try Super Mario Bros. then. As Mario makes his way through eight increasingly difficult worlds, each of them is protected by a castle. As Mario reaches the end of each castle, he can defeat Bowser.

This is not unlike the mindset of modern cyber attackers – they’re wreaking havoc and becoming pros at finding ways to get away with it.Living-off-the-land (LotL) attacks are providing a way for adversaries to stay under cover. Attackers use tools and features that are already available in the systems they’re targeting so they look like legitimate users — until they steal your crown jewels.

But you can fight back. There are several methods of active defense that companies can utilize to safeguard their networks, and it’s time for CISOs to start picking. To date, the main goal in mind has been to prevent attackers from breaching your defenses and making their way into the castle, but the reality is this approach is flawed.

Israeli

Attackers will get in, it’s only a matter of time. Traditional network security solutions, such as firewalls, are not effective at detecting and stopping lateral attack movement – and that’s where the real damage is done. Many forms of access control and endpoint protection, such as EDR, are nothing more than a checkpoint that provides unfettered access once defeated – like Mario raising a flag after beating a level.

To take the analogy further, only after defeating Bowser does Mario learn that it wasn’t the real Bowser after all and that “our princess is in another castle.” Rather than just keeping Mario out of the castle entirely – i.e. deploying traditional perimeter defenses – in this scenario, Bowser deployed an advanced threat protection by sending…

Source…