Tag Archive for: Orders

White House orders federal agencies to raise cybersecurity bar for national security systems

/in


New guidance will bring standards into line with federal civilian networks

White House orders federal agencies to raise cybersecurity bar for national security systems

President Biden has granted the National Security Agency (NSA) new powers to bolster the cybersecurity of US federal government computer systems related to national security.

A memorandum issued by the White House yesterday (January 19) also sets out new obligations for federal agencies and timelines for meeting them.

As prescribed by an executive order signed by Biden in May 2021, the measures will, “at minimum”, ensure that national security, Department of Defense (DoJ), and intelligence community systems adhere to the more stringent cybersecurity measures already in place for federal civilian networks.

DON’T FORGET TO READ US government launches ‘Hack the DHS’ bug bounty program

Federal agencies have been instructed to identify their national security systems and report security incidents affecting them to the NSA, the DoJ’s intelligence agency.

Mark Warner, Democrat senator for Virginia and chairman of the Senate Select Committee on Intelligence, urged Congress to build on this measure by passing pending bipartisan legislation requiring critical infrastructure operators to report cyber-attacks within 72 hours.

The legislation was drafted in the wake of the SolarWinds and Colonial Pipeline hacks.

The directive also includes guidance on the use of multi-factor authentication (MFA), encryption, zero-trust architecture, and endpoint detection services.

Binding operational directives

The memo authorizes the NSA to issue ‘binding operational directives’ that oblige operators of national security systems “to take specific actions against known or suspected cybersecurity threats and vulnerabilities”, reads a fact sheet.

These powers are modeled on those already wielded by the Department of Homeland Security (DHS) in relation to civilian government networks, with one recent DHS directive ordering agencies to mitigate the far-reaching Log4j vulnerability.

The memorandum also requires that federal agencies inventory and bolster the security of ‘cross-domain solutions’, which transfer data between classified and unclassified systems.

Read more of the latest…

Source…

Court orders Apple to implement App Store changes, 2022 forecast, TikTok tries gaming – TechCrunch

/in


Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy.

The app industry continues to grow, with a record 218 billion downloads and $143 billion in global consumer spend in 2020. Consumers last year also spent 3.5 trillion minutes using apps on Android devices alone. And in the U.S., app usage surged ahead of the time spent watching live TV. Currently, the average American watches 3.7 hours of live TV per day, but now spends four hours per day on their mobile devices.

Apps aren’t just a way to pass idle hours — they’re also a big business. In 2019, mobile-first companies had a combined $544 billion valuation, 6.5x higher than those without a mobile focus. In 2020, investors poured $73 billion in capital into mobile companies — a figure that’s up 27% year-over-year.

This Week in Apps offers a way to keep up with this fast-moving industry in one place with the latest from the world of apps, including news, updates, startup fundings, mergers and acquisitions, and suggestions about new apps and games to try, too.

Do you want This Week in Apps in your inbox every Saturday? Sign up here: techcrunch.com/newsletters

Apple lost its request to delay App Store changes

Epic Games Inc. Fortnite App As Gamers Flock

Image Credits: Andrew Harrer / Bloomberg / Getty Images

A federal judge ruled this week that Apple can’t push back the deadline to update its App Store policies, as previously ordered in the court’s decision on California’s Epic Games v. Apple lawsuit. Though Apple largely won that case when the judge declared that Apple was not acting as a monopolist (as Epic Games had alleged), the court sided with the Fortnite maker on the matter of Apple’s anti-steering policies regarding restrictions on in-app purchases.

The original ruling stated that Apple would no longer be allowed to prohibit developers from pointing to other means of payment besides Apple’s own payment systems. But Apple wanted that decision put on hold until its appeals case was decided — a delay that would have effectively pushed back the App Store changes by a matter of years.

The judge heard Apple’s requests for a stay on the injunction…

Source…

Ofcom orders phone networks to block foreign scam calls – BBC News

/in



Ofcom orders phone networks to block foreign scam calls  BBC News

Source…

FTC bans spyware maker SpyFone, and orders it to notify hacked victims – TechCrunch

/in


The Federal Trade Commission has unanimously voted to ban the spyware maker SpyFone and its chief executive Scott Zuckerman from the surveillance industry, the first order of its kind, after the agency accused the company of harvesting mobile data on thousands of people and leaving it on the open internet.

The agency said SpyFone “secretly harvested and shared data on people’s physical movements, phone use and online activities through a hidden device hack,” allowing the spyware purchaser to “see the device’s live location and view the device user’s emails and video chats.”

SpyFone is one of many so-called “stalkerware” apps that are marketed under the guise of parental control but are often used by spouses to spy on their partners. The spyware works by being surreptitiously installed on someone’s phone, often without their permission, to steal their messages, photos, web browsing history and real-time location data. The FTC also charged that the spyware maker exposed victims to additional security risks because the spyware runs at the “root” level of the phone, which allows the spyware to access off-limits parts of the device’s operating system. A premium version of the app included a keylogger and “live screen viewing,” the FTC says.

But the FTC said that SpyFone’s “lack of basic security” exposed those victims’ data, because of an unsecured Amazon cloud storage server that was spilling the data its spyware was collecting from more than 2,000 victims’ phones. SpyFone said it partnered with a cybersecurity firm and law enforcement to investigate, but the FTC says it never did.

Practically, the ban means SpyFone and its CEO Zuckerman are banned from “offering, promoting, selling, or advertising any surveillance app, service, or business,” making it harder for the company to operate. But FTC Commissioner Rohit Chopra said in a separate statement that stalkerware makers should also face criminal sanctions under U.S. computer hacking and wiretap laws.

The FTC has also ordered the company to delete all the data it “illegally” collected, and, also for the first time, notify victims that the app had been secretly installed on their…

Source…