Tag Archive for: Platforms

New Threat Intelligence Feed for Third-Party Platforms

/in


What Is a Threat Intelligence Feed?

According to TechTarget’s WhatIs.com:

DevOps Connect:DevSecOps @ RSAC 2022

A threat intelligence feed (TI feed) is an ongoing stream of data related to potential or current threats to an organization’s security. TI feeds provide information on attacks, including zero-day attacks, malware, botnets and other security threats. TI feeds are vital components of security infrastructure, which help identify and prevent security breaches. Threat Intelligence  can be used to implement more granular security policies, as well as to identify potential characteristics or behaviors associated with that threat. Threat intelligence is gathered to help organizations understand emerging threats in the cybersecurity landscape, including zero-day threats, advanced persistent threats and exploits.  Threat actors may also include internal and partner threats, but the emphasis is on outside sources that might cause the most damage to a particular organization’s environment.

The new Threat Intelligence Feed is based on the Nozomi Networks Threat Intelligence subscription, which is solely for use in our own Guardian and Vantage products, but the new feed can be used in other security platforms. Threat Feed allows other platforms to leverage Nozomi Networks research and intelligence on recent and emerging threat indicators and how they are spreading. The feed delivers a single, unified source of data, including malicious IP addresses or URLs, new indicators of compromise (IOC) signatures, threat sources, malware hashes, and methods and tactics to gain system access, all of which can serve to accelerate incident response and enhance security operations.

The vision of Nozomi Networks, and what our customers continually ask for, is to do more with the data we observe and collect. This Threat Intelligence Feed gives customers new options for leveraging our data and intelligence for better analysis, security automation, policy enforcement or integration into other tools and dashboards. More flexibility means more security and more ways to apply Nozomi Networks intelligence.

Source…

Sen. Michael Bennet Proposes Commission To Oversee Digital Platforms Including Social Media – CBS Denver

/in


DENVER (CBS4) – In hopes of furthering the trust and security of the general public on the internet, Senator Michael Bennet has proposed legislation that would create a commission to oversee businesses operating on the internet. Bennet, the senior senator from Colorado, said the proposal comes as a way to assure some of the most powerful companies in the world are operating in the best interest of the American people.

(credit: CBS)

As of now, Bennet is the sole sponsor of the bill. He proposed creating a “Digital Platform Commission” which would operate and oversee companies using the internet much like how the Food and Drug Administration oversees the country’s guidelines when it comes to pharmaceuticals.

Bennet told CBS4’s Dillon Thomas the commission would help prioritize and balance free speech, national security and mental health.

“Our advisories are infiltrating social media platforms in the country,” Bennet, a member of the Senate Intelligence Committee, said.

(credit: CBS)

In an interview with CBS4, the senator said the commission would oversee regulations and guardrails for big tech companies, including but not limited to platforms like Facebook, YouTube, Google, Amazon, Twitter and TikTok. While social media companies are behind many of the concerns some Americans have, Bennet said the commission would have oversight of American internet regulations.

Section 230, a law that was created in the 1990s, is one of the most debated federal laws when it comes to the powers given to major websites. The law largely gives immunity to companies for content uploaded by third parties. While Bennet said he believes Section 230 should potentially be revised, he felt the commission was a separate step that could be taken to further protect American interests.

“We have had basically completely unregulated social media platforms. These companies aren’t startups anymore. They are some of the most important and dominant companies in America,” Bennet said.

Bennet hoped the development of a five-person commission, made up of technology experts from differing parties and backgrounds, would help the country take action toward regulating big tech instead of allowing other…

Source…

NCC uncovers cyber threats to Windows platforms, routers

/in


The Nigerian Communications Commission, in a press statement released on Thursday, said its Computer Security Incidents Response Team had discovered “two new separate cyber threats targeting Windows Platforms and a particular kind of routers respectively.”

The statement, signed by the NCC Director of Public Affairs, Dr Ikechukwu Adinde, noted that “the discoveries were made known in two separate advisories released by the cyber-space protection team earlier this week.”

The statement read: “The first cyber threat is a ransomware known as ‘Lokilocker’, which is capable of wiping data from all version of Windows systems or platforms. It causes data loss, and denial of service (DoS), which reduces user’s productivity.

“‘Lokilocker’ is a relatively new ransomware that has been discovered by security researchers and belonging to the ransomware family. Lokilocker operates by encrypting user files and renders the compromised system useless if the victim does not pay the demanded ransom in time.

“To hide the malicious activity, the ransomware displays a fake window update screen, cancel specific processes and services, and completely disables the task manager, windows error reporting, machine firewall and windows defender of the compromised system.

“Sadly, it also has in-built processes that prevent data recovery as it deletes backup files, shadow copies, and removes system restore points. It also overwrites the user login note and modifies original equipment manufacturer (OEM) information in the registry of the compromised system.”

Suggesting possible protection against LokiLocker, the statement quoted the NCC CSIRT as saying: “To protect against infections by LokiLocker and similar ransomware, the best rule is to always have a backup copy of your data, which should be stored offline.”

CSIRT further stated that “all downloads and email attachments should be opened with caution, even if they are from trusted sites or senders. Users should also ensure that attachments are scanned with an up-to-date antimalware solution, before opening.”

According to the statement, the “second cyber threat discovered by the NCC CSIRT is a Botnet that targets the…

Source…

CACI partners with Yubico to enhance trusted mobile platforms

/in


CACI announced that it has entered into a partnership with Yubico through a memorandum of understanding that establishes Yubico as the exclusive provider of multi-factor authentication (MFA) solutions in support of CACI’s trusted mobile platforms.

CACI Yubico

Yubico will provide YubiKey 5 FIPS Series products for enhanced security and authentication protocols for CACI’s software-defined key loading devices that enable more capable, secure, and resilient communications for U.S. government missions.

Yubico’s YubiKey 5 FIPS Series are multi-protocol security keys that eliminate account takeovers from phishing attacks with strong two-factor, multi-factor and passwordless authentication. These security keys support applications and services using a range of protocols such as OTP, FIDO U2F and FIDO2/WebAuthn and a Personal Identity Verification-compatible (PIV) Smart Card.

The YubiKey 5 FIPS series is NSA-approved for the Department of Defense (DoD) to provide the highest level of user authentication and supports the ability to remove the tool following authentication in accordance with National Institute of Standards and Technology (NIST) usability guidelines for multi-factor cryptographic devices.

“The U.S. military and government agencies have a critical need for more secure, modern communications technology to help counter current and future threats,” said Todd Probert, President of National Security and Innovative Solutions at CACI. “CACI and our partners are bringing this state-of-the-art multi-factor authentication tool, combined with the most-advanced mobile hand-held device for trusted mobile platforms to the market. This capability is streamlined, proven and tested, and ready to deliver today in support of national security missions.”

“With data breaches continuing to rise, it has become increasingly critical for companies and government agencies to embrace a move toward modern, phishing-resistant, multi-factor authentication,” said Stina Ehrensvärd, CEO and co-founder, Yubico. “In the past several months, we’ve seen the US government release its Draft Zero Trust Strategy, as well as a number of other actions, including a cybersecurity executive order,…

Source…