Tag Archive for: stories

S’pore firms warned to quickly fix Log4j software security hole that world experts call worst in years, Tech News News & Top Stories

/in


SINGAPORE – Organisations should take swift action to patch a “critical vulnerability” in a widely used software that could allow hackers to take full control of computer systems, the Cyber Security Agency of Singapore (CSA) said on Tuesday (Dec 14).

This is because “we only have a short window” to put in place measures to limit any abuse of the flaw, warned the agency.

The flaw, which affects a wide range of applications from social media and gaming to online shopping and banking, is likely to affect hundreds of millions of devices, the United States’ national cyber-security agency said on Monday, adding that it could be one of the worst in years.

The affected Apache Log4j is a free, open source software that is popularly used to log and keep track of activities and changes in software applications, including system errors and messages from users.

Public and private sector organisations are expected to be affected.

Cyber-security experts warned that the flaw can be easily exploited by adding just a line of code. This could allow cyber crooks to, among other things, abuse the vulnerability to steal and delete data, hijack a company’s e-mail system to send phishing messages to other firms, and make fraudulent bank transfers.

Among the services and sites known to be vulnerable at some point include Apple’s iCloud online back-up service, Valve’s Steam online game store and Microsoft’s Minecraft online game. Other firms reportedly at risk include Amazon, Baidu, Google, Tencent and Twitter.

While CSA has not received any reports of breaches related to the vulnerability for now, it is closely monitoring the situation.

CSA’s urgent call to action follows from an initial alert it sent out last Friday.

It also comes after US Cybersecurity and Infrastructure Security Agency (Cisa) director Jen Easterly said the flaw, also called Log4Shell or LogJam, “is one of the most serious I’ve seen in my entire career, if not the most serious”, reported cyber-security news site CyberScoop.

Last Saturday, Germany’s cyber-security watchdog the BSI issued the highest red alert warning on the security hole, saying it posed an “extremely critical threat” to Web servers.

Apple and several companies…

Source…

FEC says Twitter acted legally in blocking Hunter Biden laptop stories, pointing to claim of intel warnings about hacking

/in


The Federal Elections Commission said on Wednesday its members unanimously rejected complaints from the Republican National Committee and others that Twitter’s decision to block the sharing of links to articles from the New York Post related to Hunter Biden’s laptop constituted an illegal contribution to now-President Joe Biden’s candidacy.

In announcing the decision, the FEC pointed to Twitter’s assertion that part of the reason it stopped the spread of the New York Post articles in October was over concerns that foreign actors obtained the salacious materials through hacking. The social media giant claimed the U.S. Intelligence Community was warning about such an effort in the lead-up to the 2020 election. No evidence has emerged that the Hunter Biden laptop story stemmed from a foreign hacking operation.

The FEC said there was a 6-0 vote in finding “no reason to believe” that Twitter violated the law “by making corporate in-kind contributions” and “no reason to believe” that Twitter CEO Jack Dorsey or Brandon Borrman, who was Twitter vice president of global communications, broke the law.

In response to reporting on the decision published on Monday, RNC spokeswoman Emma Vaughn said the group was “weighing its options for appealing this disappointing decision from the FEC.”

An October complaint  from the RNC alleged: “Through its ad hoc, partisan oppression of media critical of Biden, [Twitter] is making illegal, corporate in-kind contributions as it provides unheard-of media services for Joe Biden’s campaign.” The RNC argued at the time that Twitter was “doing so for the clear purpose of supporting the Biden campaign.”

Robert Kelner, a lawyer who had represented retired Lt. Gen. Mike Flynn before Sidney Powell took over his representation, helped represent Twitter in the FEC complaint, writing in December that “Twitter undertook, for bona fide commercial reasons” actions to block potentially hacked content.

A lengthy statement from Yoel Roth, head of site integrity for Twitter, was included in Kelner’s response.

“Since 2018, I have…

Source…

Mindef, SUTD sign agreement to build defences against cyber attacks, Singapore News & Top Stories

/in


SINGAPORE – With the growing threat of cyberattacks on critical infrastructure, the Ministry of Defence (Mindef) is seeking to tighten its defences by further training its experts and studying the methods employed by hackers.

It is doing so through a partnership with the Singapore University of Technology and Design (SUTD) to strengthen collaboration in several areas, including research and technology, threat modelling and training, Mindef said on Thursday (Sept 16).

A memorandum of understanding on operational technology security for critical infrastructure was signed by Defence Cyber Chief Brigadier-General (BG) Mark Tan and SUTD Associate Provost for Research and International Relations Yeo Kiat Seng.

The signing took place at the university on the sidelines of a two-week cybersecurity exercise co-organised by the Singapore Armed Forces (SAF) and SUTD, called the Critical Infrastructure Security Showdown.

Mindef said that recent cyberattacks on critical infrastructure, such as fuel pipelines and power distribution systems, are “stark reminders of the increasingly sophisticated cyber threats that countries face”.

“The MOU underscores Mindef’s and the Singapore Armed Forces’ commitment to build up cybersecurity expertise and capabilities against potential operational technology cyber threats.”

Operational technology (OT) systems include computer systems designed to be deployed in critical infrastructure, such as power, water, manufacturing and similar industries.

Such infrastructure overseas has been hit by hackers recently. Colonial Pipeline, which supplies about 45 per cent of fuel used on the east coast of the United States, was hit by a ransomware attack in May.

That same month, a cyberattack on Brazilian food giant JBS forced the closure of all its beef plants in the US.

OT infrastructure and enhancements have been used in projects such as energy-efficient buildings and the Republic of Singapore Air Force’s Smart Airbase, said Mindef.

The agreement is expected to cement collaboration between Mindef and the SAF and the SUTD iTrust Centre for Research in Cyber Security in several areas.

The iTrust centre will allow Mindef to test cyber defence measures and better…

Source…

U of I police taking proactive steps to prevent gun violence in campus areas | Top Stories

/in


CHAMPAIGN, Ill. (WAND) – University of Illinois police said gun violence increased off campus during the 2020-21 school year in a report detailing the events of the year. 

U of I Police Chief Alice Cary said there were no gun violence incidents on campus property, but noted police realize the campus area is “not immune to off-campus issues.” She said police are taking proactive steps to prevent violence on campus, such as increased patrols and looking at technological tools, such as mobile security cameras. 

“Our students and community members should notice an increase in visible police patrols in areas of Campustown that may be more likely to be impacted by violent crime,” Cary said. 

There were few students and staff on campus in the 2020-21 year, police said, so calls for service were down by over 37 percent from the 2018-19 year, which was the last time students were on the U of I campus for the full academic year. 

There were only four alcohol-related citations for the entire 2020-21 year, police said in the Year in Review report, and all of them were for illegal transportation of liquor. In three of the four cases, the driver was also taken into custody for driving under the influence of alcohol. 

No underage drinking or possession citations were issued in 2020-21, U of I police said. 

Click here to see the entire year in review report from police. 

Source…