Did U.S. hack China? NSA dodges question
American cyber officials are avoiding complaints from the Chinese government that the National Security Agency hacked into China’s sensitive networks and stole intellectual property.
Tag Archive for: U.S.
DOD’s Cyber Strategy Emphasizes Building Partner Capacity > U.S. Department of Defense > Defense Department News
In May, the Defense Department released to Congress the classified version of the 2023 Cyber Strategy. Today, the department made public an unclassified summary of that strategy which reveals a new emphasis on helping U.S. partners and allies build their own cyber capacity.
“Distinct from previous iterations of the DOD cyber strategy, this strategy commits to building the cyber capability of global allies and partners and to increase our collective resilience against cyber attack,” said Mieke Eoyang, the deputy assistant secretary of defense for cyber policy, during a briefing today at the Pentagon. “Allies and partners are a strategic advantage that no competitor can match.”
According to the now publicly available summary of the 2023 Cyber Strategy, the department plans to prioritize efforts to increase the effectiveness of allies and partners in cyberspace.
“In some cases, the department will work toward this goal by augmenting partner capacity, expanding partners’ access to cybersecurity infrastructure and maturing their cyber workforce though combined training events and exercises,” the summary reads.
The summary further states the department has also committed, in some cases, to directly helping develop partner capability by enabling functions a partner needs but does not yet have.
“The department will enhance our relationship with our most cyber-capable allies and partners at the strategic, operational and tactical levels,” the policy reads. “We will expand the total number of partners with whom we engage and integrate these efforts with the wider security cooperation enterprise.”
More broadly, the summary reveals that the 2023 Cyber Strategy asks the department to address current and future cyber threats by pursuing four complementary lines of effort. These lines of effort include defending the nation, preparing to fight and win the nation’s wars, protecting the cyber domain with allies and partners, and building enduring advantages in cyberspace.
“[This] strategy builds upon the direction set by the 2018 DOD Cyber Strategy and is informed by years of real-world experience of…
Wix Launches Tap to Pay on Android to Make In-Person Commerce Easier for U.S. Merchants with Stripe
Merchants using Wix can process payments by converting their Android devices into Point-of-Sale terminals to accept secure, contactless payments anywhere in the U.S.
NEW YORK, Sept. 12, 2023 /PRNewswire/ — Wix.com Ltd. (NASDAQ: WIX), a leading global SaaS platform to create, manage and grow an online presence, today announced Tap to Pay on Android to simplify in-person commerce for U.S.-based merchants through an extended partnership with Stripe. Following Wix’s recent release of Tap to Pay on iPhone, Wix merchants can now accept secure, contactless payments directly from their Android devices without additional hardware.
Android is one of the easiest ways to accept in-person payments.
The Wix Owner App turns any compatible Android device into a Point-of-Sale (POS) terminal. By leveraging Wix’s advanced and secure POS software, merchants are able to conduct in-person commerce anywhere, anytime, giving their customers a simple, contactless checkout experience. Users can use credit cards, debit cards, Google Pay, and other digital wallets to complete the purchases of their desired products with confidence and ease.
“Stripe’s Tap to Pay on Android product has facilitated contactless payments for millions of businesses around the world,” said John Affaki, Terminal Business Lead at Stripe. “We’re excited to partner with Wix to provide this easy, cost-effective, no-code way to accept payments in more entrepreneurs’ pockets.”
“Our expanded partnership with Stripe enables merchants to turn their Android devices into a POS terminal so they can readily embrace the future of contactless payments,” said Amit Sagiv and Volodymyr Tsukur, Co-Heads of Wix Payments. “This launch is another step in our commitment to providing our merchants with the best tools to succeed online and offline, streamline their operations, and efficiently serve their customers.”
Tap to Pay on Android is available on compatible devices to U.S.-based Wix Payments merchants using Wix for eCommerce, bookings and events solutions.
Learn more about Tap to Pay on Android: https://www.wix.com/payments
About Wix.com Ltd.
Wix is a leading…
Foreign hackers attacked IT software to breach U.S. aeronautical organization
Sept. 9 (UPI) — Foreign hackers breached a U.S. aeronautical organization by exploiting vulnerabilities in IT software from the company Zoho, the U.S. government warned Thursday.
The U.S. Cybersecurity and Infrastructure Security Agency published a joint cybersecurity advisory Thursday warning of the threats with the FBI and U.S. Cyber Command.
“This [advisory] provides information on an incident at an Aeronautical Sector organization, with malicious activity occurring as early as January 2023,” CISA said in the statement Thursday.
CISA said the hackers, described as “nation-state advanced persistent threat actors,” had gained unauthorized access to the software Zoho ManageEngine ServiceDesk Plus. The exploits are known as “CVE-2022-47966 and CVE-2022-42475.”
“Advance persistent threat actors often scan internet-facing devices for vulnerabilities that can be easily exploited and will continue to do so,” U.S. Cyber Command said in a separate release.
According to the industry publications The Hacker News and Bleeping Computer, the U.S. Cyber Command statement hinted at the involvement of Iranian hackers.
CISA advised all organizations that could be affected to report suspicious or criminal activity to the FBI.
In January, CISA added the CVE-2022-47966 to its Known Exploited Vulnerabilities Catalog, which effectively ordered federal agencies to secure their systems against the particular exploit.
The North Korean state-backed hacker group Lazarus has been exploiting the same vulnerability since earlier this year.