Tag Archive for: white

Samsung Partners with the White House to Launch a Cybersecurity Labeling Program to Protect American Consumers

/in


On July 18, 2023, the White House auditorium served as the backdrop for a significant milestone in the convergence of the tech sector and government. Located in the Eisenhower Executive Office Building, steps away from the West Wing, it hosted the U.S. government’s announcement of the U.S. Cyber Trust Mark program, an initiative aiming to guide consumers toward cybersecurity-conscious purchasing decisions.

samsung-us-cybertrust-program

The U.S. Cyber Trust Mark is an initiative propelled into reality by Chairwoman Jessica Rosenworcel of the Federal Communications Commission, with robust support from both the White House and the National Security Council. Its aim is to introduce a labeling system for consumer electronics and appliances, providing a valuable key to understanding the cybersecurity strengths and weaknesses of products people bring into their homes. This move will empower consumers, enabling them to make well-informed decisions about the technological devices they choose to incorporate into their daily lives.

As a global tech giant, and a longtime proponent of cybersecurity, has been a longstanding supporter of such measures. Ever since the company launched its security guidelines as part of the “Works with SmartThings” program in 2018 – a precursor to existing global Internet of Things (IoT) standards – it has championed voluntary cyber-labeling programs.


SmartThings

At a roundtable discussion held as part of the event, Samsung was represented by Jaeyeon Jung, Executive Vice President and Head of SmartThings. She relayed the company’s commitment to the U.S. Cyber Trust Mark initiative, underscoring it as a high-priority undertaking for Samsung. This commitment extends to Samsung’s own range of connected products as well as to the open multi-brand IoT ecosystem facilitated by the SmartThings platform.

samsung-partners-white-house

Jung emphasized that SmartThings is not only a secure platform but also one that is open and interoperable. She noted that all devices integrated into this platform must pass rigorous functional testing to ensure seamless interoperability. In addition, they must undergo extensive security testing to guarantee

Source…

Comodo Internet Security 4 – Coming Soon

/in



Automakers risk cyberattacks by paying white hat hackers less

/in


The auto industry lags others in cybersecurity, said Mohammed Ismail, chair of the Electrical and Computer Engineering Department at Wayne State University in Detroit.

“With any new technology, this is a very typical situation,” he said. “When Wi-Fi and Bluetooth started 25 years ago, it took years for those technologies to be seamless and mature.”

Ismail estimates the auto industry needs about five more years of R&D to produce millions of predominantly software-based vehicles that are very secure.

Friendly hackers will help the industry get there.

“Using a bug bounty platform has proven to be an effective way to bring on board the knowledge and expertise of the security community,” Katja Liesenfeld, Mercedes-Benz Cars & Vans’ manager for IT communications, said in an email. “We cannot give more details on any technical details as the programs are private.”

Automakers are reluctant to talk about their reward programs and cybersecurity issues. Ford, Jaguar Land Rover, Nissan, Stellantis and Subaru declined to discuss their cybersecurity programs with Automotive News. BMW, Porsche and Volkswagen did not respond to queries. Honda said it doesn’t have a bug bounty program.

Nonetheless, most of the auto industry is proactive about cybersecurity issues, said Kevin Tierney, General Motors’ chief cybersecurity officer and vice chair of the Automotive Information Sharing and Analysis Center, known as Auto-ISAC. The group of automakers shares information about potential cyberthreats, vulnerabilities and incidents.

“Everyone’s making big moves and big investments,” Tierney said. “It’s not always obvious to the end consumer with everything that’s happening.”

GM started its bug bounty program in 2016. It is administered by HackerOne, of San Francisco, which also runs programs for BMW, Ford, Rivian and Toyota.

HackerOne’s automotive business jumped 400 percent from 2021 to 2022 as clients added services to their contracts. In addition to bug bounty management, HackerOne provides vulnerability disclosure programs, penetration testing of online systems and other services.

Source…

Decoding The Avraham Eisenberg Arrest And Its Impact On Crypto Bug Bounties, White Hat Hackers

/in


The arrest of Avraham Eisenberg has sparked an interesting debate regarding the role of white hat hackers and bug bounty programs in the security of the DeFi ecosystem. This is because Eisenberg eventually returned most of the loot and his exploit also shed light on vulnerabilities within the Mango Markets protocol. These are all the markings of a white hat hacker.

Avraham Eisenberg, the crypto trader responsible for the $110 million Mango Markets exploit, was arrested in Puerto Rico on Monday, December 26. This is after the US Department of Justice accused Eisenberg of commodities fraud and manipulation. If convicted, he could be slapped with heavy fines, possibly even jail time.

The arrest has sparked an interesting debate regarding the role of white hat hackers and bug bounty programs in the security of the DeFi ecosystem. This is because Eisenberg eventually returned most of the loot and his exploit also shed light on vulnerabilities within the Mango Markets protocol. These are all the markings of a white hat hacker.

What is a white hat hacker?

White hat hackers, also known as ethical hackers, are computer security experts who use their skills to identify and fix vulnerabilities in computer systems and networks. In the context of cryptocurrency, white hat hackers may be hired by cryptocurrency exchanges, wallet providers, and other companies in the industry to test the security of their systems and help prevent cyber-attacks.

They may also be independent security researchers who discover and report vulnerabilities in cryptocurrency-related systems to improve security in the industry. White hat hackers are distinguished from “black hat” hackers, who use their skills for malicious purposes such as stealing sensitive data or spreading malware.

In many instances, white hat hackers carry out an exploit and then return most of the funds, only holding onto a small chunk of the loot as a fee for uncovering a vulnerability. This is way better than losing all the funds to bad actors or hacking outfits like North Korea’s Lazarus Group that uses ill-gotten funds to fuel their weapons program.

Also, sometimes it is necessary to carry out the exploit to verify the legitimacy of a vulnerability….

Source…