Posts

Biden enlists ‘world class’ cyber security team – Security


President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials and investigators as the US government works to recover from one of the biggest hacks of its agencies attributed to Russian spies.

“It is great to see the priority that the new administration is giving to cyber,” said Suzanne Spaulding, director of the Defending Democratic Institutions project at the Center for Strategic and International Studies.

Cyber security was demoted as a policy field under the Trump administration.

It discontinued the Cybersecurity Coordinator position at the White House, shrunk the State Department’s cyber diplomacy wing, and fired federal cyber security leader Chris Krebs in the aftermath of Donald Trump’s November 3 election defeat.

Disclosed in December, the hack struck eight federal agencies and numerous companies, including software provider SolarWinds.

US intelligence agencies publicly attributed it to Russian state actors. Moscow has denied involvement in the hack.

Under a recent law, Biden must open a cyber-focused office reporting to a new national cyber director, who will coordinate the federal government’s vast cyber capabilities, said Mark Montgomery, a former congressional staffer who helped design the role.

The leading candidate for cyber director is Jen Easterly, a former high ranking National Security Agency official, according to four people familiar with the selection process.

Now head of resilience at Morgan Stanley, Easterly held several senior intelligence posts in the Obama administration and helped create US Cyber Command, the country’s top cyber warfare unit.

Easterly did not respond to requests for comment.

The Biden administration “has appointed world-class cybersecurity experts to leadership positions,” Microsoft corporate vice president Tom Burt said in a statement.

Some observers worry, however, that the collective group’s experience is almost entirely in the public sector, said one former official and an industry analyst who requested anonymity.

The distinction is important because the vast majority of US internet infrastructure is owned and operated by…

Source…

The Latest: Japan’s PM seeks to enforce virus measures | World


BALTIMORE — The U.S. has now topped 19 million coronavirus cases since the pandemic began, data compiled by Johns Hopkins University shows.

America exceeded that mark on Sunday, just six days after it reached 18 million. The nation’s case numbers have more than doubled in less than two months.

COVID-19 deaths in the U.S. also have been rising, and now total more than 332,000. That’s more than one death for every 1,000 Americans. The U.S. population as of Saturday was about 331 million, according to the U.S. Census Bureau.

The United States accounts for about 4% of the world’s population, but close to 24% of its total coronavirus cases and 19% of its COVID-19 deaths. Health experts believe many cases have gone unreported, however, both in America and internationally.

JOHANNESBURG – South Africa’s COVID-19 spike has taken the country to more than 1 million confirmed cases on Sunday and President Cyril Ramaphosa called an emergency meeting of the National Coronavirus Command Council.

The country’s new variant of the coronavirus, 501.V2, is more contagious and has quickly become dominant in many areas of the resurgence, according to experts.

With South Africa’s hospitals reaching capacity and no sign of the new surge reaching a peak, Ramaphosa is expected to announce a return to restrictive measures designed to slow the spread of the disease.

Source…

Ransomware threat will be controlled by the new task force formed with the help of Microsoft and Citrix / Digital Information World


Viruses and hacking have many different types, one of which is ransomware. A ransomware virus attack is a badly known attack where your data files are encrypted by the hackers, in return they ask for the payment as a ransom. If you pay the money only then they decrypt your data files.

It is malware, with the help of which a hacker can have complete control over your data. Hacker can lock your data and blackmail you that he will leak your data or may delete it if you are not able to make the payment as ransom. Hackers usually send a spam link in an email in most cases. However, this is not it, you can get this spam link through a third-party website or an unknown link. This ransomware has attacked the files of many organizations and companies. This virus has plagued computer networks for more than 15 years. As a result, a task force has been formed with the help of Microsoft and Citrix to stop this attack.

The Institute for Security and Technology has created this task force to deal with this curse. The members of this task force are legal experts, cybersecurity firms, tech industry players, and policymakers. In short, this force is created with the inclusion of all experts to deal with this attack in all manners.

The founding members of this task force are completely aware that this attack could be much harmful to any entity. Because data is everything for an organization or a company. If a company is attacked by this attack, this company will be grabbed in the hands of the hackers. Ultimately, will be ready to pay a ransom.

The task force member will observe the ransomware kill chain and how the hackers give the command and regulate servers. They will also recommend taking necessary actions publicly or privately that will reduce this attack to a great level. For instance, if the anti-malware apps running on the computers of the users, this task force will recommend getting out of this app as soon as possible. in short, this task force will try its best to deal with this threat and will leave no stone unturned.

The task force will most probably start its work in the March or April. However, the good news is the website will go live in January. Everybody knows that today this…

Source…

Google Play Store’s Security System Continues to Fare Poorly at Identifying Android Malware / Digital Information World


AV-TEST has recently conducted a detailed analysis of antivirus software available for the Android, coming to the conclusion that Google Play Protect might serve as the worst of the lot. This, compounded upon by other malware breaches across Google products, might spell issues for the company.

AV-TEST, an independent antivirus evaluation agency, has made its living out of researching the effectivity certain products have against malware. Based in Magdeburg, Germany, the organisation particularly deals with software catering to Windows and Android. Software that meets a certain standard established by AV-TEST is also granted certification by them, which carries a significant amount of weight.

Their most recent list, amassing data from November, graded software on the basis of 3 categories: protection, performance, and usability. These 3 give a comprehensive report as to the level of security your device is offered, how smooth the antivirus runs, and how accessible it is to the general public. Each category was further scored out of 6. Google Play Protect, while given a supring zero in usability and a 6 in performance, was, sadly, granted zero in protection. Which might raise an eyebrow or two, especially considering past events with Google products. It also shows, relying solely on Google’s protection systems can be a risky decision for security-savvy Android users.

Avast reported, rather recently, that over 3 million users across Google Chrome and Microsoft Edge may have been exposed to malware via add-ons, extensions, and plugins that the browsers were unable to filter through. While this itself is no reason to hold Google accountable as even Avast antivirus itself was unable to nail down the threat in time, the Play Store tells a different story.

Malware often makes it onto the Store, particularly marketed towards demographics that would typically not know any better than to download it. Kaspersky Labs, an cybersecurity firm, recently highlighted 20 different malware containing apps disguised as Minecraft mods targeted towards young children unaware of the dangers such sources pose. Recently, a fake Cyberpunk 2077 mobile app was also spotted, which would hold user data at random…

Source…