Oct 06 2021

Arizona governor announces the launch of Command Center to protect state computer systems

Category: cyber securityDISC @ 9:52 am
Arizona governor announces the launch of Command Center to protect state computer systems

The governor of Arizona, Doug Ducey, has announced the launch of a Cyber Command Center to address the thousands of attacks that daily target government computers.

The governor of Arizona, Doug Ducey, has launched a Cyber Command Center to repel the huge amount of attacks that every day hit the computer systems of the state.

The move is the response of the Arizona administration to hundreds of thousands of cyberattacks that hit the state.

At a ceremony Monday at the Department of Public Safety’s Arizona Counter Terrorism Information Center in Phoenix, Ducey explained that Cyber Command Center has been established to protect the IT infrastructure of the state.

“The Cyber Command Center brings four state public safety agencies together in one room with one mission: Guard the state’s computers against attacks and by extension, help protect the over 7 million residents of the Grand Canyon State.” reads a post published by AZCentral.

“When we protect your data, we protect you at home as well,” Arizona Department of Homeland Security Director Tim Roemer said in an interview. “We help you not fall victim to identity theft, for example. Because once your data is compromised, they use that to open up accounts.”

In the case of a severe cyber attack, experts at the center will coordinate the incident response activities.

Tags: Command Center to protect state computer systems

Sep 03 2021

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Category: cyber security,Information Security,Laptop Security,Wi-Fi Security,Windows SecurityDISC @ 9:35 am
New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Security flaws in commercial Bluetooth stacks dubbed BrakTooth can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks.

A set of 16 security flaws in commercial Bluetooth stacks, collectively tracked as BrakTooth, can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks.

The issues were discovered by the ASSET (Automated Systems SEcuriTy) Research Group from the Singapore University of Technology and Design (SUTD), their name comes from the Norwegian word “Brak” which translates to ‘crash’.

The BrakTooth flaws impact 13 Bluetooth chipsets from 11 vendors, including Intel, Qualcomm, and Texas Instruments, experts estimated that more than 1,400 commercial products may be impacted.

As of today, the researchers discovered 16 security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm.

“we disclose BrakTooth, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.” reads the post published by the researchers. “All the vulnerabilities are already reported to the respective vendors, with several vulnerabilities already patched and the rest being in the process of replication and patching. Moreover, four of the BrakTooth vulnerabilities have received bug bounty from Espressif System and Xiaomi. “

The attack scenario tested by the experts only requires a cheap ESP32 development kit (ESP-WROVER-KIT) with a custom (non-compliant) LMP firmware and a PC to run the PoC tool they developed. The tool communicates with the ESP32 board via serial port (/dev/ttyUSB1) and launches the attacks targeting the BDAddress (<target bdaddr>) using the specific exploit (<exploit_name>).

The ASSET group has released the PoC tool to allow vendors to test their devices against the vulnerabilities

braktooth

Guide to Bluetooth Security: Recommendations of the National Institute of Standards and Technology (Special Publication 800-121 Revision 1)

Tags: Bluetooth security

Sep 02 2021

DoJ Launches Cybersecurity Fellowship Program as Threats Rise

Category: cyber security,Cyber StrategyDISC @ 9:35 am
DoJ Launches Cybersecurity Fellowship Program as Threats Rise

The U.S. Department of Justice (DoJ) announced the creation of a cybersecurity fellowship program that will train prosecutors and attorneys to handle emerging national cybersecurity threats.

Fellows in the three-year Cyber Fellowship program will investigate and prosecute state-sponsored cybersecurity threats, transnational criminal groups, infrastructure and ransomware attacks and the use of cryptocurrency and money laundering to finance and profit from cybercrimes.

Cyber Fellowship Program

The program will train selected attorneys to deal with emerging cybercriminal threats and the ability to secure a top-secret security clearance is a prerequisite. All participants will be based in the Washington, D.C. area.

As part of the fellowship, participants will rotate through the multiple departments charged with protecting the country from cybersecurity threats, including the Criminal Division, the National Security Division and the U.S. Attorneys’ Offices.

The program is coordinated through the Criminal Division’s Computer Crime and Intellectual Property Section and the creation of the Fellowship is the result of a recommendation from the department’s ongoing comprehensive cybersecurity review, which was ordered by Deputy Attorney General Lisa Monaco in May 2021.

fellowship web app election security government

Enhancing Efforts Against Cybersecurity Threats

Tags: Cybersecurity Fellowship Program

Aug 26 2021

Samsung can remotely disable their TVs worldwide using TV Block

Category: cyber security,Cyber Spy,Cyber ThreatsDISC @ 1:39 pm
Samsung can remotely disable their TVs worldwide using TV Block

Samsung says that it can disable any of its Samsung TV sets remotely using TV Block, a feature built into all television products sold worldwide.

This was revealed by the South Korean multinational in a press release issued earlier this month in response to the July South African riots that led to large-scale looting, which also impacted Samsung warehouses and stores.

“TV Block is a remote, security solution that detects if Samsung TV units have been unduly activated, and ensures that the television sets can only be used by the rightful owners with a valid proof of purchase,” Samsung said.

“The aim of the technology is to mitigate against the creation of secondary markets linked to the sale of illegal goods, both in South Africa and beyond its borders. This technology is already pre-loaded on all Samsung TV products.”

As Samsung explains, the goal behind remotely disabling stolen TV sets is to limit looting and “third party purchases,” and ensuring that the TVs can only be used by “rightful owners with a valid proof of purchase.”

https://twitter.com/SamsungSA/status/1423674642443784198

How TV Block works

Tags: Samsung can remotely disable, Smart TV, Smart TV Security, TV Block

Aug 05 2021

U.S. Taps Amazon, Google, Microsoft, Others to Help Fight Ransomware, Cyber Threats

Category: cyber security,Information SecurityDISC @ 7:23 am

Creation of the Joint Cyber Defense Collaborative follows high-profile cyberattacks on critical U.S. infrastructure

The U.S. government is enlisting the help of tech companies, including Amazon.com Inc., Microsoft Corp. and Google, to bolster the country’s critical infrastructure defenses against cyber threats after a string of high-profile attacks.

The Department of Homeland Security, on Thursday, is formally unveiling the initiative called the Joint Cyber Defense Collaborative. The effort will initially focus on combating ransomware and cyberattacks on cloud-computing providers, said Jen Easterly, director of the DHS’s Cybersecurity and Infrastructure Security Agency. Ultimately, she said, it aims to improve defense planning and information sharing between government and the private sector.

“This will uniquely bring people together in peacetime, so that we can plan for how we’re going to respond in wartime,” she said in an interview. Ms. Easterly was sworn in as CISA’s director last month. She was previously a counterterrorism official in the Obama White House, and the commander of the Army’s first cyber operations unit at the National Security Agency, America’s cyberspy agency.

‘This will uniquely bring people together in peacetime, so that we can plan for how we’re going to respond in wartime.’— Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency

U.S. Taps Amazon, Google, Microsoft, Others to Help Fight Ransomware, Cyber Threats

Department of Homeland Security and Information Sharing: Is It Working? 

Department of Homeland Security and Information Sharing: Is It Working? by [United State Army War College, U.S Army U.S Army]

Tags: Department of Homeland Security, DHS

Aug 02 2021

CISA launches US federal vulnerability disclosure platform

Category: cyber securityDISC @ 8:15 am
CISA launches US federal vulnerability disclosure platform

“Through this crowdsourcing platform, Federal Civilian Executive Branch (FCEB) agencies will now be able to coordinate with the security research community in a streamlined fashion and those reporting incidents enjoy a single, usable website to facilitate submission of findings. The platform encourages collaboration and information sharing between the public and private sectors by allowing uniquely skilled researchers to submit vulnerability reports, which agencies will use to understand and address vulnerabilities that were previously unidentified,” Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA, explained.

The VDP platform

Binding Operational Directive 20-01, released in September 2020, mandates that all FCEB agencies must develop and publish a vulnerability disclosure policy.

At the moment, this newly established VDP platform collects eleven vulnerability disclosure programs, published by the:

  • Federal Communications Commission (FCC)
  • Department of Homeland Security (DHS)
  • National Labor Relations Board (NLRB)
  • Federal Retirement Thrift Investment Board (FRTIB)
  • Millennium Challenge Corporation (MCC)
  • Department of Agriculture (USDA)
  • Department of Labor (DOL)
  • Privacy and Civil Liberties Oversight Board (PCLOB)
  • Equal Employment Opportunity Commission (EEOC)
  • Occupational Safety and Health Review Commission (OSHRC)
  • Court Services and Offender Supervision Agency (CSOSA)

This newly established VDP platform is run by BugCrowd, a bug bounty and vulnerability disclosure company, and EnDyna, a government contractor that provides science and technology-based solutions to several US federal agencies.

CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY: Actions Needed to Ensure Organizational Changes Result in More Effective Cybersecurity for Our Nation by [United States Government Accountability Office]

Tags: CISA, Cybersecurity and Infrastructure Security Agency

Jul 26 2021

How to develop a skilled cybersecurity team

Category: cyber security,InfoSec jobsDISC @ 10:19 am
How to develop a skilled cybersecurity team

What skills should aspiring information security workers possess and work on? What certifications can come in handy more than others? What strategies should organizations employ to develop a well-staffed cybersecurity team? Where should they look for talent? What advice do those already working in the field have for those who want to enter it?

(ISC)² wanted to know the answer to these and other questions, so they asked 1,024 infosec professionals and 1,010 cybersecurity job pursuers in the U.S. and Canada.

What do the information security professionals say?

Cybersecurity Workforce : Staffing Needs, Skills Requirements and Coding Procedures

Cybersecurity Workforce

Tags: cybersecurity team, cybersecurity workforce shortage

Jul 11 2021

Three security lessons from a year of crisis

Category: CISO,cyber securityDISC @ 11:10 am
Three security lessons from a year of crisis

When Pindrop surveyed security and fraud professionals across vital sectors including banking and healthcare, we discovered hundreds of teams that had made heroic efforts to continue operating in the face of huge obstacles. We were also reminded of the many ways that fraud threatens businesses and individuals facing turmoil.

Spikes in call volume left contact center agents overextended while lockdown protocols forced reorganizations and remote work; well-intentioned and generally beneficial programs like PPP loans provided new avenues for fraud; and fraud attempts shifted to new venues, like banks’ prepaid card divisions.

More time on the line

Today, we live our lives—and conduct our business—online. Our data is in the cloud and in our pockets on our smartphones, shuttled over public Wi-Fi and company networks. To keep it safe, we rely on passwords and encryption and private servers, IT departments and best practices. But as you read this, there is a 70 percent chance that your data is compromised . . . you just don’t know it yet.

Cybersecurity attacks have increased exponentially, but because they’re stealthy and often invisible, many underplay, ignore, or simply don’t realize the danger. By the time they discover a breach, most individuals and businesses have been compromised for over three years. Instead of waiting until a problem surfaces, avoiding a data disaster means acting now to prevent one.

No matter who you are or where you work, cybersecurity should be a top priority. The information infrastructure we rely on in every sector of our lives—in healthcare and finance, for governments and private citizens—is both critical and vulnerable, and sooner or later, you or your company will be a target. This book is your guide to understanding the threat and putting together a proactive plan to minimize exposure and damage, and ensure the security of your business, your family, and your future.

Tags: cyber crisis, security lessons

Jun 08 2021

Reformulating the cyber skills gap

Category: cyber security,InfoSec jobsDISC @ 8:45 am
Reformulating the cyber skills gap

Many thought leaders have approached the skills shortage from a cumulative perspective. They ask “How on Earth can companies afford to keep re-training their teams for the latest cyber-threats?” The challenge, to them, emanates from the impracticalities of entry level training becoming obsolete as new challenges emerge.

Of course, the question of ongoing training is very important, but I believe it has misled us in our evaluation of the growing disparity between the supply and demand of cyber-professionals. What we should be asking is “How can we create a generation of cyber-professionals with improved digital skills and resilience to tackle an enemy that continually mutates?”

Defining the relationship between people and tech is of the utmost importance here. Cybersecurity is not merely a technical problem, it’s a human problem. This is a critical intersection. People are not the weakest link in an effective cybersecurity defense strategy, but the most crucial. However, technology is the apparatus that can properly arm us with the skills to defend against attacks.

The silver bullet

The only thing we can be certain of is that cyberattacks are taking place right now and will continue to take place for the foreseeable future. As a result, cybersecurity will remain one of the most critical elements for maintaining operations in any organization.

There is a growing appetite for reform in cybersecurity training, particularly among higher education institutions (e.g., with the UK’s top universities now offering National Cyber Security Centre (NCSC) certified Bachelor’s and Master’s programs. It is in the interest of the British government that this appetite continues to grow, as the Department for Culture, Media & Sport reported there were nearly 400,000 cybersecurity-related job postings from 2017-2020.

In addition, COVID-19 has been a significant catalyst in increasing uptake and emphasis on cyber skills since the steep rise in the use of digital platforms in both our work and personal lives has expanded the surface area for attacks and created more vulnerability.

Overall, though, young people remain our best hope for tackling the global cyber skills gap, and only by presenting cybersecurity to them as a viable career option can we start to address it. This is the critical starting point. Once we do this, the next important step is to give universities and schools the facilities to offer sophisticated cyber training.

The Cyber Skill Gap: How To Become A Highly Paid And Sought After Information Security Specialist! by [Vagner Nunes]

Tags: cyber skills gap

Jun 04 2021

Quantum computing: How should cybersecurity teams prepare for it?

Category: cyber security,Information SecurityDISC @ 2:14 pm
Quantum computing: How should cybersecurity teams prepare for it?

Our community – that is, technologists, mathematicians and information assurance professionals – has generally adapted well to changes in the technology landscape.

At the start of the Cold War, the western security apparatus sought to understand the actions of their adversaries by intercepting radio signals bouncing off the ionosphere and analyzing the messages they carried. Later, when the Soviets moved to microwave transmissions, that same security apparatus deployed cutting-edge line-of-sight interception techniques.

Then, in 1977, after the Soviets began to successfully encrypt their communications, the NSA launched the Bauded Signals Upgrade program, delivering a supercomputer designed to compare encrypted messages with elements of plain text transmitted by mistake, allowing the agency to break many of the Soviets’ high-level codes. Time and time again, our innovation has kept us safe, but only when we have prepared to meet the threat.

Quantum information theory, which has been explored since the beginning of the 20th century, has led to an exciting yet dangerous new prospect: new quantum algorithms to solve computational problems which have thus far proven to be intractable – or at least unachievable within a useful period – by classical computers. One such problem is the breaking of the Advanced Encryption Standard, a key pillar of modern data encryption.

A joint research team of engineers from Google and the Swedish Royal Institute of Technology published a study that theorized the breaking of a 2048 bit key in just 8 hours, something that would take today’s classical computers over 300 trillion years. The catch? This theory requires a 20 million-qubit computer, and the largest quantum computer that exists today has only 65.

Their study, alongside many like it, tells us that quantum technology will present the greatest threat to the security of our critical systems in the history of computing. It may even be useful to us in future conflicts. However, quantum computers will need considerably more processing power than is available today and will require a significantly lower error rate if they are to be utilized for cyberspace operations.

To meet this challenge, institutions across the world are rushing to develop quantum computers that are capable of delivering on the promising theory.

The U.S. National Institute of Standards and Technology is currently evaluating over 60 methods for post-quantum cryptography, quantum key distribution, and other security applications. Early indications are that quantum technology will provide an ability to detect, defend, and even retaliate against all manner of future threats.

Away from security, most people understand that quantum computing has immense potential for good – with applications in the scientific and medical research fields easy to imagine. However, this vast computing power could also be used to undermine the classical computer systems that our nation relies upon so heavily.

DISC InfoSec Shop

Cryptography and Quantum Computing

Tags: Quantum computing

May 13 2021

Gamers beware! Crooks take advantage of MSI download outage

Category: cyber securityDISC @ 10:27 pm
Gamers beware! Crooks take advantage of MSI download outage…

Tags: MSI download outage

May 09 2021

Teaching Cybersecurity to Children

Category: cyber securityDISC @ 9:45 pm
Teaching Cybersecurity to Children

Tags: Teaching Cybersecurity to Children

May 05 2021

61% of cybersecurity teams are understaffed

Category: cyber securityDISC @ 9:19 am
61% of cybersecurity teams are understaffed

In a climate where remote work became more prevalent—and in some cases, mandatory—those citing “limited remote work possibilities” as a reason for leaving their cybersecurity role saw a six-percentage point decline (45%) compared to the year before.

Though the cybersecurity workforce was mainly spared the pandemic devastation experienced by other sectors, the survey found that longstanding issues persist, including:

  • 61 percent of respondents indicate that their cybersecurity teams are understaffed.
  • 55 percent say they have unfilled cybersecurity positions.
  • 50 percent say their cybersecurity applicants are not well qualified.
  • Only 31 percent say HR regularly understands their cybersecurity hiring needs.

Understaffed cybersecurity teams and attacks issues

Tags: cybersecurity teams are understaffed

May 03 2021

A battle cry for SMBs to address cybersecurity

Category: cyber securityDISC @ 7:33 am
A battle cry for SMBs to address cybersecurity

If cybersecurity is a new concept for the business, first take the necessary steps to follow best practises, as set out by the NIST Cybersecurity framework, as a minimum. Furthermore, to enhance the organisation’s overall security maturity, there are 4 key categories that need to be addressed: cyber strategy and risk, network security, endpoint security, and threat detection and response capabilities.

What is the current level of the cyber strategy and risk?

Small business owners are focussed on running their business with cybersecurity often a secondary concern. To begin with, businesses should seek consultation from industry experts to provide an assessment of the infrastructure to determine areas of concern. This will help the business plan, adapt and grow to stay competitive. It also will provide insight into how the business’ security measures stack up to the needs of the business currently and for the future.

An assessment by an external consultant can also examine whether the business is meeting compliance and regulatory requirements, which can be weaved into the security strategy. This guidance not only helps to improve the overall security posture, but also saves costs in the long run.

The Essential Guide to Cybersecurity for SMBs

Tags: Cybersecurity for SMBs

Apr 30 2021

The realities of working in and pursuing a career in cybersecurity

Category: CISSP,cyber security,Information SecurityDISC @ 5:50 am
The realities of working in and pursuing a career in cybersecurity

“One of the biggest challenges we have in cybersecurity is an acute lack of market awareness about what cybersecurity jobs entail,” said Clar Rosso, CEO of (ISC)². “There are wide variations in the kinds of tasks entry-level and junior staff can expect. Hiring organizations and their cybersecurity leadership need to adopt more mature strategies for building teams.

“Many organizations still default to job descriptions that rely on cybersecurity ‘all stars’ who can do it all. The reality is that there are not enough of those individuals to go around, and the smart bet is to hire and invest in people with an ability to learn, who fit your culture and who can be a catalyst for robust, resilient teams for years to come.”

cybersecurity career realities

Apr 19 2021

Alarming Cybersecurity Stats: What You Need To Know For 2021

Category: Cyber Attack,Cyber Espionage,Cyber maturity,Cyber resilience,cyber security,Cyber Strategy,Cyber surveillance,Cyber Threats,Cyber War,Cybercrime,Cyberweapons,Information SecurityDISC @ 8:46 am
Cyber Attack A01

The year 2020 broke all records when it came to data lost in breaches and sheer numbers of cyber-attacks on companies, government, and individuals. In addition, the sophistication of threats increased from the application of emerging technologies such as machine learning, artificial intelligence, and 5G,  and especially from greater tactical cooperation among hacker groups and state actors. The recent Solar Winds attack, among others,  highlighted both the threat and sophistication of those realities.

The following informational links are compiled from recent statistics pulled from a variety of articles and blogs. As we head deeper into 2021, it is worth exploring these statistics and their potential cybersecurity implications in our changing digital landscape.

To make the information more useable, I have broken down the cybersecurity statistics in several categories, including Top Resources for Cybersecurity Stats, The State of Cybersecurity Readiness, Types of Cyber-threats, The Economics of Cybersecurity, and Data at Risk.

There are many other categories of cybersecurity that do need a deeper dive, including perspectives on The Cloud, Internet of Things, Open Source, Deep Fakes, the lack of qualified Cyber workers, and stats on many other types of cyber-attacks. The resources below help cover those various categories.

Top Resources for Cybersecurity Stats:

If you are interested in seeing comprehensive and timely updates on cybersecurity statistics, I highly recommend you bookmark these aggregation sites:

 300+ Terrifying Cybercrime and Cybersecurity Statistics & Trends (2021 EDITION) 300+ Terrifying Cybercrime & Cybersecurity Statistics [2021 EDITION] (comparitech.com)·        

The Best Cybersecurity Predictions For 2021 RoundupWhy Adam Grant’s Newest Book Should Be Required Reading For Your Company’s Current And Future LeadersIonQ Takes Quantum Computing Public With A $2 Billion Deal

134 Cybersecurity Statistics and Trends for 2021 134 Cybersecurity Statistics and Trends for 2021 | Varonis

 2019/2020 Cybersecurity Almanac: 100 Facts, Figures, Predictions and Statistics  (cybersecurityventures.com)

Source: The State of Cybersecurity Readiness:

Cyber-Security Threats, Actors, and Dynamic Mitigation

Related article:

Top Cyber Security Statistics, Facts & Trends in 2022

👇 Please Follow our LI page…


DISC InfoSec

#InfoSecTools and #InfoSectraining

#InfoSecLatestTitles

#InfoSecServices

Tags: Cybersecurity Stats

Apr 15 2021

Why taking the cybersecurity initiative can win you business

Category: cyber security,Cyber Strategy,Selling cyber securityDISC @ 2:34 pm
Why taking the cybersecurity initiative can win you business

Consumers seem somehow unable or unwilling to protect themselves. But our research reveals an interesting knock-on effect from this: consumers welcome organizations who take the security initiative – and actively move their business to them.

Good security is good for business

This situation is a huge opportunity for organizations to make security a differentiator. Our research reveals that consumers value companies they perceive as more secure, with 64% saying they would recommend a large organization that they think makes a big effort to keep their data secure. A business with clearly visible cybersecurity will reassure consumers and create confidence in its digital products and services, carving itself a competitive advantage.

Why taking the cybersecurity initiative can win you business

Cyber Shop - Home | Facebook

Tags: cybersecurity initiative

Mar 26 2021

Alan Turing’s £50 banknote officially unveiled

Category: cyber security,Information SecurityDISC @ 9:25 am
Alan Turing’s £50 banknote officially unveiled

Regular Naked Security readers will know we’re huge fans of Alan Turing OBE FRS.

He was chosen in 2019 to be the scientist featured on the next issue of the Bank of England’s biggest publicly available banknote, the bullseye, more properly Fifty Pounds Sterling.

(It’s called a bullseye because that’s the tiny, innermost circle on a dartboard, also known as double-25, that’s worth 2×25 = 50 points if you hit it.)

Turing beat out an impressive list of competitors, including STEM visionaries and pioneers such as Mary Denning (first to unravel the paleontological mysteries of what is now known as Dorset’s Jurassic Coast), Rosalind Franklin (who unlocked the structure of DNA before dying young and largely unrecognised), and the nineteenth-century computer hacking duo of Ada Lovelace and Charles Babbage.

The Universal Computing Machine

Turing was the groundbreaking computer scientist who first codified the concept of a “universal computing machine”, way back in 1936.

At that time, and indeed for many years afterwards, all computing devices then in existence could typically solve only one specific variant of one specific problem.

They would need rebuilding, not merely “reinstructing” or “reprogramming”, to take on other problems.

Turing showed, if you will pardon our sweeping simplification, that if you could build a computing device (what we now call a Turing machine) that could perform a certain specific but simple set of fundamental operations, then you could, in theory, program that device to do any sort of computation you wanted.

The device would remain the same; only the input to the device, which Turing called the “tape”, which started off with what we’d now call a “program” encoded onto it, would need to be changed.

So you could program the same device to be an adding machine, a subtracting machine, or a multiplying machine.

You could compute numerical sequences such as mathematical tables to any desired precision or length.

You could even, given enough time, enough space, enough tape and a suitably agreed system of encoding, produce all possible alphabetic sequences of any length…

…and therefore ultimately, like the proverbially infinite number of monkeys working at an infinite number of typewriters, reproduce the complete works of William Shakespeare.

More on: You can extend the halting problem result in important ways for cybersecurity

Tags: Alan Turing

Mar 22 2021

FCC Boots Chinese Telecom Companies, Citing Security

Category: Cyber Attack,Cyber Communication,Cyber Espionage,cyber security,Cyber Spy,Cyber surveillance,Cyber Threats,Cyber War,CybercrimeDISC @ 11:01 am
FCC Boots Chinese Telecom Companies, Citing Security

he Federal Communications Commission’s (FCC) Public Safety and Homeland Security Bureau on March 12 identified five Chinese companies they said posed a threat to U.S. national security. These companies are: Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co.

The declaration, according to the FCC, is in accordance with the requirements of the Secure and Trusted Communications Networks Act of 2019, which requires the FCC to “publish and maintain a list of communications equipment and services that pose an unacceptable risk to national security or the security and safety of U.S. persons.”

In June 2020, the FCC designated both ZTE and Huawei as national security threats. “… [B]ased on the overwhelming weight of evidence, the Bureau has designated Huawei and ZTE as national security risks to America’s communications networks—and to our 5G future,” said then-FCC chairman Ajit Pai. Pai continued, “Both companies have close ties to the Chinese Communist Party and China’s military apparatus, and both companies are broadly subject to Chinese law obligating them to cooperate with the country’s intelligence services.  The Bureau also took into account the findings and actions of congress, the executive branch, the intelligence community, our allies, and communications service providers in other countries. We cannot and will not allow the Chinese Communist Party to exploit network vulnerabilities and compromise our critical communications infrastructure. Today’s action will also protect the FCC’s Universal Service Fund—money that comes from fees paid by American consumers and businesses on their phone bills—from being used to underwrite these suppliers, which threaten our national security.”

ZTE’s petition for reconsideration in November 2020 was immediately rejected. Huawai also petitioned for reconsideration, and their appeal was rejected in December 2020, after a few weeks of deliberation.

FCC Boots Chinese Telecom Companies, Citing Security

Tags: Chinese Telecom

Mar 17 2021

Understand the core Concepts of Information Assurance & InfoSec

Category: cyber security,HackingDISC @ 2:10 pm
Information Security VS Cybersecurity VS Ethical Hacking

Today’s world uses the information for a variety of purposes. City officials install traffic signals with traffic movement information, and accounting professionals use revenue and expenditure information to calculate annual earnings. So, experts established different domains intending to secures information. Such domains are Information security, Cybersecurity, and Ethical hacking.

Information Security VS Cybersecurity VS Ethical Hacking

more on: Information Security VS Cybersecurity VS Ethical Hacking

Tags: Concepts of Information Assurance & InfoSec, Ethical Hacking, Hands on Hacking

« Previous PageNext Page »