Tuesday, March 9

Cyber Security

Cyber Security

Fortinet Buys Cloud Security Firm OPAQ
Cyber Security

Fortinet Buys Cloud Security Firm OPAQ

The company plans to add zero-trust networking capabilities to its Secure Access Service Edge architecture. Fortinet has acquired Secure Access Service Edge (SASE) provider OPAQ in a move to add SASE capabilities to the Fortinet Security Platform and Security Fabric architecture. OPAQ brings the cloud-based Zero Trust Network Access (ZTNA) solution to Fortinet's existing SASE offering. The company has focused on security for widely distributed networks and endpoints, including branch offices, remote users, and IoT devices. OPAQ's services are also designed to be partner-friendly, allowing MSSPs, integrators, VARs, and other sales-channel partners to add value and bring the services to market. Financial details of the purchase were not disclosed. For more information, read here. ...
Microsoft 365 Updated with New Security, Risk, Compliance Tools
Cyber Security

Microsoft 365 Updated with New Security, Risk, Compliance Tools

Updates built for remote employees include an endpoint data loss prevention platform, insider risk management, and double key encryption. Microsoft today debuted new security, risk management, and compliance tools for its Microsoft 365 platform during its 2020 Inspire partners conference. These updates arrive as organizations reconsider data protection and compliance strategies while they plan for a future of remote work. Today's announcements include the public preview of Microsoft Endpoint Data Loss Prevention (DLP), Double Key Encryption, new Insider Risk Management capabilities, and communication compliance tools in Microsoft Teams. All are meant to help businesses better protect their data.  "This whole shift to remote work has really increased the need for organizations to re-ev...
US Indicts 2 Chinese Nationals for Stealing IP & Business Secrets, Including COVID-19 Research
Cyber Security

US Indicts 2 Chinese Nationals for Stealing IP & Business Secrets, Including COVID-19 Research

Pair working on behalf of themselves and China's Ministry of State Security, Justice Department says. The US government today announced indictments against two Chinese nationals for allegedly stealing intellectual property and confidential information — including COVID-19-related research data — from hundreds of companies worldwide, both for financial gain and on behalf of China's spy agency. In a press conference announcing the indictments Tuesday, US Justice Department officials used unusually blunt language to accuse the Chinese government of allegedly providing safe harbor for such individuals in return for helping the state. "China is using cyber-enabled theft as part of a global campaign to 'rob, replicate and replace' non-Chinese companies in the global marketplace," Assistant At...
The State of Hacktivism in 2020
Cyber Security

The State of Hacktivism in 2020

Activism via hacking might not be as noisy as it once was, but it hasn't been silenced yet. Hacktivism is alive and well, if a bit weird, in 2020, says Gabriella Coleman, a cultural anthropologist specializing in hacker culture at McGill University. At the end of June, Twitter banned the account of the hacker collective Distributed Denial of Secrets (DDoSecrets) and blocked links to "BlueLeaks," the group's data trove of 270 GB of data containing internal records from more than 200 police departments. The hacktivist collective Anonymous also returned to prominence as its members took actions to support Black Lives Matter protesters, including getting legions of Korean pop music superfans to participate in social media disruptions.  "BlueLeaks shows that there's still a lot of inte...
DDoS Botnets Are Entrenched in Asia & Amplification Attacks Set Records
Cyber Security

DDoS Botnets Are Entrenched in Asia & Amplification Attacks Set Records

China, Vietnam, and Taiwan are top sources of DDoS botnet activity, but the top data floods use a variety of amplification attacks, a report finds. More than 4.7 million sources in five countries — the US, China, South Korea, Russia, and India — were used to level distributed denial-of-service (DDoS) attacks against victims in the second quarter of 2020, with the portmap protocol most frequently used as an amplification vector to create massive data floods, security and services firm A10 Networks says in its threat report for the second quarter.  In its "State of DDoS Weapons" report for the second quarter of 2020, the company finds that China, Vietnam, and Taiwan accounted for more than a third of all DDoS botnet clients, while the most common high-volume floods used amplification att...
Patch now! SIGRED – the wormable hole in your Windows servers
Cyber Security

Patch now! SIGRED – the wormable hole in your Windows servers

Yesterday was Patch Tuesday, and with 123 bugs fixed, including 20 in the “critical” category, we’re saying what we always do, namely, “Patch early, patch often.” As often happens, however, one BWAIN (that’s shorthand for Bug With An Impressive Name) that was patched in the Windows DNS server is flying high in the headlines because Microsoft itself has come straight out and said: We consider this to be a wormable vulnerability, meaning that it has the potential to spread via malware between vulnerable computers without user interaction. DNS is a foundational networking component and commonly installed on Domain Controllers, so a compromise could lead to significant service interruptions and the compromise of high level domain accounts. The vulnerability turned out to be a ...
The Twitter hack: Why Elon Musk, Bill Gates, Jeff Bezos and others might have reason to be worried
Cyber Security

The Twitter hack: Why Elon Musk, Bill Gates, Jeff Bezos and others might have reason to be worried

The real problem is not the cryptocurrency scam… Twitter has shared more information about the high profile hack it suffered yesterday which saw highstreet brands and public figures have their accounts hijacked to promote a cryptocurrency scam. In a series of tweets, @TwitterSupport said that it had found no evidence that whoever breached the accounts – possibly via Twitter’s own internal administration tool – accessed any passwords. As a result, it’s not calling on users to change their passwords. Of course, it would be remiss of me not to take the opportunity to remind anyone who hasn’t yet done so to protect their Twitter account with two-factor authentication (2FA). Having 2FA wouldn’t have protected you from this latest attack, because Twitter’s internal tool is capab...
Insecure IoT devices could be banned and destroyed if they fail to meet UK security standards
Cyber Security

Insecure IoT devices could be banned and destroyed if they fail to meet UK security standards

IoT devices could be banned from sale and destroyed if they fail to meet basic security standards, according to proposals put forward by the UK Government. The UK Government Department for Digital, Culture, Media and Sport (DCMS) has published proposals for a new law designed to protect purchasers of so-called “smart devices” from cybercriminals. Working with the National Cyber Security Centre (NCSC), the DCMS has detailed three key requirements that it wants IoT device manufacturers to follow – and the potential penalties it is prepared to mete out if they are not met. The list of proposed rules, which could be expanded in future, are as follows: Ban universal default passwords in consumer smart products On too many occasions we have seen botnets recru...
Career Notes podcast – Have to be able to communicate to everybody
Cyber Security

Career Notes podcast – Have to be able to communicate to everybody

The folks behind The Cyberwire podcast interviewed me for a new series of shows, looking at how people joined the cybersecurity industry. The idea behind the short-form “Career Notes” podcast is to “step inside the diverse and fascinating worlds of cybersecurity professionals around the globe and hear their personal stories in their own words.” Well, I’m not sure if my story is fascinating, but here is how “Career Notes” described my episode: Computer security writer, podcaster and public speaker Graham Cluley describes learning to program on his own from magazines, creating text adventure games for donations, and his journey from programming to presenting and writing with a bit of tap dancing on the side. Along the way, Graham collaborated with others and learned to communi...
Mitre, the creepy company checking your fingerprints on Facebook for the US Government
Cyber Security

Mitre, the creepy company checking your fingerprints on Facebook for the US Government

Cybercrime reporter Thomas Brewster has written a fascinating exposé of the activities of Mitre Corporation, which has taken on some eyebrow-raising projects for the US government.Writing for Forbes, Brewster’s article reveals a $500,000 project undertaken by Mitre for the FBI which saw it attempt to capture biometric information – such as actual fingerprints – from photographs posted on social media sites such as Facebook, Instagram, and Twitter. Former FBI science head Chris Piehota, described how the “image fingerprinting” technology could be used to examine the image of gang members who posted online, making gang signs with their hands. “They’re also giving us access to their fingerprint patterns,” he adds. “[The FBI] can take your fingerprint characteristics from those ...