Technology

We have already reported on the proposed rules generally. Briefly, in light of increased frequency and severity of cyberattacks, on December 18, 2020, the federal banking regulators proposed a new ru… [+2495 chars]

In a blog post, the digital security firm Malwarebytes said that it had been targeted by the nation state actor implicated in the SolarWinds breach late last year that affected the U.S. government, M… [+1595 chars]

Does your company’s website or blog work the way you want, or are there many points for improvement? Paying attention to this is very important for your branding to be well built. Your website hosti… [+8907 chars]

Like several other African countries, Mozambique declared a state of emergency to control the spread of the coronavirus in March last year, and has extended it three times due to increased COVID-19 c… [+9410 chars]

ExpressVPN has come a long way since the VPN service first launched in 2009 and for this reason, the company has decided to give its logo as well as its clients a fresh new look. During its 11 year … [+2021 chars]

The development of digital experiences that please the consumer is one of the major concerns of any CMO.  The idea is to provide the audience with experiences appropriate to their characteristics an… [+9910 chars]

The past twelve months have been a remarkable time of digital transformation as organizations, and especially digital security teams, adapt to working remotely and shifting business operations. IT le… [+2033 chars]

There is a greater need for cybersecurity professionals across all sectors amid the UAE’s bid to expand its digitalisation operations. The cybersecurity landscape has become further complicated owin… [+3480 chars]

CEO at DefendX, overseeing Secure Data Management- File Discovery, Compliance and Mobility for our customers globally. Getty How do you securely manage virtual employees and independent consultant … [+6189 chars]

Posted by    on   Jan 19, 2021 2020 proved to be an extraordinary in the true sense of the word year for everyone, and 2021 has already thrown some curveballs in the short few weeks since it began. … [+1898 chars]

How is gender represented across the books assigned in U.S. colleges? The answer, according to a recent study, is pretty much what you’d anticipate: men still dominate syllabi across the country. De… [+6836 chars]

<div class="c-article__content js-reading-content"> <p>The forum supporting the community for OpenWrt suffered a security breach over the weekend, giving hackers access to e-mail addresses, user handles and additional private forum user information.</p> <p>Those that maintain the forum for the Linux-based open-source firmware said the forum was breached in the early hours of Saturday Jan. 16, though how attackers got in remains unknown, according to a <a href="https://archive.fo/e0YBQ" target="_blank" rel="noopener noreferrer">security notice</a> posted to the <a href="https://archive.fo/Zhpwc" target="_blank" rel="noopener noreferrer">forum’s home page</a>. While the account had “a good password,” administrators acknowledged that the forum did not enable two-factor authentication for its users.</p> <div id="attachment_163092" style="width: 310px" class="wp-caption alignright"><a href="https://threatpost.com/webinars/supply-chain-security-a-10-point-audit"><img aria-describedby="caption-attachment-163092" loading="lazy" class="wp-image-163092 size-medium" src="https://media.threatpost.com/wp-content/uploads/sites/103/2021/01/15110355/webinar_supply_chain-300x203.jpg" alt="Supply-Chain Security: A 10-Point Audit" width="300" height="203"></a><p id="caption-attachment-163092" class="wp-caption-text">Click to Register – New Browser Tab Opens</p></div> <p>While the breach of an open-source forum may not seem on the surface like such a big deal, the forum is often visited by those developing commercial routers, devices and software based on OpenWrt firmware. Targeting these users, then, could be used as a gateway into these companies’ networks by threat actors. Commercial routers compatible with OpenWrt firmware include devices from <a href="https://threatpost.com/netgear-wont-patch-45-router-models-vulnerable-to-serious-flaw/157977/" target="_blank" rel="noopener noreferrer">Netgear</a>, <a href="https://threatpost.com/new-mirai-variant-mukashi-targets-zyxel-nas-devices/153982/" target="_blank" rel="noopener noreferrer">Zyxel</a>, TP-Link and <a href="https://threatpost.com/20-linksys-router-models-vulnerable-to-attack/125085/" target="_blank" rel="noopener noreferrer">Linksys</a>.</p> <p>“The intruder was able to download a copy of the user list that contains email addresses, handles, and other statistical information about the users of the forum,” according to the notice, which also was sent out via a <a href="https://lists.openwrt.org/pipermail/openwrt-announce/2021-January/000008.html" target="_blank" rel="noopener noreferrer">mailing list</a> to forum users.  This means that users should assume that their email address and handle have been disclosed and “may get <a href="https://threatpost.com/microsoft-most-imitated-phishing/160255/" target="_blank" rel="noopener noreferrer">phishing emails</a> that include your name,” administrators said.</p> <p>The OpenWrt Project is a Linux operating system for embedded devices that provides “a fully writable filesystem with package management,” according to its home page. Its basic components are Linux, util-linux, musl and BusyBox, all of which have been designed specifically to suit the memory and storage available on home networking devices.</p> <p>OpenWrt provides a framework to build an application without having to develop a complete firmware around it, so users can provide customization for devices in ways that proprietary systems don’t offer, according to its administrators. Developers cite real-time network management, increased network stability, advanced wireless set-up, VPN integration, and increased network speed and security as some of the benefits of using OpenWrt.</p> <p>Though those that maintain the forum do not believe that attackers accessed the OpenWrt database, they advised users of the community to reset all passwords, providing specific details in the security notice for the proper procedure to do so. They also have flushed API keys from the forum, according to the notice.</p> <p>Administrators also advised users to reset and refresh any Github login or OAuth key, if they use it to access the forum. However, since OpenWrt forum credentials are entirely independent of the OpenWrt Wiki that users access for information and updates about the platform, “there is no reason to believe there has been any compromise to the Wiki credentials,” administrators said.</p> <p>“We apologize for the inconvenience caused by this attack,” they said in the notice. “We will provide updates if we learn any more about the attacker or information that was disclosed.</p> <p><strong>Supply-Chain Security: A 10-Point Audit Webinar:</strong> <em>Is your company’s software supply-chain prepared for an attack? On Wed., Jan. 20 at 2p.m. ET, start identifying weaknesses in your supply-chain with actionable advice from experts – part of a </em><a href="https://threatpost.com/webinars/supply-chain-security-a-10-point-audit/?utm_source=ART&amp;utm_medium=ART&amp;utm_campaign=Jan_webinar" target="_blank" rel="noopener noreferrer"><em>limited-engagement and LIVE Threatpost webinar</em></a><em>. CISOs, AppDev and SysAdmin are invited to ask a panel of A-list cybersecurity experts how they can avoid being caught exposed in a post-SolarWinds-hack world. Attendance is limited: </em><a href="https://threatpost.com/webinars/supply-chain-security-a-10-point-audit/?utm_source=ART&amp;utm_medium=ART&amp;utm_campaign=Jan_webinar" target="_blank" rel="noopener noreferrer"><strong><em>Register Now</em></strong></a><em> and reserve a spot for this exclusive Threatpost </em><a href="https://threatpost.com/webinars/supply-chain-security-a-10-point-audit/?utm_source=ART&amp;utm_medium=ART&amp;utm_campaign=Jan_webinar" target="_blank" rel="noopener noreferrer"><em>Supply-Chain Security webinar</em></a><em> – Jan. 20, 2 p.m.</em></p> <footer class="c-article__footer"> <div class="c-article__footer__container"> <div class="c-article__footer__col"> <a href="#discussion" class="c-button c-button--secondary">Write a comment</a> </div> <div class="c-article__footer__col"> <div class="c-article__sharing"> <p><strong>Share this article:</strong></p> <nav class="c-nav-sharing"> <div class="social-likes social-likes_notext" data-title="Attackers Steal E-Mails, Info from OpenWrt Forum" data-url="https://threatpost.com/attackers-e-mails-openwrt-forum/163136/" data-counters="yes" data-zeroes="yes"><div class="facebook" title="Share via Facebook"></div> <div class="twitter" title="Share via Twitter"></div><div class="linkedin" title="Share via LinkedIn"></div> <div class="reddit" title="Share via Reddit"></div> <div class="flipboard" title="Share via Flipboard"></div> </div> </nav> </div> </div> </div> <div class="c-article__footer__container"> <div class="c-article__footer__col"></div> <div class="c-article__footer__col"> <ul class="c-list-categories"> <li><a class="c-label c-label--secondary-transparent" href="https://threatpost.com/category/hacks/">Hacks</a></li> </ul> </div> </div> </footer> </div>

<div class="body gsd-paywall article-body"><div> <p>Fifth generation wireless technology, or 5G, will be a primary driver of the U.S. prosperity and security in the 21st century, says the <a href="https://www.ntia.gov/" rel="home" title="Home">National Telecommunications and Information Administration</a> (NTIA), the agency<strong> </strong>that is principally responsible for advising the President on telecommunications and information policy issues.</p> <p>The newly released National Strategy to Secure 5G plan by the NTIA details how the United States will lead global development, deployment, and management of secure and reliable 5G infrastructure. The work to enhance the security of 5G networks will require a range of efforts from across the U.S. government, working in close collaboration with our international and industry partners. The U.S. government is committed to fostering innovation and realizing the technological promise of 5G, while continuing to safeguard our economy and national security and ensuring continued access to 5G networks, says the NTIA.</p> <p>In accordance with the <a href="https://www.congress.gov/bill/116th-congress/senate-bill/893/text">Secure 5G and Beyond Act of 2020</a>, the NTIA developed this comprehensive implementation plan associated with the National Strategy to Secure 5G, posted below. The implementation plan will be managed under the leadership of the National Security Council and the National Economic Council, supported by NTIA, and with contributions from and coordination among a wide range of departments and agencies.</p> <p>The implementation plan took into account the <a href="https://www.ntia.gov/federal-register-notice/2020/comments-national-strategy-secure-5g-implementation-plan">substantive comments</a> in response to NTIA's <a href="https://www.ntia.gov/federal-register-notice/2020/request-comments-national-strategy-secure-5g-implementation-plan">Request for Comments</a> received from companies, industry associations, and think tanks representing a range of interests and aspects of the telecommunications ecosystem.</p> </div><div> <div> <div>The plan can be found here: <a href="https://www.ntia.gov/files/ntia/publications/2021-1-12_115445_national_strategy_to_secure_5g_implementation_plan_and_annexes_a_f_final.pdf" title="2021-1-12_115445_national_strategy_to_secure_5g_implementation_plan_and_annexes_a_f_final.pdf" type="application/pdf; length=624832">National Strategy to Secure 5G Implementation Plan</a> </div> </div> </div> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> </div>

<div class="body gsd-paywall article-body"><p>In September 2020, a ransomware attack forced 6,000 elementary students to shutdown learning at the Newhall School District. Newhall isn't alone. In addition, Harford Public School, Miami Dade County, Haywood County School district in North Carolina are others that experienced similar circumstances. </p><p>With ransomware surging nearly 110% and no end in sight for remote learning, the environment is ripe for cyberattacks to escalate. To get some insight, we spoke to Dmitriy Ayrapetov, Vice President of Platform Architecture at SonicWall.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p> </p><p><span style="color:#800000;"><strong><em>Security</em> magazine:</strong> <strong>What is your title and background? </strong></span></p><p><strong>Ayrapetov:</strong> I am currently Vice President of Platform Architecture at SonicWall after having been in various product management and engineering roles at SonicWall over the past 15 years. Before that, I was a software engineer at two Silicon Valley startups, the latter of which was acquired by SonicWall in 2005. I graduated from UC Berkeley with a degree in Cognitive Science, which is an interdisciplinary field bridging neuroscience, psychology, linguistics, philosophy, and computer science. I was also a member of the varsity swim team doing sprint butterfly. I returned to UC Berkeley ten years later for my MBA at the Haas School of Business. </p><p>My passion for computers and technology started out early, as both of my parents were software engineers, which provided me with an ample supply of punch cards to play as a kid. Around 1994, my father got me a computer and a Netcom internet connection and let me run wild. Shortly after, I had my first exposure to computer security when I sent a trojan-ed game to my friend and had his computer interject into our phone conversation. I did let him in on what was happening eventually, so it was all good fun.  </p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> <p> </p><p><span style="color:#800000;"><strong><em>Security</em> magazine:</strong> <strong>Why are K-12 school districts prime targets for cybercriminals?</strong></span></p><p><strong>Ayrapetov:</strong> Cybercriminals have increased focus on K-12 districts because they tend to be easier targets than enterprises and because their continued operation online has become “critical infrastructure” due to distance learning. Even though K-12 spending on cybersecurity reaches over $230 million annually, it remains one of the most under-funded sectors when it comes to cybersecurity. This lack of budget makes K-12 districts vulnerable to traditional types of attacks like phishing and DDoS attacks.<br> <br> Students and teachers often aren’t aware of cyber risks or are too focused on operating in the new territory of distance learning that has come to dominate education since the COVID-19 outbreak. With the volume of new notifications such as updates, systems, logins, automated messages from the online learning platforms and assignment confirmations, that are flowing through email, it’s easy to slip in something authentic-looking and deliver malicious links. Both students and teachers may not necessarily be on high alert to keep an eye out for phishing scams, which could lead to them clicking on a malicious link.</p><p>At the same time, downtime that can be brought onto a school district with ransomware is now especially painful since it completely halts all instruction, making the districts more likely to pay a ransom just to get operations back online.   </p><p> </p><p><span style="color:#800000;"><strong><em>Security</em> magazine:</strong> <strong>What are some of the current cybersecurity vulnerabilities K-12 districts are experiencing?</strong></span></p> <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> <p><strong>Ayrapetov:</strong> This year alone -- from <a href="https://www.nytimes.com/2020/11/29/us/baltimore-schools-cyberattack.html">Baltimore, MD</a> to <a href="https://www.kiro7.com/news/trending/ransomware-attack-prompts-connecticut-school-district-postpone-first-day-school-year/ELS6KZVTIJG4FBXWGHUTKZ4QJQ/">Hartford, CT</a> to <a href="https://thehill.com/policy/cybersecurity/514998-teenager-arrested-for-alleged-cyberattacks-on-miami-dade-school-district">Miami, FL</a> -- K-12 schools have been pummeled by ransomware attacks. Even though ransomware attacks have been around for years, hackers are now using ransomware to target sensitive, personal student and employee data that lives in abundance on school networks. Without access to the right cybersecurity resources, districts’ unpreparedness makes it difficult to protect against these types of attacks.<br> <br> Beyond ransomware, cybercriminals still target K-12 districts through common threat vectors like emails, PDFs and Office documents. Without the right protections in place, students also commonly fall victim to social engineering, phishing attacks and email fraud. Data breaches are another serious risk, as students, parents and teachers increasingly use personal devices on less secure, at-home networks.</p><p> </p><p><span style="color:#800000;"><strong><em>Security</em> magazine:</strong> <strong>In your opinion, why do so many school districts end up paying the ransom?</strong></span></p><p><strong>Ayrapetov:</strong> To start, I don’t recommend that schools ever pay ransom. However, some schools will because it’s simply impossible for a school to function in the world of distance learning.  While ransomware or another cyberattack would be devastating in normal times, instruction would continue in person. With today’s reality of distance learning, a cyberattack can bring the entire operation to an absolute halt. <a href="https://www.nytimes.com/2020/09/08/nyregion/hartford-schools-ransomware.html">Hartford public schools</a> had to delay their first day of school because of a ransomware attack. With hackers threatening to publish students’ personal data on the dark web, sometimes as young as first grade, schools feel obligated to pay the ransom to protect their students’ private information. This is the extortion angle that I mentioned earlier – it’s a novel and a clever technique to ratchet up the stakes for the victim.<br> <br> Cybercriminals know that ransomware is effective, so unfortunately, we’re seeing it evolve and continue to surge. In 2020, we’ve seen a nearly <a href="https://www.sonicwall.com/news/new-sonicwall-research-finds-aggressive-growth-in-ransomware-rise-in-iot-attacks/">140%</a> spike in ransomware attacks in the U.S. (a 40% increase globally) which points to the fact that cybercriminals are using more sophisticated types of cyberattacks to target less prepared victims like K-12 schools. The proliferation of ransomware-as-a-service sites have lowered the barrier to entry into the ransomware game, allowing people without higher technical skills (they’re called script kiddies – that’s what I was when I sent that trojan to my friend over 20 years ago) to also conduct ransomware attacks.</p><p>Of course, we cannot focus solely on defense. I like Dan Geer’s analogy that we should treat cybersecurity and internet connectivity like electricity. A lot goes into prevention of an outage, but also can bounce back quickly and resume operation when there is an outage. In the case of electricity, there are UPSs and backup generators. In the case of cyber security and ransomware, it is the existence of properly set up and regularly tested offline backups along with ongoing security training and assessments<em>.</em><br>  </p><p><span style="color:#800000;"><strong><em>Security</em> magazine:</strong> <strong>How can school districts and online-learning platforms understand cybersecurity infrastructure to protect remote-learners from ransomware? </strong></span></p><p><strong>Ayrapetov:</strong> At this time, it’s critical for school districts and online-learning platforms to understand the implications of weak cybersecurity infrastructure and take critical steps to protect at-home learners and their endpoint devices.</p><p>Online-learning platforms and academic institutions alike must take it upon themselves to enhance cyber awareness throughout their organization and practice good cyber hygiene. This is not only important for protecting students' sensitive data, but also for ensuring business continuity. Administrators should deploy cloud-based security services to protect their entire school district from advanced email threats, regardless of location, and secure sensitive student and employee data by enforcing multifactor authentication, strong encryption, data protection and compliance policies.</p><p>School districts must also consider deploying endpoint protection capabilities to secure devices that connect and interact with school applications and data in the age of remote learning. Endpoint protection platforms are critical for protecting devices against malware and enabling continuous behavioral monitoring.</p></div>

<div class="body gsd-paywall article-body"><p>The U.S. Department of Transportation (USDOT) released the Complementary Positioning, Navigation, and Timing (PNT) and GPS Backup Technologies Demonstration Report to Congress <a href="https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.transportation.gov%2Fadministrations%2Fassistant-secretary-research-and-technology%2Fcomplementary-pnt-and-gps-backup&amp;data=04%7C01%7Cedward.dao%40dot.gov%7C0c929aa3699f4d995f5f08d8b966d514%7Cc4cd245b44f04395a1aa3848d258f78b%7C0%7C0%7C637463198591915439%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=OIArdF2W5%2BPQHqS14seKvFWmbDwnzWHAxbQ7mXI%2BSRE%3D&amp;reserved=0">final report</a>.  USDOT’s Volpe National Transportation Systems Center (Volpe Center) conducted field demonstrations of candidate PNT technologies that could offer complementary service in the event of Global Positioning System (GPS) disruptions.  The purpose of the demonstrations was to gather information on PNT technologies at a high Technology Readiness Level that can work in the absence of GPS. </p><p>“The results of the thorough scientific research conducted by this demonstration effort indicate that there are suitable, mature, and commercially available technologies to back up or to complement the timing services provided by GPS.  However, the demonstration also indicates that none of the systems alone can universally back up the positioning and navigation capabilities provided by GPS and its augmentations.  This necessitates a diverse universe of positioning and navigation technologies,” said Diana Furchtgott-Roth, USDOT’s Deputy Assistant Secretary for Research and Technology.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p>The Volpe Center, through a competitive acquisition process, selected 11 candidate technologies to demonstrate positioning and/or timing functions in the absence of GPS.   </p><p>The demonstrations were conducted in March 2020 at NASA’s Langley Research Center (Hampton, VA) and Joint Base Cape Cod (Bourne, MA).  The results from the demonstrations were evaluated against 14 measures of effectiveness.  The findings indicate that the best strategy for achieving resilient PNT service is to pursue multiple technologies to promote diversity in the PNT functions that support transportation and other critical infrastructure sectors in urban, rural, and maritime areas. </p><p>The report details the results of USDOT activities covering GPS backup demonstration planning, the PNT technologies demonstrated, the government reference system used to collect and verify results, and an information framework to convey measures of effectiveness of the demonstrated technologies.</p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> <p>More information on GPS Backup/Complementary PNT Demonstrations can be found <a href="https://www.transportation.gov/pnt/gps-backupcomplementary-pnt-demonstration">here</a>. </p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> </div>

<div class="body gsd-paywall article-body"><p>In legal professions, safeguarding documents and paperwork is an essential office task. These papers may contain important, private information about a company’s operations, or they may include other privileged information shared by clients concerning their cases. In an increasingly digital world, the lock and key of the filing cabinet are no longer enough to guarantee document security.<br> <br> How can your practice better protect the digital files it stores? Take a moment to consider these six tips for implementing better security surrounding these important documents.</p><p><strong>1. Store Documents of Similar Security Levels Together</strong></p><p>When creating a digital filing system to store your sensitive documents, it is vital to employ a classification system that makes sense today and tomorrow. In other words, documents of similar sensitivity levels should all go into the same general area of your local or cloud infrastructure. The effect is twofold. First, you always know exactly where to locate particular types of documents. Second, you can standardize the types of security you apply to these documents based on their overall security level, rather than classifying every document individually all over again.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p><strong>2. Prefer Group Permissions Over Individual Access</strong></p><p>Controlling access to confidential information is important; not everyone within a legal practice may have the authority or right to view certain documents. Access control systems, such as Microsoft's Active Directory Rights Management Services, serve an important role in designating which files remain accessible by which users. Leaving secure documents in insecure places on your computer networks or in the cloud not only raises the risk of an incident caused by an outside intruder but also increases the risk of a leak from within your office. At the least, it's an unacceptable liability.</p><p><br> <strong>3. Use Software That Enables Secure Document Management</strong><br> It's tough to overrate the value of software tools that put security features right at your fingertips. Law offices, increasingly working in a paperless environment, require cost-effective programs that make secure document management easy. Whether that means redacting information before turning over discovery materials, affixing a certifiable signature, or encrypting files altogether, the right tools make the difference.<br> <br> <strong>4. Protect and Encrypt Your Most Sensitive Files</strong><br> Speaking of encryption, it is advisable to lock down your files in general. An intern or clerk should not be able to find sensitive client information in a file folder and simply start browsing and reading with a few clicks. Using password-based encryption is an easy way to ensure that wayward eyes can't access information without authorization.<br> <br> <strong>5. Safeguard Against Tampering with Secure Digital Signatures</strong><br> Using cryptographic certificates, modern digital signatures provide binding proof of who authorized a document and when. In the legal field, ensuring the authenticity of documents is of the utmost importance. Use tools that have anti-tampering measures built-in to ensure that your documents hold up to the strict scrutiny given to paperwork in the legal profession.<br> <br> <strong>6. Keep Safe Backups</strong><br> Nothing is worse for a firm than losing essential papers that you cannot replace. Without the need for additional physical storage space, keeping your legal documents secure in the cloud is an easier way to guarantee access now and in the future. Whatever backup solution you choose, continue to follow the practices outlined here. Group files together into sensible backup folders, and make sure you've password-protected your documents and encrypted the backup. When your document management solution integrates with ease into standard cloud services such as Microsoft Sharepoint, you can exert a highly granular control over permissions and security settings.<br> <br> <strong>Make Changes to Protect Your Legal Documents Today</strong><br> With best practices in place and the appropriate software tools powering your efforts behind the scenes, creating a modern security setup for your legal team is simple. Straightforward, easy-to-use, and cost-effective tools make quick work of security workflows. When everyone can use the same tools and follow the same procedures, you can confidently reduce the risk of sensitive information leaking from your office. Learn more about how to empower your efforts to improve security today.</p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> </div>

<div class="body gsd-paywall article-body"><p>The 10th <a href="https://www.agcs.allianz.com/content/dam/onemarketing/agcs/agcs/reports/Allianz-Risk-Barometer-2021.pdf" target="_blank">Allianz Risk Barometer 2021</a> survey reports potential disruption and loss scenarios companies are facing; this year's top three risks all relate to the coronavirus pandemic. Business interruption (BI) (#1 with 41% responses); Pandemic outbreak (#2 with 40%) and Cyber incidents (#3 with 40%) rank as the top three risks.</p><p>The annual survey on global business risks from Allianz Global Corporate &amp; Specialty (AGCS) incorporates the views of 2,769 experts in 92 countries and territories, including CEOs, risk managers, brokers and insurance experts.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p>“The Allianz Risk Barometer 2021 is clearly dominated by the Covid-19 trio of risks. Business interruption, pandemic and cyber are strongly interlinked, demonstrating the growing vulnerabilities of our highly globalized and connected world,” says Joachim Müller, CEO of AGCS. “The coronavirus pandemic is a reminder that risk management and business continuity management need to further evolve in order to help businesses prepare for, and survive, extreme events. While the pandemic continues to have a firm grip on countries around the world, we also have to ready ourselves for more frequent extreme scenarios, such as a global-scale cloud outage or cyber-attack, natural disasters driven by climate change or even another disease outbreak.”</p><p>The Covid-19 crisis continues to represent an immediate threat to both individual safety and businesses, according to the Risk Barometer, reflecting why pandemic outbreak has rocketed 15 positions up to #2 in the rankings at the expense of other risks. Prior to 2021, it had never finished higher than #16 in 10 years of the Allianz Risk Barometer. However, in 2021, it’s the number one risk in 16 countries and among the three biggest risks across all continents and in 35 out of the 38 countries that qualify for a top 10 risks analysis.</p><p>In the United States, Business Interruption (BI) (46%) topped the list followed by Pandemic outbreak (41%) and Cyber incidents (33%).</p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> <p>Prior to the Covid-19 outbreak, BI had already finished at the top of the Allianz Risk Barometer seven times and it returns to the top spot after being replaced by cyber incidents in 2020. The pandemic shows that extreme global-scale BI events are not just theoretical, but a real possibility, causing loss of revenues and disruption to production, operations and supply chains. 59% of respondents highlight the pandemic as the main cause of BI in 2021, followed by Cyber incidents (46%) and Natural catastrophes and Fire and explosion (around 30% each).</p><p>The pandemic is adding to the growing list of non-physical damage BI scenarios such as cyber or power blackouts. “The consequences of the pandemic – wider digitalization, more remote working and the growing reliance on technology of businesses and societies – will likely heighten BI risks in coming years,” explains Philip Beblo, expert in AGCS’s global Property underwriting team. “However, traditional physical risks will not disappear and must remain on the risk management agenda. Natural catastrophes, extreme weather or fire remain the main causes of BI for many industries and we continue to see a trend for larger losses over time.”</p><p>According to Allianz Risk Barometer respondents, improving business continuity management is the main action companies are taking (62%), followed by developing alternative or multiple suppliers (45%), investing in digital supply chains (32%) and improved supplier selection and auditing (31%).</p> <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> <p>For more on this year's 2021 results, click <a href="http://www.agcs.allianz.com/content/dam/onemarketing/agcs/agcs/reports/Allianz-Risk-Barometer-2021.pdf" target="_blank">here</a>. </p></div>

<div class="body gsd-paywall article-body"><p>Launching in January 2021, the International Foundation for Protection Officers (IFPO) will host a series of monthly webinars on a series of topics relevant to today’s front-line security practitioners. Designed for those in officer and supervisory roles, these webinars will provide information on a variety of topics designed to give security officers the tools to increase effectiveness, build their skill set and help with their security career. Each session will be 30 minutes, the third Wednesday of each month, at 10 a.m. Eastern Time.</p><h3><strong>Topics will include:</strong></h3><ul> <li>Jan 20: The challenges and opportunities of providing security during Covid-19</li> <li>Feb 17: Careers in Security Part 1</li> <li>March 17: Careers Part 2</li> <li>April 21: Careers Part 3</li> <li>May 19: Dealing with Violence (research findings)</li> <li>June 16: Staying Motivated</li> <li>July 21: How to get paid more</li> <li>Aug 18: IFPO Research Findings on Security Officer Tasks and their Complexity</li> <li>Sept 15: Training to fill skills gaps</li> <li>Oct 20: Ask a Panelist Session</li> <li>Nov 17: Train the Security Trainer</li> <li>Dec 15: Situational Awareness with Don Muldoon</li> </ul><p>These sessions will also provide re-certification credit for CPO and CSSM certificate holders. Attendees must <a href="https://www.ifpo.org/ifpo-webinar-series/" target="_blank">register</a> ahead of time.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> </div>

SYRACUSE, N.Y., Jan. 18, 2021 /PRNewswire/ -- RESCUECOM delivers their newest report on what errors are plaguing Windows users, the common problems and how to fix them. Problems with Microsoft's ope… [+4739 chars]

SYRACUSE, N.Y., Jan. 18, 2021 /PRNewswire/ -- RESCUECOM delivers their newest report on what errors are plaguing Windows users, the common problems and how to fix them. Problems with Microsoft's ope… [+4568 chars]

A terrible Capitol riot has triggered a series of challenging questions around technological objectivity and neutrality: the socio-technical meaning of blocking Trump from platforms like Facebook and… [+7982 chars]

<div class="body gsd-paywall article-body"><p>According to the first national survey conducted in Singapore regarding sexual harassment, two in five workers in the country report being sexually harassed at the workplace in the past five years. </p><p>The survey by market research company Ipsos in collaboration with gender-equality organization AWARE, conducted the first-ever nationally representative <a href="https://www.ipsos.com/en-sg/aware-ipsos-survey-reveals-high-prevalence-workplace-sexual-harassment-singapore" target="_blank">survey</a> on workplace sexual harassment in Singapore. According to its findings, when respondents were asked “Have you been sexually harassed in the workplace within the last five years?”, one in 5 responded in the affirmative. However, when specific harassment situations were described to them, 2 in 5 reported that they had experienced such behaviors—indicating a gap in understanding of what constitutes sexual harassment.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p>The harassment situations illustrated in the survey included:</p><ul> <li>Pictures, jokes, texts or gestures of a sexual or sexist nature (approximately 1 in 5 reported experiencing this; approximately 1 in 10 experienced this behavior on seven separate occasions in the past five years).</li> <li>Alarming or offensive remarks or questions about their appearances, bodies or sexual activities (approximately 1 in 5 reported experiencing this; approximately 1 in 10 experienced this behavior on eight separate occasions in the past five years).</li> <li>Crude and distressing remarks, jokes or gestures of a sexual or sexist nature (approximately 1 in 5 reported experiencing this; approximately 1 in 10 experienced this behavior on five separate occasions in the past five years) .</li> <li>Unwanted physical contact, attempts to initiate romantic or sexual relationships, implications that career prospects were tied to sexual favors, and more. </li> </ul><p>The survey found that 3 in 10 survivors of workplace sexual harassment made official reports about their experiences. Those who did not often cited a desire to forget about the incidents, a belief that what they experienced was not severe enough, or a perceived lack of evidence. In 2 in 5 cases where reports were made, the harasser was reassigned or dismissed; however, in another 1 in 5 of such cases, the harasser faced no consequences despite evidence of harassment. </p><p>AWARE recommends that the Singapore government introduce national legislation against workplace harassment, as well as regular anti-harassment trainings across industries and the universal adoption of grievance handling policies. </p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> </div>

<div class="body gsd-paywall article-body"><p>Duval County Public Schools in Florida have a 15-year <a href="https://www.ourduvalschools.org/priorities" target="_blank">priority plan</a> to use a half-penny sales tax increase to improve the school through safety and security measures and major renovations.</p><p>The half-cent sales tax will give the school district around $7 or $8 million each month, <a href="https://www.firstcoastnews.com/article/entertainment/television/programs/gmj/duval-school-district-says-half-cent-sales-tax-will-bring-in-7-to-8-million-a-month/77-912b864d-8011-4f45-8d62-2d2846407f91" target="_blank">according to</a> Superintendent Dr. Diana Greene. The district has a 15-year renovation plan. One of it's first priorities include safety and security measures installed at the schools. Capital funds will be used to get the projects off the ground until the school collects that extra money. </p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p>Duval County Public Schools is the 20th largest school district in the nation and the sixth largest school district in Florida. The school district serves families residing in the City of Jacksonville and Duval County, Florida. Overall, The Duval County Public Schools serves more than 120,000 students in close to 200 schools.</p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> </div>

<div class="body gsd-paywall article-body"><p>The National Security Agency (NSA) has released an information sheet with guidance on adopting encrypted Domain Name System (DNS) over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), referred to as DNS over HTTPS (DoH). When configured appropriately, strong enterprise DNS controls can help prevent many initial access, command and control, and exfiltration techniques used by threat actors.</p><p>Use of the Internet relies on translating domain names (like “nsa.gov”) to Internet Protocol addresses. This is the job of the Domain Name System (DNS). In the past, DNS lookups were generally unencrypted, since they have to be handled by the network to direct traffic to the right locations. DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by using HTTPS to provide privacy, integrity, and “last mile” source authentication with a client’s DNS resolver. It is useful to prevent eavesdropping and manipulation of DNS traffic. While DoH can help protect the privacy of DNS requests and the integrity of responses, enterprises that use DoH will lose some of the control needed to govern DNS usage within their networks unless they allow only their chosen DoH resolver to be used. Enterprise DNS controls can prevent numerous threat techniques used by cyber threat actors for initial access, command and control, and exfiltration. Using DoH with external resolvers can be good for home or mobile users and networks that do not use DNS security controls. For enterprise networks, however, NSA recommends using only designated enterprise DNS resolvers in order to properly leverage essential enterprise cybersecurity defenses, facilitate access to local network resources, and protect internal network information. The enterprise DNS resolver may be either an enterprise-operated DNS server or an externally hosted service. Either way, the enterprise resolver should support encrypted DNS requests, such as DoH, for local privacy and integrity protections, but all other encrypted DNS resolvers should be disabled and blocked. However, if the enterprise DNS resolver does not support DoH, the enterprise DNS resolver should still be used and all encrypted DNS should be disabled and blocked until encrypted DNS capabilities can be fully integrated into the enterprise DNS infrastructure. This guidance explains the purpose behind the DoH design and the importance of configuring enterprise networks appropriately to add benefits to, but not hinder, their DNS security controls. The following recommendations will assist enterprise network owners and administrators to balance DNS privacy and governance.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p>Review the NSA <a href="https://media.defense.gov/2021/Jan/14/2002564889/-1/-1/0/CSI_ADOPTING_ENCRYPTED_DNS_U_OO_102904_21.PDF">Info Sheet: Adopting Encrypted DNS in Enterprise Environments</a> and consider implementing the recommendations to enhance DNS security.</p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> </div>

<div class="body gsd-paywall article-body"><p>Public cloud adoption rates have been rising for some time, and the global pandemic has accelerated the trend. In fact, nearly <a href="https://readwrite.com/2020/10/13/cloud-computing-for-businesses-will-covid-19-surge-cloud-adoption/">60% of enterprises expect</a> cloud technology usage to exceed prior plans due to COVID-19. In the age of heightened public cloud adoption and widespread cloud Software-as-a-Service (SaaS) usage, cybercriminals are making use of OAuth – a permissions delegation and authorization protocol – to compromise cloud environments. As such, controlling which applications users interact with has become a business imperative.</p><p>Let’s take a closer look at what OAuth is, the role it plays in allowing users to access resources across environments, the ways attackers are abusing OAuth and what organizations can do to better protect their cloud data.</p> <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> <p> </p><p><strong>Understanding OAuth </strong></p><p>Authenticating and authorizing user access for dissimilar systems has been a challenge since the beginning of computerized systems. One answer to this problem has been the birth of single sign-on (SSO) platforms, which allow end users to log in once to access a variety of applications and resources without reauthenticating. Modern applications and the explosion of public cloud services and cloud-hosted data have made it critical to enable users to share information from their cloud accounts with third-party applications.</p><p>Released as an open standard <a href="https://tools.ietf.org/html/rfc5849">in 2010</a>, OAuth provides SSO capabilities to end users who require access to resources across many environments. OAuth is an <em>authorization</em> protocol, which means it provides permission for users to access certain resources (as opposed to validating their identity). Google and other cloud service providers have strongly supported OAuth since its inception, and its evolution (OAuth 2.0) features new security capabilities used by most cloud service providers today.</p> <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> <p> </p><p><strong>How is OAuth Used Today? </strong></p><p>Each time a third-party application requests APIs that are system-centric to user mobile devices, the mobile device will display a prompt for approval of the permissions request (such as using the GPS data via the underlying system API). While APIs can function as security gatekeepers that grant permissions to exchange information, there are problems with this type of permissions approval. API permissions are easily revoked in most sites such as Google, Facebook, and those that have been granted can be easily forgotten.</p><p>How does this relate to OAuth permissions delegation? As an example, Google uses OAuth 2.0 credentials to delegate permissions to API resources. All applications follow the same basic pattern to access a Google API using OAuth 2.0.</p> <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> <p>First, application owners obtain OAuth 2.0 credentials from the Google API Console. Next, before a third-party application can access private user data using the Google API, it must obtain an access token that grants access to the Google API. Then the scope of access granted by the user and returned in the access token are compared to the scopes required to access application features and functionality. The application should disable features and capabilities unable to function without access to the related API. Once the Google Authorization Server provides the token, it is sent to the Google API as an HTTP authorization request header. The access tokens granted by the Google Authorization Server have a limited lifetime, but applications can request a refresh token when needed.</p><p>Most users are accustomed to simply "clicking allow" on permissions requests by third-party applications. As such, attackers may easily persuade end-users to grant the high-level permissions requested by malicious applications.</p><p> </p><p><strong>How Attackers Abuse OAuth </strong></p><p>Although the OAuth standard itself includes security measures, attackers can abuse it for malicious purposes. Some examples of OAuth abuse today include:</p><p>●<u>Leveraging OAuth to help malicious applications retrieve account data</u>. Attackers can craftily impersonate legitimate third-party applications to access account data. For instance, an attacker could create a legitimate looking malicious app, request OAuth tokens to access account data and then use this OAuth token to leak data from a user's account. These types of scenarios underscore how critical it is to reconsider your stance on allowing third-party application installations in cloud SaaS environments like Google Workspace or Microsoft 365.</p><ul> <li> <u>Capitalizing on OAuth implementation weaknesses</u>. Some applications leveraging OAuth <a href="https://cacm.acm.org/magazines/2020/5/244339-measuring-and-mitigating-oauth-access-token-abuse-by-collusion-networks/fulltext">do not require application secrets</a> and are susceptible to access token leakage and abuse. Attackers can use a variety of methods to harvest OAuth tokens, including eavesdropping, cross-site scripting, or social engineering techniques. Once an attacker has access to a compromised OAuth token, they can access the end user's personal information. Additionally, they can use the OAuth token to conduct other malicious activities such as spreading malware on behalf of the compromised user or launch a cloud ransomware attack.</li> </ul><p> </p><p><strong>Protecting Your Cloud Data</strong></p><p>OAuth provides a modern way for applications to access private data contained in your applications or cloud service provider environments. That said, the rise in cloud adoption and subsequent interest in compromising cloud environments means you must also bolster security for your business-critical systems and data in other ways. With the rapid shift to distributed, remote work, this has never been truer than it is today.</p><p>We live in the day and age where applications now span on-premises, cloud, and hybrid environments. Attackers can use a wide breadth of tactics to compromise cloud environments and cloud SaaS platforms. In particular, they’re looking for ways to abuse OAuth authorization for cloud services and often use social engineering and malicious applications that pose as harmless apps to compromise your data, steal information, or even introduce ransomware.</p><p>Consider leveraging AI-based application control approaches to monitor and enforce which third-party applications or browser extensions can integrate into your SaaS environment to get full visibility of the scope of permissions granted to access your Google Workspace or Microsoft 365 data using OAuth 2.0. Doing so will allow you to maintain behavior databases and reputation analyses for thousands of applications, and identify which are safe. In order to prevent OAuth abuse by malicious applications, you must take a proactive approach to managing which applications your users access, and which can and should integrate with your cloud SaaS environment.</p><p> </p></div>