The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at individuals and organizations that focus on international affairs or national security policy. The following guidance may assist U.S. think tanks in developing network defense procedures to prevent or rapidly detect these attacks.
William Boelcke spent the years 1998 to 2000 with the U.S. Air Force. He’d spend the next 18-plus years battling mental health issues and substance abuse. Two years ago, in a treatment facility in Rockford, Ill., Boelcke was introduced to BraveHearts and its equine-assisted therapy program. The non-profit organization based in Illinois has been working with veterans, providing free equine-assisted therapy and a place of calm and acceptance, since 2007.
ESET researchers discovered a previously undocumented backdoor and document stealer used for cyber-espionage. ESET has been able to attribute the program, dubbed Crutch by its developers, to the infamous Turla APT group. It was in use from 2015 until at least early 2020. ESET has seen Crutch on the network of a Ministry of Foreign Affairs in a country of the European Union, suggesting that this malware family is only used against very specific targets. These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators.
On November 4, 2020, the YES on Prop 24 campaign announced the passage of the California Privacy Rights Act (CPRA), with a majority of Californians supporting the measure to strengthen consumer privacy rights. The new law aims to give Californians the strongest online privacy rights in the world. But, does the CPRA do enough to advance the data privacy of California consumers? Many security and privacy leaders argue that it does not. To find out more, we talk to David Bodnick, Chief Technology Officer and co-founder of Startpage, a private search engine.
The U.S. Federal Bureau of Investigation (FBI) issued a Private Industry Notification alert, noting that cybercriminals are increasingly implementing auto-forwarding rules on victims' web-based email clients to conceal their activities. According to the FBI, cybercriminals then capitalize on this reduced visibility to increase the likelihood of a successful business email compromise (BEC).
TransUnion released new findings around online retail trends during the start of the 2020 global holiday shopping season. The research shows a 1% decrease in suspected online retail fraud worldwide during the start of the 2020 holiday shopping season compared to the same period in 2019, a 59% increase from the same period in 2018 and a 14% increase from all of 2020 so far. The findings are based on the same-store sales analysis of TransUnion’s e-commerce customers during the traditional start of the global holiday shopping season, Thanksgiving to Cyber Monday.
The National Security Agency’s Research Directorate has announced it has selected “Spectre Attacks: Exploiting Speculative Execution” as the winner of its 8th Annual Best Cybersecurity Research Paper competition. Originally published at the 2019 IEEE Security & Privacy Symposium, the winning paper, in combination with Meltdown, another award-winning paper released earlier by the same researchers, launched a global effort to mitigate critical vulnerabilities in processors.
A recent ISC² Cybersecurity Workforce Study placed the resource gap worldwide at 4.07 million professionals. The challenges we face when grappling with that gap are myriad and are exacerbated by the security paradigm to which we may have historically pledged allegiance.
Both artificial intelligence (AI) and emotional intelligence (EI) have critical roles to play in security. But two recent reports accentuate the challenge of leadership that tethers technology to humanity.