FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Saturday, December 31, 2022

Latest Cyberthreats and Advisories – December 16, 2022

Cyberthreats 12.16.2022

The rise of new ransomware gangs, cyberattacks on Uber and California’s Department of Finance make headlines this week. Here are the latest threats and advisories for the week of December 16, 2022.

Threat Advisories and Alerts

U.K. Government Sets New Standards for App Security

The U.K. government has requested that app store developers and operators voluntarily follow a code of practice to protect consumers from malicious apps and actors. The code consists of eight principles, including requests to keep apps up-to-date, implement a vulnerability disclosure process, provide clear feedback to developers and more. The guidance comes at a time when news of malicious apps regularly appears in the headlines.

Source: https://www.gov.uk/government/consultations/app-security-and-privacy-interventions/outcome/government-response-to-the-call-for-views-on-app-security-and-privacy-interventions#section-2-code-of-practice-principles 

APT5 Threat Group Actively Exploits Citrix Vulnerability

Citrix has released a patch for a critical vulnerability (CVE-2022-27518). The security flaw affects Citrix ADC and Citrix Gateway versions 13.0 before 13.0-58.32 and 12.1 (including NDcPP and FIPS). The China-linked has taken notice of the vulnerability. According to the National Security Agency (NSA), the group has been actively targeting it to breach organizations.

Source: https://www.darkreading.com/attacks-breaches/citrix-adc-gateway-users-race-against-hackers-patch-critical-flaw

Patches Released for Critical Vulnerability in Fortinet's FortiOS

Fortinet has issued security updates for a critical vulnerability (CVE-2022-42475) in FortiOS SSL-VPN that is reportedly being actively exploited in the wild. If the flaw is successfully exploited, it could allow unauthenticated users to execute arbitrary code and crash devices remotely. Users and admins are urged to apply the patches immediately.

Source: https://www.csa.gov.sg/singcert/Alerts/al-2022-080

Emerging Threats and Research

LockBit Ransomware Gang Attacks California’s Finance Department

California’s Cybersecurity Integration Center (Cal-CSIC) confirmed on Monday that the state’s finance department was hit by a cyberattack. Ransomware gang LockBit claims to be behind the attack, writing in their blog that they’ve stolen 76GB of data, including financial and IT documents, confidential data, databases and “sexual proceedings in court.” The gang has threatened to publish the files unless the Department of Finance pays the ransom by Christmas Eve.

Source: https://www.infosecurity-magazine.com/news/california-hit-by-alledged-lockbit/

Uber Breach Exposes Sensitive Employee and Company Data

Ride-hailing company Uber suffered a data leak this past weekend that exposed sensitive information of more than 77,000 employees. The incident occurred when one of Uber’s third-party vendors, Teqtivity, was compromised by a threat actor who goes by the name ‘UberLeaks.’ In addition to employee information, ‘UberLeaks’ claims to have also stolen source code and IT asset management reports along with other sensitive corporate information.

Source: https://www.itpro.co.uk/security/data-breaches/369706/uber-says-compromised-third-party-to-blame-for-data-breach

Royal Ransomware Gang Targets US Healthcare Industry

The U.S. Department of Health and Human Services (HHS) has warned healthcare organizations that the Royal ransomware group is targeting their industry. The ransomware gang, which emerged this year, uses the double extortion method to threaten victims: data encryption plus public exposure of the stolen data if the ransom goes unpaid. Typical ransoms demanded by Royal range from $250,000 to more than $2 million.

Source: https://www.theregister.com/2022/12/09/royal_ransomware_hhs_warning/

Ransomware Attack Rocks Belgian City of Antwerp

The new ransomware operation known as Play has claimed responsibility for a cyberattack on Antwerp, Belgium. The incident occurred last week when the company that manages Antwerp’s IT systems was hit with ransomware, causing significant disruption to the city. Some email and phone services have gone down and many services, like the library and job applications, have become delayed or unavailable.

Source: https://www.bleepingcomputer.com/news/security/play-ransomware-claims-attack-on-belgium-city-of-antwerp/

To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog. Please share other alerts and threat discoveries you’ve encountered and join the conversation on the (ISC)² Community Industry News board.

The post Latest Cyberthreats and Advisories – December 16, 2022 appeared first on Cybersecurity Insiders.


January 01, 2023 at 09:08AM

Hillstone Networks Recognized as a Visionary Again in the Gartner Magic Quadrant for Network Firewalls

SANTA CLARA, Calif.–(BUSINESS WIRE)–Hillstone Networks, a leading provider of innovative and accessible cybersecurity solutions, announced that Hillstone Networks has been again recognized in the 2022 Gartner® Magic Quadrant™ for Network Firewalls for the 9th consecutive year and named as a Visionary for the second time.

The Hillstone Networks solutions have evolved from a network security platform into a robust cybersecurity portfolio that delivers on cyber resilience, from edge to cloud, and everything in between. From SMB to carrier-class network requirements, across all major verticals globally, the portfolio today leverages the foundational Next Generation Firewall (NGFW) to include the following solutions:

  • Hillstone Secure SD-WAN solution for distributed enterprises.
  • Hillstone ZTNA solution, enabling Zero Trust access from any device, anywhere.
  • Hillstone CloudArmour delivering cloud workload protection.
  • Hillstone CloudHive micro-segmentation solution for virtualized datacenters.
  • Hillstone sBDS server protection integrated with network detection and response (NDR) solution against multi-stage, multi-layer threats targeting critical servers and hosts.
  • Hillstone iSource, an AI-powered Extended Detection and Response (XDR) platform that includes NDR features and input from 3rd party platforms.

“We are happy to return a 9th year in recognition of our completeness of vision and ability to execute,” states Tim Liu, CTO and co-founder, Hillstone Networks. “In today’s hybrid multicloud world, our cloud-first strategy resonates with customers and partners alike. We continue to leverage the award-winning and industry-leading NGFW platform and integrate advanced features to unlock SD-WAN and ZTNA capabilities and deliver additional solutions that meet gaps in the market as well as address the needs of our growing customer base.”

A cloud-first approach is a mandate to deliver effective cyber-resilient solutions that protect enterprise critical assets and infrastructure. Beyond on-premises, private and hybrid cloud environments, the Hillstone Networks solution repertoire includes IoT security that helps the IoT sector proactively detect, protect, and manage risk across IoT devices.

Download a copy of the Gartner Magic Quadrant for Network Firewalls here.

Gartner, Gartner Magic Quadrant for Network Firewalls, Rajpreet Kaur, Adam Hils, Thomas Lintemuth, 19 December 2022

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

About Hillstone Networks

Hillstone Networks’ innovative and accessible cybersecurity solutions reshape enterprise security, enabling cyber resilience while lowering TCO. By providing comprehensive visibility, superior intelligence, and rapid protection to see, understand, and act against multilayer, multistage cyberthreats, Hillstone is favorably rated by leading analysts and trusted by global companies. To learn more visit www.hillstonenet.com.

The post Hillstone Networks Recognized as a Visionary Again in the Gartner Magic Quadrant for Network Firewalls appeared first on Cybersecurity Insiders.


January 01, 2023 at 09:08AM

Ookla Commends the Communications Regulatory Authority of Qatar for Efforts to Help Improve User Experience During FIFA World Cup™

SEATTLE–(BUSINESS WIRE)–Ookla®, an internationally recognized leader in network measurement and connectivity intelligence, commends the Communications Regulatory Authority (CRA) for the State of Qatar and the Ministry of Communications and Information Technology (MCIT) for their important roles in driving network performance gains in the country. Ookla CEO and founder Doug Suttles recognized the MCIT and His Excellency Mohammed bin Ali Al-Mannai, Minister of Communications and Information Technology in person for their efforts and achievements. These include this year’s FIFA World Cup™, which is both the first in the Middle East region and to be supported by commercial 5G networks. CRA is leveraging Ookla’s consumer network insights to actively monitor network performance and service quality – not only for FIFA World Cup™ fans now, but also for future visitors, other large-scale event attendees, and consumers in the region.

FIFA World Cup Qatar 2022™ has seen over 2.45 million stadium attendees during its first two weeks. According to Ookla’s Speedtest Intelligence®, median download performance in November rose to 263.37 Mbps on modern chipsets across all mobile technologies combined in Qatar, with median 5G download performance hitting 472.13 Mbps. It’s clear that the network enhancements made in the market, along with live monitoring and optimization of network performance using Ookla crowdsourced data, has helped boost overall network performance at the event. These astounding efforts have also assisted in propelling Qatar to first place on Ookla’s Speedtest Global Index for overall median mobile download speeds in November, with Ar-Rayyan and Doha ranking first and second in overall median mobile download speeds for some of the world’s largest cities, respectively.

“CRA and MCIT have been instrumental in creating a competitive pro-investment telecommunications market and have devoted much of their time and resources to help drive 5G advancements in Qatar,” said Ookla founder and CEO Doug Suttles. “This investment is paying off, and it was my honor to recognize these achievements in person. Ookla looks forward to further collaboration with CRA and MCIT, utilizing our consumer network experience insights and enterprise solutions to further enable the development of Qatar’s ICT infrastructure, in support of Qatar National Vision 2030.”

“To ensure the development of the highest standard telecom networks and infrastructures in Qatar, CRA develops proper regulatory instruments and grants the telecom Service Providers the necessary licenses. In December 2021, CRA released an additional spectrum which totals 1,000 MHz to each telecom Service Provider to develop their 5G network and ensure that mobile telecom consumers have an enhanced experience during the FIFA World Cup Qatar 2022™. The high-level telecom infrastructure in Qatar has allowed the provision of high-quality mobile telecom services during the tournament and contributed to its success. I would like to express my gratitude to Ookla for their efforts and recognition,” said Ali Al-Suwaidi, Technical Affairs Department Director, CRA.

Over the course of their collaboration, Ookla, CRA, and MCIT will work together to help optimize network performance in Qatar. This in turn will deliver significant new value to local mobile operators who build the networks and create a better experience for the consumers who rely on them.

About Ookla®

Ookla® is a global leader in network intelligence and connectivity insights. For almost two decades, Ookla has set the industry standard for both fixed and mobile network testing and analysis. From its world-renowned Speedtest® and Downdetector® platforms to an accompanying and growing suite of end-to-end enterprise solutions, Ookla’s mission is to make the internet better, faster, and more accessible for everyone.

Ookla’s enterprise solutions combine first-party crowdsourced data and scientifically controlled testing with tools that provide actionable insights across a network’s lifecycle and customer experience. Our insights empower operators, businesses, government agencies, nonprofits, and more to analyze, optimize, and publicize networks around the world.

Ookla is part of Ziff Davis (NASDAQ: ZD), a vertically focused digital media and internet company whose portfolio includes leading brands in technology, entertainment, shopping, health, cybersecurity, and martech. Ookla’s headquarters is located in Seattle, WA, USA with additional offices around the world.

About Communications Regulatory Authority of the State of Qatar

CRA regulates the telecommunications, information technology, and postal sectors, as well as access to digital media and uses its regulatory powers to protect consumers’ rights, ensure competition, and manage the resolution of disputes. In all its activities, the CRA seeks to ensure the provision of advanced, innovative, and reliable ICT and postal services across the State of Qatar.

The post Ookla Commends the Communications Regulatory Authority of Qatar for Efforts to Help Improve User Experience During FIFA World Cup™ appeared first on Cybersecurity Insiders.


January 01, 2023 at 09:08AM

StrikeReady CARA Wins 2022 CyberSecured Award for Best Security Virtual Assistant

PALO ALTO, Calif.–(BUSINESS WIRE)–An AI-driven security company, StrikeReady today announced that it has been honored as winner of the 2022 CyberSecured Award for Best Security Virtual Assistant by 1105 Media’s Security Today. StrikeReady CARA was one of only 22 security products and services recognized industry-wide.

Launched in 2020, the CyberSecured Awards honor manufacturers’ and suppliers’ outstanding product development achievements whose products or services are considered particularly noteworthy in cybersecurity transformation. In the third year of this independently judged contest, StrikeReady has been recognized annually for its virtual security assistant.

“This award helps affirm our approach in helping alleviate cyber talent shortage and the tremendous workload of defenders,” said Yasir Khalid, CEO of StrikeReady. “This accomplishment comes in the form of our innovative Virtual Security Assistant hailed as part of StrikeReady’s platform that provides context-based responses and actions by leveraging underlying embedded technologies such as threat intelligence platform (TIP), breach and attack simulation (BAS), SOAR, and more.”

“Our Security Today CyberSecured Awards are closely aligned with the readership of CyberSecured eNews, a monthly digital publication. We are so pleased that many cybersecurity professionals join us to showcase new products and advanced technology,” said Ralph C. Jensen, editor-in-chief of Security Today magazine, and CyberSecured eNews. “We are aware of the importance that cybersecurity plays in today’s society, and have updated our website to include more case studies and thought leadership articles. We’re excited to be part of this burgeoning industry and plan to broaden our knowledge base to serve our readership by tapping into the vast experience of professionals and organizations.”

About StrikeReady

StrikeReady’s mission is to democratize human, i.e., analysts’ intelligence, so that organizations worldwide can reduce their adversarial risks and mitigate the shortage of skilled cyber talent.

With StrikeReady, organizations can now drive proactive and reactive security effectively through its unified and collaborative platform – Cognitive Security Platform, and augment their analysts’ skills, knowledge, and scale through a first-of-its-kind AI-based cyber assistant – CARA.

Connect with us at www.strikeready.co and follow us on Twitter and LinkedIn.

About 1105 Media’s Infrastructure Solutions Group

1105 Media’s Infrastructure Solutions Group includes several leading industry media brands that provide new product and technology solutions for security professionals: Security Today, securitytoday.com, CyberSecured, Campus Security & Life Safety, campuslifesecurity.com, and GovSec. The brands’ print, digital, custom media and research products integrate physical and IT security coverage and provide the smartest, most cost-effective solutions for reaching security decision makers.

The post StrikeReady CARA Wins 2022 CyberSecured Award for Best Security Virtual Assistant appeared first on Cybersecurity Insiders.


December 31, 2022 at 09:08PM

Friday, December 30, 2022

AttackIQ Named Winner of Virtually Testing Foundation’s Most Engaged Community Partner Award

SANTA CLARA, Calif.–(BUSINESS WIRE)–AttackIQ®, the leading independent vendor of Breach and Attack Simulation (BAS) systems, today announced it has won the Most Engaged Community Partner Award from the Virtually Testing Foundation (VTF), a California-based 501(c)3 e-learning non-profit organization. AttackIQ was honored for its efforts giving back to the cybersecurity community through its free award-winning AttackIQ Academy.

Each year, VTF’s Most Engaged Community Partner Award recognizes a partner who has demonstrated an outstanding commitment to helping the cybersecurity community at large and advancing VTF’s mission, which is to serve a cybersecurity-focused community by organizing career paths, bootcamps, speaker events, hands-on workshops, online conferences, and more.

“Security teams must be able to plan their defenses against well-defined threats, measure how well those defenses are working, and execute improvements, all on a continuous basis,” said Jonathan Reiber, Vice President for Cybersecurity Strategy and Policy at AttackIQ. “To give back to the community and advance the start of the art in cybersecurity education, we launched AttackIQ Academy to give security practitioners the practical cybersecurity skills they need, at no cost, to stay ahead. We are honored to receive this award and recognition.”

VTF’s first-of-its-kind partnership with AttackIQ has provided enterprise testing internships to hundreds of college-enrolled students via AttackIQ Academy. During the 10-week career path programs, VTF interns complete courses on operationalizing MITRE ATT&CK, foundations of breach and attack simulation, and purple teaming; earn ISC(2) CPE credits; supply weekly testing reports that highlight any bugs or defects that could obstruct the end-user experience; and are presented with opportunities to develop and improve their networking and professional skill set.

“Community is at the very core of what we do, and we are proud to present this award to AttackIQ for its unwavering dedication to serving the cybersecurity and VTF community,” said Victor Monga, CISO and co-founder of Virtually Testing Foundation. “Offering AttackIQ Academy courses through VTF has allowed our interns and members to gain realistic, hands-on experience about taking a holistic approach to cybersecurity.”

Automated testing has increased in importance over the last year for the security industry and the U.S. government. In September 2022, for example, CISA began recommending that organizations automate continuous security control validation using MITRE ATT&CK. And leading organizations like the U.S. Army, JetBlue and ISS World Services have adopted BAS and automated security control validation technology to achieve real security outcomes.

In addition to its Academy courses, AttackIQ also gives back to the community by providing cutting-edge insights on the latest threats and through actionable guidance for improving security readiness through the AttackIQ Adversary Research Team. Driven by intelligence and research, the team helps organizations validate their cyberdefenses against adversaries with assessments and attack graphs that will help them achieve peak performance.

Visit AttackIQ Academy’s website to learn how to improve cybersecurity effectiveness with free courses taught by cybersecurity practitioners at the cutting edge of the field.

About AttackIQ

AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free award-winning AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat-Informed Defense. For more information, visit www.attackiq.com. Follow AttackIQ on Twitter, Facebook, LinkedIn, and YouTube.

About Virtually Testing Foundation

Virtually Testing is a California- based 501(c)3 non-profit organization. It is one of the first and largest open-university serving 30,000 global members. Who provide technical and non technical career paths, bootcamps, workshops and other vocational courses. VTF partner with industry leaders to offer 100% free courses. Volunteer teachers, mentors and members help carry out VTF’s mission. VTF’s mission is to offer education and hands-on experience at no cost to all those who are transitioning into cybersecurity with a flexible schedule and 100% online. We have developed a special internship program to allow individuals to leverage our community and learn about cybersecurity and perhaps take a life of career swing. We are offering the community an opportunity to develop cybersecurity skills or learn from scratch to successfully access a competitive trending industry. VTF also mentors and trains their interns to be in leadership and management roles by sharing real-world experiences and practicing through decision-making exercises. VTF career path programs can adapt to interns’ ambitions and commitment. Virtually Testing Foundation also provides fiscal sponsorship, governance, board advisors and technical resources for new communities or established non-profit organizations. For more information, visit https://virtuallytestingfoundation.org/ and follow Virtually Testing Foundation on social media for announcements of FREE trainings and community testimonials at https://l.ead.me/VTFoundation.

The post AttackIQ Named Winner of Virtually Testing Foundation’s Most Engaged Community Partner Award appeared first on Cybersecurity Insiders.


December 31, 2022 at 09:08AM

Impact Podcast with John Shegerian Features Indigo Ag’s Chris Harbourt

LOS ANGELES–(BUSINESS WIRE)–Chris Harbourt, Chief Strategy Officer for Indigo Ag, is the featured guest this week on the Impact Podcast with John Shegerian. The show is hosted by Shegerian, Co-Founder and Executive Chairman of ERI, the nation’s leading fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company.

With more than 25 years in leadership positions at the intersection of science, agriculture, engineering, and business, Harbourt leads Indigo Ag’s efforts to leverage science and digital technology to measure and translate the impact of farmers’ sustainability efforts into new profitability opportunities. As Indigo Ag’s first Chief Strategy Officer, Harbourt drives business strategy across the company, guiding Indigo’s research, external affairs, and strategic partnerships to advance understanding of agriculture’s potential as a climate solution.

“It was an honor to have Chris on our show to share his story and tell our audience about the innovatively impactful work he and his team at Indigo Ag are accomplishing, leveraging science and technology to help improve the sustainability of the agriculture industry,” said Shegerian.

Impact Podcast guests are invited as thought leaders to share with listeners first-hand accounts of how they are able to help make the world a better place on a daily basis.

Recent guests have included leaders from Samsung, Best Buy, Amazon, Verizon, General Motors, Ford, Unilever, Procter & Gamble, Johnson & Johnson, JetBlue, Comerica Bank, Goodyear Tire, Virgin, Dell, GE, IBM, Qualcomm, Nestlé, BMW, Texas Instruments, Adobe, Gap Inc., TIME, Kimberly-Clark, Timberland, Hearst, UPS, Hertz, The Hershey Company, FedEx, Intel, NVIDIA, T. Rowe Price, New York City, Beyond Meat, Panasonic, EPAM, Molson Coors, Seventh Generation, Amgen, the NBA, the US Tennis Association, FICO, Waste Management, and a number of fascinating game-changers, including Martin Luther King III; best-selling author Ryan Holiday; Joanne Molinaro (The Korean Vegan); Homeboy Industries founder Father Gregory Boyle; real estate powerhouse and television personality Ryan Serhant; writer/comedian/author Jeannie Gaffigan; ultra-endurance athlete Rich Roll; and hundreds more.

The Impact Podcast with John Shegerian is available for listening on ImpactPodcast.com, Apple’s iTunes, Amazon Music, Google Podcasts, Spotify, libsyn, and as part of iHeartRadio’s digital broadcast, reaching over 120 million users.

For more information, visit ImpactPodcast.com

The post Impact Podcast with John Shegerian Features Indigo Ag’s Chris Harbourt appeared first on Cybersecurity Insiders.


December 30, 2022 at 09:08PM

Nuclear secrets leak through USB via Insider

Well, it cannot be termed exactly as an insider threat. But surely, an innocent mistake of an employee could have/might have leaked sensitive details to the outside world such as hackers.

An IT worker of Sellafield Ltd,UK, accidentally forgot her bag in the parking lot and when she got to know about it and went to pick it up, the USB containing sensitive files fell from the bag into the car park leaving the worker in a state of shock.

The incident took place in the year 2018 when she attended a meeting related to an employment tribunal over a security matter. And during this time, the black bag with a mesh pocket went missing. After a while she found the bag, but without the USB stick, as some things fell off from the bag during the search. And after some hours of search the USB stick containing data related to Thorp Primary Domain Controller (PDC) was recovered.

Evidentially, such the smallest information spill often leads to a bigger espionage program that can turn into a serious national threat at any moment.

And this made the tribunal launch a damage control program in which the employee was a kind of prosecuted.

Despite having 20 years’ experience working for Sellafield, she forgot to follow basic cyber hygiene principles that could have resulted in a kind of info leak from an insider.

Interestingly, the USB was also being used by the employee on her computer at her home and office network. And she was about to use the same pen drive at her another project site related to a game developer.

What if the USB was induced with spyware that could have leaked to the office network, damaging the network or the software forever?

As the employee operated in the field where national security and safety ought to be of paramount significance, the incident was termed to be extremely serious.

And so, the panel dismissed her from the duty as her laxity could have deeply affected nuclear safety and could have offered classified info to terrorists and state funded actors.

Despite of her explanation that she was not at fault and faced many health issues because of the work schedule & environment, the disciplinary committee fired her from duty and ordered the IT engineers of the multi-function nuclear site to look for any misuse of info in the past and the future.

 

The post Nuclear secrets leak through USB via Insider appeared first on Cybersecurity Insiders.


December 30, 2022 at 12:12PM

Thursday, December 29, 2022

Policy Brief – U.S. Cyber Threat Intelligence, Part 1: Introduction & Background

By Aaron Weathersby, CISSP. Aaron is the Chief Information Officer for Charles R. Drew University of Medicine and Science and holds a Doctor of Science in Cyber Security from Marymount University. He is an Information Technology professional with over 18 years of experience focused on cybersecurity issues.

CyberThreatIntelligence_WeathersbyAbstract: A policy brief on the May 2021 White House Executive Order 14028 requiring the improvement of the nation’s cybersecurity through the lens of Cyber Threat Intelligence. A summative read geared towards federal agencies and government contractors who must implement the order. In this brief an exploration of the current state of cybersecurity and the impetus of this order is provided. A brief summary of key policy points is detailed along with recommendations and challenges in implementing the Executive Order.

Executive Summary: This policy brief was created to summarize the Biden Administration’s Executive Order on Improving Cyber Security through the lens of Cyber Threat Intelligence. This brief is geared towards those public and private entities required to implement the mandated elements within the EO. The brief details critical findings, recommendations, and challenges with implementing the orders.

INTRODUCTION

In May of 2021, the President of the United States issued Executive Order (EO) 14028 detailing an executive branch approach towards “Improving the Nation’s Cyber Security”. This EO identified 8 mandates directing the federal government to take steps necessary to “improve its efforts to identify, deter, protect against, detect and respond” to the actions of increasingly sophisticated cyber threat actors. A call to action was made presenting a need for “bold changes” and “significant investment” to protect and defend the computer systems of the United States.

The United States and its allies have been increasingly challenged by diverse and determined cyber threats. Cyber criminals have caused billions of dollars of damage, halted critical infrastructure, stolen personal information and directly impacted the lives of millions of Americans. Through the use of computers, malign nation states and their affiliated groups have directly challenged the institutions of law, governance, and democracy of our country. Within the last 6 months the confluence of cyber threats as seen in the SolarWinds/Sunburst attack as well as the Colonial Pipeline ransomware incident have woken law makers and the public to the systemic threat the lack of cyber security represents. And even though the United States and its allies have implemented laws, policies and structures to ameliorate the threat from these cyber attackers it is clear from the continued escalation of such events that these actions are not enough.

The focus of this policy brief will be to distill critical components of the EO through a recurring thematic lens of Cyber Threat Intelligence. Cyber Threat Intelligence/Information (CTI) is a critical component of modern cyber security and was clearly a focus of the Executive Order. While the EO contained 8 orders, a clear necessity for building knowledge of threat actors, incidents, and vulnerabilities is a CTI theme throughout. This brief will provide context to the nature of CTI and why it is important to the modern cyber security landscape. Analysis will be provided identifying critical events over the last 6 months that likely contributed to this EO and the urgency expressed within it. Benefits and barriers will be presented to provide decision makers an overview of the topic. Context through the lens of existing legislation and prior governmental policy will also be explored to provide a foundation as to the necessity and the challenges represented in this order. While finally, options to implement this policy and critical decision points will be highlighted to allow for effective implementation of both the requirements and the intent of this EO policy statement.

EO 14028 Policy Statements

  1. Removing Barriers to Sharing Threat Information
  2. Modernizing Federal Government Cybersecurity
  3. Enhancing Software Supply Chain Security
  4. Establishing a Cyber Safety Review Board
  5. Standardizing the Federal Government’s Playbook for Responding to Cybersecurity Vulnerabilities and Incidents
  6. Improving Detection of Cyber Security Vulnerabilities and Incidents on Federal Government Networks
  7. Improving the Federal Government’s Investigative and Remediation Capabilities
  8. National Security System

BACKGROUND / CONTEXT

As reported in a recent Forbes magazine survey, 1 in 5 Americans have been the victim of ransomware. In reading EO 14028 clear cyber security themes and concerns are present and top of mind of its authors. Over the last few years incidents of cyber security attacks have been increasing at an exponential rate.

While cyber-attacks have been a concern of policy makers for years, in the 6 months prior to this EO being issued uniquely significant cyber incidents have taken place within the U.S. Two attacks in particular captured the attention of the nation due to their scope and impact. Each represented a failure in intelligence by the federal government to prevent and identify them while they were occurring. It is the opinion of this brief that this failure in identifying, aggregating, and sharing this Cyber Threat Intelligence instigated this executive order. A summary of these attacks is below along with key questions and thematic elements found within them.

Supply Chain Attack / SolarWinds

In December 2020, the cyber security firm FireEye detected a major intrusion of its systems and of its customers. The intrusion for what would later be known as Sunburst or “the Solarwinds hack” would become remarkable due to its scope and scale. According to news reports, hackers from the Russian intelligence service (SVR) were able to gain unfettered access to hundreds of companies and dozens of federal agencies. Through what is known as a supply chain attack, the SVR was able to compromise a common technology monitoring tool from a company named SolarWinds and use that to gain remote access to the networks of the Department of Homeland security, the Cybersecurity and Infrastructure Security Agency, Microsoft, and dozens of others. Code within a SolarWinds product was maliciously modified to provide a trojan back door of access. The Russian SVR was able to then move around these networks for a period of months undetected by the largest technology companies and the intelligence services of the United States. Confidential data was compromised and exfiltrated from these networks. As was described by news accounts, while many different cyber security firms had real time indicators of the breach, it was only a single private firm that detected the nationwide attack. While the attack was by a sophisticated threat actor, it was latter hypothesized to have stemmed from a single compromised password of “solarwinds123” used by an intern to secure a publicly reachable file transfer site. To that end, in later postmortem forensics, it was published that basic cyber security hygiene was lacking at SolarWinds that further contributed to the initial breach of their product.

Key Points

  • A hack of a single private company allowed for a breach of dozens of sensitive government
  • The S. government, the federal agency charged with domestic Cyber Security and their existing technical detection system did not detect the attack.
  • Multiple companies had artifacts that the breach was taking place but lacked the ability to tie the information together.

Critical Infrastructure Attack / Colonial Pipeline

In April of 2021, foreign hackers gained access to the network of the Colonial Pipeline Corporation. The Colonial Pipeline Corporation is a private company responsible for transporting 2.5 million barrels per day of fuel representing “nearly half the gasoline, jet fuel and diesel flowing across the East Coast”. The hackers, a criminal cyber gang known as DarkSide deployed ransomware into Colonial Pipeline computer systems that encrypted and stole confidential information and was used to extort a ransom payment of $5 million dollars. While public reporting on the incident suggested the hackers were physically located in Russia, it was thought they were not directly affiliated with the Russian government. In response to the attack, Colonial Pipeline corporation shutdown their technology systems resulting in a halt of oil operations, a regional impact of long gas lines, higher fuel prices and nationwide concern. Ultimately public reporting suggests that in response to the breach, Colonial Pipeline paid a ransom of $4.4 million which resulted in the restoration their operations. Not unique to this incident was that the cyber gang DarkSide was not a monolith and instead operated as a service model with many different affiliates and criminal business partners. Different actors within the DarkSide supply chain created, distributed, hacked and operated their ransomware in exchange for a percentage of received ransoms. Critically important as per a FireEye blog post, the operations of DarkSide had been seen 6 months prior to the Colonial Pipeline breach. DarkSide had attacked other U.S. organizations and their tactics, techniques and procedures had been documented by the industry. Public forensic reports suggest poor cyber hygiene led to the breach at Colonial Pipeline, with an unused remote access VPN account being a point of ingress into their network.

Key Points

  • A breach of a single private company resulted in the disruption to millions of Americans.
  • The hackers were known to cybersecurity firms and their criminal affiliates had been actively breaching other organizations for over 6 months.

Conclusions

Similar thematic elements are present in both the SolarWinds and Colonial Pipeline cyber incidents. A lack of cyber hygiene and ineffective process had contributed to major disruptions of their operations and to U.S. public. Most importantly, the impacted organizations, the Federal Government and the cyber security industry had previously acquired broad knowledge of the cyber attacks but were unable to use this information to prevent the attacks from tacking place. It is in this point that EO 14028 seems to draw its conclusions.

 

 

 

Bibliography

Exec. Order No. 14028. (2021). Retrieved from https://ift.tt/xSz72eg

Brooks, C. (2021). Alarming Cybersecurity Stats: What You Need To Know For 2021. Retrieved from https://www.forbes.com/sites/chuckbrooks/2021/03/02/alarming-cybersecurity-stats——-what-you-need-to-know-for-2021/?sh=d24630958d3d

Cichonski, P., Millar, T., TimGrance, & Scarfone, K. (2012). Computer Security Incident Handling Guide. Retrieved from https://ift.tt/Fpc1uis

FireEye. (2020). Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor. Retrieved from https://ift.tt/9ndEPJS

Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Guide to Cyber Threat Information Sharing. Retrieved from https://ift.tt/aWCR9il

Kelly, S., & Bing, C. (2021, 05/07/2021). Top U.S. fuel pipeline operator shuts whole network after cyber attack. Reuters. Retrieved from https://ift.tt/VHXZCws

Nuce, J., Kennelly, J., Goody, K., Moore, A., Rahman, A., Williams, M., . . . Wilson, J. (2021). Shining a Light on DARKSIDE Ransomware Operations. Retrieved from https://ift.tt/UKHwpzG

Samtani, S., Abate, M., Benjamin, V. A., & Li, W. (2019). Cybersecurity as an Industry: A Cyber Threat Intelligence Perspective.

Sanger, D. E., & Perlroth, N. (2021, 05/14/2021). Pipeline Attack Yields Urgent Lessons About U.S. Cybersecurity. Nytimes. Retrieved from https://ift.tt/TzEtmbQ

Service, C. N. (2021). Scripps Health Says Some Patient Info Acquired During Ransomware Attack. KPBS. Retrieved from https://ift.tt/f1UNe2b

Temple-Raston, D. (2021). A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack. NPR. Retrieved from https://ift.tt/wKa3SpT

Turton, W., & Mehrotra, K. (2021, 06/4/2021). Hackers Breached Colonial Pipeline Using Compromised Password.

Bloomberg.com. Retrieved from https://ift.tt/B1ePIxA

Zibak, A., & Simpson, A. (2019). Cyber Threat Information Sharing: Perceived Benefits and Barriers. Paper presented at the Proceedings of the 14th International Conference on Availability, Reliability and Security, Canterbury, CA, United Kingdom. https://ift.tt/J2bAjUu

Zrahia, A. (2018). Threat intelligence sharing between cybersecurity vendors: Network, dyadic, and agent views. Journal of Cybersecurity, 4(1). doi:10.1093/cybsec/tyy008

The post Policy Brief – U.S. Cyber Threat Intelligence, Part 1: Introduction & Background appeared first on Cybersecurity Insiders.


December 29, 2022 at 09:08PM

Wednesday, December 28, 2022

Follow these simple tricks to keep your smart phone secure in 2023

Smart Phones have become a need for us these days as they assist us in commuting, help in entertaining us if/when bored, help communicate with near & dear, read news and do more such stuff. But as these gadgets have turned crucial in our lives, many hackers are also interested in infiltrating them, to get our glimpse of our lives or where we are heading.

 

Therefore, it becomes imperative to protect these devices from cyber-attacks and that can be achieved by following these simple tricks-

  • Always ensure that you are logged out of the website you are visiting while shopping or while connecting with the world, like Facebook. And if it is an app, please ensure that the account is enabled with a 2-Factor authentication.
  • While connecting to public charging ports, please be aware that such charging points can act as access points to cyber crooks who are into “Juice Jacking” where a fake charging station accesses all private data or install a malware.
  • It is recommended to do an audit of the apps installed on the smart phone once in a month. And check whether they are using data and the internet more than intended.
  • Keep the remote phone wiping option active as it helps to clean the information stored on the phone, if it gets stolen or misplaced. This helps in keeping data secure from prying eyes.
  • Always keep your apps, security software and operating system up to date from time to time.
  • Keep the Bluetooth and Wi-Fi ON only when required
  • Avoid using easy guessing passwords and use only those that are of minimum 15 characters and are made of a mix of alphanumeric characters topped by 1-2 special characters.

 

The post Follow these simple tricks to keep your smart phone secure in 2023 appeared first on Cybersecurity Insiders.


December 29, 2022 at 10:54AM

SSCP Members – We Need Your Input


The SSCP certification is held by more than 7,000 professionals around the world. Known for its technical rigor, the members who hold this qualification are typically working in areas like IT administration, networks security, security operations or incident response. The exam was last refreshed in November 2021 which that means it is time for us to begin the process again.

We announced last week that the CISSP will be starting the revision process in January and so will the SSCP. We need to hear from you, the certification holders. As we prepare for a Job Task Analysis (JTA) Study Workshop in January (tentatively scheduled for January 23-25), we are asking all SSCP-holders to review the current SSCP exam outline (now available in six languages) and consider the following:

  1. Do you believe that the current SSCP exam outline adequately covers the existing and emerging cybersecurity techniques and threats SSCP practitioners are facing in their jobs today?
  2. If not, what sort of topics/content should be added to the SSCP exam outline?
  3. What content currently on the SSCP exam outline is no longer relevant to today’s professionals?

Endorsed_SSCP-Horizontal-web

Please send your answers to these questions to SSCPJTA@isc2.org no later than January 9, 2023. Please include your ID # in your email. Your comments will be compiled and presented to the JTA Committee for further review.

Be sure to submit this exercise via the CPE portal so that you can earn credit for participating in this essential activity. Thank you for your invaluable insights and help!

The post SSCP Members – We Need Your Input appeared first on Cybersecurity Insiders.


December 29, 2022 at 09:09AM

Imperva Cloud WAF Successfully Deployed at 60 Quálitas Compañía de Seguros Locations

SAN MATEO, Calif.–(BUSINESS WIRE)–Imperva, Inc., (@Imperva) a cybersecurity leader whose mission is to protect data and all paths to it, today announced the successful deployment of its Imperva Cloud Web Application Firewall (WAF) solution by Quálitas Compañía de Seguros, S.A. de C.V, Mexico and Central America’s leading auto insurance provider. The solution has been leveraged by 60 sites throughout Mexico, El Salvador, Peru, and Costa Rica as part of Quálitas’ initiative to protect its online presence from web application attacks.

With international growth on the horizon, Quálitas needed to update its digital infrastructure to meet PCI compliance requirements, serve its expanding customer base, and protect a high volume of sensitive data. After a limited proof of value (POV) deployment with Imperva partner OCM-IT®, Quálitas saw firsthand how customizing cybersecurity tools could streamline processes to meet business objectives while mitigating vulnerabilities left exposed by its existing WAF solution. Based on this initial POV, Quálitas quickly deployed the Imperva Cloud WAF to dozens of sites.

Imperva Cloud WAF works to stop attacks with near-zero false positives, leveraging a global security operations center (SOC) to ensure that organizations are protected from the latest attacks minutes after they are discovered. Imperva Cloud WAF is part of a multi-layered Application Security solution that combines advanced bot, API, and DDoS protection, all from within a centralized management console.

“The visibility that the control panel gives us based on the ID’s that the http headers throw allows us to make better decisions and be efficient when analyzing security flaws and operation errors, by which the root cause is located more quickly,” said Eduardo Calleja Arce, information security manager, Quálitas Compañia de Seguros.

Quálitas has not only benefited from enhanced application protection and visibility, but also from greater operational efficiency through Imperva’s vast array of application delivery capabilities. Since partnering with Imperva, the visibility of malicious traffic or non-valid requests on applications has made it possible to block suspicious activity by geographical area and allow the company’s services to stay reliable while maintaining an adequate level of availability.

“We are thrilled to provide Quálitas with a WAF solution that is easy to use, fast to deploy, and affordable,” said Ricardo Cazares, Regional Vice President, Imperva Central and Latin America. “Quálitas is trusted with an incredible volume of sensitive customer information, and Imperva Cloud WAF gives all stakeholders the peace of mind that their growing data footprint is protected.”

To learn more, visit the Imperva Cloud WAF Website.

About Imperva

Imperva is the comprehensive digital security leader on a mission to help organizations protect their data and all paths to it. Only Imperva protects all digital experiences, from business logic to APIs, microservices, and the data layer, and from vulnerable, legacy environments to cloud-first organizations. Customers around the world trust Imperva to protect their applications, data, and websites from cyber attacks. With an integrated approach combining edge, application security, and data security, Imperva protects companies ranging from cloud-native start-ups to global multi-nationals with hybrid infrastructure. Imperva Threat Research and our global intelligence community keep Imperva ahead of the threat landscape and seamlessly integrate the latest security, privacy, and compliance expertise into our solutions.

About Quálitas Compañía de Seguros

With more than 28 years of experience, Quálitas is the insurer with the largest share of the automotive market in Mexico. The specialization and commitment to excellence in service have allowed it to remain for 15 consecutive years as a leader in the sector in that country. One in three vehicles that have insurance in Mexico are insured by Quálitas. It has the largest coverage network in the country and international presence in the United States, El Salvador, Costa Rica and Peru and soon in Colombia.

The post Imperva Cloud WAF Successfully Deployed at 60 Quálitas Compañía de Seguros Locations appeared first on Cybersecurity Insiders.


December 29, 2022 at 09:08AM

Diligent Institute Launches Cyber Risk & Strategy Certification for Corporate Directors and Executives

NEW YORK–(BUSINESS WIRE)–Diligent Institute, the global corporate governance research arm and think tank of Diligent, today announced the launch of its premier Cyber Risk & Strategy Certification. The program builds on the company’s existing Climate Leadership and ESG Leadership certifications, and comes in response to the U.S. Securities and Exchange Commission’s (SEC) proposed rules which require board members to participate more closely in cybersecurity oversight.

“The cyber regulation landscape is rapidly expanding, and more is being demanded from board members as cybersecurity evolves from an IT risk to an enterprise risk,” said Dottie Schindlinger, Executive Director of the Diligent Institute. “With U.S. proxy season around the corner, now is the time for directors to enhance their knowledge of cybersecurity risk. We hope this program provides leaders with the skills and confidence to better respond to cybersecurity challenges.”

The self-paced e-learning experience includes access to an exclusive curriculum developed in collaboration with experienced cyber professionals including attorney Sandy Garfinkel, Co-chair of the Privacy & Data Security Group at McNees Wallace & Nurick LLC, Masha Sedova, Co-founder & President of Elevate Security, and more.

The certification gives directors and executives access to the cyber experts they want to hear from most, with content curated to the necessary depth and breadth directors need, all at a manageable and self-paced schedule.

Courses will be available on March 1, 2023 and registration is open now. The registration fee is $3,500 per person, however, registrants can access early bird pricing at 50% off until February 1, 2023. Learn more on our website.

About Diligent

Diligent is the global leader in modern governance, providing SaaS solutions across governance, risk, compliance, audit and ESG. Serving more than 1 million users from over 25,000 customers around the world, we empower transformational leaders with technology, insights and confidence to drive greater impact and lead with purpose. Learn more at diligent.com.

The post Diligent Institute Launches Cyber Risk & Strategy Certification for Corporate Directors and Executives appeared first on Cybersecurity Insiders.


December 28, 2022 at 09:08PM

Tuesday, December 27, 2022

Google wants its Gmail users to take these security steps in 2023

Google, the much-used search engine across the world, has disclosed some security steps to its Gmail users to stay cyber safe in the year 2023. It is urging its mail users to stay away from spam by marking mails that seem to be suspicious as spam. This not only helps the online users to stay away from malicious downloads but also helps in training the AI smart servers of Gmail to keep its inboxes clean and trouble free.

To make things simple, the internet juggernaut has come up with an archiving email feature where mails that do not require any action from the user are made to sit in a separate folder for later reference.

If an email thread is leaving the user annoyed, they can be marked as mute and then be saved in the ‘All-Mail’ label.

Always keep your google account safe by going through the Security Checkup and Privacy Checkup pages once or twice in 3 months. Key a password that is at least 15 characters and comprises a mix of alphanumeric characters tucked by 1 -2 special characters. Enable 2-factor authentication as it increased security and opt for an Account Recovery Info service.

Now to those who want to send emails that cannot be forwarded, copied, printed or downloaded, here’s a tip.

Google Mail service offers a ‘Confidential Mode’ feature that blocks all the above stated actions scientifically. Moreover, the email can also be set with an expiration date where the sender can set a time frame for the email to remain in the recipient’s inbox and then disappear. Both iPhone and Android mobile users can use the service albeit a few tweaks before sending.

 

The post Google wants its Gmail users to take these security steps in 2023 appeared first on Cybersecurity Insiders.


December 28, 2022 at 11:03AM

Hillstone Networks Recognized as a Visionary Again in the Gartner Magic Quadrant for Network Firewalls

SANTA CLARA, Calif.–(BUSINESS WIRE)–Hillstone Networks, a leading provider of innovative and accessible cybersecurity solutions, announced that Hillstone Networks has been again recognized in the 2022 Gartner® Magic Quadrant™ for Network Firewalls for the 9th consecutive year and named as a Visionary for the second time.

The Hillstone Networks solutions have evolved from a network security platform into a robust cybersecurity portfolio that delivers on cyber resilience, from edge to cloud, and everything in between. From SMB to carrier-class network requirements, across all major verticals globally, the portfolio today leverages the foundational Next Generation Firewall (NGFW) to include the following solutions:

  • Hillstone Secure SD-WAN solution for distributed enterprises.
  • Hillstone ZTNA solution, enabling Zero Trust access from any device, anywhere.
  • Hillstone CloudArmour delivering cloud workload protection.
  • Hillstone CloudHive micro-segmentation solution for virtualized datacenters.
  • Hillstone sBDS server protection integrated with network detection and response (NDR) solution against multi-stage, multi-layer threats targeting critical servers and hosts.
  • Hillstone iSource, an AI-powered Extended Detection and Response (XDR) platform that includes NDR features and input from 3rd party platforms.

“We are happy to return a 9th year in recognition of our completeness of vision and ability to execute,” states Tim Liu, CTO and co-founder, Hillstone Networks. “In today’s hybrid multicloud world, our cloud-first strategy resonates with customers and partners alike. We continue to leverage the award-winning and industry-leading NGFW platform and integrate advanced features to unlock SD-WAN and ZTNA capabilities and deliver additional solutions that meet gaps in the market as well as address the needs of our growing customer base.”

A cloud-first approach is a mandate to deliver effective cyber-resilient solutions that protect enterprise critical assets and infrastructure. Beyond on-premises, private and hybrid cloud environments, the Hillstone Networks solution repertoire includes IoT security that helps the IoT sector proactively detect, protect, and manage risk across IoT devices.

Download a copy of the Gartner Magic Quadrant for Network Firewalls here.

Gartner, Gartner Magic Quadrant for Network Firewalls, Rajpreet Kaur, Adam Hils, Thomas Lintemuth, 19 December 2022

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

About Hillstone Networks

Hillstone Networks’ innovative and accessible cybersecurity solutions reshape enterprise security, enabling cyber resilience while lowering TCO. By providing comprehensive visibility, superior intelligence, and rapid protection to see, understand, and act against multilayer, multistage cyberthreats, Hillstone is favorably rated by leading analysts and trusted by global companies. To learn more visit www.hillstonenet.com.

The post Hillstone Networks Recognized as a Visionary Again in the Gartner Magic Quadrant for Network Firewalls appeared first on Cybersecurity Insiders.


December 28, 2022 at 09:08AM

Ookla Commends the Communications Regulatory Authority of Qatar for Efforts to Help Improve User Experience During FIFA World Cup™

SEATTLE–(BUSINESS WIRE)–Ookla®, an internationally recognized leader in network measurement and connectivity intelligence, commends the Communications Regulatory Authority (CRA) for the State of Qatar and the Ministry of Communications and Information Technology (MCIT) for their important roles in driving network performance gains in the country. Ookla CEO and founder Doug Suttles recognized the MCIT and His Excellency Mohammed bin Ali Al-Mannai, Minister of Communications and Information Technology in person for their efforts and achievements. These include this year’s FIFA World Cup™, which is both the first in the Middle East region and to be supported by commercial 5G networks. CRA is leveraging Ookla’s consumer network insights to actively monitor network performance and service quality – not only for FIFA World Cup™ fans now, but also for future visitors, other large-scale event attendees, and consumers in the region.

FIFA World Cup Qatar 2022™ has seen over 2.45 million stadium attendees during its first two weeks. According to Ookla’s Speedtest Intelligence®, median download performance in November rose to 263.37 Mbps on modern chipsets across all mobile technologies combined in Qatar, with median 5G download performance hitting 472.13 Mbps. It’s clear that the network enhancements made in the market, along with live monitoring and optimization of network performance using Ookla crowdsourced data, has helped boost overall network performance at the event. These astounding efforts have also assisted in propelling Qatar to first place on Ookla’s Speedtest Global Index for overall median mobile download speeds in November, with Ar-Rayyan and Doha ranking first and second in overall median mobile download speeds for some of the world’s largest cities, respectively.

“CRA and MCIT have been instrumental in creating a competitive pro-investment telecommunications market and have devoted much of their time and resources to help drive 5G advancements in Qatar,” said Ookla founder and CEO Doug Suttles. “This investment is paying off, and it was my honor to recognize these achievements in person. Ookla looks forward to further collaboration with CRA and MCIT, utilizing our consumer network experience insights and enterprise solutions to further enable the development of Qatar’s ICT infrastructure, in support of Qatar National Vision 2030.”

“To ensure the development of the highest standard telecom networks and infrastructures in Qatar, CRA develops proper regulatory instruments and grants the telecom Service Providers the necessary licenses. In December 2021, CRA released an additional spectrum which totals 1,000 MHz to each telecom Service Provider to develop their 5G network and ensure that mobile telecom consumers have an enhanced experience during the FIFA World Cup Qatar 2022™. The high-level telecom infrastructure in Qatar has allowed the provision of high-quality mobile telecom services during the tournament and contributed to its success. I would like to express my gratitude to Ookla for their efforts and recognition,” said Ali Al-Suwaidi, Technical Affairs Department Director, CRA.

Over the course of their collaboration, Ookla, CRA, and MCIT will work together to help optimize network performance in Qatar. This in turn will deliver significant new value to local mobile operators who build the networks and create a better experience for the consumers who rely on them.

About Ookla®

Ookla® is a global leader in network intelligence and connectivity insights. For almost two decades, Ookla has set the industry standard for both fixed and mobile network testing and analysis. From its world-renowned Speedtest® and Downdetector® platforms to an accompanying and growing suite of end-to-end enterprise solutions, Ookla’s mission is to make the internet better, faster, and more accessible for everyone.

Ookla’s enterprise solutions combine first-party crowdsourced data and scientifically controlled testing with tools that provide actionable insights across a network’s lifecycle and customer experience. Our insights empower operators, businesses, government agencies, nonprofits, and more to analyze, optimize, and publicize networks around the world.

Ookla is part of Ziff Davis (NASDAQ: ZD), a vertically focused digital media and internet company whose portfolio includes leading brands in technology, entertainment, shopping, health, cybersecurity, and martech. Ookla’s headquarters is located in Seattle, WA, USA with additional offices around the world.

About Communications Regulatory Authority of the State of Qatar

CRA regulates the telecommunications, information technology, and postal sectors, as well as access to digital media and uses its regulatory powers to protect consumers’ rights, ensure competition, and manage the resolution of disputes. In all its activities, the CRA seeks to ensure the provision of advanced, innovative, and reliable ICT and postal services across the State of Qatar.

The post Ookla Commends the Communications Regulatory Authority of Qatar for Efforts to Help Improve User Experience During FIFA World Cup™ appeared first on Cybersecurity Insiders.


December 28, 2022 at 09:08AM

Facebook to pay $725m penalty to settle Cambridge Analytica Data Scandal on a legal note

Facebook, the business subsidiary of Meta platform, has agreed to pay $725 million as a penalty to settle a long pending legal battle related to its Cambridge Analytica Data Scandal. The proposed settlement, reported 1st by Reuters, is yet to be approved by San Francisco’s US District Court and might take at least a few more weeks to turn into an executable decision.

To those uninitiated, Facebook(FB) sold its user information to a company named Cambridge Analytica (now defunct in business) and that company engaged some researchers in the year 2014-15 to get the pulse of US Populace on US 2016 Polls through a quiz app named “thisisyourdigitallife” where information such as page likes, DoBs, genders, locations, and their interest in Donald Trump or Hillary Clinton was collected after building their virtual profile.

Cambridge Analytica was found in the year 2013, owned by a British Legal Consultancy Firm, SCL Group.

And as the whole procedure was being conducted for political advertising and without the consent of the social media giant’s users, it was genuinely illegal.

A class action suit was filed in the year 2018, but the Mark Zuckerberg led company shrugged it off in the year 2019 by saying that its 300,000+ consumers who took part in the survey did not have any right to show privacy interest in the content they have generated to be shared with friends and the world via social media. It also mentioned in its reply to the lawsuit that it banned the company in the year 2015 for disobeying its platform policies and also deleted all the data that was collected during the tenure.

Zuckerberg testified before the congress about the data scandal and also appeared for the special scrutiny by United States SEC and UK’s Information Commissioner. The Federal Trade Commission of America imposed a penalty of $5 billion on the messaging platform. But FB found some loopholes and appealed for more time for introspection.

Meta issued a public summary on the case in early 2022 and admitted that it has taken steps to contain the sharing of user info on third party apps.

 

The post Facebook to pay $725m penalty to settle Cambridge Analytica Data Scandal on a legal note appeared first on Cybersecurity Insiders.


December 27, 2022 at 09:22PM