Chris Bing – Page 10 – WindowsTechs.com

Trump administration wants larger role in shaping international data laws

Posted on January 29, 2018 by Chris Bing

The Trump administration plans to take an increased role in shaping rules surrounding internet governance over the next year in the wake of various international security and privacy laws being enacted, according to White House Cybersecurity Coordinator Rob Joyce. Joyce, who spoke Monday at a Washington, D.C. cybersecurity conference, described how the “fragmentation of the internet” had created challenges for the U.S. government as well as multinational American businesses. Companies, Joyce explained, now face data storage compliance requirements while operating abroad in some countries, like China. In June 2017, the Communist Party of China issued legislation that calls on foreign companies doing business in China to use domestic data centers and also provide confidential records when requested by Chinese government officials. “While we’re all concerned about cybercrime and how our internet works, we’re also really concerned about other countries around the world really creating this convoluted patchwork of laws and regulations […]

The post Trump administration wants larger role in shaping international data laws appeared first on Cyberscoop.

Continue reading Trump administration wants larger role in shaping international data laws→

‘Next generation’ of Silicon Valley leaders more willing to work with feds, former Pentagon chief says

Posted on January 26, 2018 by Chris Bing

The U.S. government’s ability to collaborate with the private sector on cybersecurity matters has improved in recent years in part because of better relations with the “next generation” of Silicon Valley leaders, according to former Defense Secretary Ashton Carter. Carter, who spoke Friday as part of a panel at the World Economic Forum conference in Davos, Switzerland, said in broad terms that the federal government had been stifled from creating a safer internet because of a poor relationship with technology companies. He seemed to suggest, however, that the complex relationship between national security agencies and the private sector has turned a corner in recent years after a prolonged period of heightened tension spurred by Edward Snowden’s 2013 disclosures of classified U.S. surveillance programs. “The cyber world grew up in what we now call the tech environment, which was militantly independent of government. And that was a great culture in a lot of ways. I am […]

The post ‘Next generation’ of Silicon Valley leaders more willing to work with feds, former Pentagon chief says appeared first on Cyberscoop.

Continue reading ‘Next generation’ of Silicon Valley leaders more willing to work with feds, former Pentagon chief says→

DNC hires first ever CSO ahead of 2018 midterms

Posted on January 25, 2018 by Chris Bing

The Democratic National Committee has named Bob Lord as its new chief security officer, hiring the former Yahoo CISO to lead the committee’s cybersecurity operations heading into the 2018 midterm elections. The hire was announced Thursday through a statement released by the DNC. The committee mentions that Lord will work with the organization’s own internal security team as well as in the field to support state parties, including efforts to update their “information security strategies” and improve practices to “change the economics” for attackers. “I’m confident Bob’s skills and hard work will help protect us against the sort of cyberattacks and intrusions that are unfortunately all too common in today’s age,” DNC Chair Tom Perez said in a release. “Defense is an essential part of any game plan, and I couldn’t be happier with Bob holding the line for the DNC.” The DNC has never employed a CSO before. But the […]

The post DNC hires first ever CSO ahead of 2018 midterms appeared first on Cyberscoop.

Continue reading DNC hires first ever CSO ahead of 2018 midterms→

New global cybersecurity center announced at Davos

Posted on January 24, 2018 by Chris Bing

The World Economic Forum announced plans Wednesday to launch a new coordinating group to counter emerging cybersecurity threats and help connect leaders from business and government to collaborate on various security issues as well as share best practices. Named the “Global Centre for Cybersecurity,” the loosely defined, Geneva-based organization will act as a sort of independent, multinational cyberthreat information sharing platform for companies to improve digital security writ large, explained Alois Zwinggi, managing director for the WEF, which is holding its annual gathering for world leaders in Davos, Switzerland, this week. The center will become fully operational in March. Its creation was first announced during a panel discussion Wednesday in Davos. Broadly speaking, governments across the globe have struggled to form information sharing channels with private companies. The model described at Davos is intended to encourage participation on a voluntary basis and not be controlled by any single government. “The new […]

The post New global cybersecurity center announced at Davos appeared first on Cyberscoop.

Continue reading New global cybersecurity center announced at Davos→

Facebook hires first ever head of cybersecurity policy

Posted on January 24, 2018 by Chris Bing

Facebook has hired its first ever director of cybersecurity policy, CyberScoop has learned. The social media titan hired Nathaniel Gleicher, a former cybersecurity director in the White House during the Obama administration, to the position last month. In the new position, Gleicher will be part of the broader product policy team that helps Facebook’s team craft rules for how they keep the platform secure for users. Although the director role is new, Facebook has in the past employed various other policy experts focused on cybersecurity. Gleicher will be leading a team that will help guide Facebook internal strategy as well as adapt to external policy decisions that come from Washington, D.C. “We’re pleased that Nathaniel joined us recently to help support our security efforts,” a spokesperson said. Gleicher will work closely with Facebook’s existing technical security team and others from outside the company. The move comes several months after Facebook […]

The post Facebook hires first ever head of cybersecurity policy appeared first on Cyberscoop.

Continue reading Facebook hires first ever head of cybersecurity policy→

Here’s what the military’s ‘flight simulator’ for cyber warfare might look like

Posted on January 24, 2018 by Chris Bing

The U.S. Army is experimenting with all different types of training for its cyber commands, including the creation of virtual classrooms for its “cyber warriors.” The training is part of the Army’s persistent cyber training exercise, also known as PCTE. The exercise offers a view of how the military might one day educate future U.S. Cyber Command recruits. Recently ordered to be raised to its own unified command, U.S. Cyber Command is an increasingly powerful and influential military component involved in both offensive and defensive cyber operations. When the U.S. Army’s Program Executive Office for Simulation, Training, and Instrumentation (PEO STRI) originally issued a request for information about the PCTE nearly two years ago, they described it as: “a training platform that allows cyber mission forces (CMF) to train in emulated network environments … [which] will largely focus on integration of available applications, enabling increased automation to ultimately support multiple simultaneous training […]

The post Here’s what the military’s ‘flight simulator’ for cyber warfare might look like appeared first on Cyberscoop.

Continue reading Here’s what the military’s ‘flight simulator’ for cyber warfare might look like→

Hackers linked to Lebanese government caught in global cyber-espionage operation

Posted on January 18, 2018 by Chris Bing

The General Directorate of General Security, a Lebanese intelligence agency, has been tied to a mobile hacking operation discovered by researchers with cybersecurity firm Lookout Mobile Security and digital rights group Electronic Frontier Foundation (EFF). Lookout and EFF are calling the hacking campaign “Dark Caracal,” in reference to a wild cat native to Africa and the Middle East. The operation was revealed today by the organizations, in which they discovered that hackers are using malicious smartphone applications and websites to steal passwords and eavesdrop on conversations. The organizations shared their discoveries in a 49-page report. The Dark Caracal hackers reportedly used several different email phishing strategies to lace familiar applications and websites, like Twitter, Facebook and WhatsApp, with malware. They also used fake login pages to acquire personal information. Some victims could have even been hacked by clicking on booby- trapped messages and lures that led them to fake social media […]

The post Hackers linked to Lebanese government caught in global cyber-espionage operation appeared first on Cyberscoop.

Continue reading Hackers linked to Lebanese government caught in global cyber-espionage operation→

Schneider Electric: Trisis leveraged zero-day flaw, used a RAT

Posted on January 18, 2018 by Chris Bing

Multinational energy technology company Schneider Electric revealed new details Thursday about a historic breach where hackers were able to halt operations at an energy plant in the Middle East by deploying highly sophisticated malware. The latest revelations, which were publicly announced at an industrial control systems cybersecurity conference, show that Trisis leveraged a zero-day vulnerability in Schneider Electric’s Triconex Tricon safety-controller firmware. The vulnerability allowed for privilege escalation, which would allow hackers to manipulate emergency shutdown systems during a targeted attack. In addition, there was a remote access trojan (RAT) within Trisis, providing attackers with a wide array of options, including the ability to turn off industrial equipment or sabotage the safety controllers in order to create unsafe conditions. The RAT is the first designed to specifically impact safety-instrumented systems, allowing for someone to access the highest privileges available on a targeted machine. In this case, the RAT was injected directly into […]

The post Schneider Electric: Trisis leveraged zero-day flaw, used a RAT appeared first on Cyberscoop.

Continue reading Schneider Electric: Trisis leveraged zero-day flaw, used a RAT→

Kaspersky Lab files injunction in court, seeking to counter Trump administration ban

Posted on January 18, 2018 by Chris Bing

Moscow-based anti-virus company Kaspersky Lab has filed a motion for a preliminary injunction in U.S. federal court in hopes of halting the Trump administration’s ongoing efforts to ban Kaspersky software from use in federal agencies, CyberScoop has learned. The move comes after Kaspersky Lab founder and CEO Eugene Kaspersky announced plans in December to sue the Department of Homeland Security (DHS), who originally launched the ban through a Binding Operational Directive (BOD) on Sept. 13 citing alleged espionage concerns. The motion was filed in the U.S. District Court for the District of Columbia. The Washington Post, New York Times and Wall Street Journal have all reported in recent months, citing anonymous U.S. intelligence officials, that Russian intelligence agencies have in the past leveraged Kaspersky Lab’s anti-virus engine to remotely steal confidential documents from targeted computers where the software is already installed. Kaspersky Lab has repeatedly and unequivocally denied all wrongdoing. The company continues […]

The post Kaspersky Lab files injunction in court, seeking to counter Trump administration ban appeared first on Cyberscoop.

Continue reading Kaspersky Lab files injunction in court, seeking to counter Trump administration ban→

Cyber diplomacy office at State Department would return under House-passed bill

Posted on January 17, 2018 by Chris Bing

With the passage of the Cyber Diplomacy Act in the House of Representatives, Congress took the first step Wednesday in reestablishing a State Department office that was dedicated to developing global norms for digital espionage and more. The bipartisan bill, which passed by voice vote, has garnered support from both sides of the aisle. It would codify and expand the capabilities of the Office of the Cybersecurity Coordinator, which was created in 2011 but abolished last year after Secretary of State Rex Tillerson decided to merge it with the department’s larger Bureau of Economic Affairs. Senators have shown interest in the idea of reestablishing the office, but it’s unclear if the House bill will move in that chamber. Insiders say the shuttering of the cyber office effectively downgraded the State Department’s diplomatic mission for the development of norms for cyberspace — including, for example, debating foreign governments on what should be considered a legitimate target […]

The post Cyber diplomacy office at State Department would return under House-passed bill appeared first on Cyberscoop.

Continue reading Cyber diplomacy office at State Department would return under House-passed bill→