Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks

Microsoft and the Hewlett Foundation are preparing to launch a nonprofit organization dedicated to exposing the details of harmful cyberattacks and providing assistance to victims in an effort to highlight their costs, CyberScoop has learned. Known to its organizers as the “Cyber Peace Institute,” the nonprofit is expected to debut in the coming weeks, according to multiple sources who have discussed it with the organizers. The institute aims to investigate and provide analytical information on large-scale attacks against civilian targets, assess the costs of these attacks and give security tools to both individuals and organizations that will help them become more resilient, according to a description of the nonprofit provided during a session at the 2019 B-Sides Las Vegas cybersecurity conference. “We have a shared global responsibility to prevent the Internet from becoming ‘weaponized’ by increasing attacks by criminal groups and state actors alike,” the description reads. “We already have global organizations to tackle […]

The post Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks appeared first on CyberScoop.

Continue reading Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks

Microsoft has no problem taking the $10B JEDI cloud contract if it wins

The Pentagon’s $10 billion JEDI cloud contract bidding process has drawn a lot of attention. Earlier this month, Google withdrew, claiming ethical considerations. Amazon’s Jeff Bezos responded in an interview at Wired25 that he thinks that it’s a mistake for big tech companies to turn their back on the US military. Microsoft president Brad Smith agrees. […] Continue reading Microsoft has no problem taking the $10B JEDI cloud contract if it wins

Microsoft: Russians targeted conservative think tanks, U.S. Senate

The Russian intelligence office that breached the Democratic National Committee in 2016 has spoofed websites associated with the U.S. Senate and conservative think tanks in a further attempt to sow discord, according to new research from Microsoft. The tech giant last week executed a court order and shut down six internet domains set up by the Kremlin-linked hacking group known as Fancy Bear or APT 28, Microsoft President Brad Smith said. “We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group,” Smith wrote in a blog post. “We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections.” The domains were constructed to look like they belonged to the Hudson Institute and International Republican Institute, but were in fact phishing websites […]

The post Microsoft: Russians targeted conservative think tanks, U.S. Senate appeared first on Cyberscoop.

Continue reading Microsoft: Russians targeted conservative think tanks, U.S. Senate

RSA 2018 – Chaos Engineering

When surrounded with chaos, it is normal to cling to that which is comforting like a NGFW or SIEM.
The post RSA 2018 – Chaos Engineering appeared first on Anitian.
The post RSA 2018 – Chaos Engineering appeared first on Security Boulevard.
Continue reading RSA 2018 – Chaos Engineering

Microsoft-led industry group pledges to not assist government cyberattacks

A cohort of major technology companies led by Microsoft committed Tuesday to a core set of principles for behavior in cyberspace, including not helping any government mount a cyberattack against “innocent civilians and enterprises.” For the last several weeks, Microsoft has been seeking support from companies in order to define a common standard of behavior, or norms, for the broader software making community. The announcement was spearheaded by Brad Smith, president and chief legal officer of Microsoft. Smith spoke Tuesday morning at the RSA cybersecurity conference in San Francisco to an audience mostly comprised of cybersecurity industry insiders and marketers. These norms spelled out in the agreement cover more than government relations. They contain the concept of “collective action” between technology companies to eliminate some of the more expansive cybersecurity threats facing the global economy. Dubbed the “Cybersecurity Tech Accord,” the agreement showcases the signatures of more than 30 chief executives from some of […]

The post Microsoft-led industry group pledges to not assist government cyberattacks appeared first on Cyberscoop.

Continue reading Microsoft-led industry group pledges to not assist government cyberattacks

‘Next generation’ of Silicon Valley leaders more willing to work with feds, former Pentagon chief says

The U.S. government’s ability to collaborate with the private sector on cybersecurity matters has improved in recent years in part because of better relations with the “next generation” of Silicon Valley leaders, according to former Defense Secretary Ashton Carter. Carter, who spoke Friday as part of a panel at the World Economic Forum conference in Davos, Switzerland, said in broad terms that the federal government had been stifled from creating a safer internet because of a poor relationship with technology companies. He seemed to suggest, however, that the complex relationship between national security agencies and the private sector has turned a corner in recent years after a prolonged period of heightened tension spurred by Edward Snowden’s 2013 disclosures of classified U.S. surveillance programs. “The cyber world grew up in what we now call the tech environment, which was militantly independent of government. And that was a great culture in a lot of ways. I am […]

The post ‘Next generation’ of Silicon Valley leaders more willing to work with feds, former Pentagon chief says appeared first on Cyberscoop.

Continue reading ‘Next generation’ of Silicon Valley leaders more willing to work with feds, former Pentagon chief says

Microsoft’s Smith adds ‘IT Red Cross’ to his ‘digital Geneva Convention’ call

Microsoft President Brad Smith this week renewed his call for a “digital Geneva Convention,” adding a new wrinkle: the suggestion that the world’s IT companies and their cyber first responders should be recognized as kind of “tech Red Cross” — neutral players who should remain unmolested by combatants on the cyber-battlefield. In a speech at the U.N. in Geneva, Smith recalled the origins of the International Committee of the Red Cross — the brainchild of Geneva businessman Henri Dunant, who witnessed the slaughter at the battle of Solferino, in Italy in 1859, the deadliest single day of battle in Europe since Waterloo nearly a half-century earlier.   “He recognized that humanity needed to catch up with [new weapons] technology … he advocated, he persuaded, he succeeded in convincing the leaders of governments in Europe that despite the fact that the medics were uniformed soldiers of a specific army, they should be treated as neutrals … protected so they could treat those […]

The post Microsoft’s Smith adds ‘IT Red Cross’ to his ‘digital Geneva Convention’ call appeared first on Cyberscoop.

Continue reading Microsoft’s Smith adds ‘IT Red Cross’ to his ‘digital Geneva Convention’ call