Collaborate Disseminate
VPN Usage has been critical during the coronavirus pandemic. Virtual Private Networks have allowed employees to safely connect to corporate networks regardless of location. This technology was foundational for businesses to safely transition their work… Continue reading Choosing the Right VPN for Your Business
Harvard Kennedy School’s Belfer Center published the “National Cyber Power Index 2020: Methodology and Analytical Considerations.” The rankings: 1. US, 2. China, 3. UK, 4. Russia, 5. Netherlands, 6. France, 7. Germany, 8. Canada, 9. Japan, 10. Australia, 11. Israel. More countries are in the document.
We could — and should — argue about the criteria and the methodology, but it’s good that someone is starting this conversation.
Executive Summary: The Belfer National Cyber Power Index (NCPI) measures 30 countries’ cyber capabilities in the context of seven national objectives, using 32 intent indicators and 27 capability indicators with evidence collected from publicly available data…
The Atlantic Council has a released a report that looks at the history of computer supply chain attacks. Key trends from their summary: Deep Impact from State Actors: There were at least 27 different state attacks against the software supply chain including from Russia, China, North Korea, and Iran as well as India, Egypt, the United States, and Vietnam.States have… Continue reading Survey of Supply Chain Attacks
The Atlantic Council has a released a report that looks at the history of computer supply chain attacks. Key trends from their summary: Deep Impact from State Actors: There were at least 27 different state attacks against the software supply chain incl… Continue reading Survey of Supply Chain Attacks
Report on espionage attacks using LinkedIn as a vector for malware, with details and screenshots. They talk about "several hints suggesting a possible link" to the Lazarus group (aka North Korea), but that’s by no means definite. As part of the initial compromise phase, the Operation In(ter)ception attackers had created fake LinkedIn accounts posing as HR representatives of well-known companies… Continue reading Nation-State Espionage Campaigns against Middle East Defense Contractors
Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India. Key Findings: Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents. Targets include advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries. Dark Basin extensively targeted American nonprofits, including organisations… Continue reading New Hacking-for-Hire Company in India
Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India. Key Findings: Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents. Targets include advocacy… Continue reading New Hacking-for-Hire Company in India
The Washington Post is reporting on an internal CIA report about its "Vault 7" security breach: The breach — allegedly committed by a CIA employee — was discovered a year after it happened, when the information was published by WikiLeaks, in March 2017. The anti-secrecy group dubbed the release "Vault 7," and U.S. officials have said it was the biggest… Continue reading Theft of CIA’s "Vault Seven" Hacking Tools Due to Its Own Lousy Security
Ben Buchanan has written "A National Security Research Agenda for Cybersecurity and Artificial Intelligence." It’s really good — well worth reading…. Continue reading AI and Cybersecurity
Paying ransom to cybercriminals costs companies hit with ransomware attacks more than recovering data on their own, according to a new research. Continue reading Paying Ransomware Crooks Doubles Clean-up Costs, Report