Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for SnailLoad Allows Att ...

 Cybersecurity News

Researchers from Austria's Graz University of Technology have uncovered a novel side-channel attack called SnailLoad that exploits network latency to infer user activity. SnailLoad is a non-invasive attack technique that could allow attackers to gather information about websites visited or videos watched by   show more ...

victims without needing direct access to their network traffic. How The SnailLoad Exploit Works SnailLoad takes advantage of the bandwidth bottleneck present in most internet connections. When a user's device communicates with a server, the last mile of the connection is typically slower than the server's connection. An attacker can measure delays in their own packets sent to the victim to deduce when the victim's connection is busy. [caption id="attachment_79548" align="alignnone" width="1287"] Source: snailload.com[/caption] The attack masquerades as a download of a file or any website component (like a style sheet, a font, an image or an advertisement). The attacking server sends out the file at a snail's pace, to monitor the connection latency over an extended period of time. The researchers decided to name the technique 'SnailLoad' as "apart from being slow, SnailLoad, just like a snail, leaves traces and is a little bit creepy." The attack requires no JavaScript or code execution on the victim's system. It simply involves the victim loading content from an attacker-controlled server that sends data at an extremely slow rate. By monitoring latency over time, the attacker can correlate patterns with specific online activities. The researchers have shared the conditions required to recreate the SnailLoad attack: Victim communicates with the attack server. Communicated server has a faster Internet connection than the victim's last mile connection. Attacker's packets sent to victim are delayed if the last mile is busy. Attacker infers website visited or video watched by victim through side-channel attack. In the related user study detailed in the SnailLoad research paper, the researchers approached local undergraduate and graduate students who volunteered to run a measurement script that employs the SnailLoad attack technique. The researchers took steps to ensure that no personal information had been exposed to information leakage at any point. Furthermore, the researchers had planned to destroy collected traces after the paper had been published and offer students the option to directly request the deletion of traces or exclusion of their traces in the paper's results at any point. The researchers reported the attack technique to Google on March 9 under the responsible disclosure section of their paper, with Google acknowledging the severity of the issue. The tech giant also stated that it was investigating possible server-side mitigations for YouTube.  The researchers shared working proof of concept on GitHub along with instructions and an online demo. SnailLoad Implications and Mitigation In testing, SnailLoad was able to achieve up to 98% accuracy in identifying YouTube videos watched by victims. It also showed 62.8% accuracy in fingerprinting websites from the top 100 most visited list. While not currently observed in the wild, SnailLoad could potentially affect most internet connections. Mitigation is challenging, as the root cause stems from fundamental bandwidth differences in network infrastructure. The researchers stated that while adding random noise to the network can reduce the accuracy of the attack, it could impact performance and cause inconvenience to users. As online privacy concerns grow, SnailLoad highlights how even encrypted traffic could potentially be exploited to leak information through subtle timing differences. Further research could be required to develop effective countermeasures against this new class of remote side-channel attacks.

image for 5 Essential Cybersec ...

 Cybersecurity News

Internet of Things (IoT) devices—ranging from everyday sensors and smart gadgets to sophisticated appliances—have seamlessly integrated into our lives, enhancing convenience at the cost of increasing cybersecurity risks. IoT devices constantly communicate over the internet, making them potential gateways for   show more ...

unauthorized access and cyber threats. As the fabric of connectivity expands, the urgency to safeguard these devices becomes paramount. In this feature, we explore effective strategies to fortify your IoT devices against potential breaches and cyberattacks, ensuring that convenience does not compromise security. IoT devices: Use of Insecure or Outdated Components  Using insecure or outdated components in IoT devices poses cybersecurity risks as whether they’re hardware, firmware, or software, they’re able to contain vulnerabilities that can be exploited by attackers. Manufacturers may not take initiative in updating older components to address newly discovered security flaws, which mean devices can be left exposed and can result in unauthorized access and data breaches.   Ensuring that all devices have regular updates and patches, is essential to mitigate vulnerabilities and enhance the overall security of IoT devices against cyber threats. Using components with built-in security features would further help in safeguarding against potential attacks. By avoiding insecure or outdated components, organizations can make it more challenging for cybercriminals to exploit weaknesses in their IoT infrastructure.  Lack of Physical Barriers  A lack of physical barriers in IoT devices can mean attackers can tamper with hardware to extract sensitive data or deploy malicious firmware. This is cause for concern in devices located in public or unmonitored locations. Implementing physical security measures is essential to protect IoT devices from such threats. This includes using tamper-evident seals, secure enclosures, and access controls to restrict physical access.   Additionally, devices with the ability to detect and respond to physical tampering by triggering alarms or disabling functionality would be helpful. Ensuring that physical security is integrated into the overall security strategy helps protect devices from things like hardware manipulation and data extraction.  Installation of Insecure Network Services  Installing insecure network service such as web interfaces, communication protocols, or management APIs, may be essential for device functionality, but can become entry points for attackers if not properly secured. Insecure network services may expose devices to risks such as unauthorized access, data breaches, and remote code execution. To mitigate these risks, it is crucial to implement secure configurations, disable unnecessary services, and use strong authentication mechanisms.   Regular security assessments and vulnerability scans can help identify and address potential weaknesses in network services. Using secure communication protocols like TLS/SSL, and ensuring proper access controls, can further enhance the security of network services. By securing network services, organizations can protect IoT devices from exploitation, safeguard sensitive data, and maintain the integrity and availability of their IoT systems.  Lack of Secure Update System  A lack of a secure update system in IoT devices can leave them vulnerable to exploitation and compromise. Regular updates are essential for patching security vulnerabilities, adding new features, and improving overall device performance. Without a secure update mechanism, devices may remain exposed to known vulnerabilities, increasing the risk of cyber-attacks.   Implementing a secure update system involves using encrypted and authenticated update packages, ensuring that only legitimate updates are applied. Devices should be able to support over-the-air (OTA) updates to allow for timely and efficient patching. Regularly updating device firmware and software is crucial for maintaining the security and functionality of IoT devices.   Insufficient Privacy Protection  Insufficient privacy protection in IoT devices can lead to risks including unauthorized access and data breaches. IoT devices often collect and transmit vast amounts of personal data, making them attractive targets for cybercriminals. Without the proper privacy measures, this data can be intercepted, accessed, or misused, compromising user confidentiality and trust. Ensuring privacy protection involves implementing strong encryption protocols, secure data storage, and strict access controls.   These measures help protect data both in transit and at rest, reducing the risk of exposure. Additionally, adhering to privacy-by-design principles during the development of IoT devices ensures that privacy considerations are integrated from the outset. This includes conducting regular privacy impact assessments and adopting transparency practices, such as clear user consent mechanisms and data anonymization techniques. By prioritizing privacy protection, organizations can enhance user trust, comply with regulatory requirements, and safeguard sensitive information from potential cyber threats. 

image for Microsoft and Proxim ...

 Press Release

Microsoft and Proximus Group have formally signed a 5-year strategic partnership, allowing both companies to strengthen their digital lead and accelerate their innovative offerings to business and residential customers in Belgium and abroad. Both Proximus and Microsoft will reinforce their leadership positions thanks   show more ...

to this partnership.  Microsoft will strengthen its use of the best-in-class products of Proximus' international affiliates BICS, Telesign and Route Mobile, while Proximus will benefit from Microsoft's Azure Cloud, leveraging all innovative AI & Data evolutions. The newly formed strategic partnership between Microsoft and Proximus, will allow both parties to leverage their respective expertise and product leadership, accelerated by the power and potential of AI-applications and solutions. It focuses on three key areas:  Communication Platform as a Service (CPaaS) and Digital Identity (DI) Collaboration: The partnership will focus on advancing communication platform services, enabling seamless customer engagement across multiple channels. Proximus Group's expertise in CPaaS and DI, with Telesign and Route Mobile enabled by BICS global networks and coverage will drive innovation in customer communication and security services even further thanks to this partnership. Both organizations will increase their collaboration to make the digital world a safer place, by ensuring trusted communication through Digital Identity and anti-fraud solutions.  Proximus joining forces with Microsoft for a strategic cloud transformation: Key platforms will be migrated to Azure cloud services, ensuring enhanced scalability, quicker market delivery, and strengthened security. The transformation will accelerate the integration of the newest generative AI technologies in customer service and operations. Additionally, it will provide Proximus engineers with a best-in-class development environment to build innovative products and experiences.  Enhanced Go-to-Market for Proximus: Microsoft will work closely with Proximus to optimize its go-to-market strategy, empowering Proximus to optimize its reseller role for Microsoft products and services in Belgium. This collaboration will strengthen Proximus' position as a top-tier Microsoft reseller in the region and will benefit all Proximus customers who are also users of Microsoft products and services. Another concrete example of this collaboration: the two partners are already working hand in hand to bring some particularly innovative sovereign cloud solutions to market.  Microsoft and Proximus: Advancing Technology The collaboration between Microsoft and Proximus underscores their shared commitment to drive technological advancement and deliver unparalleled value to customers across Belgium and abroad. Both companies are enthusiastic about the future possibilities and are eager to shape the technological landscape together. Marijke Schroos, General Manager of Microsoft Belux, stated, “This strategic partnership is a confirmation of the shared vision of Microsoft and Proximus when it comes to leveraging the power of innovation through cloud applications and AI innovation. Our combined strengths will create a true powerhouse of technological innovation to the benefit of our partners, customers and society as a whole.” Guillaume Boutin, CEO of Proximus, shared his excitement: “I'm particularly enthusiastic about this partnership, because when two leading companies join forces, the results are bound to be positive. Our international expansion strategy is bearing fruit, as it now puts us in the right position to sign relevant partnerships with the biggest players in the IT and digital sector, such as Microsoft. This strategic partnership represents excellent news for our business and residential customers, which will continue to benefit from cutting-edge technology and seamless connectivity.” Boutin also emphasized the benefits for Proximus: “It’s also good news for Proximus as a group, because it will lead Microsoft to strengthen its use of our best-in-class products suites of CPaaS & DI. This new strategic partnership with Microsoft, which will open up new frontiers in communication services, shows how Proximus Group is on track to further redefine customer experiences in Belgium and abroad thanks to the combined efforts of our international affiliates BICS, Telesign and Route Mobile.”

image for From Fiction to Fact ...

 Firewall Daily

There are numerous movies that envision futuristic scenarios, often portraying advanced technology within utopian or dystopian settings. While these films captivate audiences with their imaginative takes on the future, they often fall short of accurately depicting the intricate world of cybersecurity. The real-life   show more ...

nuances of hacking and cybercrimes are frequently overlooked or sensationalized. In this article, we aim to spotlight films that delve deeply into the realm of hacking and cybersecurity. These movies go beyond mere futuristic speculation to explore the complexities of cybercrimes, showcasing the skills, challenges, and ethical dilemmas faced by hackers. From intense cyber heists to battles against digital espionage, these films provide a more authentic portrayal of the hacking landscape. Join us as we uncover a selection of movies that bring the gritty reality of cybersecurity to the forefront, offering a compelling and realistic glimpse into the digital underworld. Top 7 Hacking Movies Highlighting Cybersecurity and Cybercrimes 7. Firewall  FireWall is a 2006 action thriller directed by Richard Loncraine. The film centers on a security expert for a Seattle-based bank named Jack, played by the famous Harrison Ford, whose life takes a perilous turn when he is manipulated into helping a team steal millions from his bank. They threaten Jack's family to ensure his cooperation and Jack struggles to outwit the thieves while protecting them.  This is one of those hacking movies that represents cybersecurity threats greatly as the main character is someone who works in the cybersecurity industry. Although filled with action and dramatic tension, this movie is an insight into how hackings can occur and why cybercrime threats are on the rise with how profitable they can be.   6. Ghost in the Shell  Ghost in the Shell is a 1995 Japanese animated cyberpunk film directed by Mamoru Oshii, and originally based on the manga. The movie takes place in a futuristic world where cybernetic enhancements are the norm and follows Major Motoko Kusanagi, a cyborg agent of Section 9, a government agency that specializes in cybercrime. She and her team go after the Puppet Master, an infamous hacker capable of infiltrating and manipulating human minds.   This film is a staple in the cyberpunk genre and has influenced many others after it. It can tackle how the advancement of technology can be something detrimental as we lose the idea of where human beings end and machines begin. We are also given insight into how hacking may become a much more prevalent issue in the future if we lose this divide, and how it may be harmful to people on a different level.   5. Skyfall  Skyfall is an action movie part of the James Bond film series and directed by Sam Mendes. The film follows the 6th iteration of James Bond, portrayed by Daniel Craig, who is presumed dead after a failed mission. However, Bond resurfaces when MI6 comes under attack by a cyberterrorist. As Bond returns to duty, he faces both physical and psychological challenges while trying to track down and stop the cyberterrorist.   Skyfall shows us cybersecurity threats on a national level. With cyberwars occurring more and more in the real world, this movie is a fun and attention-catching depiction of how these hackings may be dealt with by security intelligence agents and agencies. While it may not be accurate as other hacking movies, it gives the public some insight as these national occurrences are usually shielded from the public eye.   4. Hackers  Hackers is a 1995 film directed by Iain Softley, also in the cyberpunk genre. The film follows a group of young hackers led by Dade Murphy who goes by the alias "Zero Cool." After being banned from computers for crashing 1,507 systems at a young age, Dade returns to hacking as a teenager. Alongside his friends, they uncover a conspiracy involving a powerful corporation and a malicious hacker known as "The Plague".  This film introduces ideas surrounding hacking culture and internet security, but also the ethics of hacking as it shows the clash between rebellious youth and corporate interests. The film is sure to feature stylized depictions of hacking techniques and virtual reality sequences as the hackers in it are presented as countercultural heroes navigating the digital landscape.  3. Untraceable  Untraceable is a 2008 thriller directed by Gregory Hoblit that follows FBI agent Jennifer Marsh who specializes in cybercrime. Marsh and her team investigate a website called "KillWithMe.com," where victims are tortured and killed live on camera. On this site, the more viewers the site attracts, the faster the victims die. As Marsh races against time to track down the tech-savvy killer.  The film explores themes of online voyeurism as the killers exploit the public's morbid curiosity for their profit and gain. Along with this, it tackles the dangers of internet anonymity along with the responsibility of internet platforms in facilitating harmful content. The movie serves as a cautionary tale about the dark side of technology and the lack of cybersecurity not only in the cyber world but also its fallout into the real world because of how hyper-connected everything is.  2. The Beekeeper  The Beekeeper (2024), directed by David Ayer, follows Adam Clay, portrayed by Jason Statham, who is a beekeeper in the country who raises and sells honey. He lives next to an older woman who rents his place out to him and takes care of him. However, one day she responds to a phishing scam from a data mining company which then steals everything in not only her bank account but also the account of a non-profit she helped found, causing her to kill herself. Adam then works to get back on thieving tech bros that use the latest technology to take advantage of people online.   This hacking movie depicts immensely well the detrimental impacts and fallout cybercrime can have. Phishing scams are the most common way for cybercriminals to steal data and money. So, this movie hits even closer to the heart as viewers realize this could happen to any of them. The main character acts as an enforcer of justice as he goes after cybercriminals that are good at hiding their steps and so usually don’t face the consequences for their crimes by law enforcement.   1. The Imitation Game  The Imitation Game is a biographical drama directed by Morten Tyldum, based on the life of Alan Turing, a renowned mathematician and cryptanalyst during World War II. The movie follows the real-life events of Turing as he is recruited by the British government to join a team tasked with deciphering the Enigma code used by Nazi Germany. Turing uses unorthodox methods to work tirelessly to break the code, a task vital to Allied victory.  This movie is different from the other ones on the list due to its mostly “non-fiction” nature. This movie depicts a very real-life issue where coding, a part of hacking, was essential to the survival of millions of people. The Imitation Game highlights Turing's pivotal role in history while shedding light on the complexities of his life and legacy. At the same time, it documents the impact of the team put together to figure out this essential code against the Nazis.   Conclusion  We hope at least some of these hacking movies may have piqued your interest. Whether you’re a fan of older movies from the 90s or a newer one from just this year, whether a fictional storyline or nonfiction one, at least one of these should have piqued your interest. I hope we cybersecurity enthusiasts will have more of these movies coming out around the corner.

image for Netflix’s Finest: ...

 Firewall Daily

Netflix is renowned for its diverse and engaging lineup of drama-filled shows that cater to a wide array of audiences. Among its extensive catalog, Netflix has also produced and curated a significant number of series that delve into the complex and often thrilling world of technology and cybersecurity. These shows not   show more ...

only entertain but also shed light on the intricate issues and challenges that define the digital age. In this article, we highlight some of the best cybersecurity-themed shows available on Netflix. These selections range from riveting docuseries that explore real-life cybercrimes and the people behind them, to fictional dramas that imagine high-stakes scenarios involving hacking, data breaches, and digital espionage. Whether you are a tech enthusiast, a cybersecurity professional, or simply someone who enjoys a good thriller, these shows offer a fascinating look at the digital world's darker side. Join us as we explore these top-notch series that bring the exciting and often perilous world of cybersecurity to your screen. Best Cybersecurity Shows on Netflix  7. The Great Hack  The Great Hack is a 2019 Netflix documentary that explores the Cambridge Analytica scandal and its impact on privacy and democracy. The film discloses how the political consulting firm used personal data derived from Facebook to influence voter behaviors in various elections like the 2016 U.S. presidential election and the Brexit referendum. There are key figures from the actual events like data scientists and former Cambridge Analytica employees who share their thoughts on the ethical implications and societal impact of data exploitation.   This is one of those cybersecurity shows on Netflix that is a particularly great watch as it aims to share with the public the extent to which personal data can be manipulated to sway public opinion.  It also helps the audience critically evaluate the security and political climate of the world they’re living in as it raises questions about data privacy, corporate power, and the role of democracy in a digital world.  6. The Billion Dollar Code  The Billion Dollar Code is a 2021 German Netflix drama series that follows two young German computer enthusiasts who develop TerraVision in the 1990s. TerraVision was an innovative software that allowed users to virtually navigate the globe using satellite images, which is similar to what Google Earth does today. These initial idea and development phases lead to their eventual legal battle against Google, who accuse them of infringing on their creation of Google Earth.   This show consists of courtroom drama and flashbacks that cover the steps of innovation and the battles surrounding intellectual property in the tech industry. The movie provides insight into the moral dilemmas faced by inventors when working with or against powerful corporations.  5. Connected  Connected is a 2020 Netflix docuseries hosted by science journalist Latif Nasser, who explores the different ways in which aspects of our world are interconnected. Each episode dives into a different subject, ranging from surveillance to the human microbiome, and how they could be linked through hidden patterns and systems. Nasser meets with experts all over the globe and uncovers stories that reveal the science and history behind these connections. This is one of those cybersecurity shows that has a very broad concept, but there are specific episodes that explore technology-based matters. Weather forecasting devices, surveillance technology, and nuclear weapons are some of the topics they explore. It is a great educational show to look at how the cyberworld is intertwined with the physical world. 4. Cyber Hell: Exposing an Internet Horror  Cyber Hell: Exposing an Internet Horror is a 2022 Netflix documentary that investigates the dark underbelly of the Internet. It focuses on a terrible case of digital exploitation in South Korea dubbed the "Nth Room" case. This case followed a network of online chat rooms where anonymous users exploited and blackmailed young women and minors into producing explicit content. These crimes utilised encrypted messaging apps which made it difficult for law enforcement to track down the perpetrators. This documentary follows victims’ advocates, journalists, and most notably, cybercrime experts, as they break down the web of digital abuse and try to successfully apprehend the offenders. It highlights the challenges of combating cybercrime in an age of increasing digital anonymity and highlights the dangerous need for stronger online protections. The film acts as a reminder of the real-world consequences of unchecked digital behavior.  3. The Future Of  The Future Of is a 2022 Netflix docuseries that explores how cutting-edge innovations and technologies might shape various aspects of our lives in the near future. Each episode focuses on a different topic, such as gaming, food, fashion, space exploration, and love. Through interviews with experts, futurists, and industry leaders, the series presents a blend of scientific predictions and creative speculation of where these topics may go.  It uses current advancements to create possible scenarios, highlighting the many possibilities but also the ethical dilemmas that come with extensive technological progress. This show inspires curiosity about what's to come but also probes viewers to think critically about the implications of technology on society.  2. Love, Death + Robots.  Love, Death + Robots is a Netflix animated anthology series that features a collection of short stories surrounding science fiction, fantasy, horror, and comedy. This show is known for its mix of animation styles, ranging from photorealistic CGI to traditional 2D animation. Each episode offers its own unique narratives that explore themes such as AI, dystopian futures, and extra-terrestrials. Love, Death + Robots differs from the other shows due to its fictional nature sports mature themes, and provides fresh and innovative takes on the development of technology through an animated form of storytelling. 1. Black Mirror  "Black Mirror" is one of Netflix’s most popular series, it follows an anthology format where every episode explores a different dark and often dystopian side of technological advancements. Each standalone episode presents a story set in a near-future or alternate present, delving into the consequences of human beings’ relationship with technology. The series tackles themes like surveillance, virtual reality, social media, AI, and human consciousness.  Black Mirror forces viewers to confront the darker aspects of technological progress and its impact on human behavior and societal norms as it highlights the potential for misuse and ethical dilemmas. This show has garnered critical acclaim for its ability to provoke reflection on the potential future of humanity in an extensive digital world, even having an episode that criticizes its very own streaming service, Netflix.  We hope at least one of these may have triggered your interest. Especially as there’s a show in there for everybody. Whether you’re interested in learning about real-life cybersecurity events that have occurred, or curious about predictive storylines that address the dangers of advanced technology.  

image for 76% of Companies Imp ...

 Features

A new survey, "Cyber Insurance and Cyber Defenses 2024: Lessons from IT and Cybersecurity Leaders," highlights the impact of cyber insurance on security investments. According to the report, 97% of organizations with a cyber policy enhanced their defenses to comply with insurance requirements. Among these, 76%   show more ...

stated that the improvements helped them qualify for coverage, 67% achieved better pricing, and 30% obtained improved policy terms. The survey, conducted by security company Sophos, also revealed that recovery costs from cyberattacks are outpacing insurance coverage. Only one percent of those that made a claim said that their carrier funded 100% of the costs incurred while remediating the incident. Cyber Insurance and Cyber Defenses 2024 The most common reason for the policy not paying for the costs in full was because the total bill exceeded the policy limit. According to The State of Ransomware 2024 survey, recovery costs following a ransomware incident increased by 50% over the last year, reaching $2.73 million on average.  “The Sophos Active Adversary report has repeatedly shown that many of the cyber incidents companies face are the result of a failure to implement basic cybersecurity best practices, such as patching in a timely manner. In our most recent report, for example, compromised credentials were the number one root cause of attacks, yet 43% of companies didn’t have multi-factor authentication enabled,” said Chester Wisniewski, director, global Field CTO.   “The fact that 76% of companies invested in cyber defenses to qualify for cyber insurance shows that insurance is forcing organizations to implement some of these essential security measures. It’s making a difference, and it’s having a broader, more positive impact on companies overall. However, while cyber insurance is beneficial for companies, it is just one part of an effective risk mitigation strategy. Companies still need to work on hardening their defenses. A cyberattack can have profound impacts for a company from both an operational and a reputational standpoint, and having cyber insurance doesn’t change that.”  Across the 5,000 IT and cybersecurity leaders surveyed, 99% of companies that improved their defenses for insurance purposes said they had also gained broader security benefits beyond insurance coverage due to their investments, including improved protection, freed IT resources and fewer alerts.  “Investments in cyber defenses appear to have a ripple effect in terms of benefits, unlocking insurance savings that organizations can be diverted into other defenses to more broadly improve their security posture. As cyber insurance adoption continues, hopefully, companies’ security will continue to improve. Cyber insurance won’t make ransomware attacks disappear, but it could very well be part of the solution,” said Wisniewski.  Data for the Cyber Insurance and Cyber Defenses 2024: Lessons from IT and Cybersecurity Leaders report comes from a vendor-agnostic survey of 5,000 cybersecurity/IT leaders conducted between January and February 2024. Respondents were based in 14 countries across the Americas, EMEA and Asia Pacific. Organizations surveyed had between 100 and 5,000 employees, and revenue ranged from less than $10 million to more than $5 billion.

image for Chrome to ‘Distrus ...

 Compliance

Google's Chrome browser is making a significant security move by distrusting certificates issued by Entrust, a prominent Certificate Authority (CA), beginning late 2024. This decision throws a wrench into the operations of numerous websites including those of major organizations like Bank of America, ESPN, and IRS.   show more ...

GOV, among others. Digital certificates (SSL/TLS) play a vital role in ensuring secure connections between users and websites. These certificates issued by trusted CAs act as a security seal - more like a blue tick for websites - and helps users gauge the legitimacy of the website. It also ensures an encrypted communication to prevent data breaches. However, Chrome is removing Entrust from its list of trusted CAs due to a concerning pattern of "compliance failures, unmet improvement commitments, and the absence of tangible, measurable progress" over the past six years. Entrust's repeated shortcomings in upholding security standards have led Google to lose confidence in their ability to act as a reliable CA. "It is our opinion that Chrome’s continued trust in Entrust is no longer justified." - Google Chrome This move also extends to AffirmTrust, a lesser-known provider acquired by Entrust. While these certificates account for only a small fraction (0.1%) compared to Let's Encrypt (49.7%), the impact is still significant considering organizations like Bank of America, BookMyShow, ESPN and even government websites like IRS.gov, which have high internet traffic volumes, are also certified by Entrust. [caption id="attachment_79569" align="aligncenter" width="1024"] Bank of America and IRS.gov certificates as displayed on Chrome Certificate Viewer[/caption] What This Means for Users and Website Owners Starting November 1, 2024, Chrome users encountering websites with distrusted Entrust certificates will be met with a full-page warning proclaiming the site as "not secure." [caption id="attachment_79563" align="aligncenter" width="1024"] Sample of how Chrome will display warning for websites having a certificate from Entrust or AffirmTrust (Source: Google)[/caption] This warning only applies to certificates issued after October 31, 2024, providing a grace period for websites with existing Entrust certificates. However, as certificates have lifespans, website owners must transition to a different CA before expiration. Considering its market share Let's Encrypt, a free and trusted option, comes highly recommended. This shift is crucial for maintaining a secure web environment. When a CA fails to meet expectations, it jeopardizes the entire internet ecosystem. Chrome's decision prioritizes user protection by eliminating trust in potentially compromised certificates. Website owners using impacted Entrust certificates should act swiftly to switch to a different CA. The Chrome Certificate Viewer can be used to identify certificates issued by Entrust. While this may seem inconvenient, it's necessary to ensure continued user access without security warnings. Potential Workaround Only on Internal Networks Large organizations managing internal networks have some leeway. Chrome allows enterprises to bypass these changes by installing the affected certificates as trusted on their local networks. This ensures internal websites using these certificates function normally. The Entrust Controversy: A Deeper Look Further context emerges from discussions on Mozilla's Bug Tracker (Bug 1890685). It reveals a critical issue – Entrust's failure to revoke a specific set of Extended Validation (EV) TLS certificates issued between March 18 and 21, 2024. This violated their own Certification Practice Statement (CPS). Entrust opted against revoking the certificates, citing potential customer confusion and denying any security risks. However, this decision sparked outrage. Critics emphasized the importance of proper revocation procedures to uphold trust in the CA system. Entrust's prioritization of customer convenience over security raised concerns about their commitment to strict adherence to security best practices. A detailed post on Google Groups by Mike Shaver sheds further light on the situation. Shaver expresses doubt in Entrust's ability to comply with WebPKI and Mozilla Root Store Program (MRSP) requirements. Despite attempts to address these concerns, Entrust's handling of certificate revocation, operational accountability, and transparency remain under scrutiny. Shaver points out Entrust's tendency to prioritize customer convenience over strict adherence to security standards. He also criticizes the lack of detailed information regarding organizational changes and Entrust's failure to meet Mozilla's incident response requirements. Until Entrust demonstrates substantial improvements and transparency, continued trust in their certificates poses a significant risk to the overall web PKI and the security of internet users. But this is not the end of it. In fact it is just the tip of the ice berg. Shaver's comments in the forum are in response to a host of compliance incidents between March and May related to Entrust. Ben Wilson summarized these recent incidents in a dedicated wiki page. "In brief, these incidents arose out of certificate mis-issuance due to a misunderstanding of the EV Guidelines, followed by numerous mistakes in incident handling including a deliberate decision to continue mis-issuance," Wilson said. This is a very serious shortcoming on Entrust's behalf considering the stringent norms and root store requirements, he added. However, Chrome's decision to distrust Entrust certificates sends a strong message – prioritizing user safety requires holding CAs accountable for upholding the highest security standards. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Feed

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Data Loss Prevention (DLP) , Endpoint Security , Next-Generation Technologies & Secure Development Silver Lake Leads Series C Round for California-Based Data Security Startup Odaseva Michael Novinson (MichaelNovinson) • June 28, 2024     Sovan Bin, founder   show more ...

and CEO, Odaseva (Image: Odaseva) A data security startup founded by a Salesforce […] La entrada Startup Odaseva Raises $54M to Bolster Global Expansion, R&D – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Endpoint Security , Governance & Risk Management , Internet of Things Security Critical-Severity Flaws Expose Emerson Devices to Cyberattacks Prajeet Nair (@prajeetspeaks) • June 28, 2024     Image: Shutterstock Multiple critical vulnerabilities in Emerson   show more ...

gas chromatographs could allow malicious actors access to sensitive data, cause denial-of-service conditions and execute […] La entrada Multiple Vulnerabilities Found in Gas Chromatographs – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Breach Notification , Fraud Management & Cybercrime , Healthcare InfoSys McCamish Systems Earlier Alerted 57,000 Bank of America Clients of Breach Marianne Kolbasuk McGee (HealthInfoSec) • June 28, 2024     Image: Infosys McCamish Systems Infosys McCamish   show more ...

Systems, an insurance software product and services vendor, is notifying nearly 6.1 million […] La entrada Insurance Software Vendor Notifies 6.1 Million of 2023 Hack – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Governance & Risk Management , Managed Detection & Response (MDR) , Managed Security Service Provider (MSSP) Job Cuts Come Less Than 2 Months After WillJam Ventures-Owned Company Rebranded Michael Novinson (MichaelNovinson) • June 28, 2024     LevelBlue   show more ...

laid off 15% of its 1,000-person workforce just months after AT&T sold […] La entrada LevelBlue Lays Off 15% of Employees After Being Sold by AT&T – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaches

Source: www.databreachtoday.com – Author: 1 Cybercrime , Fraud Management & Cybercrime , Multi-factor & Risk-based Authentication The Theft of Snowflake’s Customers’ Data Shows That Vendors Need Robust Defenses Mathew J. Schwartz (euroinfosec) • June 28, 2024     Image: Shutterstock   show more ...

Who’s responsible for the data breaches experienced by customers of the data warehousing platform Snowflake? […] La entrada Breaches Due to Credential Stuffing: Who’s Accountable? – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Artificial Intelligence & Machine Learning , Governance & Risk Management , Leadership & Executive Communication What to Do to Protect the Sensitive Data You Submit to Online AI Tools CyberEdBoard • June 28, 2024     Ian Keller, security director   show more ...

and CyberEdBoard executive member Artificial intelligence tools are both a […] La entrada On Point: Risk Management Strategies for AI Tools – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - CISO Strategics - Risk & Compli

The document outlines the importance of compliance in today’s global business landscape, emphasizing the need for organizations to adopt a Risk Intelligent approach to manage compliance risks effectively. It addresses key questions related to compliance responsibilities, integration of functions like   show more ...

compliance, internal audit, HR, risk management, tax, and legal, and the role of the compliance […] La entrada Enterprise compliance The Risk Intelligent approach se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - Cybersecurity Architecture - De

The document from www.hackingarticles.in covers various aspects of Docker for Pentesters, including Docker architecture, Docker API, image vulnerability assessment using tools like Clair and Bench-Security, and pentesting frameworks like WPScan, SQLmap, Dirbuster, Nmap, HTTP Python Server, John the Ripper, and   show more ...

Metasploit. It also provides instructions on enabling Docker API for remote connections, abusing Docker API, […] La entrada Docker Architecture se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - SOC - CSIRT Operations - DFIR -

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. Username or E-mail Password Remember Me     Forgot Password La   show more ...

entrada DIGITAL FORENSICS WITH Open Source TOOLS se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-06
Aggregator history
Saturday, June 29
SAT
SUN
MON
TUE
WED
THU
FRI
JuneJulyAugust