ETSI releases a Technical Report on autonomic network management and control applying machine learning and other AI algorithms

Sophia Antipolis, 5 March 2020

The ETSI Technical Committee on Core Network and Interoperability Testing (TC INT) has just released a Technical Report, ETSI TR 103 626, providing a mapping of architectural components for autonomic networking, cognitive networking and self-management. This architecture will serve the self-managing Future Internet.

The ETSI TR 103 626 provides a mapping of architectural components developed in the European Commission (EC) WiSHFUL and ORCA Projects, using the ETSI Generic Autonomic Networking Architecture (GANA) model.

The objective is to illustrate how the ETSI GANA model specified in the ETSI specification TS 103 195-2 can be implemented when using the components developed in these two projects. The Report also shows how the WiSHFUL architecture augmented with virtualization and hardware acceleration techniques can implement the GANA model. This will guide implementers of autonomics components for autonomic networks in their optimization of their GANA implementations.

The TR addresses autonomic decision-making and associated control-loops in wireless network architectures and their associated management and control architectures. The mapping of the architecture also illustrates how to implement self-management functionality in the GANA model for wireless networks, taking into consideration another Report ETSI TR 103 495, where GANA cognitive algorithms for autonomics, such as machine learning and other AI algorithms, can be applied.

SESAR Deployment Manager signs MoU with ETSI for European Air Traffic Management modernization

Sophia Antipolis, 27 July 2020

SESAR Deployment Manager (SDM) has recently signed an MoU with ETSI, namely to participate to the ETSI technical group making standards for aeronautics (TG AERO). SESAR aims at the modernization of Europe’s Air Traffic Management (ATM), crucial for the sustainability of European aviation and the forecasted increase in air traffic by 2035 (pre covid-19 forcast). SDM synchronizes and coordinates the deployment of common projects, translating the regulatory requirements to the industry.

Read More...

ETSI blockchain group releases first Reports, targeting industry and governmental bodies

Sophia Antipolis, 15 February 2021

The ETSI Industry Specification Group on Permissioned Distributed Ledger (ISG PDL) has recently released a number of Reports to support industry and government institutions needs for what is commonly known as blockchain. These Reports cover data record compliance to regulation, application scenarios and smart contracts.  

Read More...

ETSI celebrates International Women’s Day

Sophia Antipolis, 8 March 2022

Diversity, equity, and inclusiveness are key pillars of the ETSI community. ETSI is committed to help raise awareness of the value of gender diversity and we wanted to highlight the people behind our standards: #TheStandardsPeople.

To start this campaign and to mark International Women’s Day, we dedicate the month of March to showcase our female contributors.

Read More...

Sophia Antipolis, 10 February 2023

With more than 170 face-to-face attendees, coming from 30 countries, the three day ETSI conference on Maximizing the Impact of European 6G Research through Standardization came to a close on 8 February. The event provided a unique opportunity for the research community to come together with industry representatives and standardization experts to discuss future technology research and building stronger links to standardization.

Read More...

Starts: Fri, 22 Nov 2024 19:00:00 -0500
11/22/2024 05:00:00PM
Location: Montreal, Canada

The Civil War began with a largely symbolic battle at Fort Sumter, a battle in which the only fatality was a (southern) horse.

Twenty five years after the launch of CVE, the Tenable Security Response Team has handpicked 25 vulnerabilities that stand out for their significance.

Background

In January 1999, David E. Mann and Steven M. Christey published the paper “Towards a Common Enumeration of Vulnerabilities” describing an effort to create interoperability between multiple vulnerability databases. To achieve a common taxonomy for vulnerabilities and exposures, they proposed Common Vulnerabilities and Exposures (CVE). In September 1999, the MITRE Corporation finalized the first CVE list, which included 321 records. CVE was revealed to the world the following month.

As of October 2024, there are over 240,000 CVEs. including many that have significantly impacted consumers, businesses and governments. The Tenable Security Response Team has chosen to highlight the following 25 significant vulnerabilities, followed by links to product coverage for Tenable customers to utilize.

25 Significant CVEs

CVE-1999-0211: SunOS Arbitrary Read/Write Vulnerability

CVE-2010-2568: Windows Shell Remote Code Execution Vulnerability

CVE-2014-0160: OpenSSL Information Disclosure Vulnerability

CVE-2014-6271: GNU Bash Shellshock Remote Code Execution Vulnerability

CVE-2015-5119: Adobe Flash Player Use After Free

CVE-2017-11882: Microsoft Office Equation Editor Remote Code Execution Vulnerability

CVE-2017-0144: Windows SMB Remote Code Execution Vulnerability

CVE-2017-5638: Apache Struts 2 Jakarta Multipart Parser Remote Code Execution Vulnerability

CVE-2019-0708: Remote Desktop Services Remote Code Execution Vulnerability

CVE-2020-0796: Windows SMBv3 Client/Server Remote Code Execution Vulnerability

CVE-2019-19781: Citrix ADC and Gateway Remote Code Execution Vulnerability

CVE-2019-10149: Exim Remote Command Execution Vulnerability

CVE-2020-1472: Netlogon Elevation of Privilege Vulnerability

CVE-2017-5753: CPU Speculative Execution Bounds Check Bypass Vulnerability

CVE-2017-5754: CPU Speculative Execution Rogue Data Cache Load Vulnerability

CVE-2021-36942: Windows LSA Spoofing Vulnerability

CVE-2022-30190: Microsoft Windows Support Diagnostic Tool Remote Code Execution

CVE-2021-44228: Apache Log4j Remote Code Execution Vulnerability

CVE-2021-26855: Microsoft Exchange Server Server-Side Request Forgery Vulnerability

CVE-2021-34527: Microsoft Windows Print Spooler Remote Code Execution Vulnerability

CVE-2021-27101: Accellion File Transfer Appliance (FTA) SQL Injection Vulnerability

CVE-2023-34362: Progress Software MOVEit Transfer SQL Injection Vulnerability

CVE-2023-4966: Citrix NetScaler and ADC Gateway Sensitive Information Disclosure Vulnerability

CVE-2023-2868: Barracuda Email Security Gateway (ESG) Remote Command Injection Vulnerability

CVE-2024-3094: XZ Utils Embedded Malicious Code Vulnerability

Identifying affected systems

A list of Tenable plugins for these vulnerabilities can be found on the individual CVE pages:

• CVE-1999-0211
• CVE-2010-2568
• CVE-2014-0160
• CVE-2014-6271
• CVE-2015-5119
• CVE-2017-11882
• CVE-2017-0144
• CVE-2017-5638
• CVE-2019-0708
• CVE-2020-0796
• CVE-2019-19781
• CVE-2019-10149
• CVE-2020-1472
• CVE-2017-5753
• CVE-2017-5754
• CVE-2021-36942
• CVE-2022-30190
• CVE-2021-44228
• CVE-2021-26855
• CVE-2021-34527
• CVE-2021-27101
• CVE-2023-34362
• CVE-2023-4966
• CVE-2023-2868
• CVE-2024-3094

CISA is warning about a spear-phishing campaign that spreads malicious RDP files. Plus, OWASP is offering guidance about deepfakes and AI security. Meanwhile, cybercriminals have amplified their use of malware for fake software-update attacks. And get the latest on CISA’s international plan, Interpol’s cyber crackdown and ransomware trends.

Dive into six things that are top of mind for the week ending Nov. 8.

1 - CISA: Beware of nasty spear-phishing campaign

Proactively restrict outbound remote-desktop protocol (RDP) connections. Block transmission of RDP files via email. Prevent RDP file execution.

Those are three security measures cyber teams should proactively take in response to an ongoing and “large scale” email spear-phishing campaign targeting victims with malicious RDP files, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

A foreign threat actor is carrying out the campaign. Several vertical sectors, including government and IT, are being targeted.

“Once access has been gained, the threat actor may pursue additional activity, such as deploying malicious code to achieve persistent access to the target’s network,” CISA’s alert reads.
 

Other CISA recommendations include:

• Adopt phishing-resistant multi-factor authentication (MFA), such as FIDO tokens, and try to avoid SMS-based MFA
• Educate users on how to spot suspicious emails
• Hunt for malicious activity in your network looking for indicators of compromise (IoCs) and tactics, techniques and procedures

Although CISA didn’t name the hacker group responsible for this campaign, its alert includes links to related articles from Microsoft and AWS that identify it as Midnight Blizzard. Also known as APT29, this group is affiliated with Russia’s government.

To get more details, check out the CISA alert “Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments.”

For more information about securing RDP tools:

• “Commonly Exploited Protocols: Remote Desktop Protocol (RDP)” (Center for Internet Security)
• “What is remote desktop protocol (RDP)?” (TechTarget)
• “Wondering Whether RDP IS Secure? Here's a Guide to Remote Desktop Protocol” (AllBusiness)
• “Why remote desktop tools are facing an onslaught of cyber threats” (ITPro)
• “'Midnight Blizzard' Targets Networks With Signed RDP Files” (Dark Reading)

2 - OWASP issues AI security resources

How should your organization respond to deepfakes? What’s the right way of establishing a center of excellence for AI security in your organization? Where can you find a comprehensive guide of tools to secure generative AI applications?

These questions are addressed in a new set of resources for AI security from the Open Worldwide Application Security Project’s OWASP Top 10 for LLM Application Security Project. 

The new resources are meant to help organizations securely adopt, develop and deploy LLM and generative AI systems and applications “with a comprehensive strategy encompassing governance, collaboration and practical tools,” OWASP said in a statement.

These are the new resources:

• “The Guide for Preparing and Responding to Deepfake Events,” which unpacks four types of deepfake schemes – financial fraud, job interview fraud, social engineering and misinformation – and offers guidance about each one in these areas:
  • preparation
  • detection and analysis
  • containment eradication and recovery
  • post-incident activity
• “The LLM and GenAI Center of Excellence Guide,” which aims to help CISOs and fellow organization leaders create a center of excellence for generative AI security that facilitates collaboration among various teams, including security, legal, data science and operations, so they can develop:
  • Generative AI security policies
  • Risk assessment and management processes
  • Training and awareness
  • Research and development
• “The AI Security Solution Landscape Guide,” which offers security teams a comprehensive catalog of open source and commercial tools for securing LLMs and generative AI applications.

To get more details, read OWASP’s announcement “OWASP Dramatically Expands GenAI Security Guidance.”

For more information about protecting your organization against deepfakes:

• “How to prevent deepfakes in the era of generative AI” (TechTarget)
• “Deepfake scams escalate, hitting more than half of businesses” (Cybersecurity Dive)
• “The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks” (SecurityWeek)
• “How deepfakes threaten biometric security controls” (TechTarget)
• “Deepfakes break through as business threat” (CSO)

3 - Fake update variants dominate list of top malware in Q3

Hackers are doubling down on fake software-update attacks.

That’s the main takeaway from the Center for Internet Security’s list of the 10 most prevalent malware used during the third quarter.

Malware variants used to carry out fake browser-update attacks took the top four spots on the list: SocGholish, LandUpdate808, ClearFake and ZPHP. Collectively, they accounted for 77% of the quarter’s malware infections. It's the first time LandUpdate808 and ClearFake appear on this quarterly list.

^{(Source: “Top 10 Malware Q3 2024”, Center for Internet Security, October 2024)}

In a fake software-update attack, a victim gets duped into installing a legitimate-looking update for, say, their preferred browser, that instead infects their computers with malware.

Here’s the full list, in descending order:

• SocGholish, a downloader distributed through malicious websites that tricks users into downloading it by offering fake software updates 
• LandUpdate808, a JavaScript downloader distributed through malicious websites via fake browser updates
• ClearFake, another JavaScript downloader used for fake browser-update attacks
• ZPHP, another JavaScript downloader used for fake software-update attacks
• Agent Tesla, a remote access trojan (RAT) that captures credentials, keystrokes and screenshots
• CoinMiner, a cryptocurrency miner that spreads using Windows Management Instrumentation (WMI)
• Arechclient2, also known as SectopRAT, is a .NET RAT whose capabilities include multiple stealth functions
• Mirai, a malware botnet that compromises IoT devices to launch DDoS attacks
• NanoCore, a RAT that spreads via malspam as a malicious Excel spreadsheet
• Lumma Stealer, an infostealer used to swipe personally identifiable information (PII), credentials, cookies and banking information

To get more information, the CIS blog “Top 10 Malware Q3 2024” offers details, context and indicators of compromise for each malware strain.

For details on fake update attacks:

• “Fake browser updates spread updated WarmCookie malware” (BleepingComputer)
• “Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware” (The Hacker News)
• “Hackers Use Fake Browser Updates for AMOS Malware Attacks Targeting Mac Users” (MSSP Alert)
• “Malware crooks find an in with fake browser updates, in case real ones weren't bad enough” (The Register)
• “Fake Google Chrome errors trick you into running malicious PowerShell scripts” (BleepingComputer)

VIDEO

Fake Chrome Update Malware (The PC Security Channel)

4 - CISA’s first international plan unveiled

CISA has released its first-ever international plan, which outlines a strategy for boosting the agency’s collaboration with cybersecurity agencies from other countries.

Aligning cybersecurity efforts and goals with international partners is critical for tackling cyberthreats in the U.S. and abroad, according to the agency.

The three core pillars of CISA’s “2025 - 2026 International Strategic Plan” are:

• Help make more resilient other countries’ assets, systems and networks that impact U.S. critical infrastructure
• Boost the integrated cyber defenses of the U.S. and its international partners against their shared global cyberthreats
• Unify the coordination of international activities to strengthen cyberdefenses collectively

The plan will allow CISA to “reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day,” CISA Director Jen Easterly said in a statement.

5 - Interpol hits phishers, ransomware gangs, info stealers

Interpol and its partners took down 22,000 malicious IP addresses and seized thousands of servers, laptops, and mobile phones used by cybercriminals to conduct phishing scams, deploy ransomware and steal information.

The four-month global operation, titled Synergia II and announced this week, involved law enforcement agencies and private-sector partners from 95 countries and netted 41 arrests.

“Together, we’ve not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime,” Neal Jetton, Director of Interpol’s Cybercrime Directorate, said in a statement.

In Hong Kong, more than 1,000 servers were taken offline, while authorities in Macau, China took another 291 servers offline. Meanwhile, in Estonia, authorities seized 80GB of server data, which is now being analyzed for links to phishing and banking malware.

For more information about global cybercrime trends:

• “AI-Powered Cybercrime Cartels on the Rise in Asia” (Dark Reading)
• “AI Now a Staple in Phishing Kits Sold to Hackers” (MSSP Alert)
• “The Business of Cybercrime Explodes” (BankDirector)
• “Nation state actors increasingly hide behind cybercriminal tactics and malware” (CSO)

6 - IST: Ransomware attacks surged in 2023

Ransomware gangs went into hyperdrive last year, increasing their attacks by 73% compared with 2022, according to the non-profit think tank Institute for Security and Technology (IST).

The IST attributes the sharp increase in attacks to a shift by ransomware groups to “big game hunting” – going after prominent, large organizations with deep pockets. 

“Available evidence suggests that government and industry actions taken in 2023 were not enough to significantly reduce the profitability of the ransomware model,” reads an IST blog.

Global Ransomware Incidents in 2023

Another takeaway: The ransomware-as-a-service (RaaS) model continued to prove extremely profitable in 2023, and it injected dynamism into the ransomware ecosystem. 

The RaaS model prompted ransomware groups “to shift allegiances, form new groups, or iterate existing variants,” the IST blog reads.

The industry sector that ransomware groups hit the hardest was construction, followed by hospitals and healthcare, and by IT services and consulting. Financial services and law offices rounded out the top five.

To learn more about ransomware trends:

• “Ransomware Is ‘More Brutal’ Than Ever in 2024” (Wired)
• “Ransomware on track for record profits, even as fewer victims pay” (SC Magazine)
• “How Can I Protect Against Ransomware?” (CISA)
• “How to prevent ransomware in 6 steps” (TechTarget)
• “Steps to Help Prevent & Limit the Impact of Ransomware” (Center for Internet Security)

TORONTO – The Ontario Securities Commission (OSC) has issued an award of nearly $150,000 to an international whistleblower who provided information about significant issues at an early-stage firm.

"When Kristen Radtke was in her twenties, she learned that, as her father was growing up, he would crawl onto his roof in rural Wisconsin and send signals out on his ham radio. Those CQ calls were his attempt to reach somebody— anybody— who would respond. In Seek You, Radtke uses this image as her jumping off point into a piercing exploration of loneliness and the ways in which we attempt to feel closer to one another. She looks at the very real current crisis of loneliness through the lenses of gender, violence, technology, and art. Ranging from the invention of the laugh-track to Instagram to Harry Harlow's experiments in which infant monkeys were given inanimate surrogate mothers, Radtke uncovers all she can about how we engage with friends, family, and strangers alike, and what happens— to us and to them— when we disengage. With her distinctive, emotionally charged drawings and unflinchingly sharp prose, Kristen Radtke masterfully reframes some of our most vulnerable and sublime moments." -- Provided by publisher.

Since the 18th National Congress of the Communist Party of China, China’s economicdevelopment has entered a new stage. Under the circumstances, the goal of “Common Prosperity” has attracted more and more attention over the past several years. China’s long-term implementation of urban-biased policies led to a huge gap between urban and rural areas for a long time and hindered the realization of common prosperity.

#1 New York Times bestselling author Iris Johansen offers readers a classic tale of a love that seems impossible-and a hunger that is undeniable. Jenny Cashman longs to escape the refined, rarified air of her exclusive Swiss education. At nineteen, she's desperate for independence-and to once again see the man she loves. So she sells her belongings, leaves Europe, and heads to Las Vegas. The sight of Steve Jason's newest palatial hotel and casino thrills Jenny-but not as much as the sight of the man himself. Steve came to her rescue after her father died, paying for her years of expensive schooling. Now, she must convince him that she's old enough to make her own decisions . . . including about her passion for him. Steve Jason is a powerful mogul, a man who came from nothing and made a name for himself in the industry before he was thirty years old. He takes great care to keep all emotional involvement with others to a bare minimum-with only one exception. Jenny has always been incredibly important to him. But how can he keep her safe when she seems oblivious to her own stunning beauty and the reactions she gets from other men? It will take all of Steve's resolve to protect her-especially from his own desires.

TORONTO – The Ontario Securities Commission (OSC), in partnership with the Royal Canadian Mounted Police (RCMP) – Integrated Market Enforcement Team (IMET), is warning the public about fraudulent investment opportunities related to the coronavirus (COVID-19).

Montréal –The Canadian Securities Administrators (CSA) warns the public about investment schemes involving fraudulent websites that solicit investments in foreign exchange (often referred to as “forex”), binary options and/or crypto assets.

TORONTO - The Ontario Securities Commission (OSC) is warning Ontario investors not to invest with Ernest Anderson (aka Edward Banayoti aka Edward Banayoti Sawiris), or any companies associated with him. Ernest Anderson is permanently banned from trading securities in Ontario.

Montreal - The Canadian Securities Administrators (CSA) is warning the public to be vigilant for unsolicited communications that come from scammers posing as CSA staff or staff of CSA members.

Toronto – The Canadian Securities Administrators (CSA) is warning the public that Nova Tech Ltd (NovaTech), which operates the website www.novatechfx.com, is not registered with a securities regulator in any province or territory in Canada.

TORONTO – The Ontario Securities Commission (OSC) is warning Ontario investors that the following companies are not registered to deal or advise in securities in Ontario:

https://www.youtube.com/watch?v=UHhFYrwJjow

https://www.youtube.com/watch?v=Ata12_CZy4A

Using a representative sample of irrigation schemes, the study documents the physical, knowledge, and governance infrastructures of irrigation schemes in Ethiopia’s most intensively used river basin, the Awash. The findings show that about 20 percent of the equipped area of irrigation schemes in the basin is not being irrigated, while the number of actual beneficiaries […] Source: IFPRI Ethiopia: Ethiopia Strategy Support Program

From risk to resilience: How strategic government partnerships can enhance access to insurance-linked credit for smallholders in Zambia By Martina Source: IFPRI Africa Regional Office (AFR)

"Starting off with an attack on S.T.A.R. Labs in Gotham City by a giant robot that steals an entire room of the laboratory— Batman is going to have to stop it before it can cause more harm … and with Lex Luthor freshly back in Gotham— he knows where to start his search. Will Batman be able to topple the billionaire before he leaves Gotham?" -- Provided by publisher.

"Sun dreams of money. Moon dreams of scientific discoveries. When their paths cross with Team Skull, both their plans go awry … Lost in an alternate dimension, Sun and Moon battle to help their new friends defend the eternally dark city of Ultra Megalopolis. But then a betrayal deprives them of their transportation home! Meanwhile, what surprising news does Lillie receive?" -- Provided by publisher

Every year, over 10,000 letters addressed to Juliet Capulet arrive in Verona, Italy, the famous hometown of Shakespeare's Romeo & Juliet. These handwritten letters come from people all over the world, seeking guidance and support from Juliet herself. Capturing the pain, joy, humor, and confusion of love, the 60 letters in this book offers encouragement, comfort, hope-and a nod to the human condition. Including responses from Juliet herself, this romantic and relatable, and perfect as a Valentine's Day gift, Dear Juliet proves that love is the universal language.

Hopeful, Inspiring Message for Moms from Sarah Jakes Mary, the mother of Jesus, is a remarkable example of quiet, resilient faith and courage in the face of adversity. From the angel's first announcement of her pregnancy to the death and resurrection of her son, Mary was witness to our Lord and Savior in a unique and special way. And as a mother herself, she speaks to the modern-day mom in a way few have explored before. Writing in the form of letters, Sarah Jakes examines the life of Mary--and through Mary, Jesus--to better understand what a life of faith looks like. Maybe you struggle to trust God's will for your life. Perhaps you have fears and insecurities that keep you from realizing the joy God wants for you, or the thought of raising little ones overwhelms you. Through the example of Mary, discover the freedom that only true faith can bring.

Does conflict-driven internal displacement influence demand for agricultural inputs? Evidence from Nigeria

Examining the effectiveness of vouchers and marketing information.

The post Does conflict-driven internal displacement influence demand for agricultural inputs? Evidence from Nigeria appeared first on IFPRI.

Global Food Policy Report 2024: Improving governance to create supportive environments for diet and nutrition policies

Key steps to strengthen institutions and relationships

The post Global Food Policy Report 2024: Improving governance to create supportive environments for diet and nutrition policies appeared first on IFPRI.

From risk to resilience: How strategic government partnerships can enhance access to insurance-linked credit for smallholders in Zambia

The power of bundled solutions

The post From risk to resilience: How strategic government partnerships can enhance access to insurance-linked credit for smallholders in Zambia appeared first on IFPRI.