DALLAS, Tuesday, April 26, 2022 – Earlier today, the U.S. Preventive Services Task Force (USPSTF) released its final recommendations on low-dose aspirin therapy for the primary prevention of cardiovascular disease in adults: people who have a history ...

Research Highlights: Fear of another heart attack was a significant ongoing contributor to how heart attack survivors perceive their health, according to a new study. While anxiety and depression are recognized as common conditions after a heart ...

Research Highlights: In an analysis of more than 7,000 stroke survivors, those who were taking either a GLP1-receptor agonist or an SGLT2 inhibitor medication had a lower risk of a subsequent stroke, heart attack or death compared to peers who were ...

Arthur Clune, Honeynet Project, discusses how attacks on Web servers, and internet connected devices in general have become both more common and more sophisticated in recent years. This talk will look at how people attack Web servers, and what they are hoping to gain from it, based on data from the Honeynet Project's deployment of Honeypot servers worldwide.

ETSI releases the first Group Report on Encrypted Traffic Integration, protecting end users from malicious attacks

Sophia Antipolis, 1 September 2021

ETSI’s Industry Specification Group on Encrypted Traffic Integration (ISG ETI) has concluded the early part of its work, by identifying problems arising from pervasive encrypted traffic in communications networks.

Read More...

ETSI Secures Critical Infrastructures against Cyber Quantum Attacks with new TETRA Algorithms

Sophia Antipolis, 8 November 2022

With the world facing growing challenges including the war in Europe and a global energy crisis, it is essential that the mission- and business-critical communications networks used by the public safety, critical infrastructure and utilities sectors (including transportation, electricity, natural gas and water plants) are secured against third-party attacks, to protect communications and sensitive data. With more than 120 countries using dedicated TETRA (Terrestrial Trunked Radio) networks for these critical services, work has been undertaken to ensure the ETSI TETRA technology standard remains robust in the face of evolving threats.

Read More...

Sophia Antipolis, 27 September 2023

Following a cyberattack observed on ETSI portal, the IT system dedicated to its members’ work, the ETSI IT team worked in close collaboration with the French National Cybersecurity Agency (ANSSI) to investigate and repair the information systems. The vulnerability on which the attack was based has been fixed.

Read More...

"Humanity pushes back! The Survey Corps develops a risky gambit— have Eren in Titan form attempt to repair Wall Rose, reclaiming human territory from the monsters for the first time in a century. But Titan-Eren's self-control is far from perfect, and when he goes on a rampage, not even Armin can stop him! With the survival of humanity on his massive shoulders, will Eren be able to return to his senses, or will he lose himself forever?"-- Page [4] of cover.

Tenable®, the exposure management company, announced today that Shelly Raban, senior cloud security researcher for Tenable, will give a presentation at fwd:cloudsec Europe 2024, taking place on 17 September, 2024 in Brussels, Belgium.

During the session titled, “Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and Beyond),” Raban will explore techniques adversaries use to exploit modern policy-as-code and Infrastructure-as-code (IaC) domain-specific languages (DSLs), compromise cloud identities and exfiltrate sensitive data. Raban will conclude her presentation by sharing various detection strategies that cyber defenders can implement to detect malicious activity. 

The session will be hosted in the Main Room from 2:50 - 3:10 pm CEST. 

More information on the event is available on the fwd:cloudsec Europe website. 

More information about Tenable Cloud Security is available at: https://www.tenable.com/products/tenable-cloud-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, Inc. the exposure management company, today announced that Bank of Yokohama, one of the largest of the major regional banks in Japan, has chosen Tenable Identity Exposure to protect its Active Directory and enhance the bank’s ability to protect its internal systems from cyber threats.

Bank of Yokohama, based in Kanagawa Prefecture and Tokyo Metropolitan, is committed to enhancing industry security standards. In 2023, it collaborated with 19 other regional banks to establish CMS-CSIRT, an organization providing mutual cybersecurity support. Unlike megabanks, regional banks often face resource and budget constraints, making such collaborative efforts crucial for implementing effective security programs.

As part of its objectives for FY 2023, the Bank of Yokohama wanted to improve Active Directory (AD) security as it’s the most crucial system in the bank’s intranet. Previously, the bank only applied security patches periodically without any tool or system to detect Active Directory misconfigurations or attacks. Given the evolving threat landscape and rise of attacks involving an identity breach, enhancing the security of Active Directory became a top priority.

“Attackers who have infiltrated an organization's internal system or who wield ransomware and other malware, almost always make a beeline for Active Directory,” said Mr. Akihiro Fushimi, Leader, Concordia Financial Group ICT Governance Department, Security Governance Section and Bank of Yokohama ICT Planning & Promotion Department, Security Governance Section. “They steal user account privileges and elevate them via Active Directory, to enable them to access important data. So, securing Active Directory was an area that we wanted to invest in.”

Bank of Yokohama already used Tenable Security Center for vulnerability management and trusted Tenable's reliability. Selecting Tenable Identity Exposure was an easy decision, with its fast, agentless feature ensuring a seamless deployment process.

The deployment of Tenable Identity Exposure provided the Bank of Yokohama with an in-depth view of its Active Directory. The bank can now accurately identify every AD account, including dormant accounts and machine identities, and understand the potential risks of exploitation by malicious actors due to the multi-functional capabilities of Active Directory. Tenable Identity Exposure detects many of the techniques used in cyber attacks to gain elevated privileges and enable lateral movement, including DCShadow, Brute Force, Password Spraying, Golden Ticket and more.

“Previously, we were under the impression that all we needed to do was to apply patches and manage accounts. Now, with the deployment of Tenable Identity Exposure, we are physically able to see the risk of exploitation. This, I believe, is the positive impact of deploying Tenable Identity Exposure. Its alert functions are comprehensive—it detects vulnerabilities as well as misconfigurations,” said Mr. Shinnosuke Shimada, Bank of Yokohama ICT Planning & Promotion Department, Security, Governance Section.

“Many organizations struggle to maintain proper Active Directory security as their domains grow more complex, often leaving flaws undetected until a major incident occurs. Given the high-profile attacks involving AD in recent years, it's crucial to prioritize AD security within the overall cybersecurity strategy,” said Naoya Kishima, Country Manager, Tenable Japan. “Bank of Yokohama recognizes this need, and we're pleased to support them in their security journey.”

About Tenable
Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

Media contact
Tenable PR
tenablepr@tenable.com 

Red Sea attacks reverberate in food and ag trade (Successful Farming) 

Successful Farming quotes the IFPRI blog post on the Impacts of Red Sea shipping disruptions on global food security by senior research fellow Joseph Glauber and senior research analyst Abdullah Mamun.  According to the article, Houthi attacks on cargo ships in the Red Sea are disrupting grain shipments from Europe, Ukraine, and Russia. “Trade disruptions are most likely to impact […]

The post Red Sea attacks reverberate in food and ag trade (Successful Farming)  appeared first on IFPRI.

The timing of the Red Sea attacks could not be worse for Democrats (Politico)

Senior research fellow Joseph Glauber is quoted in a Politico story about how the growing military conflict in a key trade corridor is threatening to unleash economic havoc on the global economy ahead of November. “If energy prices go up and remain high, you’d see food inflation persisting,” said Joe Glauber. He added that potential […]

The post The timing of the Red Sea attacks could not be worse for Democrats (Politico) appeared first on IFPRI.

A couple centuries ago, a group of English clothworkers set out to destroy the machines that had been taking their jobs. | Subscribe to our weekly newsletter here.

Learn more about sponsor message choices: podcastchoices.com/adchoices

NPR Privacy Policy

As the size – and profits – of these companies continues to grow, they are likely to come under increasing levels of cyberattack.

When it comes to this piece of critical infrastructure, operators need to be prepared to face new and sophisticated attacks.

Natalie Silvanovich and Kim Carter discuss reducing the attack surface of the software that Engineers are creating today. Code sharing, third-party code, Developer workflow, and a collection of 0 day bugs are all discussed.

Joshua Davies discusses TLS, PKI vulnerabilities in the PKI, and the evolution of the PKI to make it more secure, with host Robert Blumen.

Andy Powell is the CISO of AP Moller Maersk and discusses the 2017 cyber attack that hit the company and the lessons learned for preventing and recovering from future attacks.

Dan Lorenc, CEO of Chainguard, a software supply chain security company, joins SE Radio editor Robert Blumen to talk about software supply chain attacks. They start with a review of software supply chain basics; how outputs become inputs of someone...

Luis Rodríguez, CTO of Xygeni.io, joins host Robert Blumen for a discussion of the recently thwarted attempt to insert a backdoor in the SSH (Secure Shell) daemon. OpenSSH is a popular implementation of the protocol used in major Linux distributions for authentication over a network. Luis describes how a backdoor in a supporting library was recently discovered and removed before the package was published to stable releases of the Linux distros. The conversation explores the mechanism of the attack through modifying a function table in the runtime; how the attack was inserted during the build; how the attack was carefully staged in a series of modifications to the lz compression library; the nature of “Jia Tan,” the entity who committed the changes to the open source project; social engineering that the entity used to gain the trust of the open source community; what forensics indicates about the location of the entity; hypotheses about whether criminal or state actors backed the entity; how the attack was detected; implications for other open source projects; why traditional methods for detecting exploits would not have helped find this; and lessons learned by the community.

Brought to you by IEEE Computer Society and IEEE Software magazine.

"It's not just Intel chips that are vulnerable to hard-to-fix security flaws. Researchers at the Graz University of Technology have detailed a pair of side channel attacks under the "Take A Way" name that can leak data from AMD processors dating back to 2011, whether it's an old Athlon 64 X2, a Ryzen 7 or a Threadripper. Both exploit the "way predi... [PCSTATS]

Immigrants faced repeated dehumanization on a vast scale during the 2024 election. An organizer reflects on what happened and how to move forward.

Yes, many of today’s power grids are very sophisticated and automated. Every single event and piece of equipment is tracked, controlled, measured, and protected. But things aren’t as bright as it seems. As we can see, it turns out that... Read more

The post Automated, but hackable. Is power grid in your country safe from cyberattacks? appeared first on EEP - Electrical Engineering Portal.

In response to the recent lawsuit filed against CBS News, the following statement can be attributed to NAB President and CEO Curtis LeGeyt.

BERLIN / VIENNA, 15 July 2016 – OSCE Chairperson-in-Office and Germany’s Foreign Minister Frank-Walter Steinmeier and OSCE Secretary General Lamberto Zannier today condemned the deadly terror attack in Nice, France. 

“A day dedicated to joy and the pride of the French Nation ended in tragedy,” said Minister Steinmeier. “Many people were cruelly and senselessly taken from peaceful celebrations to death, many are struggling for their lives.  Our thoughts and our compassion lie with the victims, their families, the French people. We share the grief of France, in these dark hours we stand shoulder to shoulder.”

Ambassador Zannier said: “I am saddened and shocked by the terror attack in Nice. We at the OSCE stand in solidarity with the families of the victims, and with the people of France. OSCE participating States and Partners will not be intimidated by murder and violence. We will work together to tackle this scourge.”

Related Stories

• OSCE Chairperson-in-Office and Secretary General express deep concern and call for respect of democratic institutions in Turkey
• OSCE Chairperson Steinmeier and Secretary General Zannier condemn senseless and horrific violence in Orlando
• Urgent steps needed towards full respect for ceasefire in eastern Ukraine, says OSCE Chairmanship Special Representative and Chief Monitor

Two oil tankers were attacked on Thursday and left adrift in the Gulf of Oman, driving up oil prices and stoking fears of a new confrontation between Iran and the United States, which blamed Tehran for the incident. - REUTERS

ITU-T X.1242 - Supplement on guidelines on countermeasures against short message service phishing and smishing attacks

Telecoms Bankroll More Misleading Attacks On Community Broadband Networks techdirt.com
Canada's BCE to acquire US internet firm Ziply for $3.6 bln reuters.com
How hackers used infostealer malware to breach AT&T, Ticketmaster, Santander, EA, and more, as global law enforcement tries to shut down the growing industry wired.com
Apple's satellite ambitions get $1.1B bigger lightreading.com
NTIA Announces Approval of Eleven States Digital Equity Capacity Grant Applications telecompetitor.com
T-Mobile plans to use OpenAI's tech for a customer service bot slated for 2025 that can refer to customer-specific data, and will pay $100M over three years theinformation.com
CMA 'provisionally' accepts Vodafone and Three s merger remedies mobileeurope.co.uk
read comment(s)

Details of the compromised data revealed that it may have been stolen on 28 September.

Read more: Internet Archive suffers from cyberattack affecting 31m users

Internet Archive founder Brewster Kahle highlighted a recent wave of attacks on libraries and archives across the globe and hopes that they are ‘not indicative of a trend’.

Read more: Internet Archive suffers yet another cyberattack

Affected data includes social security numbers, bank details, payment cards and medical diagnoses.

Read more: 100m affected in February cyberattack, UnitedHealth reveals

More than two-thirds of Irish cybersecurity leaders believe that reputational damage from a cyberattack would 'significantly' damage their business.

Read more: 74pc of Irish businesses report increase in cyberattacks this year

HP’s Val Gabriel discusses nation-state cyberthreats in the hardware supply chain and how to mitigate these types of attacks.

Read more: Tech tampering: Are hardware supply chain attacks on the rise?

[UN News] An alarming surge in ransomware attacks is putting the world's healthcare infrastructure at critical risk, endangering patient safety and destabilising health systems, the head of the UN World Health Organization (WHO) warned on Friday, as the Security Council convened to discuss strategies to counter the growing threat.

The Threat Intelligence and Incident Response Team at Context Information Security has identified a new threat group behind a series of incidents targeted at the aerospace and defence industries in the UK and Europe.

The Supreme Court's rejected a conservative-led attack that could've undermined the Consumer Financial Protection Bureau.

The post Supreme Court sides with the Consumer Financial Protection Bureau, spurning a conservative attack first appeared on Federal News Network.

Change Healthcare is starting to notify hospitals, insurers and other customers that they may have had patient information exposed in a massive cyberattack. The company also said Thursday that it expects to begin notifying individuals or patients in late July. Change Healthcare is a subsidiary of health care giant UnitedHealth Group. It provides technology used to submit and process billions of insurance claims a year. Hackers gained access in February to its system and unleashed a ransomware attack that encrypted and froze large parts of it.

The post Change Healthcare to start notifying customers who had data exposed in cyberattack first appeared on Federal News Network.

Dana Laake and her special guest Dr. Thomas Levy will discuss how silent oral infections are a major factor in most heart attacks and breast cancers.

The post Hidden Epidemic: Silent Oral Infections Cause Most Heart Attacks and Breast Cancers first appeared on Federal News Network.

Federal authorities say a North Korean military intelligence operative has been indicted in a conspiracy to hack into American medical centers, military bases and even NASA. The grand jury indictment announced Thursday in Kansas City accuses Rim Jong Hyok of ransomware attacks and other hacks on targets in the U.S., China, Taiwan and South Korea. It says he laundered ransom money and used it to fund more cyber attacks on defense, technology and government entities around the world. A $10 million reward is offered for information leading to him or any other foreign operative who attacks critical U.S. infrastructure.

The post North Korean charged in cyberattacks on US hospitals, NASA and military bases first appeared on Federal News Network.

US recovers most of Colonial Pipeline Bitcoin ransom following cyberattack

Meat company JBS confirms it paid a $11 million ransom following its recent cyberattack

In this guest blog, Acronis president Gaidar Magdanurov takes a look at how solution providers can protect the weakest link in any cybersecurity defense: people.

Abusive behavior that leverages the domain name system (DNS) continues to be a problem, with a reach that has been widely and credibly documented. There is little doubt that bad actors continue to use the DNS for nefarious and costly purposes. While the amendments made in 2024 to ICANN's Registry Agreement (RA) and Registrar Accreditation Agreement (RAA) were a step in the right direction, more advanced tools are needed to bring abuse rates down.

Two Sudanese nationals have been indicted for allegedly leading Anonymous Sudan, a cybercriminal group responsible for over 35,000 Distributed Denial of Service (DDoS) attacks targeting critical infrastructure worldwide.

In "Greenland," the space-impact disaster movie gets a makeover in response to new science and new social realities.

A new study explains the problem of cyberattacks in space and how to help anticipate novel and surprising scenarios.

Location: Law Electronic Resource-