2019 ETSI Fellows unveiled at General Assembly award ceremony

Sophia Antipolis, 3 April 2019

On 2 April during the 73^rd General Assembly dinner, ETSI unveiled its three 2019 ETSI Fellows for their outstanding contribution to ETSI’s work. Awards were granted to Roberto Macchi, David Chater-Lea and Friedhelm Hillebrand.

The award ceremony took place in the beautiful Domaine de Barbossi, a resort comprising high class hotel and restaurants, a golf and tennis course and a country club, located in Mandelieu la Napoule on the Côte d’Azur.

Read More...

ETSI unveils 2020 Fellows rewarding outstanding personal contribution

Sophia Antipolis, 7 April 2020

ETSI is pleased to unveil its 2020 ETSI Fellows. The Award committee composed of the GA Chair and Vice-Chairmen, the Board Chair and the ETSI Director-General, nominated Brian Copsey, Kiritkumar P. Lathia, and Edgard Vangeel as ETSI fellows for their outstanding personal contribution to ETSI.

Read More...

Sophia Antipolis, 26 August 2020

The ETSI IP6 Industry Specification Group has just released a White Paper on the lessons learned from IPv6 best practices, use cases, benefits and deployment challenges. This White Paper puts forward recommendations to ease the adoption of IPv6 and to motivate the industry for the upcoming large-scale deployment of IoT, 4G/5G, IoT Cloud Computing benefiting from the restoration of the end to-end model.

Read More...

ETSI White Paper and webinar map the way forward with IPv6

Sophia Antipolis, 21 September

An ETSI webinar has examined the global status of IPv6 (Internet Protocol version 6) with discussions on deployment, industrial applications, transition solutions and progress on standardization.

Read More...

Call for Nominations for ETSI Fellowship Awards

Sophia Antipolis, 3 December 2020

The ETSI Fellowship Programme was established to honour and reward those individuals who have made an outstanding personal contribution to ETSI, to building the work of ETSI, or raising its reputation in specific sectors of standardization.

Read More...

ETSI unveils its Report comparing worldwide COVID-19 contact-tracing systems – a first step toward interoperability

Sophia Antipolis, 2 February 2021

The COVID-19 pandemic has stretched the planet’s health systems to their limits and tested the measures adopted to alleviate difficulties. Contact tracking or tracing to identify infected people has been one such example. However, contact tracing based on interviews with identified or suspected patients presents known weaknesses from previous pandemics. Turning to digital means in a world where global mobility is the rule was therefore of the essence.

Read More...

ETSI’s CTO granted the prestigious award of Wireless World Research Forum

Sophia Antipolis, 18 February 2021

During WWRF 45th meeting ETSI’s Chief Technical Officer (CTO), Adrian Scrase, has been granted the prestigious award of the Wireless World Research Forum in recognition of his significant contribution to the development of mobile communications standards, and for his longstanding support of the work of WWRF.

Read More...

ETSI unveils 2021 Fellows rewarding outstanding personal contribution.

Sophia Antipolis, 22 April 2021

ETSI is pleased to unveil its 2021 ETSI Fellows. The Award committee composed of the GA Chair and Vice-Chairs, the Board Chair and the ETSI Director-General, nominated Dr. Gabrielle Owen, Mr. Charles Brookson, Ms. Nurit Sprecher, Dr.- Ing.Hans Wilhelm Gierlich and Dr. Jamshid Khun-Jush and  Mr. Anthony Wiles as ETSI fellows for their outstanding personal contribution to ETSI.

Read More...

ETSI launches new White Paper titled Fibre Development Index: Driving Towards an F5G Gigabit Society

Sophia Antipolis, 19 August 2021

Fibre and fibre-based optical networks are the key technical enablers of our society's twin transitions (green and digital), providing sustainable and cost-effective communication with high bandwidth, stability, reliability, and improved latency. In addition, the fibre evolution enables sustainable economic growth through advanced services and applications for users, businesses, and industries.

The new ETSI White Paper explains the methodology used to define a fibre development index, provides migration path recommendations to countries with different fibre development, and highlights the importance of setting policies to underpin that twin (green and digital) transformation.

Read More...

Call for Nominations for ETSI Fellowship Awards

Sophia Antipolis, 1 December 2021

The ETSI Fellowship Programme was established to honour and reward those individuals who have made an outstanding personal contribution to ETSI, to building the work of ETSI, or raising its reputation in specific sectors of standardization.

This year, despite the challenges we all had to face due to the unpredictable sanitary situation, we should not forget about recognizing the outstanding contribution of our members’ peers through our ETSI Fellowship Programme.

Read More...

ETSI unveils 2022 Fellows rewarding outstanding personal contribution

Sophia Antipolis, 6 April 2022

ETSI is pleased to unveil its 2022 ETSI Fellows. The Award committee, composed of the GA Chair and Vice-Chairs, the Board Chair and the ETSI Director-General, unanimously nominated Dr. Diego López, Dr. Günter Kleindl, Mr. Larry Taylor and Mr. Lindsay Cornell as ETSI Fellows for their outstanding personal contributions to the organization.

Read More...

ETSI Releases Group Report on the Role of Hardware in the Security of AI

Sophia Antipolis, 28 April 2022

ETSI recently released a Group Report, ETSI GR SAI 006, outlining the role of hardware in the security of artificial intelligence (AI).

Read More...

ETSI TeraFlowSDN Wins Layer123 Network Transformation ‘Upstart of the Year’ Award

Sophia Antipolis, 7 December 2022

The ETSI TeraFlowSDN group (ETSI TFS), launched only six months ago, has won the ‘Upstart of the Year’ award at the Layer123 Network Transformation Awards ceremony, held at the prestigious Berkley Hotel in Knightsbridge, London, last night. This award also recognizes the ETSI strategy to provide new software development tools and practices to an evolving standardization ecosystem.

Read More...

Sophia Antipolis, 2 February 2023

ETSI, the organization for globally applicable standards for information and communication technology (ICT), has adopted a new instrument, Software Development Groups (SDGs). This game-changing move will help ETSI adapt to the ever-evolving landscape of technology and standards development. Developing software to accompany standards will accelerate the standardization process, providing faster feedback loops and improving the quality of standards.

Read More...

Sophia Antipolis, 30 May 2023

ETSI is pleased to publish its new White Paper on “Evolving NFV towards the next decade” written by delegates of the ETSI Industry Specification Group on Network Function Virtualization (ISG NFV).

Read More...

Sophia Antipolis, 25 July 2023

ETSI is proud to announce the establishment of its first Software Development Group, called OpenSlice. With this group, ETSI positions itself as a focal point for development and experimentation with network slicing.

Read More...

Sophia Antipolis, 9 November 2023

ETSI is delighted to announce the establishment of a new Software Development Group, called OpenCAPIF. OpenCAPIF is developing an open-source Common API Framework, as defined by 3GPP, allowing for secure and consistent exposure and use of APIs.

Read More...

Sophia Antipolis, 18 April 2024

ETSI is pleased to unveil its 2024 ETSI Fellows who were announced at the 83rd ETSI General Assembly on 16 April 2024.
The Award Committee, composed of the GA Chair and Vice-Chairs, the Board Chair and the ETSI Director-General, unanimously named Dr. Howard Benn, Mr. Philippe Magneron, Dr. Matthias Schneider, Mrs. Isabelle Valet Harper and Mr. Dirk Weiler, as ETSI Fellows 2024 for their outstanding personal contributions to the organization.

Read More...

The Civil War began with a largely symbolic battle at Fort Sumter, a battle in which the only fatality was a (southern) horse.

Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.

Dive into six things that are top of mind for the week ending Oct. 25.

1 - CSA: How to prevent “shadow AI” 

As organizations scale up their AI adoption, they must closely track their AI assets to secure them and mitigate their cyber risk. This includes monitoring the usage of unapproved AI tools by employees — an issue known as “shadow AI.”

So how do you identify, manage and prevent shadow AI? You may find useful ideas in the Cloud Security Alliance’s new “AI Organizational Responsibilities: Governance, Risk Management, Compliance and Cultural Aspects” white paper.

The white paper covers shadow AI topics including:

• Creating a comprehensive inventory of AI systems
• Conducting gap analyses to spot discrepancies between approved and actual AI usage
• Implementing ways to detect unauthorized AI wares
• Establishing effective access controls
• Deploying monitoring techniques

“By focusing on these key areas, organizations can significantly reduce the risks associated with shadow AI, ensuring that all AI systems align with organizational policies, security standards, and regulatory requirements,” the white paper reads.

For example, to create an inventory that offers the required visibility into AI assets, the document explains different elements each record should have, such as:

• The asset’s description
• Information about its AI models
• Information about its data sets and data sources
• Information about the tools used for its development and deployment
• Detailed documentation about its lifecycle, regulatory compliance, ethical considerations and adherence to industry standards
• Records of its access control mechanisms

Shadow AI is one of four topics covered in the publication, which also unpacks risk management; governance and compliance; and safety culture and training.

To get more details, read:

• The full “AI Organizational Responsibilities: Governance, Risk Management, Compliance and Cultural Aspects” white paper
• A complementary slide presentation
• The CSA blog “Shadow AI Prevention: Safeguarding Your Organization’s AI Landscape”

For more information about AI security issues, including shadow AI, check out these Tenable blogs:

• “Do You Think You Have No AI Exposures? Think Again”
• “Securing the AI Attack Surface: Separating the Unknown from the Well Understood”
• “Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach”
• “6 Best Practices for Implementing AI Securely and Ethically”
• “Compromising Microsoft's AI Healthcare Chatbot Service”

2 - Best practices for secure software updates

The security and reliability of software updates took center stage in July when an errant update caused massive and unprecedented tech outages globally.

To help prevent such episodes, U.S. and Australian cyber agencies have published “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers.”

“It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements,” reads the 12-page document.

Although the guide is aimed primarily at commercial software vendors, its recommendations can be useful for any organization with software development teams that deploy updates internally.

The guide outlines key steps for a secure software development process, including planning; development and testing; internal rollout; and controlled rollout. It also addresses errors and emergency protocols.

“A safe software deployment process should be integrated with the organization’s SDLC, quality program, risk tolerance, and understanding of the customer’s environment and operations,” reads the guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Australian Cyber Security Centre.

To get more details, read:

• The “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers” guide
• The CISA alert “CISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment Processes”

For more information about secure software updates:

• “Tenable’s Software Update Process Protects Customers’ Business Continuity with a Safe, Do-No-Harm Design” (Tenable)
• “The critical importance of robust release processes” (Cloud Native Computing Foundation)
• “Software Deployment Security: Risks and Best Practices” (DevOps.com)
• “Software Updates, A Double-Edged Sword for Cybersecurity Professionals” (Infosecurity)
• “DevOps Best Practices for Faster and More Reliable Software Delivery” (DevOps.com)

3 - Report: GenAI, attack variety, data security drive cyber strategies

What issues act as catalysts for organizations’ cybersecurity actions today? Hint: They’re fairly recent concerns. The promise and peril of generative AI ranks first. It’s closely followed by the ever growing variety of cyberattacks; and by the intensifying urgency to protect data.

That’s according to CompTIA’s “State of Cybersecurity 2025” report, based on a survey of almost 1,200 business and IT pros in North America and in parts of Europe and Asia. 

These three key factors, along with others like the scale of attacks, play a critical role in how organizations currently outline their cybersecurity game plans.

“Understanding these drivers is essential for organizations to develop proactive and adaptive cybersecurity strategies that address the evolving threat landscape and safeguard their digital assets,” reads a CompTIA blog about the report.

Organizations are eagerly trying to understand both how generative AI can help their cybersecurity programs and how this technology is being used by malicious actors to make cyberattacks harder to detect and prevent.

Meanwhile, concern about data protection has ballooned in the past couple of years. “As organizations become more data-driven, the need to protect sensitive information has never been more crucial,” reads the blog.

Not only are organizations focused on securing data at rest, in transit and in use, but they’re also creating foundational data-management practices, according to the report.

“The rise of AI has accelerated the need for robust data practices in order to properly train AI algorithms, and the demand for data science continues to be strong as businesses seek competitive differentiation,” the report reads.

To get more details, read:

• The report’s announcement “Cybersecurity success hinges on full organizational support, new CompTIA report asserts”
• CompTIA’s blogs “Today’s top drivers for cybersecurity strategy” and “Cybersecurity’s maturity: CompTIA’s State of Cybersecurity 2025 report”
• The full “State of Cybersecurity 2025” report

For more information about data security posture management (DSPM) and preventing AI-powered attacks, check out these Tenable resources:

• “Harden Your Cloud Security Posture by Protecting Your Cloud Data and AI Resources” (blog)
• “Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?” (on-demand webinar)
• “The Data-Factor: Why Integrating DSPM Is Key to Your CNAPP Strategy” (blog)
• “Mitigating AI-Related Security Risks” (on-demand webinar)
• “Securing the AI Attack Surface: Separating the Unknown from the Well Understood” (blog)

4 - CISA lists software dev practices most harmful for security

Recommended best practices abound in the cybersecurity world. However, CISA and the FBI are taking the opposite tack in their quest to improve the security of software products: They just released a list of the worst security practices that software manufacturers ought to avoid.

Titled “Product Security Bad Practices,” the document groups the “no-nos” into three main categories: product properties; security features; and organizational processes and policies.

“It’s 2024, and basic, preventable software defects continue to enable crippling attacks against hospitals, schools, and other critical infrastructure. This has to stop,” CISA Director Jen Easterly said in a statement.

“These product security bad practices pose unacceptable risks in this day and age, and yet are all too common,” she added.

Here are some of the worst practices detailed in the document, which is part of CISA’s “Secure by Design” effort:

• Using programming languages considered “memory unsafe”
• Including user-provided input in SQL query strings
• Releasing a product with default passwords
• Releasing a product with known and exploited vulnerabilities
• Not using multi-factor authentication
• Failing to disclose vulnerabilities in a timely manner

Although the guidance is aimed primarily at software makers whose products are used by critical infrastructure organizations, the recommendations apply to all software manufacturers.

If you’re interested in sharing your feedback with CISA and the FBI, you can submit comments about the document until December 16, 2024 on the Federal Register.

To get more details, check out:

• CISA’s announcement “CISA and FBI Release Product Security Bad Practices for Public Comment”
• The full document “Product Security Bad Practices”

For more information about how to develop secure software:

• “Tenable Partners with CISA to Enhance Secure By Design Practices” (Tenable)
• “Ensuring Application Security from Design to Operation with DevSecOps” (DevOps.com)
• “What is application security?” (TechTarget)
• “Guidelines for Software Development (Australian Cyber Security Centre)

5 - New EU law focuses on cybersecurity of connected digital products

Makers of digital products — both software and hardware — that directly or indirectly connect to networks and to other devices will have to comply with specific cybersecurity safeguards in the European Union.

A newly adopted law known as the “Cyber Resilience Act” outlines cybersecurity requirements for the design, development, production and lifecycle maintenance of these types of products, including IoT wares such as connected cars.

For example, it specifies a number of “essential cybersecurity requirements” for these products, including that they:

• Aren’t shipped with known exploitable vulnerabilities
• Feature a “secure by default” configuration
• Can fix their vulnerabilities via automatic software updates
• Offer access protection via control mechanisms, such as authentication and identity management
• Protect the data they store, transmit and process using, for example, at-rest and in-transit encryption

“The new regulation aims to fill the gaps, clarify the links, and make the existing cybersecurity legislative framework more coherent, ensuring that products with digital components (...) are made secure throughout the supply chain and throughout their lifecycle,” reads a statement from the EU’s European Council.

The law will “enter into force” after its publication in the EU’s official journal and will apply and be enforceable 36 months later, so most likely in October 2027 or November 2027. However, some of its provisions will be enforceable a year prior.

For more information and analysis about the EU’s Cyber Resilience Act:

• “Cyber Resilience Act Requirements Standards Mapping” (ENISA)
• “The Cyber Resilience Act, an Accidental European Alien Torts Statute?” (Lawfare)
• “EU Cybersecurity Regulation Adopted, Impacts Connected Products” (National Law Review)
• “Open source foundations unite on common standards for EU’s Cyber Resilience Act” (TechCrunch)
• “The Cyber Resilience Act: A New Era for Mobile App Developers” (DevOps.com)

VIDEO

The EU Cyber Resilience Act: A New Era for Business Engagement in Open Source Software (Linux Foundation) 

6 - UK cyber agency: CISOs must communicate better with boards

CISOs and boards of directors are struggling to understand each other, and this is increasing their organizations’ cyber risk, new research from the U.K.’s cyber agency has found.

For example, in one alarming finding, 80% of respondents, which included board members, CISOs and other cyber leaders in medium and large enterprises, confessed to being unsure of who is ultimately accountable for cybersecurity in their organizations.

“We found that in many organisations, the CISO (or equivalent role) thought that the Board was accountable, whilst the Board thought it was the CISO,” reads a blog about the research titled “How to talk to board members about cyber.”

As a result, the U.K. National Cyber Security Centre (NCSC) has released new guidance aimed at helping CISOs better communicate with their organizations’ boards titled “Engaging with Boards to improve the management of cyber security risk.”

“Cyber security is a strategic issue, which means you must engage with Boards on their terms and in their language to ensure the cyber risk is understood, managed and mitigated,” the document reads.

Here’s a small sampling of the advice:

• Understand your audience, including who are the board’s members and their areas of expertise; and how the board works, such as its meeting formats and its committees.
• Talk about cybersecurity in terms of risks, and outline these risks concretely and precisely, presenting them in a matter-of-fact way.
• Don’t limit your communication with board members to formal board meetings. Look for opportunities to talk to them individually or in small groups outside of these board meetings.
• Elevate the discussions so that you link cybersecurity with your organization’s business challenges, goals and context.
• Aim to provide a holistic view, and avoid using technical jargon.
• Aim to advise instead of to educate.

CISA is warning about a spear-phishing campaign that spreads malicious RDP files. Plus, OWASP is offering guidance about deepfakes and AI security. Meanwhile, cybercriminals have amplified their use of malware for fake software-update attacks. And get the latest on CISA’s international plan, Interpol’s cyber crackdown and ransomware trends.

Dive into six things that are top of mind for the week ending Nov. 8.

1 - CISA: Beware of nasty spear-phishing campaign

Proactively restrict outbound remote-desktop protocol (RDP) connections. Block transmission of RDP files via email. Prevent RDP file execution.

Those are three security measures cyber teams should proactively take in response to an ongoing and “large scale” email spear-phishing campaign targeting victims with malicious RDP files, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

A foreign threat actor is carrying out the campaign. Several vertical sectors, including government and IT, are being targeted.

“Once access has been gained, the threat actor may pursue additional activity, such as deploying malicious code to achieve persistent access to the target’s network,” CISA’s alert reads.
 

Other CISA recommendations include:

• Adopt phishing-resistant multi-factor authentication (MFA), such as FIDO tokens, and try to avoid SMS-based MFA
• Educate users on how to spot suspicious emails
• Hunt for malicious activity in your network looking for indicators of compromise (IoCs) and tactics, techniques and procedures

Although CISA didn’t name the hacker group responsible for this campaign, its alert includes links to related articles from Microsoft and AWS that identify it as Midnight Blizzard. Also known as APT29, this group is affiliated with Russia’s government.

To get more details, check out the CISA alert “Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments.”

For more information about securing RDP tools:

• “Commonly Exploited Protocols: Remote Desktop Protocol (RDP)” (Center for Internet Security)
• “What is remote desktop protocol (RDP)?” (TechTarget)
• “Wondering Whether RDP IS Secure? Here's a Guide to Remote Desktop Protocol” (AllBusiness)
• “Why remote desktop tools are facing an onslaught of cyber threats” (ITPro)
• “'Midnight Blizzard' Targets Networks With Signed RDP Files” (Dark Reading)

2 - OWASP issues AI security resources

How should your organization respond to deepfakes? What’s the right way of establishing a center of excellence for AI security in your organization? Where can you find a comprehensive guide of tools to secure generative AI applications?

These questions are addressed in a new set of resources for AI security from the Open Worldwide Application Security Project’s OWASP Top 10 for LLM Application Security Project. 

The new resources are meant to help organizations securely adopt, develop and deploy LLM and generative AI systems and applications “with a comprehensive strategy encompassing governance, collaboration and practical tools,” OWASP said in a statement.

These are the new resources:

• “The Guide for Preparing and Responding to Deepfake Events,” which unpacks four types of deepfake schemes – financial fraud, job interview fraud, social engineering and misinformation – and offers guidance about each one in these areas:
  • preparation
  • detection and analysis
  • containment eradication and recovery
  • post-incident activity
• “The LLM and GenAI Center of Excellence Guide,” which aims to help CISOs and fellow organization leaders create a center of excellence for generative AI security that facilitates collaboration among various teams, including security, legal, data science and operations, so they can develop:
  • Generative AI security policies
  • Risk assessment and management processes
  • Training and awareness
  • Research and development
• “The AI Security Solution Landscape Guide,” which offers security teams a comprehensive catalog of open source and commercial tools for securing LLMs and generative AI applications.

To get more details, read OWASP’s announcement “OWASP Dramatically Expands GenAI Security Guidance.”

For more information about protecting your organization against deepfakes:

• “How to prevent deepfakes in the era of generative AI” (TechTarget)
• “Deepfake scams escalate, hitting more than half of businesses” (Cybersecurity Dive)
• “The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks” (SecurityWeek)
• “How deepfakes threaten biometric security controls” (TechTarget)
• “Deepfakes break through as business threat” (CSO)

3 - Fake update variants dominate list of top malware in Q3

Hackers are doubling down on fake software-update attacks.

That’s the main takeaway from the Center for Internet Security’s list of the 10 most prevalent malware used during the third quarter.

Malware variants used to carry out fake browser-update attacks took the top four spots on the list: SocGholish, LandUpdate808, ClearFake and ZPHP. Collectively, they accounted for 77% of the quarter’s malware infections. It's the first time LandUpdate808 and ClearFake appear on this quarterly list.

^{(Source: “Top 10 Malware Q3 2024”, Center for Internet Security, October 2024)}

In a fake software-update attack, a victim gets duped into installing a legitimate-looking update for, say, their preferred browser, that instead infects their computers with malware.

Here’s the full list, in descending order:

• SocGholish, a downloader distributed through malicious websites that tricks users into downloading it by offering fake software updates 
• LandUpdate808, a JavaScript downloader distributed through malicious websites via fake browser updates
• ClearFake, another JavaScript downloader used for fake browser-update attacks
• ZPHP, another JavaScript downloader used for fake software-update attacks
• Agent Tesla, a remote access trojan (RAT) that captures credentials, keystrokes and screenshots
• CoinMiner, a cryptocurrency miner that spreads using Windows Management Instrumentation (WMI)
• Arechclient2, also known as SectopRAT, is a .NET RAT whose capabilities include multiple stealth functions
• Mirai, a malware botnet that compromises IoT devices to launch DDoS attacks
• NanoCore, a RAT that spreads via malspam as a malicious Excel spreadsheet
• Lumma Stealer, an infostealer used to swipe personally identifiable information (PII), credentials, cookies and banking information

To get more information, the CIS blog “Top 10 Malware Q3 2024” offers details, context and indicators of compromise for each malware strain.

For details on fake update attacks:

• “Fake browser updates spread updated WarmCookie malware” (BleepingComputer)
• “Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware” (The Hacker News)
• “Hackers Use Fake Browser Updates for AMOS Malware Attacks Targeting Mac Users” (MSSP Alert)
• “Malware crooks find an in with fake browser updates, in case real ones weren't bad enough” (The Register)
• “Fake Google Chrome errors trick you into running malicious PowerShell scripts” (BleepingComputer)

VIDEO

Fake Chrome Update Malware (The PC Security Channel)

4 - CISA’s first international plan unveiled

CISA has released its first-ever international plan, which outlines a strategy for boosting the agency’s collaboration with cybersecurity agencies from other countries.

Aligning cybersecurity efforts and goals with international partners is critical for tackling cyberthreats in the U.S. and abroad, according to the agency.

The three core pillars of CISA’s “2025 - 2026 International Strategic Plan” are:

• Help make more resilient other countries’ assets, systems and networks that impact U.S. critical infrastructure
• Boost the integrated cyber defenses of the U.S. and its international partners against their shared global cyberthreats
• Unify the coordination of international activities to strengthen cyberdefenses collectively

The plan will allow CISA to “reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day,” CISA Director Jen Easterly said in a statement.

5 - Interpol hits phishers, ransomware gangs, info stealers

Interpol and its partners took down 22,000 malicious IP addresses and seized thousands of servers, laptops, and mobile phones used by cybercriminals to conduct phishing scams, deploy ransomware and steal information.

The four-month global operation, titled Synergia II and announced this week, involved law enforcement agencies and private-sector partners from 95 countries and netted 41 arrests.

“Together, we’ve not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime,” Neal Jetton, Director of Interpol’s Cybercrime Directorate, said in a statement.

In Hong Kong, more than 1,000 servers were taken offline, while authorities in Macau, China took another 291 servers offline. Meanwhile, in Estonia, authorities seized 80GB of server data, which is now being analyzed for links to phishing and banking malware.

For more information about global cybercrime trends:

• “AI-Powered Cybercrime Cartels on the Rise in Asia” (Dark Reading)
• “AI Now a Staple in Phishing Kits Sold to Hackers” (MSSP Alert)
• “The Business of Cybercrime Explodes” (BankDirector)
• “Nation state actors increasingly hide behind cybercriminal tactics and malware” (CSO)

6 - IST: Ransomware attacks surged in 2023

Ransomware gangs went into hyperdrive last year, increasing their attacks by 73% compared with 2022, according to the non-profit think tank Institute for Security and Technology (IST).

The IST attributes the sharp increase in attacks to a shift by ransomware groups to “big game hunting” – going after prominent, large organizations with deep pockets. 

“Available evidence suggests that government and industry actions taken in 2023 were not enough to significantly reduce the profitability of the ransomware model,” reads an IST blog.

Global Ransomware Incidents in 2023

Another takeaway: The ransomware-as-a-service (RaaS) model continued to prove extremely profitable in 2023, and it injected dynamism into the ransomware ecosystem. 

The RaaS model prompted ransomware groups “to shift allegiances, form new groups, or iterate existing variants,” the IST blog reads.

The industry sector that ransomware groups hit the hardest was construction, followed by hospitals and healthcare, and by IT services and consulting. Financial services and law offices rounded out the top five.

To learn more about ransomware trends:

• “Ransomware Is ‘More Brutal’ Than Ever in 2024” (Wired)
• “Ransomware on track for record profits, even as fewer victims pay” (SC Magazine)
• “How Can I Protect Against Ransomware?” (CISA)
• “How to prevent ransomware in 6 steps” (TechTarget)
• “Steps to Help Prevent & Limit the Impact of Ransomware” (Center for Internet Security)

TORONTO – The Ontario Securities Commission (OSC) has issued an award of nearly $150,000 to an international whistleblower who provided information about significant issues at an early-stage firm.

"The one who wields the fire power is destined to save the world, but Owen Johnson has turned his back on that life. But after the Dragon's Claw's attack, Owen and his family are reeling from the loss— and more danger lurks on the horizon!" -- Description provided by publisher.

In 2021, General Secretary Xi Jinping solemnly declared that China's poverty alleviation battle has achieved a comprehensive victory. However, there is still a long way to go to solve the problem of unbalanced and insufficient development, narrow the development gap between urban and rural areas, and achieve comprehensive human development and common prosperity for all people.

NEW YORK TIMES BESTSELLER • From Linda Howard comes a thrilling and sensual new novel of romance, suspense, intrigue . . . and memories that can kill. Lizette Henry wakes up one morning and makes a terrifying discovery: She doesn't recognize the face she sees in the mirror. She remembers what she looks like, but her reflection is someone else's. To add to the shock, two years seem to have disappeared from her life. Someone has gone to great and inexplicable lengths to keep those missing years hidden forever. But the past always finds a way to return. Strange memories soon begin to surface and, along with them, some unusual skills and talents that Lizette hasn't a clue about acquiring. Sensing that she's being monitored, Lizette suddenly knows how to search for bugs in her house and tracking devices in her car. What's more, she can elude surveillance-like a trained agent. Enter a mysterious and seductive stranger named Xavier, who claims he wants to help-but who triggers disturbing images of an unspeakable crime of which Lizette may or may not be the perpetrator. With memories returning, she suddenly becomes a target of anonymous assassins. On the run with nowhere to hide, Lizette has no choice but to rely on Xavier, a strong and magnetic man she doesn't trust, with a powerful attraction she cannot resist. As murky waters become clear, Lizette confronts a conspiracy that is treacherous and far-reaching and a truth that, once revealed, may silence her and Xavier once and for all.

TORONTO – The Ontario Securities Commission (OSC), in partnership with the Royal Canadian Mounted Police (RCMP) – Integrated Market Enforcement Team (IMET), is warning the public about fraudulent investment opportunities related to the coronavirus (COVID-19).

Montréal –The Canadian Securities Administrators (CSA) warns the public about investment schemes involving fraudulent websites that solicit investments in foreign exchange (often referred to as “forex”), binary options and/or crypto assets.

Montreal - The Canadian Securities Administrators (CSA) is warning the public to be vigilant for unsolicited communications that come from scammers posing as CSA staff or staff of CSA members.

Toronto – The Canadian Securities Administrators (CSA) is warning the public that Nova Tech Ltd (NovaTech), which operates the website www.novatechfx.com, is not registered with a securities regulator in any province or territory in Canada.

TORONTO – The Ontario Securities Commission (OSC) is warning Ontario investors that the following companies are not registered to deal or advise in securities in Ontario:

"Batman: White Knight Presents: Harley Quinn takes place two years after Batman: Curse of the White Knight. Azrael has wiped out criminals in Gotham, Jack Napier (formerly The Joker) is dead, Bruce Wayne (Batman) is in prison, and Harley Quinn is adjusting to life as a single mother, raising the twins she had with Jack. But as new villains arise, Harley is forced to dance with madness once again and confront her own past with The Joker and Batman while helping the Gotham City police and an eager young FBI agent uncover the truth behind a series of gruesome murders. This collection also features a chapter from Harley Quinn's newest digital first series, Harley Quinn Black + White + Red, told in a traditional black-and-white format with the color red uniquely shaping Harley Quinn's story." -- Provided by publisher.

I had the pleasure of meeting with FAO Director-General Qu Dongyu in Rome this week. On behalf of IFPRI, I had the chance to renew the Memorandum of Understanding with FAO to further strengthen collaboration and partnership toward our shared goal of achieving the Sustainable Development Goals (SDGs) by 2030. Building on successful IFPRI-FAO partnerships, […]

Tenable®, the exposure management company, today announced the release of AI Aware, advanced detection capabilities designed to rapidly surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management, the world’s #1 vulnerability management solution. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins so organizations can confidently expose and close AI risk, without inhibiting business operations.

The rapid development and adoption of AI technologies in the past two years has introduced major cybersecurity and compliance risks that organizations must proactively address without established best practices. As a result, cybersecurity teams face significant AI-related challenges, such as vulnerability detection and remediation, containing data leakage and reining in unauthorized AI use. 

According to recent Tenable Research, more than one-third of security teams are finding usage of AI applications in their environment that might not have been provisioned via formal processes. In fact, during a 75-day period between late June and early September, Tenable found over 9 million instances of AI applications on more than 1 million hosts. The cybersecurity risk of unfettered AI usage is compounded by the increasing volume of AI vulnerabilities. Tenable Research has found and disclosed several vulnerabilities in AI solutions, including in Microsoft Copilot, Flowise, Langflow, among others.

With AI Aware, Tenable transforms proactive security for AI solutions. Tenable AI Aware uniquely leverages agents, passive network monitoring, dynamic application security testing and distributed scan engines to detect approved and unapproved AI software, libraries and browser plugins, along with associated vulnerabilities, thereby mitigating risks of exploitation, data leakage and unauthorized resource consumption. The combined depth of these multiple assessment methods delivers the most complete detection of AI in the modern ecosystem. 

[Watch the Tenable AI Aware product demo video here.]

“In an effort to keep pace with the sea change introduced by AI, organizations around the world ran full speed ahead, potentially bypassing countless cybersecurity, privacy and compliance red flags,” said Shai Morag, chief product officer, Tenable. “Perhaps more so than with any other new technology we’ve seen, there are many risk factors to consider, especially with rushed development and deployment. Tenable AI Aware empowers organizations to deploy AI confidently, ensuring their security measures keep pace with the rapid evolution of AI technologies.”

In addition to AI software and vulnerability detection, key AI Aware features available in Tenable Vulnerability Management, Tenable Security Center and Tenable One include:

• Dashboard Views provide a snapshot of the most common AI software discovered in the ecosystem, top assets with vulnerabilities related to AI and the most common communication ports leveraged by AI technologies. 
• Shadow Software Development Detection illuminates the unexpected existence of the building blocks of AI development in the environment, enabling businesses to align initiatives with organizational best practices.
• Filter Findings for AI Detections enable teams to focus on AI-related findings when reviewing vulnerability assessment results. Combined with the power of Tenable Vulnerability Prioritization Rating (VPR), teams can effectively assess and prioritize vulnerabilities introduced by AI packages and libraries. 
• Asset-Centric AI-Inventory provides a complete inventory of AI-related packages, libraries and browser plugins while reviewing the detailed profile of an asset. 

Join the upcoming Tenable webinar titled, "Mitigating AI-Related Security Risks: Insights and Strategies with Tenable AI Aware" on October 9, 2024 at 11:00 am ET, by registering here.

More information on Tenable AI Aware is available at: https://www.tenable.com/products/vulnerability-management/ai-aware 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

A young man travels to Trinidad to reconnect with a transgender parent, uncovering the complex realities of love and family. Jonathan Lewis-Adey was nine when his parents separated, and his mother, Sid, vanished entirely from his life. It is not until he is a grown man that Jonathan finally reconnects with his beloved lost parent, only to find, to his shock and dismay, that the woman he knew as "Sid" in Toronto has become an elegant man named Sydney living in his native Trinidad. For nine years, Jonathan has paid regular visits to Sydney on his island retreat, trying with quiet desperation to rediscover the parent he adored inside this familiar stranger, and to overcome his lingering confusion and anger at the choices Sydney has made. At the novel's opening, Jonathan is summoned urgently to Trinidad where Sydney, now aged and dying, seems at last to offer him the gift he longs for: a winding story that moves forward sideways as it reveals the truths of Sydney's life. But when and where the story will end is up to Jonathan, and it is he who must decide what to do with Sydney's haunting legacy of love, loss, and acceptance.

The Civil War was the first "modern war." Because of the rapid changes in American society, Abraham Lincoln became president of a divided United States during a period of technological and social revolution. Among the many modern marvels that gave the North an advantage was the telegraph, which Lincoln used to stay connected to the forces in the field in almost real time. No leader in history had ever possessed such a powerful tool to gain control over a fractious situation. An eager student of technology, Lincoln had to learn to use the power of electronic messages. Without precedent to guide him, Lincoln began by reading the telegraph traffic among his generals. Then he used the telegraph to supplement his preferred form of communication-meetings and letters. He did not replace those face-to-face interactions. Through this experience, Lincoln crafted the best way to guide, reprimand, praise, reward, and encourage his commanders in the field. By paying close attention to Lincoln's "lightning messages," we see a great leader adapt to a new medium. No listener of this work of history will be able to miss the contemporary parallels. Watching Lincoln carefully word his messages-and follow up on those words with the right actions-offers a striking example for those who spend their days tapping out notes on computers and BlackBerrys.

In the event of a security breach, a software inventory is essential to determine what was breached, and who needs to be notified.  First responders require a software inventory to perform forensic analysis and determine breach notification requirements for vendors, business partners, and regulatory bodies. Organizations that have a clear understanding of software in their environment can quickly assess a breach impact and identify affected areas. If legal proceedings are involved, an organized software inventory greatly assists in limiting data handed over to Law Enforcement and assists technical staff in depositions or testimony. 

Business Continuity and Disaster Recovery plans specify requirements for restoration of critical assets and services, but these need to be identified to establish a Recovery Time Objective (the amount of time to recover a service to an acceptable level of operation) and Recovery Point Objective (the last point of known good data.)  Developing and maintaining a software inventory is a critical first step in implementing an effective cyber security program.

A software inventory helps demonstrate compliance with regulatory controls and Service Level Agreements (SLA) for software used in the environment. From the perspective of “less is more,” a software inventory also identifies unnecessary software running in the environment, which increases the attack surface without providing a business advantage.

Security operations perform scans to identify operating system and application versions, including unsupported software and unpatched systems. This information is used to establish a secure baseline and measure drift from that baseline. A software inventory is necessary to determine if the software is authorized, appropriately licensed, supported, and has the most recent security fixes applied.
Identifying the authorized software assets is an important step to ensure critical assets are protected. The larger the organization, the more difficult the inventory process becomes. Tenable.io and Tenable.sc help organizations build a software inventory. There are several software discovery plugins that run by default in the following scan templates:

• Basic and Advanced Agent Scans
• Advanced (Network) Scan
• Basic (Network) Scan
• Credentialed Patch Audit
• Internal PCI Network Scan

Maintaining a software inventory aids in cyber hygiene and minimizes unauthorized software installation. Many organizations perform an annual audit by an external third party, where they are required to enumerate authorized software that is running in the environment. Organizations that maintain a current software inventory throughout the year can produce information required by auditors and vendors with minimal effort. 

The report and its chapters are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The report can be easily located in the Tenable.sc Feed under the category Discovery and Detection.

The report requirements are: 

• Tenable.sc 5.19.1
• Nessus 10.0.1

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.io discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture.

Chapters

Executive Summary This chapter presents data for detected operating systems, browsers, unsupported software, and other software installations on systems within a network.

Installed Software Iteration This chapter displays software detected across the organizations systems. Software enumeration is utilized to detect Installed software.

Issues Gating Remediation This chapter displays known/identified roadblocks to completing remediation efforts.

Ransomware has evolved into an ecosystem with multiple players and an expanded threat model. Ransomware groups now deploy a double extortion technique, where they both encrypt and exfiltrate their victims’ data. The Tenable Security Research Team has released a report that enumerates common vulnerabilities exploited by ransomware affiliates and groups. The Ransomware Ecosystem report enables organizations to quickly scan for the vulnerabilities commonly exploited by ransomware groups.

Organizations with effective Business Continuity and Disaster Recovery plans are protected against threats to availability of data, which can come in many forms, such as natural disasters, hardware failures, or malicious attacks. These organizations could recover operations from a traditional ransomware attack without paying the ransom. However, the vulnerabilities that gave ransomware groups the opportunity to successfully penetrate the infrastructure may still leave organizations open to significant risk. Like any good business, ransomware players discovered the advantage of threatening data confidentiality by publishing samples of their targets’ sensitive data and threatening to expose all the data unless they are paid.

Threat actors understand the economic advantage of investing in the ransomware ecosystem, becoming more sophisticated and efficient over time. Organizations often struggle to secure a budget for resources needed to protect their infrastructure and prevent attacks from succeeding.

The Ransomware Ecosystem report displays assets by plugin family along with associated vulnerabilities. Operations teams use this information to evaluate risk based on the organization’s business priorities. The ability to rapidly mitigate vulnerabilities requires data to be presented in a concise manner focused on findings that pose the greatest risk to the organization. Risk managers leverage risk-based vulnerability management platforms to prioritize mitigation efforts.

This report is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The report can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessments. The report requirements are:

• Tenable.sc 5.18.0
• Nessus 8.14.0

Tenable.sc enables organizations to quickly identify and locate vulnerabilities in their infrastructure.This report displays the most common vulnerabilities sorted by platform type that are commonly exploited by ransomware groups. Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives.

Chapters

Executive Summary Chapter – Contains information from the Ransomware Ecosystem Dashboard that uses the CVE and Plugin Family filters to display counts of the vulnerabilities and assets that have been affected by ransomware.

Linux Chapter  – Contains charts and tables that group together Ransomware Ecosystem related CVEs for all Linux Operating Systems and includes an IP Detail for the hosts identified.

Windows Chapter  – Contains charts and tables that group together Ransomware Ecosystem related CVEs for all Windows Operating Systems and includes an IP Detail for the hosts identified.

Other Chapter  – Contains charts and tables that group together Ransomware Ecosystem related CVEs for all "Other" Operating Systems and includes an IP Detail for the hosts identified.

Sir Edward Grey (1862-1933) was Britain's longest-serving Foreign Secretary, holding office from December 1905 to December 1916. Best known today for his observation on the eve of World War I, "The lamps are going out all over Europe; we won't see them lit again in our lifetime," Grey had worked tirelessly to keep the lamps on, while keeping Britain and the Empire secure. During his eventful and stressful years in office, and before and after, Grey corresponded extensively with Katharine Lyttelton (1860-1943), the wife of a high-ranking general who served as the first Chief of the General Staff. Though they were probably not lovers-readers can decide for themselves-the relationship was an intimate one, and Grey was able confide in her thoughts and feelings he concealed from Cabinet colleagues and his male friends. The letters, selected and edited by Jeff Lipkes, reveal a side to Grey that has not been fully appreciated. He was amusing, shrewd, and humane, and a close observer of individuals as well as of nature. His observations still speak to us. They will resonate with everyone who loves the outdoors and solitude. Those coping with an overpowering grief, with a strong distaste for their work, or with approaching blindness may find them especially poignant. But others not so afflicted may discover they have become kinder, more courageous, and more observant for having read Grey's letters. Dear Kathanine Courageous includes an eighty-page introduction by Lipkes on Grey, Lytellton, and their circle, and an Afterword on the Foreign Secretary's private life.

The CL0P Ransomware Group, also known as TA505, has exploited zero-day vulnerabilities across a series of file transfer solutions since December 2020. File transfer solutions often contain sensitive information from a variety of organizations. This stolen information is used to extort victims to pay ransom demands. In 2023, CL0P claimed credit for the exploitation of vulnerabilities in both Fortra’s GoAnywhere Managed File Transfer (MFT) and Progress Software’s MOVEit Transfer solutions.

Research conducted as part of security audits has revealed additional vulnerabilities. This dashboard contains a list of vulnerabilities known to be exploited by the CL0P ransomware group as well as other vulnerabilities that could be leveraged by CL0P and other threat actors. Operations teams can use this data to identify the assets affected by the associated CVEs targeted by the CL0P ransomware group. The following Nessus plugins identify the affected vulnerabilities:

•  90190: Progress MOVEit Transfer Installed (Windows)
• 176735: Progress MOVEit Transfer Web Interface Detection
• 176736: Progress MOVEit Transfer FTP Detection
• 176567: Progress MOVEit Transfer
• 177371: Progress MOVEit Transfer Critical Vulnerability (June 15, 2023)

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable Security Center Feed under the category Security Industry Trends.

The requirements for this dashboard are:

• Tenable Security Center 6.1.1
• Tenable Nessus 10.5.2

The Security Response Team (SRT) in Tenable Research digs into technical details and tests proof-of-concept attacks, when available, to ensure customers are fully informed of risks. The SRT also provides breakdowns for the latest vulnerabilities in the Tenable blog.

Tenable Research has posted the FAQ for MOVEit Transfer Vulnerabilities and CL0P Ransomware Gang blog post to provide the latest information about this threat.

Components

CL0P Ransomware Group MOVEit – This table displays assets that are vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) related to Progress Software’s MOVEit Transfer solutions. The component specifically provides results for pluginIDs 90190, 176735, 176736, 176567, 177082, and 177371. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the IP address, NetBIOS, DNS, and OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bar.

CL0P Ransomware Group Fortra GoAnywhere MFT – This table displays assets that may be vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) related to Fortra GoAnywhere Managed File Transfer (MFT). The component specifically provides results for pluginIDs 171845, 171558, 171771, and 113896. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the IP address, NetBIOS, DNS, OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bar. 

CL0P Ransomware Group Accellion File Transfer – This table displays assets that may be vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) for CGI abuses related to Accellion Secure File Transfer. The component specifically provides results for pluginIDs 85007, 146927, and 154933. These vulnerabilities are associated with a zero-day that is actively being exploited by the CL0P Ransomware Group, also known as TA505. The table displays the IP address, NetBIOS, DNS, and OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bars.

CL0P Ransomware Group Patched Assets – This table displays vulnerabilities that have been remediated related to recent targeted attacks by the CL0P Ransomware Group (aka TA505). The remediated vulnerabilities displayed are specifically related to the vulnerabilities related to Progress Software’s MOVEit Transfer solutions, Fortra GoAnywhere Managed File Transfer, and Accellion Secure File Transfer. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the PluginID, Vulnerability Name, Plugin Family, Severity, and Total of remediated vulnerabilities.

One year of war in Gaza: Food emergency continues with no end in sight

Problems of feeding more than 2 million people in a war zone.

The post One year of war in Gaza: Food emergency continues with no end in sight appeared first on IFPRI.

The true story of three intrepid people who successfully eluded the Japanese in Manila for more than two years, sabotaging enemy efforts and preparing the way for MacArthur's return. One was a debonair polo-playing expatriate businessman who was also a U.S. Navy intelligence officer. Another was a defiant enlisted American soldier. And the third was a wily American woman, an intinerant torch singer with many names and almost as many husbands. With ample doses of intrigue, drama, skulduggery, sacrifice, and romance, this book has all the complicated heroism and villainy of the best war novels. But it is, in the end, a true tale of courage when it counted the most. -- adapted from book jacket.

Documents the extraordinary story of three brothers in World War II, describing the rescue mission launched by the elder two when their youngest brother was declared missing in action in the Philippines.

Event Begins: Wednesday, November 13, 2024 6:15pm
Location: East Quadrangle
Organized By: Michigan Housing Diversity and Inclusion

Join the GILE DPE in attending the Spectrum Center's Trans Awareness Month Keynote address. There will be a brief discussion after the event to reflect and share insights. Let’s come together to learn, support, and grow!

Event Begins: Wednesday, November 13, 2024 9:00am
Location: Hatcher Graduate Library
Organized By: University Library

This exhibit explores the characters of Mrs. Dalloway through the lens of WWI and its aftershocks. It looks at those who fought in the trenches and those who watched from afar.

[The exhibit includes references to suicide and Post Traumatic Stress Disorder, which might be distressing for some visitors. Viewer discretion is advised.]

While all of the action in Virginia Woolf’s modernist masterpiece takes place on a single day, as preparations are made for Clarissa Dalloway’s evening party, Woolf’s stream of consciousness writing takes us in the characters’ minds all the way from English drawing rooms to colonial India to the trenches of World War I.

Check today's Hatcher Gallery Exhibit Room hours: https://myumi.ch/PkQ2x