Daily Archives: March 7, 2021

The National Security Agency and Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity information sheet, Selecting a Protective DNS Service on Thursday. This publication details the benefits of using a Protective Domain Name System (PDNS), which criteria to consider when selecting a PDNS provider, and how to effectively implement PDNS.

The Domain Name System (DNS) is a key component of the internets resilience. It makes navigating a website, sending an email, or making a secure shell connection easier by translating domain names into Internet Protocol addresses. PDNS is a security service that uses existing DNS protocols and architecture to analyze DNS queries and mitigate threats. Its core capability is leveraging various open source, commercial, and governmental threat feeds to categorize domain information and block queries to identified malicious domains. This provides defenses in various points of the network exploitation lifecycle, addressing phishing, malware distribution, command and control, domain generation algorithms, and content filtering. PDNS can log and save suspicious queries and provide a blocked response, delaying or preventing malicious actions such as ransomware locking victim files while enabling an organization to investigate using those logged DNS queries.

This Cybersecurity Information Sheet provides a compiled summary of the services by different PDNS providers. This information is provided to help NSA and CISAs customers to analyze which provider may meet their needs, and it does not recommend or endorse any of the products specifically. Customers looking to implement PDNS should choose a reputable PDNS provider and take care to understand how the provider will use any customer data.

This product includes lessons learned from a NSA PDNS pilot, where NSA partnered with the Department of Defense Cyber Crime Center to offer several members of the Defense Industrial Base PDNS as a service. Over a six-month period, the PDNS service examined more than 4 billion DNS queries to and from the participating networks, blocking millions of connections to identified malicious domains.

NSA and CISA have partnered on the release of this cybersecurity information to release unique, timely and actionable cybersecurity guidance to strengthen the cybersecurity of the nation and its allies at scale. This release is a result of frequent collaboration between NSA and CISA, combining both agencies unique expertise to achieve this goal. For more information on cybersecurity products, visitNSA.gov/cybersecurity-guidance.

Read more at NSA

(Visited 118 times, 4 visits today)

Read the original:
NSA and CISA Release Cybersecurity Information on Protective DNS Homeland Security Today - HSToday

SANTA BARBARA, Calif., March 5, 2021 /PRNewswire/ -- Green Hills Software, the worldwide leader in high-assurance operating systems, today announced that its INTEGRITY-178 Time-Variant Unified Multi-Processing (tuMP) RTOSis being used by Collins Aerospace to meet the NSA's Raise the Bar (RTB) initiative for Cross Domain Solutions (CDS). Collins is using the INTEGRITY-178 tuMP real-time operating system (RTOS) in the small form-factor, tactical CDS that is being deployed on the U.S. Navy's Tactical Combat Training System Increment II (TCTS II) program and is targeted for the U.S Air Force's P6 Combat Training Systems (P6CTS). Collins said INTEGRITY-178 tuMP made this Raise the Bar CDS certification approval possible by "uniquely meeting the functionality requirements of the Navy's TCTS II CDS and security assurance requirements of RTB."

Raise the Bar is a set of security standards published in 2018 by the National Cross Domain Strategy Management Office (NCDSMO) within the National Security Agency (NSA) to set design and implementation requirements for CDS. The RTB standard goes well beyond the National Institute of Standards and Technology's (NIST) Risk Management Framework (RMF) controls that many government agencies implement. RTB standards ensure that CDS systems are at low risk of failing, even when under persistent attack. RTB is designed to combat evolving threats by continually improving CDS effectiveness.

CDS systems are a critical part of a multi-domain operational environment where warfighters need data at their fingertips to make real-time decisions. By leveraging the INTEGRITY-178 tuMP security-hardened operating system, the Collins CDS allows for greater access control, data isolation between applications, resource sanitation, and fault isolation on a multicore processor. Running securely on a multicore processor enables the Collins CDS to radically increase speeds and support high-assurance information flow policy enforcement from the command centers to the people and platforms at the tactical edge.

The INTEGRITY-178 tuMP RTOS is a multiple independent levels of security (MILS) operating system that has been deployed on numerous multi-level security (MLS) and CDS programs. INTEGRITY-178 tuMP has a unique pedigree of meeting the strictest security assurance and functional requirements. Even before the creation of the RTB standards, Green Hills Software led the way to meeting CDS requirements for an operating system by getting INTEGRITY-178 certified to the NSA-defined Separation Kernel Protection Profile (SKPP) in 2008. The SKPP is the highest assurance set of requirements ever created for an operating system, and INTEGRITY-178 was certified to Common Criteria EAL 6+ and "High Robustness." High Robustness means the OS was determined to be resistant to an extremely sophisticated adversary with abundant resources, such as a persistent threat from a nation-state.

As part of certification to the SKPP, INTEGRITY-178 underwent independent vulnerability analysis and penetration testing by the NSA to demonstrate both that it is resistant to an attacker possessing a high attack potential and that it does not allow attackers with a high attack potential to violate the security policies. Additionally, INTEGRITY-178 underwent covert channel analysis by the NSA to demonstrate that it satisfies all covert channel mitigation metrics. INTEGRITY-178 tuMP extends that security pedigree to multicore systems, and it continues to meet the SKPP's functional and assurance requirements for those programs that require the highest levels of security assurance.

TCTS II and P6CTS are air combat training programs that will enable joint tactics, techniques, and procedures in a secure environment against a peer adversary threat, unlike anything the services have been able to do in the past. These collaborative programs lay the digital foundation for bringing secure, cross-service air combat and joint Live, Virtual, and Constructive (LVC) training to the U.S. and its allies. With an open systems architecture that is conformant with the Future Airborne Capability Environment (FACE) Technical Standard, TCTS II ensures interoperability between platforms, reducing test time and ultimately increasing rapid, affordable deployment of the solution. P6CTS also uses a modular open systems architecture (MOSA) incorporating the FACE Technical Standard to simplify both obsolescence management and future upgrades to new technologies. Used on both TCTS II and P6CTS, the INTEGRITY-178 tuMP RTOS is certified conformant to the FACE Technical Standard, Edition 3.0.

Additional Resources:

About Green Hills SoftwareFounded in 1982, Green Hills Software is the worldwide leader in embedded safety and security. In 2008, the Green Hills INTEGRITY-178 RTOS was the first and only operating system to be certified by NIAP (National Information Assurance Partnership comprised of NSA & NIST) to EAL 6+, High Robustness, the highest level of security ever achieved for any software product. Our open architecture, integrated development solutions address deeply embedded, safety/security and high-reliability applications for the military/avionics, medical, industrial, automotive, networking, consumer and other markets that demand industry-certified solutions. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom. Visit Green Hills Software at http://www.ghs.com.

Green Hills, the Green Hills logo, INTEGRITY and tuMP are trademarks or registered trademarks of Green Hills Software, in the U.S. and/or internationally. All other trademarks are the property of their respective owners.

SOURCE Green Hills Software

http://www.ghs.com

Link:
INTEGRITY-178 tuMP is the First RTOS Used to Meet NSA Raise the Bar Requirements for Cross Domain Solutions - PRNewswire

NSA Ajit Doval. (Photo source: PTI)

By Gulbin Sultana, PhD,

A trilateral secretariat for National Security Advisors (NSA) on Maritime Security Cooperation between India, Sri Lanka, and the Maldives was inaugurated on March 1, 2021. The secretariat was set up at the Sri Lanka Navy (SLN) Headquarters in Colombo in keeping with the discussions held at the fourth NSA level trilateral meeting on maritime cooperation in November 2020. The fully-fledged 24/7 operated secretariat is expected to facilitate non-stop communication between India, Sri Lanka, and the Maldives on the issues pertaining to maritime security in the Indian Ocean Region.

The NSA-level trilateral meeting on maritime security cooperation was inaugurated in 2011 in the Maldives. Second and the third meeting held in Sri Lanka in 2013 and India in 2014 respectively. Unfortunately, there was a halt in the meeting since 2014 mainly due to the deteriorating relations between India and the Maldives during 2014-2018. After the new administration under President Ibrahim Mohamed Solih assumed power in the Maldives in 2018, there has been a fresh impetus to resume the trilateral maritime dialogue. Realizing the topical necessity of the continuation of the meeting, the three countries held the fourth NSA level meeting on November 28, 2020.

Given the geo-strategic location of India, Sri Lanka, and the Maldives, the three countries share common maritime security threats and challenges posed by the evolving Indian Ocean security environment of the twenty-first century. The NSA-level meeting was designed to initiate collective action to deal with the common security threats and challenges in the maritime domain. In this context, during the second meeting in 2013, a roadmap for maritime security cooperation was agreed by the three countries which include initiating measures to enhance Maritime Domain Awareness (MDA), sharing of Automatic Identification System (AIS) and Long Range Identification and Tracking (LRIT) data; training and capacity building initiative in areas of MDA, Search and Rescue (SAR), Oil Pollution Response, as well as joint activities including trilateral exercises, maintaining lines of communication on illegal maritime activities, formulation of marine oil pollution response contingency plan, humanitarian assistance and disaster relief, and cooperation in legal and policy issues related to piracy. Newer areas of cooperation including hydrography, maritime and underwater heritage, training in Visit Board Search and Seizure (VBSS) operations, training on-board Indian Sail Training Ships, exchanges between think tanks, and joint participation in adventure activities were discussed during the third meeting in 2014. During the fourth NSA level meeting, all the three countries agreed to broad base cooperation by expanding the scope to improve intelligence sharing and include issues such as terrorism, radicalization, extremism, illegal drugs, weapons, and human trafficking, money laundering, cybersecurity, and effect of climate change on the maritime environment.

It was acknowledged in the fourth meeting that to ensure effective implementation of decisions taken at the four meetings, biannualDeputy NSA level working group meeting, cooperation at the operational level, intelligence sharing and enhancement and maintenance of maritime information management system, improvement of personnel capabilities, and cooperation on education and training among the three countries is crucial. In this context, setting up of the NSA trilateral secretariat was an important step. The secretariat can provide a 24/7 communication line among the three countries on issues of mutual concern in the maritime domain. The secretariat can be of particular use for sharing maritime intelligence on the illegal activities in the Indian Ocean among these three countries. It was suggested during the fourth NSA level meeting that the existing technology can be utilised for the purpose.

To collect information on maritime activities in the Indian Ocean, India has installed a coastal surveillance radar system (CSRS) all along Indian coastlines including Andaman and Nicobar Islands through its entire coastal belt. Additionally, India set up the CSRS in the Maldives, Mauritius, and Seychelles and AIS in Sri Lanka. Currently, the Information Fusion Centre (IFC), Indian Ocean Region Gurgaon fuses the white shipping information collected by the CSRS and the AIS and shares the information with all the countries that have signed the White Shipping Agreement. India has signed White Shipping Agreement with around 26 countries including Sri Lanka and the Maldives. However, the Agreement does not include the provision for intelligence sharing. As per the White Shipping Agreement, member countries can share information only on merchant shipping activities in the region.

The NSA level trilateral mechanism provides for sharing maritime intelligence using the existing technology among India, Sri Lanka, and the Maldives. The newly set up Secretariat can facilitate maritime intelligence information sharing and benefit all the three countries to deal with their maritime security challenges coming from illegal activities at sea including, act of terrorism; piracy; drug, weapons and human trafficking, illegal, unreported and unregulated fishing; marine pollution and so on.Expanding the membership of the trilateral forum to include Mauritius and Seychelles would further strengthen the capability and capacity of this subregional groupingto deal with the maritime security challenges in the Indian Ocean. Commenting on the newly set up NSA secretariat in Colombo, Foreign Secretary of Sri Lanka, Prof. (Adm.) Jayanath Colombage said, the entire world is benefitted with this initiative, as the Indian Ocean is the lifeline of the entire world.

(The author is a Research Analyst, Manohar Parrikar Institute for Defence Studies and Analyses. Views expressed are personal and do not reflect the official position or policy of the Financial Express Online.)

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, Check out latest IPO News, Best Performing IPOs, calculate your tax by Income Tax Calculator, know markets Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

See the original post here:
Inauguration of NSA Trilateral Secretariat: A step forward for maritime security cooperation with Sri Lanka, and the Maldives - The Financial Express

Uttar Pradesh Chief Minister Yogi Adityanath on Tuesday directed officials to invoke the National Security Act (NSA) against all the four accused involved in the murder of Amrish Sharma, a resident of Hathras.

Amrish Sharma was shot dead by the main accused, Gaurav Sharma and his friends. The deceased had filed a case against Gaurav Sharma in July 2018 for allegedly molesting his daughter at a village in the Sasni police station area on Monday, Uttar Pradesh police said.

"Chief Minister Yogi Adityanath directs officials to take strict action in the matter. He has also given directions to invoke the National Security Act against all the accused involved in the case," the Chief Minister's Office (CMO) said in a statement.

NSA is an act that empowers the government to detain a person if the authorities are satisfied that he/she is a threat to national security or to prevent him/her from disrupting public order.

According to the police, an FIR has been registered against four accused, two of whom have been arrested.

Vineet Jaiswal, Superintendent of Police (SP) Hathras said that Amrish Sharma was shot dead in his Nojalpur village by the main accused Gaurav Sharma along with his friends on Monday at around 4 pm.

The SP said that the police reached the incident spot and an investigation was carried out on Monday.

"During the investigation, it came to light that in July 2018, Amrish Sharma had filed a case of molestation against Gaurav Sharma, who was sent to jail but he came out on bail after one month. Both the families were having a dispute since then," Jaiswal added.

Speaking about the incident, the police official said, "The wife and the aunt of the main accused Gaurav Sharma and both daughters of deceased had gone to temple in the village. They had an argument there over the old case. The accused and the Amrish Sharma came there later where they argued and the accused shot the latter, who died while being taken to hospital."

The SP said that teams have been formed to nab the remaining accused and further investigation is underway.

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

See the article here:
Adityanath directs officials to invoke NSA against accused in Hathras case - Business Standard

Egyptian authorities must conduct prompt, effective and independent investigations into the enforced disappearance for almost two years of a young mother, and her toddler, as well as the ongoing enforced disappearance of her husband, the childs father, said Amnesty International today.

The organization also urges the authorities to immediately release the mother from abusive pre-trial detention and ensure the familys right to adequate remedy and reparation proportional to the severity of violations and harm suffered.

"The Egyptian authorities have a long, grim record of forcibly disappearing and torturing people they consider government opponents or critics. However, seizing a young mother with her one-year-old baby and confining them in a room for 23 months outside the protection of the law and with no contact with the outside world show that their ongoing campaign to stamp out dissent and instil fear has reached a new level of brutality, said Philip Luther, Amnesty Internationals Research and Advocacy Director for the Middle East and North Africa.

Seizing a young mother with her one-year-old baby and confining them in a room for 23 months outside the protection of the law and with no contact with the outside world show that Egyptian authorities' ongoing campaign to stamp out dissent and instil fear has reached a new level of brutality

These unconscionable acts of cruelty violate Egypts human rights obligations, including the absolute prohibition on torture and other ill-treatment and enforced disappearances, and constitute crimes under international law. There must be urgent, independent and effective investigations into these crimes with a view to bringing those responsible to justice in a fair trial and ensuring full reparation for the victims.

National Security Agency (NSA) officers seized university teacher Manar Adel Abu el-Naga, 27, her husband, Omar Abdelhamid Abu el-Naga, 27, and their one-year-old baby boy, al-Baraa, from their home in Alexandria on 9 March 2019. Their distressed relatives and lawyers have spent the last two years trying in vain to locate them. Despite a July 2019 administrative court ruling ordering the Ministry of Interior to reveal their whereabouts, the ministry repeatedly denied having them in its custody.

On 20 February 2021, Manar Adel Abu el-Naga appeared before the Supreme State Security Prosecution (SSSP), a special branch of the public prosecution responsible for investigating national security offences, and was questioned about membership in a terrorist group and "funding a terrorist group", which she denies.

In line with NSA practice in other enforced disappearance cases documented by Amnesty International, security forces falsified her arrest date and pressured her to say that she was arrested two days before her appearance in front of the SSSP. She was taken from her place of captivity and accompanied by policemen directly to the prosecutor. A lawyer present at the SSSP premises attended her questioning but was not permitted to consult with her or examine her case file. A prosecutor ordered that she be detained for 15 days pending further investigations. According to lawyers and other informed sources, the case against her relies on secret NSA investigations and two handwritten notes that she has denies authoring.

Manar Adel Abu el-Naga was transferred to al-Qanater womens prison and has not be allowed contact with her family thus far.

Her son, al-Baraa, now nearly three, was handed over to her relatives, whom he has not seen in nearly two years. People who met the child said that he is experiencing severe mental anguish, separation anxiety and is in urgent need of mental and physical rehabilitation. The child did not seem to have bathed for a long time and repeatedly said, I want to go back to the room, referring to the room where he had been held captive.

On his Facebook page, the toddlers uncle described the devastating impact of his enforced disappearance on his mental health: "A child who does not know his relatives and is afraid of them he is only used to seeing people in uniform."

The Egyptian authorities are adding to the catalogue of violations inflicted on Manar Adel Abu el-Naga and her family by separating her from her traumatized child and denying her basic due process rights, said Philip Luther.

Given the Egyptian authorities abuse of pre-trial detention to keep thousands of men and women in jail on unfounded terrorism charges for months or even years, and the horrific circumstances surrounding the familys enforced disappearance, Amnesty International is calling for Mana Adel Abu el-Nagas immediate release. Any statements that she has made during her enforced disappearance must be excluded from legal proceedings against her.

The childs father, Omar Abdelhamid Abu el-Naga, continues to be subjected to enforced disappearance, adding to fears for his life and safety. The Egyptian authorities must immediately reveal the truth about his fate and whereabouts.

These egregious violations by security forces yet again illustrate the devastating effects of the prevailing climate of impunity in Egypt

Amnesty Internationals research over the past eight years has shown that security forces, particularly the NSA, regularly subject real or perceived opponents and critics to enforced disappearance for days, months, and sometimes years. During that time, NSA officers subject them to torture and other ill-treatment, and then routinely coerce them into supporting claims by the NSA in front of SSSP prosecutors, who systematically fail to investigate allegations of enforced disappearances or torture against NSA officers.

"These egregious violations by security forces yet again illustrate the devastating effects of the prevailing climate of impunity in Egypt. They throw into sharp relief the urgent need for the international community to act in a coordinated manner, including by supporting the establishment of a monitoring and reporting mechanism on Egypt at the UN Human Rights Council," said Philip Luther.

In the absence of international action, security forces will feel empowered to continue committing grave violations of human rights and crimes under international law, destroying entire families in their wake.

Read this article:
Egypt End and redress shocking crimes against toddler and family forcibly disappeared for 23 months - Amnesty International

GREENWOOD VILLAGE, Colo.--(BUSINESS WIRE)--National Storage Affiliates Trust (NSA or the "Company") (NYSE: NSA), today announced the expansion of its Board of Trustees by one additional seat and elected Charles Wu to its Board, effective February 25, 2021.

Paul Hylbert, the Companys Lead Independent Trustee, commented, We are extremely pleased to announce Charlies addition to NSAs board, bringing the total number of Trustees to eleven while enhancing the boards diversity. Charlies significant real estate investment experience across varied private equity platforms will be a great contribution to the oversight and direction provided by our board members, while enhancing NSAs focus on continued value creation for all its stakeholders.

Mr. Wu is currently a Senior Lecturer of Business Administration at Harvard Universitys Graduate School of Business where he has taught since 2015. In 2015, he retired from his role as Managing Director of BayNorth Capital, a Boston-based private real estate equity firm which he co-founded in July 2004. Prior to co-founding BayNorth Capital, Mr. Wu co-founded the private equity firm Charlesbank Capital Partners in July 1998 and served as Managing Director for six years; served for three years as a Managing Director of its predecessor firm, Harvard Private Capital Group, the private equity and real estate investment unit of Harvard Management Company; and was a Managing Director at Aldrich Eastman & Waltch (AEW) where he directed the restructuring group and was a portfolio manager. Mr. Wu currently serves as a Trustee for the University of Massachusetts and is also a Board member of the University of Massachusetts Building Authority. Mr. Wu has an MBA, with distinction, and a BA, magna cum laude, from Harvard University.

Upcoming Industry Conference

NSA management is scheduled to participate in Citis 2021 Virtual Global Property CEO Conference, March 8 11, 2021.

About National Storage Affiliates Trust

National Storage Affiliates Trust is a real estate investment trust headquartered in Denver, Colorado, focused on the ownership, operation and acquisition of self storage properties located within the top 100 metropolitan statistical areas throughout the United States. As of December 31, 2020, the Company held ownership interests in and operated 821 self storage properties located in 36 states and Puerto Rico with approximately 52.0 million rentable square feet. NSA is one of the largest owners and operators of self storage properties among public and private companies in the United States. For more information, please visit the Companys website at http://www.nationalstorageaffiliates.com. NSA is included in the MSCI US REIT Index (RMS/RMZ), the Russell 2000 Index of Companies and the S&P SmallCap 600 Index.

Read the original here:
National Storage Affiliates Trust Announces Expansion of Board of Trustees and the Addition of Charles Wu to the Board - Business Wire

Taiwanese communications service provider Far EasTone Telecom (FET) has chosen Ericsson as its vendor for 5G Standalone (SA) and Non-standalone (NSA) dual-mode 5G Core and Voice over LTE (VoLTE) services.

The deal builds on Ericssons existing 5G partnership with FET, including thelaunch of commercial 5G in July 2020.

Ericsson will support FET in the expansion of its 5G NSA capabilities and SA evolution on the low, mid- and high-band frequencies.

In addition to end-to-end network orchestration and management, the expanded partnership will include full network design, planning and optimization services. These abilities will maximize FETs spectrum assets by expanding its mid-band base stations and modernizing existing low-band stations.

Ericsson will also provide a turnkey solution to deploycloud-nativedual-mode5G Core, including the container-basedEricsson Cloud Packet Core,Ericsson Cloud Unified Data Management and Policy,Ericsson Cloud Native InfrastructureandEricsson Orchestrator.

Ericsson Cloud VoLTEsolution will enable FET to improve voice user experience in current 4G networks in addition to being the foundation for voice use cases and 5G voice.

The deal also includesEricsson Radio Systemproducts, including antenna-integrated radios (AIR) for mid-band and millimeter wave.

Ericssons AI-poweredCognitive Optimizationwill be deployed for the first time in Taiwan as part of the expanded partnership, ensuring continuous optimization for 5G network performance and enhanced user experience.

Chee Ching, President, Far EasToneThe recent 5G network performance recognition both by Speedtest and Opensignal confirms our commitment to providing best 5G experiences for customers in Taiwan. With the proven network performance, we are glad to extend the strong partnership with Ericsson to continue the footprint and build a world-class 5G network.

Chafic Nassif, President, Ericsson TaiwanThe value of this partnership is unique and significant at the same time. Our close collaboration with FET to deliver a world leading network shows the benefit of combining end-to-end efficient network assets with operational efficiency, to improve customer experience.

View original post here:
Far EasTone Expands 5G Partnership with Ericsson for 5G SA & NSA, Dual-mode 5G Core and VoLTE - The Fast Mode

CIA-backed threat intelligence firm Recorded Future has issued a document in which it claims that a China-linked group named RedEcho is targeting the Indian power industry. That's the meaning from the headline which is very definitive.

But within the body of that document, Recorded Future takes more than one step backward, citing characteristics of other China-related groups (related? linked?) before saying: "Despite some overlaps with previous groups, Insikt Group [the fancy name for its research wing] does not currently believe there is enough evidence to firmly attribute the activity in this particular campaign to an existing public group and therefore continues to track it as a closely related but distinct activity group, RedEcho."

Is China behind the group RedEcho? Ah, when it comes to that, the good folk at Recorded Future are every bit the bashful teenagers. The words "appear", "indicate" and "may" are used often within the document which runs to about 15 pages.

Then why issue this half-baked report? Perhaps there was a call from Langley, needing some backup for something in the political pipeline.

Given that all security firms base their attribution of the various security threats they issue statements about, using fancy names, to a few helpful hints from some intelligence agency or the other, a little help to those nameless and faceless agencies is always welcome.

But in this case, there were a few wheels within wheels. First Recorded Future leaked the document to the New York Times. As usual, the NYT made the "findings" take on a life of their own, adding more certainty to the mix than even Recorded Future had infused into its headline.

Reporters David Sanger and Emily Schnall wrote: "The study shows that as the standoff continued in the Himalayas, taking at least two dozen lives, Chinese malware was flowing into the control systems that manage electric supply across India, along with a high-voltage transmission substation and a coal-fired power plant."

But then came the admission that dealt a death-blow to these conclusions: Recorded Future could not gain access to India's power systems and hence could not examine the code involved.

Plus, the NYT pointed out that the firm had made this admission: "...the alleged link between the outage and the discovery of the unspecified malware in the system "remains unsubstantiated".

The NYT has form in this regard: beating up some information to make it appear dangerous and the harbinger of doomsday. The last time it put out something like this was in January, when Sanger and two others, Nicole Perlroth and Julian Barnes, claimed that that the wares of a software company known as JetBrains could have a connection to the supply chain incident involving SolarWinds' network management software known as Orion.

The headline on the Recorded Future study.

On that occasion, the newspaper's scribes faced the wrath of ex-NSA hacker Jake Williams who came straight to the point, saying: "As I continue to interact with folks dealing with the aftermath of the NYT JetBrains story, I'm calling it - the story was irresponsibly released.

"The story lacks any actionable details and has collectively cost overworked security teams *thousands* of hours in response."

There was yet another angle to the RedEcho story, which offered more potential for laughter. Enter Robert Lee, again an NSA alumnus, a man who runs a company known as Dragos that specialises in the security of industrial control systems.

Lee had a bet each way, seemingly keen not to offend either Recorded Future or the NYT. "Interestingly, the NYT writes: 'Now, a new study lends weight to the idea that those two events may well have been connected' referring to a power outage last year in India," he said in the first of a series of tweets. "But whats interesting is the RF analysts dont seem to say that noting instead a link is unsubstantiated."

Lee's use of the word "interesting" is indeed, well, interesting to say the least!

"It seems the NYT is just offering a potential link, but the analysts dont support it," wrote the ever-cautious Lee. "Not critiquing any party involved but kudos to the analysts for sticking to their point that what they found was interesting and targeted, but chose not to speculate further."

He found that the Recorded Future analysts were "being "very reasonable and professional". Exactly what Lee learnt at the NSA is not known, but he seems to have majored in PR.

While spreading balm on both sides, Lee also hinted that it was not worth rushing to read the RF report. "For all my colleagues in electric power theres nothing here that would say any power outage was the result of a cyber attack or anything like that and if RF had any 'imminent' risk type intel theyd have shared it. Looks isolated. So rest easy and just read the report tomorrow," was his sage advice.

His final words on the NYT report? "Without being ad hominem as I do like David [Sanger] (damn good journalist) I will say Ive been frustrated more than a few times with NYT cyber reporting from a technical detail perspective, but outside the one unsupported claim I called out it reads pretty reasonable."

Lee then seems to have decided that he needed to paint himself as the soul of reason. "And before anyone claims Im gatekeeping journalism with tech elitism or whatever, the frustrations Ive had in the past are over tech details that fundamentally change the story (e.g. Baltimore ransomware EternalBlue link) not just tech details. But nothing of that is here." In other words, all those nasty words in the past were really not nasty, not at all.

All's well, that ends well, it would seem. Or appear.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

Here is the original post:
Plenty of mirth as Recorded Future, NYT and ex-NSA man have a punt each way - iTWire

As more and more devastating dog attacks on livestock are being reported, the National Sheep Association (NSA) is asking sheep farmers to contribute to its survey.

The survey aims to gather data and inform policy direction on the topic that appears to have been growing in case numbers and severity over the past year.

NSA chief executive Phil Stocker said: For many years NSA has been engaged in trying to highlight the serious issue of sheep worrying attacks by dogs.

"This has seen NSA involved in many discussions with rural police forces, animal welfare charities, the veterinary sector and, of course, government as we have, alongside others, called for changes in legislation to protect sheep farmers and their stock.

To facilitate this work NSA is appealing to all sheep farmers in the UK to supply the most up to date information and experiences they may have had with attacks on their flocks in this survey.

The 2021 NSA survey includes many new elements seeking information on sheep farmers experiences and their thoughts on how the issue could be resolved.

Through completing the survey respondents are helping to ensure the best possible voice can be put forward supporting calls for legal and cultural changes.

Devastatingly NSA hears from many sheep farmers experiencing problems with dogs chasing and attacking sheep on a weekly basis with case numbers appearing to have increased whilst the nation has been in lockdown during the Covid-19 pandemic.

Mr Stocker continues: As one of the few leisure activities that the population has still been able to enjoy in the past year an increased number of walkers often accompanied by their pet dogs have been passing through farmland.

"Although thankfully the majority are responsible there is a small number that still allow their dogs to run through fields of livestock under little or no control, the resulting effect can be devastating, from extremely distressed sheep to severe injury and sadly, far too often death.

In addition to sheep worrying cases reported where dogs have chased and attacked sheep off of the lead but with owners present there is also a high proportion of cases where straying dogs are responsible.

To highlight this issue NSA will also encourage dog owners to be responsible and to ask themselves if they know where their dog is at all times as part of its ongoing campaign.

All survey data will be collected anonymously with the information gathered forming part of NSAs 2021 Sheep Worrying by Dogs campaign which is scheduled to run throughout 2021 to promote responsible dog ownership.

The survey is open now and available to complete at surveymonkey.co.uk/r/sheepworrying2021.

See the original post here:
NSA urges sheep farmers to take survey on livestock worrying - South West Farmer

By Brian Fung, Alex Marquardt and Geneva Sands, CNN

(CNN) -- The Biden administration is increasingly sounding the alarm over a series of newly discovered cyber intrusions that Microsoft said this week were linked to China.

"This is an active threat," White House press secretary Jen Psaki said Friday. "Everyone running these servers -- government, private sector, academia -- needs to act now to patch them."

Psaki's warnings followed a tweet by national security adviser Jake Sullivan Thursday evening that underscored how concerned the Biden administration is. He urged IT administrators nationwide to install software fixes immediately. Sullivan said the US government is monitoring reports that US think tanks may have been compromised by the attack, as well as "defense industrial base entities."

Later on Friday, the Cybersecurity and Infrastructure Security Agency underscored the risk in unusually plain language, stating in a tweet that the malicious activity, if left unchecked, could "enable an attacker to gain control of an entire enterprise network."

In a rare step, White House officials have urged private sector organizations running localized installations of Microsoft Exchange server software to install several critical updates that were released in what information security experts described as an emergency patch release.

The cybersecurity firm FireEye said Thursday it had already identified a number of specific victims, including "US-based retailers, local governments, a university, and an engineering firm."

Pentagon press secretary John Kirby told reporters Friday the Defense Department is currently working to determine if it has been negatively affected by the vulnerability.

"We're aware of it, and we're assessing it," Kirby said. "And that's really as far as I'm able to go right now."

Microsoft disclosed this week that it had become aware of several vulnerabilities in its server software being exploited by suspected Chinese hackers. In the past, Microsoft said, the hacker group responsible -- which Microsoft is calling Hafnium -- has gone after "infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs." The group in question had not been previously identified to the public, according to Microsoft.

The announcement marked the latest information security crisis to hit the US after FireEye, Microsoft and others reported a suspected Russian hacking campaign that began by infiltrating the IT software company SolarWinds. That effort has led to the compromise of at least nine federal agencies and dozens of private businesses.

But the malicious activity disclosed this week is not in any way related to the SolarWinds hack, Microsoft said Tuesday.

Microsoft typically releases software updates on the second Tuesday of each month. But in a sign of the seriousness of the threat, Microsoft published the patches addressing the new vulnerabilities which had never been detected until now -- a week early.

The Department of Homeland Security also released an emergency directive on Tuesday requiring federal agencies to either update their servers or to disconnect them. It is only the sixth such directive since the formation of CISA in 2015, and the second in three months.

"We urge network operators to take it very seriously," Psaki said of the directive. The administration is concerned there as a "large number of victims," she added.

Once the Hafnium attackers compromise an organization, Microsoft said, they have been known to download data such as address books and to gain access to its user account database.

One person working at a Washington think tank told CNN both her work and personal e-mail accounts were hit by the attackers. Microsoft sent her a warning that a foreign government was behind it. AOL sent a similar notification for the personal account.

The person was then visited by FBI agents who showed up on her doorstep, repeating that this was indeed an ongoing, sophisticated hack by a foreign government and that there is a nationwide FBI investigation underway.

The attackers had used their unauthorized access to e-mail the person's contacts, "tailoring [the messages] in a way that the recipient will not doubt I am the sender." The attackers' fraudulent emails sent in the person's name included invitations to non-existent conferences and referred to an article in her name and a book in a colleague's name, neither of which was written by them.

Each message, the person said, came with links asking people to click on them.

"This is the real deal," tweeted Christopher Krebs, the former CISA director. "If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03."

In its own advisory, CISA urged network security officials to begin looking for evidence of intrusions as far back as September 2020.

The US government's unusually public response to the incident was a surprise to many experts, a reflection of both the Biden administration's focus on cyber issues compared to the Trump White House as well as the scale of the threat.

"Is this the first time the National Security Advisor has promoted a specific patch?" John Hultquist, the vice president of FireEye's Mandiant Threat Intelligence arm, wondered aloud.

"When you wake up to the [National Security Advisor] and [Press Secretary] tweeting about cyber," National Security Agency communications official Bailey Bickley tweeted from her personal account, appending a "starstruck" emoji and quoting Sullivan's tweet from the night before.

CLARIFICATION: This story has been updated to reflect NSA official Bailey Bickley was tweeting on her personal account and not speaking for the NSA.

The-CNN-Wire & 2018 Cable News Network, Inc., a Time Warner Company. All rights reserved.

See the original post:
White House warns of 'active threat' from Microsoft email hackers - WDJT