Tag Archive : Security

/ Security

Activating validation services for route origin, TWNIC continues to safeguard Internet routing security with RPKI

People are growingly reliant on the Internet for work, school and daily activities. The impact to people’s life will be unthinkable should the Internet suddenly stop working. Border Gateway Protocol (BGP) is one of the key elements that allow the Internet to maintain smooth operation. BGP hijacking, whether as a result of intentional attack by hackers or unintentional configuration errors, causes disruption to Internet services and even threats to information security. There can be serious consequences, so every government agency, private corporation and individual are obligated to prevent this from happening.

The Taiwan Network Information Center (TWNIC) has been actively promoting Resource Public Key Infrastructure (RPKI) with an aim to enhance Internet routing security since the official signing of TWNIC RPKI Certificate Authority (CA) with the Asia Pacific Network Information Center (APNIC) on September 28,

Read More

Development teams can accelerate delivery with universal package management, DevSecOps tools and cloud-native CI/CD solutions across major cloud providers

The JFrog Platform Free Subscription

JFrog launches a free subscription to its Multi-Cloud DevOps platform with built-in open source security scanning.
JFrog launches a free subscription to its Multi-Cloud DevOps platform with built-in open source security scanning.
JFrog launches a free subscription to its Multi-Cloud DevOps platform with built-in open source security scanning.

SUNNYVALE, Calif., Oct. 13, 2020 (GLOBE NEWSWIRE) — JFrog, the liquid software company, today announced the general availability of a free subscription of its universal, hybrid and multi-cloud DevOps Platform, including industry-leading DevSecOps capabilities offered at no cost.

The JFrog Platform is used by some of the largest enterprises in the world to streamline and accelerate their delivery. Available on all major public cloud providers—AWS, Microsoft Azure, and Google Cloud Platform— and across 18 cloud regions, the free subscription of the JFrog Platform includes:

  • JFrog Artifactory, a universal software package (binary) management

Read More

Request Payment Method and Multi-Factor Authentication are among the new features which can lower PCI scope and strengthen client confidence.

ClientPay (clientpay.com), an award-wining digital payment acceptance solution for legal and professional services firms, has announced enhanced security features designed to help firms operate more securely, with reduced liability and lower PCI scope. These features include a Request Payment Method solution and Multi-Factor Authentication.

ClientPay has received significant recognition for its ease of use, enabling professional services firms to get paid faster and more simply while presenting a streamlined, professional experience for the firms’ clients. With ClientPay, firms have the technology they need to ensure they can meet the most rigorous PCI-SSC Data Security Standards. These enhanced security features give firms even more tools to ensure they are keeping their clients and firm safe while eliminating PCI scope. Not having these features means more compliance red tape, more risk of

Read More

NEWS HIGHLIGHTS

Software vendors are often distributing their wares on virtual appliances with exploitable and fixable vulnerabilities, and running on outdated or unsupported operating systems:

  • The Orca Security research study found 401,571 total vulnerabilities in scanning 2,218 virtual appliance images from 540 software vendors.

  • The research has started to move the cloud security industry to a safer future. Since alerting vendors of these risks, 287 products have been updated and 53 removed from distribution, leading to 36,938 discovered vulnerabilities being addressed.

  • For example, Dell EMC issued a critical security advisory; Cisco published fixes to 15 found security risks; and IBM, Symantec, Kaspersky Labs, Oracle, Splunk, ZOHO and Cloudflare all removed outdated or vulnerable virtual appliances.

The “Orca Security 2020 State of Virtual Appliance Security” report found that as evolution to the cloud is accelerated by digital transformation across industries, keeping virtual appliances patched and secured has fallen behind. The report

Read More

Come April 13 next year, home routers will have to meet new security requirements before they can be put up for sale in Singapore. These include unique login credentials and default automatic downloads of security patches. 

The new mandate is aimed at improving the security of these devices, which are popular targets amongst malicious hackers who are looking to breach home networks, according to industry regulator Infocomm Media Development Authority (IMDA). Stipulated as being part of the country’s Technical Specifications for Residential Gateways, the enhanced security requirements were finalised following an earlier consultation exercise that sought feedback from the public and industry. 

While these mandates are set to come into effect from 13 April 2021, home routers previously approved by IMDA will be allowed to remain on sale until October 12 next year.

Users of existing home routers will not need to change their current routers, but they are encouraged

Read More

A camera or a computer: How the architecture of new home security vision systems affects choice of memory technology

A long-forecast surge in the number of products based on artificial intelligence (AI) and machine learning (ML) technologies is beginning to reach mainstream consumer markets.

It is true that research and development teams have found that, in some applications such as autonomous driving, the innate skill and judgement of a human is difficult, or perhaps even impossible, for a machine to learn. But while in some areas the hype around AI has run ahead of the reality, with less fanfare a number of real products based on ML capabilities are beginning to gain widespread interest from consumers. For instance, intelligent vision-based security and home monitoring systems have great potential: analyst firm Strategy Analytics forecasts growth in the home security camera market of more than 50% in the years between 2019 and

Read More

Bitcoin and cryptocurrency use by terrorists, rogue nations and other criminals has grown in recent years—with high-profile attacks drawing international attention.

The illicit use of bitcoin and cryptocurrency ranges from money laundering and tax evasion to extortion, with cyber criminals increasingly demanding bitcoin and crypto payments in ransomware attacks on computer systems.

Now, the U.S. Department of Justice (DOJ) has warned the emergence of bitcoin and similar cryptocurrencies is a growing threat to U.S. national security, with the attorney general William Barr’s Cyber-Digital Task Force calling it the “first raindrops of an oncoming storm.”

MORE FROM FORBESNeither Trump Nor Biden Will Help The U.S. Dollar, Warns Early Facebook Exec-Calls Bitcoin An ‘Insurance Policy’

“Current terrorist use of cryptocurrency may represent the first raindrops of

Read More

With more people working from home, it’s never been more important to make your home safe from cybercriminals.

The FBI recently reported that the number of complaints about cyberattacks to their Cyber Division is up to as many as 4,000 a day.

National Cyber Security Alliance Executive Director Kelvin Coleman said it’s simple math, more people online has caused a sharp uptick in cybercrime.

He’s seen a 400% increase from what the FBI was seeing before the coronavirus pandemic.

“We wanted to have access to our files and access to our work and now we are seeing the consequences of that,” Coleman said.

He said many of us made the mistake of not beefing up our home computer security software when the pandemic forced millions of people to work from home.

Here’s Coleman’s advice for staying safe online.

Don’t put off updating security software

Pop-ups alerting users to the latest

Read More

Dueling surveys from Kaseya showed that IT department leaders share their underlings’ worries about security and productivity.

IT technician with network equipment and cables

Image: Getty Images/iStockphoto

IT infrastructure and security management company Kaseya have released a two-part report featuring insights gleaned from surveys of both IT leaders and IT practitioners. The two reports—”Technical Priorities for IT Practitioners” and “Strategic Priorities for IT Leaders”–show that members of both sides of IT departments share broad concerns on a variety of issues including data protection and security. 

The researchers behind the study spoke with 878 respondents in July 2020, more than 500 of whom were IT practitioners and 335 were IT leaders. According to the survey responses, IT leaders are more concerned with ensuring that operations are always up and running amid coronavirus-related budget shortages, while the managers and technicians working daily with technology are more focused on maintaining productivity using limited resources.

“Our 2020 IT Operations survey makes

Read More

Maj. Gen. Kim Crider said space “will become the next front of the cyber conflict”

WASHINGTON — As many as 1,000 enlisted personnel and 130 officers currently in Air Force cyber security jobs will be asked to join the U.S. Space Force, a senior official said Oct. 8.

The selected airmen from cyber security career fields also have expertise in space programs and could be transferring to the Space Force in fiscal year 2021, said Maj. Gen. Kimberly Crider, Space Force chief technology and innovation officer.

The officers and enlisted personnel were hand picked to join the Space Force as the service experiences a growing demand for cyber security talent, Crider said Oct. 8 at the CyberSatGov virtual conference.

“We worked this out very closely and carefully with our Air Force partners across the Department of the Air Force,” Crider said. These cyber experts are needed for “defensive operations,” she

Read More