Category Archives: Uncategorized
Meet our new member! We’re excited to welcome Nara Ringrose, Head of People and Organisational Development of Aquila Nuclear Engineering to Forbes Human Resources Council.Forbes Human Resources Council is an invitation-only community for senior-level human resources leaders. Find out if you qualify: https://hubs.li/Q01q27s20
Glo Nigeria 1GB Daily Cheat For EC Tunnel PRO VPNIt’s time for us to enjoy another free browsing on the Glo network yet again but this time around, it is not unlimited, as it is capped at 1GB per day which in my opinion is a very good one.𧲠@Entclasschannel
talentrator new look.
White House Reports on Federal Cybersecurity ProgressA newly released White House fact sheet highlights national cybersecurity efforts and plans, including around cybersecurity labels for consumer IoT, international ransomware-fighting collaborations and more.October 12, 2022 by News StaffThe federal government is holding discussions this month over how to develop cybersecurity labels for routers, home cameras and other consumer IoT devices. The goal is to help buyers understand how safe the products really are. Also on Octoberâs federal cyber agenda: meeting with international partners over efforts to combat ransomware.The White House announced these and other initiatives in an Oct. 11 fact sheet.The document addressed many of the goals President Joe Biden outlined in his May 2021 executive order on national cybersecurity. It overviewed the U.S.âs progress on efforts like boosting federal best practices, growing the cyber workforce and advancing research into quantum-resistant encryption.President Bidenâs May 2021 Executive Order on âImproving the Nationâs Cybersecurityâ called for giving the public more control over their risk exposure, by marking consumer IoT products with labels indicating how cyber secure the offerings are.The White House now plans this month to bring together private companies, associations and government entities to discuss how to develop such a marking. The ultimate goal is for âa common label for products that meet U.S. Government standards and are tested by vetted and approved entities,â yesterdayâs fact sheet said.Along with Bidenâs executive order, May 2021 also brought an influential ransomware report. The Institute for Security and Technology (IST)-coordinated Ransomware Task Force published a report detailing the global nature of the ransomware ecosystem and recommending steps to combat the threat.Roughly a year and a half later, the White House fact sheet tracks progress. Among the highlights: The International Counter-Ransomware Initiative (CRI), which the federal government launched in 2021 to boost international collaboration and which convenes again Oct. 31-Nov. 1.Federal actors also sought to make cyber extortion less profitable and more painful by disrupting the flow of ransom and taking stronger responses. It sanctioned several cryptocurrency mixers commonly used by ransomware actors, extradited and jailed some individual perpetrators, and sanctioned cyber actors believed involved in the SolarWinds attack, the fact sheet notes.The U.S. has been turning to international partners to address other cyber issues as well. Thatâs included efforts to establish and enforce cyber norms, something the White House says it supported by criticizing and âimpos[ing] costsâ on Iran when the government crossed the line by launching cyber attacks against Albaniaâs government. The White House also pointed to âa new virtual rapid response mechanism at NATO to ensure Allies can effectively and efficiently offer each other support in response to cyber incidents.âGOVERNMENT SECURITY, CRITICAL INFRASTRUCTUREThe federal government has also looked to secure its own house, requiring multifactor authentication on all its systems â something promised under the May executive order â and creating a strategy for adopting zero trust.Newer requirements also limited federal agencies to only procuring software that has security features. That move is intended to protect government as well as prompt vendors to raise all their products to that level, regardless of customer base.Funding like the State and Local Cybersecurity Grant Program, meanwhile, are expected to help other levels of government strengthen their cybersecurity postures.The White House also touted efforts to reach beyond the public sector. That includes promoting basic cyber hygiene and threat understanding among the private entities that own and operate much of the nationâs critical infrastructure. Thus far, thatâs seen outreach to the banking, health care, transportation and water sectors.BUILDING THE FUTURE: WORKFORCE & RESEARCHCyber talent shortages remain a pressing issue, and high among state CISOsâ concerns, according to a NASCIO report out this week. The White House said it is striving to build the workforce, with aims to create more pathways into cyber jobs and bring more diversity to the field. A 120-day Cybersecurity Apprenticeship Sprint launched in July 2022 aims to support such efforts.The federal government also âmore than doubledâ investments into quantum research and development, in efforts to stay competitive in the space and get ahead of threats. That includes efforts to develop and deploy forms of cryptography designed to resist cracking by any forthcoming quantum computers.
Join our Emerging Political Leaders Fellowship 2022 Cohort Fellows in an Open Mic Conversation on the topic: Towards Economic Diversification: Moving Nigeria from Consumption to Production.This conversation will happen LIVE on Facebook Live – @eplfellowship at 7pm, tomorrow.The Moderators are:Stephen DanielBernice AbekuJoseph EffiongDon’t miss out! We know itâs going to be insightful!đĽFollow Emerging Political Leaders Fellowship on Facebook and turn on notification, in order not to miss this!#2022EPLFellowship #2022EPLFellows#EPLF2022 #2022EPLFELLOWS #facebooklive
10 Cybersecurity Threats That Should Be Top Of Mind For All CompaniesFrom hybrid attacks to fake LinkedIn phishing emails, experts outline what they consider some of the major and emerging cybersecurity threats.October 7, 2022 by Jay FitzgeraldThey seemingly come in all shapes and sizes, 24/7, preying on both big and small victims, all across the world.Weâre talking, of course, about various forms of cyberthreats around the globe. Some threats are old, some are new, and some are new mutations of the old.Cyberthreats are constantly evolving, with cyberintruders often reacting to the digital defenses thrown up by cybersecurity companies and coming up with new tactics and vectors to get around them.As part of CRNâs Cybersecurity Week 2022, CRN recently talked to threat experts at two cybersecurity companiesâJohn Fokker, head of threat intelligence at Trellix and a member of the new Trellix Advanced Research Center, and Martin Zugec, technical solutions director at Bitdefenderâabout some of cyberthreats theyâre seeing out there.The two companies also submitted written descriptions of threats as they see them. In addition, CRN relied on examples of other threats from cybersecurity vendors Nexusguard and Check Point Software Technologies.âRansomware is kingâFrom Trellix Advanced Research Center: âThe ransomware landscape is changing since the arrests of REvil members earlier this year, and subsequent leak of Contiâs chats (research on REvil and Conti). Through the study of these actors, weâve seen significant growth in cybercrime operationsâwith these groups functioning as full-blown enterprises with HR, call centers, and more. Since earlier this year, weâve seen ransomware payments decrease, which is a positive. With new groups leading activity, the threat of ransomware is changing, but it will not go away. We expect to see continued and increased hits on smaller organizations and sectors like education.âIn an interview with CRN, Trellixâs Fokker said ransomeware is merely a form of âdigital extortion.â And he added: âI think that it is here to stay,â though ransomware tactics and targets might change over time.From Trellix Advanced Research Center: âIn the wake of the Conti leaks, we saw that cybercriminal groups have publicly pledged their allegiance to governments and are suspected to even be acting on behalf of governments with some of their activity. The blurring of activity between cybercriminals and nation-state actors makes planning for cyberthreats even more important to organizations, as the information a common ransomware actor is often after is different than that of a nation-state or APT group (research on Russia and China).âTrellixâs Fokker said another blurring of the lines has occurred via threat actors acting like contractors bidding out their services to nation states. âIt is not necessarily mercenaries, but there are organizations that offer certain types of services or exploits to other countries,â he said. From Trellix Advanced Research Center: âNearly half (46 percent) of advanced persistent threat (APT) activity monitored appears to originate from Russian- and Chinese-backed groups. So, weâre also seeing more and greater efforts among nation states in the areas of espionage, warfare and disinformation to achieve their geopolitical objectives (research in Organizations and Nation-State Cyber Threats report).âOther nation states engaged in cyber attack include North Korea and Iran, according to numerous published reports.But Fokker said heâs always hesitant to name other nation-state players until his own Trellix researchers can confirm claims of suspicious cyberactivity by other nations. âWhen either the DOJ and or the UK or Western party attribute a certain attack to a (nation-state) threat actor and we have the same data that that concludes the same thing, then weâll be more confident and saying OK,â he said.âVulnerabilities in frameworks and software supply chain threatsâ From Trellix Advanced Research Center: âWeâve had two great wake-up calls (Solar Winds and Microsoft Hafnium) which triggered business and government organizations to rethink software, supply chains, and security overall. The 2021 Log4J security flaw and follow-on exploits reminded us there will always be bad actors working tirelessly to identify and take advantage of software vulnerabilities. Our team recently found vulnerabilities in Python in the Windows implementation of eBPF which demonstrate the importance of identifying and correcting vulnerabilities in frameworks to protect the software supply chain, especially important since nation-state actors like China and Russia will launch dangerous and potentially catastrophic software supply chain attacks on both government and corporate networks.ââIncrease in threats targeting agriculture, food supply, utilities and other critical infrastructureâFrom Trellix Advanced Research Center: âThreats to critical infrastructure arenât new, but they continue to be a problem for organizations to defend against. The overlap of operational technology (OT) with IT, and the often outdated nature of systems like Industrial Control Systems and Building Access Control Systems makes them easy targets (link to our research into ACS). Weâre seeing more public reporting on threats to farming, agriculture and our food supply.âA number of other cybersecurity experts have expressed concern about the security vulnerabilities surround key industries or emerging industries, such as autonomous-driving cars and private and public space flights. Trellixâs Fokker added his concerns about AI and facial-recognition technologies.âThreats to MSPs/MSSPsâFrom Trellix Advanced Research Center: âThe attack on Kaseya was in many ways a wake-up call for law enforcement to arrest members of REvil. We expect MSPs and other business services to see increased threats to their business (research into threats to business services).âTrellixâs Fokker told CRN that more and more companies are turning over their security operations to outside companies such as MSPs and MSSPs and so those channel players make a tempting target for cybercriminals. âItâs a lucrative target,â Fokker said, noting threat actors can theoretically get at more customers if they attack through MSPs and MSSPs. âItâs like a force multiplier for attackers.ââVulnerability exploitsâFrom Bitdefender: âThreat actors are using automated scanners to locate vulnerable services exposed to the internet. Unfortunately, this is still an effective method, and threat actors have a wide range of available vulnerabilities (and targets that are slow with patching). Log4j is a widely popular open-source library that contained a remote code execution vulnerability. This vulnerability was immediately exploited by cybercriminals â in many cases, they only planted a backdoor and fixed the vulnerability to prevent other threat actors from compromising the same network. Another popular target is Microsoft Exchange â with a range of vulnerabilities known as ProxyShell, ProxyLogon, and recently discovered ProxyNotShell. In the last year, the number of security breaches caused by these vulnerabilities has doubled (source: Data Breach Investigations Report).âIn an interview with CRN, Martin Zugec, technical solutions director at Bitdefender, said heâs seen these types of attacks doubling over the past year.From Bitdefender: âHybrid attacks are a type of opportunistic attack where automated scanners look to find vulnerable systems, identify the vulnerability remotely, and then, if successful, switch to hands-on hacking rather than deploying malware. The initial compromise does not always mean that a hack will take place; the vulnerabilities are triaged by a human operator to determine if itâs worth upscaling the attack. You can read more in the intro to Bitdefenderâs Deep Dive into a Corporate Espionage Operation.âIn an interview with CRN, Bitdefenderâs Zugec said cyberattackers are literally building automated scanners. âThey just release it on the internet, identify vulnerable systems and after they get inside, thatâs pretty much it,â he said.DDoS attacks on the riseNexusguard, a cloud-based DDoS solution provider, reports distributed denial-of-service (DDoS) attacks increased in the first half of the year by 76 percent, compared to the same time period in 2021. However, in a press release, the company did note that the average (0.59 Gbps) and maximum (232.0 Gbps) attack sizes each decreased by 56 percent and 66.8 percent, respectively, during the same time period.Others are confirming that DDoS attacks are on the rise in general. Btw: the most recent notable DDoS attack occurred early this month during the launch of Overwatch 2, one of the biggest games of the year, as TechCrunch reports.LinkedIn-themed phishing emailsThose with a LinkedIn account, beware. In the second quarter of 2022, LinkedIn remained the top brand used by cyberhackers in phishing attempts, according to cybersecurity vendor Check Point. Itâs the second quarter in a row that LinkedIn has had the dubious honor of being the brand of choice for hackers.But LinkedIn is far from the only brand hackers like to use to lure people into a false sense of security. Thereâs been a noticeable increase in the fake use of Microsoft and DHL brands in phishing attacks, according to Check Point. Others brands that hackers are using in phishing attacks include those of Adidas, Adobe and HSBC, according to Check Point.  Â
Today we’re excited to launch AIHFV in Edo_State.
We look forward to continuing this journey with you all.
Artificial cybernet updates. info 