cybersecurity

now browsing by tag

 
 

#mobilesecurity | #android | #iphone | Trusted Platform Module (TPM) Market Growth Insight Analysis 2020-2026 – Cole Reports | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

The “Trusted Platform Module (TPM) Market” research report enhanced worldwide Coronavirus COVID19 impact analysis on the market size (Value, Production and Consumption), splits the breakdown (Data Status 2014-2020 and 6 Year Forecast From 2020 to 2026), by region, manufacturers, type and End User/application. This Trusted Platform Module (TPM) market report…

The post #mobilesecurity | #android | #iphone | Trusted Platform Module (TPM) Market Growth Insight Analysis 2020-2026 – Cole Reports appeared first on .

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #mobilesecurity | #android | #iphone | Trusted Platform Module (TPM) Market Growth Insight Analysis 2020-2026 – Cole Reports | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#computersecurity | #comptia | Ageing devices biggest threat to cybersecurity as work from home becomes norm – | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

The IT companies are contemplating over extending this arrangement even after COVID-19 infections reduce. But, most companies agree to cybersecurity threat being a sword hanging over their heads

Rukmini Rao        Last Updated: June 10, 2020  | 18:54 IST

KEY HIGHLIGHTS:

  • In 2019, network infra assets of 47.9% businesses aged or turned obsolete
  • Ageing and obsolete devices in technology sector at 59.6%
  • Redirection of spend towards cloud services is resulting in decreased investment

Various sectors across the globe are slowing and in a staggered fashion opening up after nearly five months of lockdown, perhaps with the only exception of information technology sector, which adapted to a different working model to tide over the crisis. The IT companies are contemplating over extending this arrangement even after COVID-19 infections reduce. But, most companies agree to cybersecurity threat being a sword hanging over their heads. However, a recent report by NTT Ltd shows the root cause of cybersecurity threat having substantially increased is perhaps the obsolete or ageing devices.

“The assets of 47.9 per cent  organisations were ageing or turning obsolete as a weighted average, representing a significant surge from 2017, when this figure was just 13.1 per cent. Both connectivity and security are being compromised by enterprises leaving obsolete devices on the network,” the report  said. While the industry average in the use of obsolete and ageing devices is 47.9 per cent, public sector leads the way with 61.7 per cent, and surprisingly close second is the technology sector with 59.6 per cent of devices either ageing or turning obsolete. On an average, an obsolete device has twice as many vulnerabilities per device (42.2 per cent) compared to ageing (26.8 per cent) and current devices (19.4 per cent). Interestingly, the report says that around 2015-16,  businesses started investing and deploying new technology and spending on new devices peaked in 2017 when there were 86.9 per cent of organisations with current (latest) devices. Even as adoption of new wireless infrastructure is on the rise, with an average increase of over 13 per cent year-on-year, ageing and obsolete devices create security vulnerabilities and put businesses at risk of cyber attacks with people logging in from co-working spaces and remote work locations.

One of the biggest reasons behind the lower investment in  on-premises infrastructure, according to report, is the growth in cloud spend outpacing that in overall IT spend. This is what is leading to lower investments. Cloud adoption and spend were predicted to grow at a faster rate and in the region of 21-25 per cent CAGR until 2023. “The increase in on-premises, ageing and obsolete devices is partially due to a redirection of spend towards Software-as-a-Service (SaaS) and other cloud services, which results in a decrease in investment in on-premises infrastructure. However, we anticipate that there will be a significant increase in people working from home, even after pandemic reduction measures are lifted,” the report said.

Also Read: Coronavirus treatment cost: Tamil Nadu hospitals can’t charge above Rs 15,000 a day

Also Read: Vizag gas leak: Andhra govt forms committee to probe incident; seeks report by June 22

Source link

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

Posted in Computer Security, Hacking, Network Security, News Wire

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #computersecurity | #comptia | Ageing devices biggest threat to cybersecurity as work from home becomes norm – | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberdegense | #computerhacking | GDPR Working from Home Checklist in The Light Of COVID-19 – | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

Working from home in this pandemic period? Check some risk associated with it and Follow this step by step checklist that organizations need to take…

By Susan Alexandra, Contributing Writer

EU General Data Protection Regulation (GDPR) imposes strict checks and balances for any mishandling or accidental leakage of personal data. Companies and businesses have to take some mandatory measures to maintain GDPR compliance. The responsibility of the organizations for protecting data turns multifold in the current situation of work from home.

Risks of Working from Home

COVID-19 has forced the corporate industry to opt for remote working in place of an office setting. This has increased the risk of a data breach. The major causes of this increase in risk are:

  • Work from home means that several devices are connected to the company’s database. This increases the chances of data theft and leakage.
  • The flow of data to and fro the company’s system is carried out through multiple networks with varying security levels. This eases the work of predators and cybercriminals.
  • Most of the employees working in a traditional setting are not familiar with the usage of online tools. This increases the chances of human error and the mishandling of data.
  • Unprotected devices are always an easy target for phishing emails and malware. Just one risky device or a single random click by any employee can risk the whole system.

Checklist for GDPR Compliance

Here are some necessary measures that your company or organization must take, especially in this current situation of remote working, to maintain their compliance with GDPR.

  • The company must update its privacy policy for employees working from home.
  • New agreements must be made with third parties and outside vendors to maintain compliance with GDPR.
  • All the employees should be provided with secured devices by the company.
  • If employees are using their own devices, they must be well protected with an up to date version of antimalware and firewall.
  • The encrypted network is a must for data security. Therefore, the company should provide VPN protected Wi-Fi devices to all the employees working from home.
  • If the employees are using their own Wi-Fi, they must be restricted to use password-protected Wi-Fi only. They must avoid using shared or public Wi-Fi for accessing and sharing the company’s data.
  • Limit access to important files and data.
  • Two-factor authentication must be used for allowing access to the company’s database.
  • All the tools and software used for communicating and data transfer must be encrypted.
  • Employees must be asked to limit their online activities on the devices that are used for accessing the company’s database.
  • Employees must be restricted from sharing any details and passwords with unauthorized people. The company’s data should not be shared with anyone, not even with the family members.
  • Employees must be trained for the usage of online tools and software to decrease the chances of human error.
  • Employees must also be educated about online safety and how to stay safe from phishing emails and invading malware.
  • Companies should have a proper IT infrastructure to monitor remote devices connected with their system.
  • Notifications must be set to get an alert in case of any security risk from any device connected with the system. This device should be immediately removed from the system and denied access for the time being.
  • Companies must have taken Data Processing Impact Assessment (DPIA) to detect any issue in the security system.
  • If there are any loopholes in security, they must be dealt with on an urgent basis.
  • Companies must have prepared an alternate plan in case of a data breach.
  • Employees must also be trained to urgently deal with any security issue at their end.

These are some crucial steps that every organization must take to maintain GDPR compliance and avoid any fines by GDPR. According to a report by PrivacyAffairs, “the total number of GDPR fines are 256 yet”.

Maintaining GDPR compliance has become challenging for organizations in this work from home situation. GDPR is detecting more data breaches than ever and is actively imposing fines on the companies not following a proper data security regime. The time demands companies to be extra vigilant about their data security. They must revise their policies and devise new strategies for safer handling and storage of confidential and crucial data.

About the Author

Susan Alexandra Author

Susan Alexandra is an independent contributing author at SecurityToday and Tripwire. She is a small business owner, traveler, and investor in cryptocurrencies.

Source link

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #cyberdegense | #computerhacking | GDPR Working from Home Checklist in The Light Of COVID-19 – | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

| Denies IPR in Apple v Fintiv | #iphone | #ios | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

The Patent Trial and Appeal Board’s (“PTAB”) institution rate for inter partes reviews (“IPRs”) has fallen virtually every year.  In its recent decision in Apple, Inc. v. Fintiv, Inc. issued on May 13, 2020, the PTAB denied institution of Apple’s petition for IPR and set forth a new test for determining whether to institute an IPR based on the status of the underlying district court proceedings, which suggests that institution rates may continue to fall.

Ever since inception of the AIA, the institution rate of IPRs has declined significantly almost every year.  According to published PTAB statistics, the institution rate has fallen from a high of over 87% in 2013 to a low of 63% in 2019 and is only 55% so far in 2020.[1]  An analysis of the data reveals that the driving force behind the falling IPR rate appears to be the recent and dramatic increase in the rate of discretionary denials under 35 U.S.C. §314(a).  Under that statute, an IPR may not be instituted unless there is a “reasonable likelihood that the petitioner would prevail” on at least one patent claim challenged in the petition.[2]  Over the past four years, discretionary denials have increased from only 5 petitions denied under §314(a) in 2016 to 75 petitions denied under §314(a) in 2019.[3]  That number is expected to more than double in 2020.[4]

A recent decision by the PTAB is a good illustration of the PTAB’s exercise of its broad discretion to deny institution under §314(a) in view of the advanced stage of the underlying district court proceeding.

In a landmark decision designated as precedential or binding, the PTAB recently exercised its discretion under §314(a) to deny institution of an IPR petition filed by Apple against Fintiv, Inc., a company that develops mobile commerce platforms to support mobile marketing and mobile payments.[5]  In Apple, the PTAB announced and applied a new six-factor test to be used in determining whether to deny institution based on the advanced status of the underlying district court case.  Technically, the six factors were articulated in the PTAB’s order authorizing supplemental briefing on whether to grant a discretionary denial a couple months earlier,[6] and a different list of non-exclusive factors was set forth in General Plastic Co., Ltd. v. Canon Kabushiki Kaisha,[7] but the present six-factor test was not designated as precedential until the PTAB’s May 13, 2020 decision.  In any event, the parties’ dispute began when Fintiv filed suit against Apple for patent infringement in the Western District of Texas.[8]  Apple filed its IPR petition ten months later, and the parties were in the relatively early stages of discovery when the PTAB issued its decision.  In denying institution, the PTAB announced and considered the following six factors: (1) whether the District Court had granted a stay or evidence exists that the Court would grant a stay if the IPR were instituted; (2) the proximity of the court’s trial date to the PTAB’s expected deadline for a final decision in the IPR proceeding; (3) the investment by the parties and the court in the district court proceedings; (4) the degree of overlap between the issues raised in the IPR and the district court case; (5) whether the parties in the two proceedings are the same; and (6) any other factors that might affect the Board’s discretion, including the merits of the IPR petition.[9]

First, the PTAB observed that neither party had requested a stay pending the IPR and “declined to infer” whether a stay would be granted if the IPR were instituted, which did not weigh for or against institution.  Second, the PTAB noted that trial in the district court was expected to occur two months before the Board’s deadline for a final decision in the IPR proceeding, which weighed in favor of a discretionary denial.[10]  Third, even though fact discovery was only “in its early stages, with document production ongoing and depositions just getting underway,” the PTAB noted that the district court had issued a Markman ruling, and the parties had exchanged their final infringement and invalidity contentions.[11]  Based on the parties’ investment in the district court case, the PTAB considered this factor to weigh “somewhat in favor” of a discretionary denial.[12]  Fourth, although Apple had raised additional invalidity contentions in the district court case that were not at issue in the IPR, the PTAB reasoned that the assertion of additional invalidity contentions in the District Court is “not relevant to the question of the degree of overlap.”  Instead, because the identical patent claims were challenged in both proceedings, and because “same [prior] art” was presented in both proceedings, this factor weighed in favor of discretionary denial.[13]  Fifth, because Apple and Fintiv were parties in both proceedings, this factor also weighed against institution.  Finally, the PTAB’s “initial inspection” of Apple’s petition revealed “certain weaknesses,” such as where the prior art disclosed certain steps and other claimed features.  In conclusion, the PTAB determined that the balance of factors weighed in favor of discretionary denial and that “efficiency is best served by denying institution.”[14]

Takeaways:  Discretionary denials under §314(a) are increasing.  Patent owners seeking to defeat institution of IPR petitions may wish to emphasize the weaknesses in the merits of the IPR petition and argue that the denial of institution will save judicial and party resources.  On the other hand, IPR petitioners may wish to file their petitions sooner and not wait the full twelve-month statutory period allowed before filing their IPR petition in order to give the district court proceedings less time to reach an advanced state.  Additionally, petitioners may wish to challenge more or different patent claims in the IPR than challenged in the district court case to reduce the degree of overlap between the IPR and district court proceedings.  For the same reason, petitioners seeking institution may also wish to assert additional or other invalidity contentions, prior art or prior art combinations in the IPR petition in order to reduce the degree of overlap between the IPR and district court proceedings.


FOOTNOTES

[1] https://www.uspto.gov/sites/default/files/documents/trial_statistics_20200331.pdf.

[2] 35 U.S.C. §314(a).

[3] https://www.unifiedpatents.com/insights/2020/5/13/ptab-procedural-denial-and-the-rise-of-314?utm_source=Unified+Patents+Newsletter&utm_campaign=ca8294e39b-EMAIL_CAMPAIGN_2019_10_02_08_16_COPY_01&utm_medium=email&utm_term=0_5140119467-ca8294e39b-124506621

[4] Id.

[5] Apple, Inc. v. Fintiv, Inc., IPR2020-00019, Paper 15 (PTAB May 13, 2020).

[6] Apple, Inc. v. Fintiv, Inc., IPR2020-00019, Paper 11 at 5 (PTAB March 20, 2020).

[7] IPR2016-01357, Paper 19 at 15-16 (precedential) (PTAB Sep. 6, 2017).

[8] Id. at 8.

[9] Id. at 7-8.

[10] Id. at 13.

[11] Id. at 14.

[12] Id.

[13] Id. at 15.

[14] Id. at 17.

Copyright © 2020, Sheppard Mullin Richter & Hampton LLP.

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

.  .  .  .  .  .  . .  .  .  .  .  .  .  .  .  .   .   .   .    .    .   .   .   .   .   .  .   .   .   .  .  .   .  .

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post | Denies IPR in Apple v Fintiv | #iphone | #ios | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#mobilesecurity | #android | #iphone | Israel to cease using mobile phone tracking to monitor Covid-19 patients | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

[ad_1]

The ministerial committee in charge of combating Covid-19 decided on Monday not to submit to a parliamentary vote a bill authorizing the continued use of phone surveillance technologies by the Israel Security Agency, also known as Shin Bet, to track suspected Covid-19 cases.   The bill is still…

The post #mobilesecurity | #android | #iphone | Israel to cease using mobile phone tracking to monitor Covid-19 patients appeared first on .

[ad_2]

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #mobilesecurity | #android | #iphone | Israel to cease using mobile phone tracking to monitor Covid-19 patients | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Accelerator Program for Early-Stage Innovations in Water: An Akamai India CSR Flagship Initiative

Source: National Cyber Security – Produced By Gregory Evans

Written by Neha Jain, Co-Chair of India’s CSR Board

Continuing in our commitment to sustainability, Akamai is excited to announce the launch of our accelerator program supporting innovators and building solutions to address India’s water challenges. A concerted effort by the Akamai India leadership team, the accelerator program is being launched at a time when we are witnessing a rising demand for water globally, caused by exponential population growth coupled with a changing climate that is making rainfall less predictable. Closer to home, here in Bangalore, India, we are witnessing the impact of rapid urbanization on our water resources like never before.

From our past experience with Corporate Social Responsibility (CSR) initiatives and supporting social purpose organizations in India, our India leadership team was eager to build a program that has a strong focus on impact and also reflects Akamai’s core values of innovation, technology, and sustainability. After exploring various thematic areas, we selected water — spanning water conservation, groundwater recharge, water quality, efficient use of water resources, and water governance — all calling for the sustainable management and use of India’s scarce water resources.

After analyzing the available solutions and gaps, we realized that a critical area of need is for solutions that require support with refinement of their products, and ideas allowing for higher market-readiness and scale. We are excited to be a catalyst in this ecosystem and join forces with the Indian Institute of Technology Madras (IIT Madras) — one of India’s premier academic institutions — in this endeavor. IIT Madras has supported over 200 startups through its incubation programs and also houses the International Centre for Clean Water (ICCW), a first of its kind, in-house centre in India, exclusively set up to focus on supporting water innovations.

Together with our accelerator partner, we are excited to embark on this journey, and you will hear more from us and our grantees soon! 

Stay tuned for more updates.

*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Courtney Hadden. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/1RQSs56DbK8/accelerator-program-for-early-stage-innovations-in-water-an-akamai-india-csr-flagship-initiative.html

Source link

The post #cybersecurity | #hackerspace |<p> Accelerator Program for Early-Stage Innovations in Water: An Akamai India CSR Flagship Initiative <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | DEF CON 27 Monero Village – Francisco Cabanas’ ‘Critical Role Of Min Block Reward Trail Emission’

Source: National Cyber Security – Produced By Gregory Evans

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via the DEF CON Conference YouTube Channel for all to see, enjoy and learn.

Permalink

The post DEF CON 27 Monero Village – Francisco Cabanas’ ‘Critical Role Of Min Block Reward Trail Emission’ appeared first on Security Boulevard.

Source link

The post #cybersecurity | #hackerspace |<p> DEF CON 27 Monero Village – Francisco Cabanas’ ‘Critical Role Of Min Block Reward Trail Emission’ <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | DEF CON 27 Monero Village – Jeremy Gillula PhD: ‘Encrypting The Web Isn’t Enough’

Source: National Cyber Security – Produced By Gregory Evans

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via the DEF CON Conference YouTube Channel for all to see, enjoy and learn.

Permalink

The post DEF CON 27 Monero Village – Jeremy Gillula PhD: ‘Encrypting The Web Isn’t Enough’ appeared first on Security Boulevard.

Source link

The post #cybersecurity | #hackerspace |<p> DEF CON 27 Monero Village – Jeremy Gillula PhD: ‘Encrypting The Web Isn’t Enough’ <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Signal Sciences Introduces Advanced Rate Limiting for Fast, Easy Protection Against Advanced Web Attacks

Source: National Cyber Security – Produced By Gregory Evans

Signal Sciences is excited to announce the availability of new advanced rate limiting features that extend our customers’ ability to detect and stop abusive behavior at the application and API layer.

Over the past several weeks as part of our early access program, we piloted advanced rate limiting in real-world production environments and stopped major attacks for customers from major retailers with large-scale e-commerce operations, financial services firms with mission-critical applications to major online media companies that stream video content to hundreds of millions of users monthly.

The Value of Intelligent Rate Limiting to Protect Applications

The primary objective of rate limiting is to prevent apps, APIs and infrastructure from being exploited by abusive request traffic, much of it originating from automated bot operators. Stopping this traffic from reaching your app and API endpoints means availability, reliability and a satisfying customer experience.

Up to this point, customers have used the Advanced Rules capability of our next-gen WAF to monitor and block web request traffic that attempts to carry out application denial-of-service attacks, brute-force credential stuffing, content scraping or API misuse.

Advanced rate limiting from Signal Sciences stops abusive malicious and anomalous high volume web and API requests and reduces web server and API utilization while allowing legitimate traffic through to your applications and APIs.

With our new advanced rate limiting capability, Signal Sciences customers can leverage the ease of use, effective defense and precise blocking they’ve come to expect from our next-gen WAF and RASP solution. In addition to out-of-the-box protection, they also gain immediate insight and understanding of the traffic origins and can take granular custom actions by:

  • Creating application-specific rules to prevent app and API abuse
  • Defining custom conditions to block abusive requests
  • Identifying and responding to a real-time list of IPs that have been rate limited
  • Taking action on the identified source IP addresses with one click

How Signal Sciences Advanced Rate Limiting Works

Leveraging our award-winning app and API web protection technology, advanced rate limiting provides intelligent controls to reduce the number of requests directed at key web application functions such as credit card validation forms, forgot password fields, email subscription sign-ups, gift card balance checkers and more.

Signal Sciences makes it easy to create application-specific rate limiting rules. One-click actions enable further control over automated volumetric web requests.

Our technical approach for this new capability was informed by the expertise our company has gained from protecting over a trillion web requests monthly. This experience shows us that web requests that result in application abuse can blend in with legitimate traffic. Signal Sciences advanced rate limiting is designed to identify such traffic and prevent individual IPs from causing app abuse.

Take the next step and effectively stop and manage abusive traffic

We invite you to learn about other common attack scenarios that customers use advanced rate limiting to thwart and how easy it makes stopping and managing the attack origin traffic: download the rate limiting data sheet or request a demo today.

The post Signal Sciences Introduces Advanced Rate Limiting for Fast, Easy Protection Against Advanced Web Attacks appeared first on Signal Sciences.

*** This is a Security Bloggers Network syndicated blog from Signal Sciences authored by Brendon Macaraeg. Read the original post at: https://www.signalsciences.com/blog/signal-sciences-introduces-advanced-rate-limiting-protection-against-advanced-web-attacks/

Source link

The post #cybersecurity | #hackerspace |<p> Signal Sciences Introduces Advanced Rate Limiting for Fast, Easy Protection Against Advanced Web Attacks <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | Rogers’ vendor leaves database open

Source: National Cyber Security – Produced By Gregory Evans

A third-party service provider to Rogers Communications left open a database used for marketing purposes, exposing customer PII.

The Canadian telecom provider did not name the firm involved, nor the number of people affected, but reported that the incident was uncovered on Feb. 26, 2020 and involved the service provider leaving a database open to the public for an unspecified amount of time.

The third-party vendor, which handles promotional offer fulfillment for Rogers, exposed customer names, addresses, account numbers, email addresses and telephone numbers. No payment card information nor login credentials were involved.

The data that was exposed can cause a great deal of harm to its owners as cybercriminals can use it to create well-crafted phishing emails from which they may be able to extract even more valuable personal data.

Original Source link

The post #cybersecurity | hacker | Rogers’ vendor leaves database open appeared first on National Cyber Security.

View full post on National Cyber Security