their

now browsing by tag

 
 

#deepweb | Iditarod Teams Yet To Reach Nome Face Overflow, Three Mushers and Their Dogs Rescued – KNOM Radio Mission

Source: National Cyber Security – Produced By Gregory Evans

Earlier today Sean Underwood, Tom Knolmayer, and Matthew Failor requested assistance from race staff after they went through a section of trail with deep overflow from the Solomon River, outside of Nome.

According to Chas St. George, COO of Iditarod, the incident
occurred sometime last night, but the group of teams didn’t activate their
emergency beacons until about 9am this morning.

“Once that was set off, we immediately tried to find out exactly what was happening out there and that led us to realize, a few texts were exchanged and that led us to realize we needed to get in there and get them out of the situation they were in.”

A minimal statement from the Iditarod says Underwood, Knolmayer, and Failor were rescued by helicopter from a section of trail outside of Safety Roadhouse. Safety is the final checkpoint in the 1,000 mile race, which mushers normally cruise through before finishing in Nome. Local Search and Rescue officials confirm the three men were rescued by air guard and brought into town around 1pm.

The mushers were checked into Norton Sound Regional Hospital in Nome and evaluated for precautionary measures. As far as St. George knows, Underwood, Knolmayer, and Failor are doing fine.

“From our periphery they’re okay, and that’s what counts. And also of course, again, the dogs who are first and foremost in this whole equation are doing just fine as well. So everybody should be reunited in Nome in the not too distant future.”

The COO says the plan is to keep the three dog teams,
totaling 28 four-legged athletes, at Safety Roadhouse until Iditarod staff can determine
if they will snowmachine the dogs to Nome or transport them by some other
means.

With temperatures warming up to the mid-30s, melting snow, and high winds in the Nome area within the last 24 hours, water overflow is expected to linger near Safety and even closer to Nome’s shoreline.

Iditarod musher Tim Pappas navigates his team and sled through a strip of overflow just outside of Nome on Thursday afternoon. Photo from JoJo Phillips, KNOM (2020)

According to St. George, the Iditarod will reroute the existing
trail so the last 11 teams, who are all currently resting in Elim, can avoid this
dangerous area.

“We’re actually going to put in a trail that’s just adjacent to the trail that exists already. That looks like there is no overflow in that area, and we’re just going to bypass it basically. That will be done well before the next wave of mushers head up the trail.”

Each of the latest four Iditarod teams to finish in Nome yesterday afternoon told KNOM about their struggles going through other ledes of open water during their run in from Safety to the finish line. So far, 23 out of 37 remaining teams have completed this year’s Iditarod race.

One particularly challenging are of overflow is located at the bottom of a local snow ramp, which mushers use to access Front street and cross into the city for their race-finish in Nome. Iditarod staff have since setup an alternate overland section of trail that avoids that area.

KNOM’s JoJo Phillips also contributed to this report.

Source link
——————————————————————————————————

The post #deepweb | <p> Iditarod Teams Yet To Reach Nome Face Overflow, Three Mushers and Their Dogs Rescued – KNOM Radio Mission <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Agencies Post Opportunities for Reskilling Academy Grads to Use Their New Cyber Skills

Source: National Cyber Security – Produced By Gregory Evans

As the Trump administration works to reskill current federal employees to meet the workforce needs of the 21st century, lead agencies are now making sure there are jobs for those trainees to transition to—at least temporarily.

Wednesday, the Office of Management and Budget and Office of Personnel Management, in conjunction with the Federal Chief Information Officers Council, announced the first wave of “temporary detail opportunities.” Nine positions were posted to the Open Opportunities job board, where current federal employees can find temporary or part-time work with other agencies to improve their skills.

While the details are open to any qualified federal employee, the latest push is intended to create opportunities for graduates of the Cyber Reskilling Academy.

“We cannot overcome the shortage in the federal cybersecurity workforce overnight,” Federal CIO Suzette Kent said Wednesday in a statement. “By continuing to invest and support reskilling programs, coupled with hands-on opportunities to apply those skills, the federal government is positioning itself to strengthen our cybersecurity workforce capabilities.”

The Reskilling Academy launched in April 2019 with an initial cohort of 25 students, plucked from more than 2,000 applicants from across government with no prior cybersecurity or IT background. Those students went through 13 weeks of training and came out the other side with a set of basic cyber defense skills. However, due to the nature of the federal employment hierarchy—known as the General Schedule—those graduates were not able to immediately transition to cybersecurity jobs.

OMB recognized the job placement issue and began looking at ways to move the program forward, including first broaching the idea in October of using Open Opportunities.

“By serving as a governmentwide bulletin board for short-term assignments, details and training opportunities around the federal government, Open Opportunities will help agencies tap into the valuable talent and skills we already have and are developing within government,” said OPM Director Dale Cabaniss.

The postings that went live Wednesday do not give specific timeline for the details. However, back in October, OPM Principal Deputy Associate Director for Employee Services Veronica Villalobos told Nextgov the agency was looking at nine-month tours.

Three agencies—Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Veterans Affairs Department and the Environmental Protection Agency—posted nine openings Wednesday to Open Opportunities, most with multiple positions available.

The posts contain a brief description of the office seeking assistance, a rundown of the tasks the employee will be asked to perform and a list of skills they should expect to leave with when the detail is done.

Most of the openings focus on policy and security assessments. For example, the VA opportunity is for a “junior IT specialist to prepare, deploy and transition DOD/VA electronic health records.” In this role, the detailee will work with the Office of Electronic Health Record Modernization to review documentation for the authority to operate—a certification verifying a baseline of cybersecurity for an application—and make edits and recommendations, as needed.

Similarly, CISA has two to five openings for GS-12 to GS-15 employees to serve as cyber policy and strategy planners. The position “[d]evelops policies and plans and/or advocates for changes in policy that support organizational cyberspace initiatives or required changes/enhancements,” per the posting, which cites the job description directly from the National Initiative for Cybersecurity Education, or NICE.

The administration is also looking to expand the Reskilling Academy outside of OMB. In the president’s 2021 budget proposal, OMB directed departments to include funding for a distributed reskilling effort run independently out of each agency but based on the central Reskilling Academy model. Per the plan, the administration hopes to reskill some 400,000 federal employees in cybersecurity, data science and other technology-focused areas.

Source link

The post #nationalcybersecuritymonth | Agencies Post Opportunities for Reskilling Academy Grads to Use Their New Cyber Skills appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Has Samsung learned from their Galaxy Fold bendy mistakes?

Source: National Cyber Security – Produced By Gregory Evans

Dreaming deep, sound asleep

As machines become increasingly intelligent, they are also becoming more artistic.

Google’s Deep Dream is making a huge splash on the web. It was originally coded by Alexander Mordvintsev, a programmer working in security systems who liked to play around with artificial intelligence as a side project. In the middle of the night last May, he discovered the lines of code that would cause Google’s neural net to generate original images that look like a psychedelic combination of Salvador Dalí and Lisa Frank. He posted his images on Google’s internal Google + account, and was soon paired with young programmer Chris Olah and software engineer/sculptor Mike Tyka to develop Deep Dream.

bar

REM for your RAM

The Deep Dream team has created an entire gallery of surrealistic art. Animal parts of different species combine to form fantastical beasts, backgrounds fill with swirling patterns, and spiders emerge from cloudless skies.

In July, the Deep Dream team released the software on GitHub so that the general public could turn their family portraits and vacation photos into bizarre art pieces. New apps are popping up, several grotesque portraits of presidential candidates have been produced, and the band Wilco used a Deep Dream image on the cover of its latest album. Samim Winiger, who created software that makes animations from Deep Dream images, says that “in five years we won’t recognize Photoshop,” alluding to the possibility for Deep Dream technology to become a major feature in our visual world.

But is there more to it?

Winiger refers to Deep Dream as “creative AI [artificial intelligence].” But can a computer be said to have creativity? The dreamlike (or, at times, nightmarish) quality of Deep Dream images has certainly caused some observers to posit that Deep Dream is pulling images from the “subconscious” of Google’s mind. But a computer, no matter how smart, is not a brain. So is Deep Dream just the robot equivalent of a cool party trick?

Deep learning in the neural net

But Deep Dream wasn’t created just to blow our minds with freakish four-eyed kittens and giant tarantulas crawling from the sky. It’s also a useful way for programmers to study artificial intelligence. Computers can now achieve what programmers call “deep learning” by processing information through a neural net (NN). Neural nets are meshes of artificial neurons layered one over the other, like spider webs. Information is passed through several layers of the NN, and each layer analyzes it from a different angle. The topmost layer is responsible for the output of information that has been “learned” by deeper layers of the net.

Google has made great strides towards teaching its neural net to visually recognize objects by having it produce an image of whatever it’s viewing, which is then graded for accuracy and fed back into the computer, giving the NN an opportunity to learn from its mistakes and eventually come to automatically correct itself.

Layered learning, and pattern detecting

So far, it has been hard for researchers to really know for sure what is happening at each layer of the neural net. But a researcher can have a computer produce a Deep Dream image from a specific layer of its neural net, thus revealing exactly what that layer is learning. In this way, researchers are discovering more about what happens inside an artificial mind.

What researchers have found is that computers may have higher perception and better pattern-recognition than humans. It’s like having a highly imaginative child watch clouds. If a cloud looks a little bit like a ship, the neural net will run the image through a feedback loop until a highly detailed ship emerges. This is why Deep Dream is able to create images even out of random noise – it can detect patterns that a human wouldn’t even notice.

This has far-reaching implications for how artificial intelligence may eventually replace humans. For example, researchers are using neural nets to read ultrasounds, detecting tumors invisible to the human eye.

Final thoughts

So, is artificial intelligence becoming creative? Is a computer an artist? That depends on how you define creativity, and where you draw the line between the “real” and the “artificial.” But Deep Dream engineer Mike Tyka is impressed: “If you think about human creativity, some small component of that is the ability to take impressions and recombine them in interesting, unexpected ways,” – the same ability Deep Dream displays.

Regardless of whether or not this is true “creativity,” the world seems to agree with Tyka that when you let a computer come up with original art, “it’s cool.”

Steven Levy was granted the first interview with the Deep Dream team. You can read his report at Medium.com.

#DeepDream

Source link
——————————————————————————————————

The post #deepweb | <p> Has Samsung learned from their Galaxy Fold bendy mistakes? <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Indian authorities arrest their first crypto dark web drug dealer

Source: National Cyber Security – Produced By Gregory Evans

  • The suspect, Dipu Singh, is accused of selling psychotropic and prescription pills on the dark web.
  • He was taken into custody by the central anti-narcotics agency under the Narcotic Drugs and Psychotropic Substances (NDPS) Act.

In an investigation done by the Narcotics Control Bureau (NCB), India has caught its first darknet crypto drug dealer. The authorities have seized 55,000 tablets in the arrest. The NCB participated in “Operation Trance” – a multinational crackdown on illicit dark web drug sales using couriers, international postal services, and private parcel deliveries.

Global post offices and international courier services were used as logistics for illicit trade. The payments gateways of cryptocurrency were used by the operators to conceal the transactions from law enforcement agencies.

The accused, Dipu Singh, is a 21-year old whose father is a retired army officer. Singh is accused of selling many psychotropic and prescription pills on the dark web and shipping them to the US, Romania, Spain, and other countries.

He started out by selling health supplements and erectile dysfunction medication on major dark web markets. Later, he began selling tramadol, zolpidem, alprazolam and other psychotropic prescription medications. The suspect was taken into custody by the central anti-narcotics agency under the Narcotic Drugs and Psychotropic Substances (NDPS) Act. 

 

Source link
——————————————————————————————————

The post #deepweb | <p> Indian authorities arrest their first crypto dark web drug dealer <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Opinion: Three Spurs players who were far from their best against Man City – Spurs Web

Source: National Cyber Security – Produced By Gregory Evans Tottenham Hotspur recorded a famous 2-0 win over Man City this afternoon in the Premier League, leapfrogging up to fifth in the table. Goals from Steven Bergwijn and Heung-min Son sealed a delightful win and clean sheet for the Lilywhites against the current champions. However, a […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Smaller Companies Need to Step Up Their Cyber Security Efforts

Source: National Cyber Security – Produced By Gregory Evans

Whenever we hear about major cyber security attacks such as data breaches, it’s typically larger enterprises that are the victims. That makes sense, considering those events can potentially impact a lot of people and therefore are more likely to grab headlines and garner attention.

But that doesn’t mean small and mid-sized companies (SMBs) are immune to such attacks. In fact, smaller organizations are frequent targets of cyber incidents, and they generally have far fewer resources with which to defend themselves.

A recent study by the Ponemon Institute, which conducts research on a variety of security-related topics, presents a clear picture of the cyber security challenges SMBs are facing. The report, “The 2019 Global State of Cybersecurity in SMBs,” states that for the third consecutive year small and medium-sized companies reported a significant increase in targeted cyber security breaches.

For its report, Ponemon conducted an online survey of 2,391 IT and IT security practitioners worldwide in August and September 2019, and found that attacks against U.S., U.K., and European businesses are growing in both frequency and sophistication.

Nearly half of the respondents (45%) described their organization’s IT posture as ineffective, with 39% reporting that they have no incident response plan in place.

Cyber criminals are continuing to evolve their attacks with more sophisticated tactics, and companies of all sizes are in their crosshairs, noted Larry Ponemon, chairman and founder of the Ponemon Institute. The report shows that cyber attacks are a global phenomenon, as is the lack of awareness and preparedness by businesses globally, he said.

Overall, cyber attacks are increasing dramatically, the report said. About three quarters of the U.S. companies surveyed (76%) were attacked within the previous 12 months, up from 55% in a 2016 survey. Globally, 66% of respondents reported attacks in the same timeframe.

Attacks that rely on user deception are on the rise, the study said. Overall, attacks are becoming more sophisticated, with phishing (57%), compromised or stolen devices (33%), and credential theft (30%) among the most common attacks waged against SMBs globally.

Data loss is among the most common impact of cyber security events. Worldwide, 63% of businesses reported an incident involving the loss of sensitive information about customers and employees in the previous year.

SMBs around the world increasingly are adopting emerging technologies such as mobile devices and apps, the Internet of Things (IoT), and biometrics, despite having a lack of confidence in their ability to protect their sensitive information.

Nearly half of the survey respondents (48%) access more than 50% of their business-critical applications from mobile devices, yet virtually the same portion of respondents said the use of mobile devices to access critical applications diminishes their organization’s security posture.

Furthermore, a large majority of respondents (80%) think it is likely that a security incident related to unsecured IoT devices could be catastrophic. Still, only 21% monitor the risk of IoT devices in the workplace.

The report also suggests that biometrics might finally be moving toward the mainstream. Three quarters of SMBs currently use biometrics to identify and authenticate users or have plans to do so soon.

Small and mid-sized companies can take several steps to bolster their cyber security programs. One is to educate users and managers throughout the organization about the importance of strong security and taking measures to keep data safe.

Because so many attacks begin with employees opening suspicious email attachments or clicking on links that lead to malware infestations or phishing, training users to identify these threats is vital. Companies can leverage a number of free training resources online to help spread the word about good security hygiene.

Smaller companies, particularly those will limited internal cyber security skills, can also consider hiring a managed security services provider (MSSP) to help build up a security program. Many of these firms are knowledgeable about in the latest threats, vulnerabilities, and tools, and can help SMBs quickly get up to speed from security standpoint.

And companies can deploy products and services that are specifically aimed at securing small businesses. Such tools provide protection for common IT environments such as Windows, macOS, Android, and iOS devices. They are designed to protects businesses against ransomware and other new and existing cyber threats, and prevent data breaches that can put personal and financial data at risk.

Some of these offerings can be installed in a matter of minutes with no cyber security or IT skills required, which is ideal for smaller companies with limited resources and a need to deploy stronger defenses quickly.

Source link

The post #cybersecurity | #hackerspace |<p> Smaller Companies Need to Step Up Their Cyber Security Efforts <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | When CISOs Lose Their Jobs…

Source: National Cyber Security – Produced By Gregory Evans In his recent CSO Online article, 7 Security Incidents That Cost CISOs Their Jobs, writer Dan Swinhoe looks at some of the most high profile breaches in recent history that resulted in the CISO either leaving or being fired. In the article, Swinhoe quotes Dr. Steve […] View full post on AmIHackerProof.com

#cybersecurity | #infosec | Man jailed for using webcam RAT to spy on women in their bedrooms

Source: National Cyber Security – Produced By Gregory Evans

A British man has been jailed for two years after police caught him using a notorious Remote Access Trojan (RAT) to hijack the webcams of young women, and spy upon them.

27-year-old Scott Cowley, of St Helens, Merseyside, was arrested last November as part of an international investigation into purchasers of the Imminent Monitor RAT.

Imminent Monitor (also known as IM-RAT) had been sold online since 2012, purporting to be a legitimate remote access tool.

Imminent Monitor’s claims of legitimacy, however, are somewhat undermined by some of its abilities – such as the ability to allow remote users to disable a subject’s webcam light while they are being monitored. One version of the software even introduced the ability to mine for cryptocurrency on victim’s PCs.

Security researchers at Palo Alto Networks claim that they have observed Imminent Monitor being used in attacks against its customers on over 115,000 unique occasions.

International law enforcement agencies were finally able to dismantle the infrastructure behind Imminent Monitor last November, in an operation that executed 85 warrants, seized 434 devices, and arrested 13 people.

And, of course, when police cracked the IM-RAT’s distribution network they were also able to seize records detailing thousands of purchasers, which resulted in the arrest in Merseyside of Scott Cowley.

At Liverpool Crown Court prosecutors described how the Cowley had used a PayPal account connected to his own name and personal email address to buy the IM-RAT software. Cowley successfully managed to have the software installed on the computers of three women, and seized remote control of their webcams in order to allow him to secretly film them as they undressed and had sex.

Specialist police officers from the North West Regional Organised Crime Unit (NWROCU) were able to forensically examine Cowley’s own laptop computer, finding the software as well as furtive video recordings of his victims.

The court found Cowley guilty, and sentenced him to two years imprisonment for computer misuse and sexual offences.

“Today we welcome the sentencing of Scott Cowley who used highly technological methods to obtain private videos and images of innocent victims for his own sexual gratification. This conviction demonstrates that despite the high tech nature of the Cyber Crime, offenders have no place to hide,” said Detective Sergeant Steve Frame from the NWROCU. “We take all reports of cybercrime seriously and are absolutely committed to tackling and undermining this evolving threat. If you have been the victim of a similar crime, or suspect somebody is involved in committing this type of crime please call 101 and report it to your local police force.”

No doubt police investigations into the users of IM-RAT will continue, and we can hope for more successful prosecutions for those who preyed on innocent computer users.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Source link

The post #cybersecurity | #infosec | Man jailed for using webcam RAT to spy on women in their bedrooms appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | HITCON 2019 winners book their place for DEFCON 2020

Source: National Cyber Security – Produced By Gregory Evans

Cash prizes handed out to top three teams at multi-national hacking competition in Taiwan

UPDATED A team of hackers from China has triumphed at HITCON’s Capture the Flag (CTF) final in Taiwan over the weekend (December 14-15).

The two-day event in Taipei, where four-person teams compete in offensive and defensive cybersecurity challenges, saw China’s Tea Deliverers top the leaderboard and earn a $10,000 prize.

LC↯BC, representing Russia, finished in second place, receiving a check for $5,000, while Japan’s TokyoWesterns scooped up $2,000 for finishing in the bronze medal position.

China’s Tea Deliverers topped the leaderboard and earned a $10,000 prize at this year’s HITCON

Balsn, one of three teams representing the host nation, won a $1,000 prize for being the top-ranked Taiwanese outfit participating in the event, which was hosted by the Association of Hackers in Taiwan and Taiwan’s Industrial Development Bureau.

Teams from the US, Poland, Vietnam, and Hungary were also among the 14 finalists for the HITCON CTF, whose October qualifiers featured 662 teams.

The champions of two other CTF events – the Balsn CTF and Trend Micro’s Raimund Genes Cup – qualified for the HITCON final, whose winner subsequently qualifies for next year’s DEFCON CTF, widely seen as the most illustrious hacking competition of all.

HITCON winning teams have been entering DEFCON CTF since 2014, winning in 2017, and finishing second or third in the other years.

“Training of information security talents is not a one-day effort, nor can it be completed behind closed doors,” said Lee Lun-Chuan, who was in charge of running HITCON CTF.

“HITCON CTF scores 96 points in the international contest, attracting foreign information security teams to attend.

Lun-Chuan added: “By inviting international teams to share their experience, HITCON CTF trains domestic information security talents while demonstrating Taiwan’s strength in information security worldwide.”

Organizers of the DEFCON, CODE BLUE and Trend Micro CTFs, meanwhile, joined the HITCON team at the HITCON CTF Forum, to discuss the creation of a platform in Taiwan aimed at promoting young hacking talent and sharing best practices.

Launched in 2005, HITCON – short for Hacks In Taiwan Conference – has additionally launched a public service vulnerability notification platform (ZeroDay), an ‘escape the room’ competition (HackDoor), and an enterprise security attack and defense competition (DEFENSE).

More information on the HITCON CTF can be found on the Association of Hackers in Taiwan website.

This article has been updated with comments and further information from the organizers of HITCON.

RELATED Polish hacking team triumphs in Trend Micro CTF competition

Source link

The post #hacking | HITCON 2019 winners book their place for DEFCON 2020 appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | But Their Emails: Many 2020 Campaigns Still Risk Phishing Attacks

Source: National Cyber Security – Produced By Gregory Evans

Phishing is still a vector to attack presidential campaigns. Many 2020 candidate organizations still aren’t using best practice by implementing a proper DMARC policy.

It seems they’ve not learned from the hack on Hillary’s campaign. In 2016, John Podesta got tricked by a crude phish—and it easily could happen again.

Things are better now, but there’s still acres of room for improvement. In today’s SB Blogwatch, we dig their DNS records.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: a decade in three minutes.


Can You Spell DMARC?

What’s the craic, Zack? Mister Whittaker reports—“Only a few 2020 US presidential candidates are using a basic email security feature”:

 DMARC, an email security protocol that verifies the authenticity of a sender’s email and rejects spoofed emails … could prevent a similar attack that hobbled the Democrats during the 2016 election. … Only Elizabeth Warren … Joe Biden, Kamala Harris, Michael Bloomberg, Amy Klobuchar, Cory Booker, Tulsi Gabbard and Steve Bullock have … improved their email security.

The remaining candidates, including … Donald Trump, are not rejecting spoofed emails. … That, experts say, puts their campaigns at risk from foreign influence campaigns and cyberattacks.

In the run-up to the 2016 presidential election, Russian hackers sent an email to Hillary Clinton campaign manager John Podesta, posing as a Google security warning. [It] tricked Podesta into … allowing hackers to steal tens of thousands of private emails.

Or perhaps you prefer a different topical angle? G’day, David Braue—“You may be targeting Black Friday bargains, but cybercriminals are targeting you”:

 Security firms are warning shoppers to be careful online as cybercriminals increase their activity in the runup to [the] retail season. … Shoppers need to be particularly wary of online scams and malware propagated through emails spoofing legitimate retailers.

Despite efforts by the Australian Signals Directorate to promote the use of next-generation DMARC email anti-fraud tools … research suggests that just 45 percent of Australia’s biggest online retailers have actually begun implementing DMARC – and just 10 percent have adopted the strictest level of security.

Returning to this hemisphere, Agari’s Armen Najarian claims, “2020 Presidential Candidates Remain Vulnerable”:

 The kinds of email attacks that helped derail Hillary Clinton’s candidacy in 2016 are only getting more sophisticated. [But some] campaigns are not taking the threat as seriously as they should.

Meanwhile, we’re seeing new trends in how cybercriminals execute … advanced threats, which are liable to throw an entire candidacy off-course. After all, it only requires one campaign employee or volunteer to click on one link in a malicious email.

It’s likely only a matter of time before the unthinkable happens once again. … The Mueller Report … squarely pointed to spear phishing as the primary attack vector for Russian hackers seeking to gain access.

Unfortunately, candidates must not only be concerned about email directed to them and their campaign staff. … Imagine the damage that can be done by emails that appear to come from the legitimate domain of the candidate, but actually come from a malicious criminal who uses that domain to spread false information to potential … donors, voters, and the media.

This is entirely possible, and likely even probable, unless candidates take the steps they need to protect against it by implementing DMARC with a p=reject policy.

DMARC: HOWTO? Chad Calease obliges—“A Definitive Guide”:

 This is the time of year we’re all too aware how much phishing really sucks. … While technology isn’t able to catch all of it 100% of the time, DMARC is one of these important layers of defense that helps to dramatically minimize the amount of phishing emails that get through to our inboxes.

DMARC stands for Domain-based Message Authentication, Reporting & Conformance. [It] is a set of 3 DNS records that work together to ensure email is sent only from authorized … mail servers, thereby helping block fraudulent messages.

DMARC sets a clear policy for what to do if a message hasn’t been sent from an authorized source. … DMARC helps prevent criminals from spoofing the “header from” or “reply-to” address: … First it checks that the DKIM … digital signature is a match. Then it checks the SPF record to ensure the message came from an authorized server. If both DKIM and SPF pass these checks, DMARC delivers the message.

But if one or more of these tests fails, DMARC behaves according to a policy we set:

‘none’ [which] doesn’t impose any actions …
‘quarantine’ [which] Flags messages … to be directed to the recipients’ spam or junk folders …
‘reject’ [which] outright refuses messages that fail … (this is the end goal of a good DMARC configuration).

OK, so why aren’t all the candidates on board? Here’s lostphilosopher:

 I see this as a reflection of the candidates ability to find and listen to experts. I don’t expect a candidate to understand how to do tech “right” – I’m in the industry and still get half of it wrong! However, when you’re running a multi million dollar campaign you can afford to bring in experts to set this stuff up and audit your practices.

I assume these candidates are already doing this and that if they are still not following some basic best practices it’s because they are actively ignoring the experts. … That’s what worries me: If they can’t find or listen to these people now, what makes me think they’ll be able to in office?

And this Anonymous commentator agrees:

 Think about this for a second! If the … candidates don’t care enough about their own email traffic, why would anyone vote for them to secure this nation? If your own private info is easily up for grabs, what do you honestly think national security would be like under any of them?

But gl4ss spots an oint in the flyment:

 If you rely on DMARC … and just trust it blindly then you know what? You’re gonna get ****ed by someone on whthouse.org.co.uk.acva.com.

Sure the email is sent from that domain, but so what? The domain isn’t right.

It was ever thus. Ryan Dunbar—@ryandunbar2—looks back:

 In 1980 we knew internet email was not secure.
2003 get email SPF
2007 get email DKIM
2012 get DMARC
2019 get ARC, BIMI
2025 get QUIC, yet email will still not be secure.
2050 get internet3
Why does it look like the ones running the internet don’t want a secure internet?

Meanwhile, El Duderino knows who to blame:

 This is Al Gore’s fault because he invented the internet.

And Finally:

10 Years; 100 songs; 3 minutes

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Tia Dufour (public domain)

Source link

The post #cybersecurity | #hackerspace |<p> But Their Emails: Many 2020 Campaigns Still Risk Phishing Attacks <p> appeared first on National Cyber Security.

View full post on National Cyber Security