Displaying items by tag: Cybersecurity

In what seems to be a tit-for-tat move, Chin has announced a ban on products from US chip maker, Micro. The reasons for this are vague with the Cybersecurity Administration of China (CAC) saying it is for National Security reasons. This move comes after the US has banned a couple of technology companies from China for the same reasons and as social time-wasting platform TikTok comes under greater scrutiny in possible preparation of a nationwide ban on the platform. Montana has already signed a ban into law although this ban might not bear the scrutiny of a Constitutional Review.

One of the things that has always confused me is how often a business will look at and spend on revenue generating and very little on revenue maintenance. Every budget year you see money thrown at expansion, new tools or software that bring in more money and I get it. You have to earn to keep the lights on. However, you also need to ensure that you can keep what you earn. Think about it like this, if you have a business and it only takes cash you would not just leave the cash laying around for anyone to take. No, you would invest in a secure place like a safe to keep it. This concept also involves modern “digital” businesses, but we just are not seeing them spend any money on the safe.

Although not a new story the recent revelations around the CFPB (Consumer Financial Protection Bureau) data breach are very important. This incident is one of those times when you can either learn an important lesson, or you can ignore it and walk into a much bigger shitshow. The outcome of this one is something that only time will tell, but it is not something that anyone should just ignore.

It would appear that the developers of Stuxnet/Duqu and Flame shared at least some source code during development. At least that is what security research firm Kaspersky seems to think. Kaspersky was the company that found the massive bit of malware that was using a compromised Microsoft Terminal Server licensing model to sign certificates for their code. Flame appears to have been a very coordinated espionage attack on Iran and has been in the news thanks to the complexity and functionality that it has.

It seems that Microsoft is working the PR angle again. First we saw this when it was obvious that public opinion was turning against it with SOPA and PIPA. They distanced themselves from the BSA (Business Software Alliance) and then released a statement saying that they could not support SOPA in its current incarnation. This time Microsoft is doing the PR shift with CISPA. They released a statement to CNET saying pretty much the same thing while not really opposing the actual bill or its ramifications.

We have always been a supporter of certain Internet freedoms as well as individual privacy (no surprise there huh). Bills like PIPA and SOPA showed us a glaring issue with the existing level of knowledge currently held by the people that make our laws (and not just in the US). This is not a big shocker to most people either. It is fairly common knowledge that our law makers get into office based on little more than a popularity contest that is held every few years. Once in office they are like the gullible kid in school that gets talked into things, by the “cool kids”, but in this case the cool kids are lobbyists and are not looking for a laugh they are looking to improve their control and profit.

Only days ago we published an article telling you that you would begin to see more and more news relating to the only activist movement (which includes Anonymous, but is not limited to Anonymous) and how it is dangerous, related to terrorism and even how collectives like Anonymous and other organizations are duping the people wanting to contribute. Well this morning while having our coffee we watch in amusement as a cable news channel featured a US Senator talking about how the “hacktivist” movement is second only to terrorism as a threat to national security.