Category Archives: Internet Security
NM-ICPS Mission can accelerate technology translation and … – Department Of Science & Technology
Experts deliberated on ways to strengthen the National Mission in Interdisciplinary Cyber Physical Systems (NM-ICPS) with the help of disruptive technologies, effective translation, and commercialization of technologies so that it can become a major driver of economic growth of the country at the National Workshop on Technology Innovation in Cyber-Physical Systems (TIPS).
Cyber Physical Systems (CPS) will play a major role in areas like health and medicine, intelligent transportation, as well as smart manufacturing in the future. Such a role needs a change in the trajectory of CPS through the introduction of new technologies like Artificial Intelligence, IoT, and Robotics, which will be the future drivers of CPS, said Dr. V.K. Saraswat, Member (S&T), NITI Aayog at the 2nd TIPS workshop.
He also insisted on identifying the windows that have been created by the NM-ICPS mission that was launched in 2018 and on quantification of the value addition that has already been done to make India ready to participate in the globally growing CPS market.
The Union Cabinet approved the National Mission on Interdisciplinary Cyber Physical System (NM-ICPS) in December, 2018 at a total outlay of Rs.3660 Crores for aperiod of five years to be implemented by the Department of Science and Technology(DST). As part of the Mission implementation, 25 Technology Innovation Hubs (TIHs) have been established in advanced technologies in reputed institutes across the country. These TIHs focus on technology development and translation, human resource and skill development,entrepreneurshipand start-ups development, and international collaborative research. For effective implementation of the Mission and to carry out the mandated activities by the TIHs, a series of workshops are being conducted for direct interaction between the Mission Office and its Expert Committee members and the TIHs.
Dr. Kris Gopalakrishnan, Chairman, Axilor Ventures, Bengaluru, and Chairman Governing Body, NM-ICPS, stressed in the need for growth in research and technology translation and for developing capacity in the system to utilize increased funding from the industry and from other sources at the 2ndNational Workshop on Technology Innovation in Cyber Physical Systems (TIPS) during 6-8 April, 2023at IIT, Delhi.
He highlighted the need for different types of collaborations through which the Technology Innovation Hubs can help in elevating technologies to higher TRL levels.
Prof. Ashok Jhunjhunwala, IIT Madras, elaborated on the steps the hubs can take in nurturing innovation and entrepreneurship and making innovators successful, while Prof. V Ramgopal Rao, Former Director, IIT Delhi, focused on how the hubs could bridge academic R&D with product innovation.
Dr. Akhilesh Gupta, Secretary SERB and Sr. Adviser, DST, explained how the hubs would work with the Governing Body and the Scientific Advisory Committee in synergy with the industry for translation and commercialization of technology while Prof. Rangan Banerjee, Director, IIT Delhi, outlined some of the achievements of the hub at IIT Delhi.
Each hub is a Section-8 Company, an independent entity withinthe host institute, and has been assigned a technology vertical in the areas of advancedtechnologies such as artificial intelligence and machine learning; technologies for the Internet of Things & Internet of Everything; Data Banks & Data Services, Data Analysis; Robotics &Autonomous Systems; Cyber Security and Cyber Security for Physical Infrastructure; Quantum technologies, etc. The NMICPS Mission aims to develop technology platforms to carry out R&D, translational research, product development, incubating & supporting start-ups, and commercialization.
NM-ICPS is a comprehensive Mission that brings together academia, industry, government and international organizations and has created an ecosystem that fosters entrepreneurship, develops next-generation skilled manpower, catalysestranslational research, and promotes the commercialization of CPS technologies.
The Mission is being implemented with all the TIHs undertakingactivities under technology development, entrepreneurship development, human resource development, and internationalcollaborations. It aims at technology development, translational research and commercialization in CyberPhysical Systems (CPS) and associated technologies, adoption of CPS technologies to address India specific National and regional issues, production of next-generation skilled manpower, catalyzing translational research, accelerating entrepreneurship and start-up ecosystem development in CPS technologies, giving impetus to advanced research in CPS technologies and higher education in Science, Technology and Engineering disciplines and bringing India at par with other advanced countries. It can transform key sectors of theIndian economy like healthcare, transportation, education, infrastructure, etc. andmake them more efficient, safe, and sustainable to place India at par with otheradvanced countries.
View original post here:
NM-ICPS Mission can accelerate technology translation and ... - Department Of Science & Technology
Your medical device could be spying on you; industry demands protective laws – The Hindu
Common medical devices such as oximeters, hearing aids, glucometers, and pacemakers can be turned into spyware and malware, say experts, warning that such devices can even leak your medical data if not layered with adequate cyber protection. Industry experts are now seeking urgent Central government intervention to recognise this threat and immediately put in place measures to plug any possible drain.
Their warning comes close on the heels of the ransomware attacks suffered by Indias top tertiary care hospitals, leading to the siege of millions of medical records and vast amounts of health data at Delhis All India Institute of Medical Sciences, Safdarjung Hospital and Lady Hardinge Medical College and Hospitals. A ransomware attack is a computer virus that encrypts ones essential files and renders them inaccessible unless the hacker is paid for the key to open them.
Indian multinational pharmaceutical company Sun Pharma, the worlds fourth largest generic pharma firm, was also among the establishments that recently took a hit. These attacks ran parallel to the series of failed attempts to hack into Indias top medical research organisation, the Indian Council of Medical Research (ICMR).
What these attacks indicate is our vulnerability, said Shuchin Bajaj, founder director of the Ujala Cygnus Group of Hospitals, adding that these electronic health records contain one of the most valuable databases of knowledge: sensitive patient information.
Now, experts are warning that it is not only large healthcare establishments that are under threat. Many personal use medical technology devices including oximeters, hearing aids, glucometers, medical monitoring watches, and implants such as pacemakers and insertable loop recorders meant for long-term monitoring and recording of electrical activity of the heart all contain software as medical device (SaMD) and software in medical devices (SiMD) and are usually connected to the internet, mobile phones, servers, and the cloud.
If not given adequate cyber protection, these devices can be turned into spyware and malware and can even breach data. Currently, there are no guidelines on the regulation of SaMD and SiMD. Therefore, we suggest that the government should consult with industry experts to identify the challenges that could pose a risk to national security, warned Pavan Choudary, chairman, Medical Technology Association of India (MTaI), adding that the biggest challenge with medical devices was their small size.
India has one of the worlds top 20 markets for medical devices and the fourth-largest in Asia. The medical devices sector in India is projected to reach $50 billion by 2025, according to the India Brand Equity Foundation. According to statistics from the Commerce Ministry analysed by the Association of Indian Medical Device Industry (AiMeD), medical device imports rose by a record 41% to 63,200 crore ($ 7.91 billion) in 2021-22 from 44,708 crore ($5.59 billion) in 2020-21.
The Indian population is growing at a rate of 1.6% per year and has an elderly population of over 100 million. Rapid economic growth, rising middle class incomes, and the increased market penetration of medical devices has left the population vulnerable, experts say.
India currently lacks any centralised data collection mechanism which gives an exact cost of data corruption for the healthcare industry. However, it is clear that data -- now called the new oil -- is seeing a threat that has become rampant, sophisticated, and severe, said Arushi Jain, director, Akums Drugs and Pharmaceuticals. As pharmaceutical companies continue to embrace digital transformation, their highly sensitive, valuable information becomes even more at risk for cyberattacks, she said.
Pharma companies face their IT environment being landed with legacy hardware and software. In particular, operational technology devices, networks and systems that support business did not have IT security in mind when built. These networks and systems need to connect with IT networks, which exposes them to an organisations entire threat landscape and creates new opportunities for cyber criminals, she explained.
While the Central government is currently pushing to digitise health records, data protection and cyber-security are governed by the Information Technology Act and the Contract Act. The government has also introduced the Digital Personal Data Protection Bill, which is currently pending before the Parliament.
Data protection is not rocket science, but requires legal and technical artisanship, the allocation of adequate resources and the training of all professionals involved in the processing of personal data, says the World Health Organisation (Europe) in its paper, titled The protection of personal data in health information systems principles and processes for public health. It advocates for continuous effort that is based on an institutional vision, a governance concept and a willingness to be accountable.
Go here to see the original:
Your medical device could be spying on you; industry demands protective laws - The Hindu
Who is Satoshi Nakamoto? The bitcoin legend is as mysterious as ever. – Markets Insider
A statue of Satoshi Nakamoto, a presumed pseudonym used by the inventor of Bitcoin, is displayed in Graphisoft Park on September 22, 2021 in Budapest, Hungary. Janos Kummer / Stringer, Getty Images
Satoshi Nakamoto is the name of the individual or group credited with inventing bitcoin, the world's largest cryptocurrency. Their legend is shrouded in mystery.
The inventor's identity has never been confirmed, though April 5 marked their 48th birthday, according to information on a profile with The P2P Foundation.
This week, conspiracy theories connected the figure to the late Steve Jobs, the visionary Apple cofounder, following the revelation that Apple has shipped out Mac computers since 2018 with a copy of the original bitcoin white paper.
"While trying to fix my printer today, I discovered that a PDF copy of Satoshi Nakamoto'sBitcoin whitepaper apparently shipped with every copy of macOS since Mojave in 2018," technologist Andy Baio wrote in an April 5 blog post.
Nakamoto's paper, "Bitcoin: A Peer-to-Peer Electronic Cash System," was published in October 2008. The abstract reads:
"A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution."
Since then, bitcoin has become the largest cryptocurrency, with a market cap of about $540 billion, according to CoinMarketCap data on Friday.
Someone is behind the name, given that they invented bitcoin's complex source code, authored a white paper, and interacted with users on web forums.
Nakamoto's profile on The P2P Foundation lists their location as Japan. In their posts, however, Nakamoto has used British English spellings and expressions, leading some to assume they are in fact not Japanese, as the inventor claimed. Additionally, some have pointed to the time stamps on Nakamoto's comments as reason to believe they were not located in Japan.
In 2011, a comment from that account stated that they had "moved onto other things."
The name is also associated with a number of crypto wallets, presumably owned by Nakamoto. Some estimate that those wallets hold more than 1.1 million bitcoin tokens. When bitcoin peaked in November 2021 at $68,000, those holdings would have been worth about $73 billion, placing Nakamoto among the 15 riches people in the world at the time.
Some have speculated that the chances Nakamoto is one person are low, given the complexity of bitcoin's source code.
"Either there's a team of people who worked on this or this guy is a genius," Dan Kaminsky, a leading internet-security researcher, told The New Yorker in 2011.
In his white paper, Nakamoto cited the work of Stuart Haber, a computer scientist credited with helping invent blockchain technology. Haber has echoed Kaminsky's sentiment that the programmer behind bitcoin would have had a "keen intelligence."
In 2013, Nick Szabo, a computer scientist who published research in 1998 on "bit gold," a precursor to bitcoin, drew attention for potentially being Nakamoto. He has denied it, and financial writer Dominic Frisby has said no proof exists connecting the two figures.
"The most convincing evidence pointed to a reclusive American man of Hungarian descent named Nick Szabo," journalist Nathaniel Popper wrote in The New York Times in 2015.
A Newsweek article in 2014 said that Dorian Prentice Satoshi Nakamoto, a Japanese American man living in California, was the elusive inventor of bitcoin. According to the article, he was trained as a physicist and worked on classified defense projects, but he, too, denied the claims.
After the article published, Nakamoto's online account revived itself after a five-year hiatus, stating: "I am not Dorian Nakamoto."
Then, in December 2015, Wired posited that Australian researcher Craig Steven Wright "either invented bitcoin or is a brilliant hoaxer who very badly wants us to believe he did."
The same day, Gizmodo published a story that said Wright, as well as computer scientist Dave Kleiman, together were involved in the invention of bitcoin.
Then, in May 2016, Wright announced in a blog post that he did create bitcoin, though he was met with prominent crypto figures who said it was false.
The list of other potential candidates, apart from Apple's Jobs, includes the government, various other computer scientists, and even Elon Musk, who denied he was Nakamoto in a 2017 tweet.
On Friday, bitcoin hovered around $27,937. It has surged 68% in 2023.
Loading...
Link:
Who is Satoshi Nakamoto? The bitcoin legend is as mysterious as ever. - Markets Insider
Opinion | Omemee: New Meals on Wheels program offers a frozen … – The Peterborough Examiner
Community Care of City of Kawartha Lakes (CCCKL) has a new program, New Frozen Meals on Wheels, offering frozen prepared meals that can be used whenever you need a break. For a menu and further details go to mow.ccckl.ca.
CCCKL will hold a Seniors Awareness Event, May 4, 10 a.m.-3 p.m. at the Lindsay Legion, 12 York St. N., Lindsay. The day will focus on types of abuse, power of attorney, internet security, scams and more. A light lunch will be provided.
Space is limited so if you are interested, call 705-879-4112 to reserve a space.
Darts
The Royal Canadian Legion, Branch 497 Omemee will host the Acreman Dart Tournament, April 29. Registration begins at 9:30 a.m., play at 10 a.m. There is a 16-team limit and teams must be registered by April 22., $20 per person. For information or to register contact Karen at 705-740-3620.
Mothers Day brunch
The Omemee Swans will hold a Mother's Day brunch, May 14, 11-1 pm at the Omemee Legion. Cost is $15 per person, children under 8 free. Payment can be made one week in advance by e-transfer to omemeeswans@gmail.com. For further details call Kathy at 705-750-8689.
Menu is quiche, sausages, salad, mini muffins and cinnamon rolls, and fruit.
Medical centre board
The Omemee Medical Centre (OMC) is a not-for-profit corporation that provides the facility for local primary care providers. The volunteer board of directors is responsible for governing and managing the safe operation of the building.
OMC is looking for interested people to serve on its board.
Application forms and additional information can be found at omemeemedicalcentre.ca. Applications are due April 30. Questions can be sent to the Recruitment Committee at omemeemedicalcentre1@gmail.com.
Seniors
The Omemee Seniors Exercise classes which focus on low impact exercise is held at the Legion, Tuesdays and Thursdays, 10-11 a.m. Cost is $10 per month and your first class is free.
The Omemee Seniors Social Club, open to anyone 55 yrs. and up, will be held Apr. 25 at the Legion. Lunch is served at 12:30 p.m. but come early and settle in. A 10-month membership is $15. A short meeting follows lunch followed by bingo or euchre.
For further information contact Lynda at 705-799-6493.
If you have any news items for future columns, please send to cowsandcranio@gmail.com or call 705-799-7064.
Follow this link:
Opinion | Omemee: New Meals on Wheels program offers a frozen ... - The Peterborough Examiner
U.S. National Cybersecurity Strategy and Its Impact on Domain … – CircleID
Last month, the U.S. National Cybersecurity Strategy was launched, providing a new roadmap for stronger collaboration between those operating within the digital ecosystem. The strategy calls on software makers and American industry to take far greater responsibility to assure that their systems cannot be hacked while accelerating efforts by the Federal Bureau of Investigation and the Defense Department to disrupt the activities of hackers and ransomware groups around the world1.
The cybersecurity strategies that aim to improve overall internet security and reduce cyber threats will likely have a positive impact on domain security. For example, if the U.S. government implements new measures to detect and prevent cyberattacks, this could help reduce the number of attacks targeting domain names and domain name systems (DNS). At a high level, the U.S. National Cybersecurity Strategy discusses securing critical infrastructurecloud services, domain registrars, email, hosting providers, other digital services, and DNS. At the very least, this should put the more security-conscious enterprise-class registrars in a strong position to be a model for registrars that dont practice Know Your Customer (KYC) compliance or have other security protocols such as registry lock or DNSSEC in place for their clients. The strategy also discusses how the internet and DNS are vulnerable infrastructure, and the White House Fact Sheet states that reducing systemic technical vulnerabilities in the foundation of the internet and across the digital ecosystem will need to be part of the goal to invest in resiliency2.
In the recent past, other governments around the world have developed their own national cybersecurity strategies to address growing cyber threats. The U.K., Canada, Australia, and Japanjust to name a fewhave cybersecurity strategies in place outlining their respective approaches to dealing with cyber threats. Each of them focuses on stronger infrastructure in addition to further collaboration between stakeholders.
But to date, there really hasnt been a large movement or push by the U.S. government to widely adopt domain security measures. The problem with this is threefold:
For those focused on internet fraud and online brand abuse, the strategy discusses focusing on mitigating against phishing attacks, business email compromise (BEC), and wire transfer fraud. Since these scams often include imitating trusted brand names, this is a positive development for brand owners and proponents of trademark and IP rights, as well as online consumer safety. These attacks often happen by compromising legitimate web domains or by maliciously registering fake web domains. The intent of these fake domain registrations is to leverage the trust placed on the targeted brand to launch phishing attacks or other forms of digital brand abuse or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation.
Overall, the impact of the U.S. governments cybersecurity strategy on domain security will depend on the specific measures included in the strategy and how effectively theyre implemented. Companies can begin to strengthen their domain security posture by adopting best practices.
Read this article:
U.S. National Cybersecurity Strategy and Its Impact on Domain ... - CircleID
5 No Brainer Internet Security Tips – Rebellion Research
5 No Brainer Internet Security Tips
The internet has become a necessary part of every household. There is hardly any American home that does not have an internet connection. With such wonderful technology that connects you with the entire world, concerns regarding security also arise. In this regard, it is highly essential that you must take a few steps in order to strengthen your internet security. Well, fret no more because we are here to lessen your worries by enlightening you with some of the best yet no-brainer internet security tips that are quite beneficial in the long run.
One of the first and most essential steps you need to take is getting a subscription to a reliable and secure Internet Service Provider (ISP). For this, you have to be very vigilant and on your toes. Dont go for any provider that already has a questionable reputation in the industry. You must keep this in mind, your ISP can get access to all your valuable data and information. It must protect you from any kind of breaching and hacking by providing the utmost security.
For this, if you ask us, we would recommend looking for Spectrum in the area. You are likely to find it since it is serviceable in more than 40 states in the United States. Whats more, it is countrywide known for its secure connection and security suite that further adds a protective layer so that you can browse on the world wide web without any worries or concerns of security. You can learn more about it by dialing the numero de Spectrum (for Spanish customers only) and getting all the information regarding its secure connectivity.
Even though it is pretty common knowledge, it is surprising how many people often dont take this into account. Using a strong password can make a huge difference. One of the most common passwords people use is their date of birth or pets name. These types of passwords are quite easy to crack. Moreover, only adding one or maybe two numerical or capital letters wont make your password strong. As a matter of fact, there is a comprehensible criterion that everyone must follow while creating a password.
By keeping the abovementioned criteria, you can create a strong password that is difficult for anyone to guess.
Wi-Fi networks are essentially the entry points to your computer, devices, and accounts. If you access public Wi-Fi, you basically invite viruses, malware, and any kind of cyber threat into your device. In the current age and time, practically every place has a public access network. Whether it is a coffee shop or an airport, you can get connected to the free network in a matter of a few seconds.
BUT DONT DO IT!
Yes, we cannot stress enough how dangerous it could be, especially if your bank accounts are logged in and you have sensitive information on your device. Data breaching is a real thing and it is astonishing how people take it for granted. One wrong move with the technology can cost you a lot and therefore, be very cautious whenever you are using the internet in public areas.
VPN connections are your saviors. They provide you the much-needed protection from online threats by making your online activities untraceable. By enabling a VPN on all your devices, you can protect your information from becoming leaked. Always remember, while using the internet, your security is always at stake, but by enabling a VPN, you can hide from cyber threats.
In addition to all of this, online transactions also become secured if you have a virtual private network enabled while accessing public Wi-Fi. This way, you can use the free internet as much as you want.
There are several benefits of using a VPN, one of which is that it allows you access to the content that has been restricted in your area, for instance, Crackle is not allowed to be used in your general area. To access it, you can install an excellent and reliable VPN, enable it, and revisit the website to make it accessible.
Here is the thing, you cannot go over to the internet without coming across a website that demands an email address or registration. In this regard, not every website is legit. In fact, a lot of these are scams and will continue to send you shady or suspicious emails containing malware or viruses. Moreover, these websites will spam your inbox with fraudulent emails and this will further increase your risk of clicking on threatening links.
So, in order to save yourself from such cyber threats, you can use disposable email generators that give you an email ID you can enter into sites where you probably dont want to give your personal ID. After this, you will not have to constantly worry about receiving weird and shady emails from suspicious websites.
As much as we are thankful to the technology of the internet for making our lives easier. Thus, we cannot ignore the fact that it has also increased the concerns of security. Therefore, to minimize any and all cyber threats. We recommend following the abovementioned tips to protect yourself online from dangerous agents.
Machine Learning And RPA : How RPA Leveraged
5 No Brainer Internet Security Tips
See more here:
5 No Brainer Internet Security Tips - Rebellion Research
VirnetX Partners with WeSecure – PR Newswire
Canadian Security Company will Sell VirnetX Products in the Middle East
ZEPHYR COVE, Nev., April 5, 2023 /PRNewswire/ -- VirnetX Holding Corporation (NYSE: VHC) ("VirnetX"), a leading Internet security software and technology company, and WeSecure Inc., a Canadian Security Solutions Integrator, are proud to announce a non-exclusive commercial agreement for WeSecure to sell VirnetX cybersecurity products in the U.S., Canada and the Middle East. The partnership aims to implement VirnetX's advanced security technologies into WeSecure's Physical and CyberSecure products and services.
"WeSecure has successfully integrated the VirnetX One family of products, War Room and VirnetX Matrix into our existing cybersecurity infrastructure," said Darren Olson, WeSecure CTO. 'These products significantly boost the level of security and are unrivaled in the industry. Testing and implementing VirnetX's patented technologies allows WeSecure to implement a Zero Trust Security Model for 18 open-source software and applications on our Secure Gateway appliance, offering another layer of unparalleled protection and security.
"As cyber threats continue to grow in complexity and frequency, the need for advanced security solutions has never been more crucial," said Kendall Larsen, VirnetX CEO and President. "The partnership between VirnetX and WeSecure marks a significant step forward in providing organizations with the WeSecure Gateway, locally within the company, or in the cloud to defend against the ever-present risk of cyberattacks."
"The unique features of VirnetX's Secure Domains, Secure DNS, Dynamic VPN, and Military grade encryption create a robust and impenetrable security framework," said Mac Mokatren, WeSecure CEO. "We're extremely thrilled to join forces with VirnetX and their team to help organizations worldwide enhance their cybersecurity posture. WeSecureoperates in Canada, the US and is opening a branchin the Middle East."
About WeSecure
WeSecure unifies Cyber and Physical Security technologies, including Zero Trust, Secure Domains, Dynamic VPN, Secure IP Video, and Access Control systems to create WeSecure Security as a Service (SECaaS). Our Security Applications and Secure Appliancesprovide another layer of Advanced Security unrivaled in the industry.
About VirnetX
VirnetX Holding Corporationis an Internet security software and technology company with patented technology for Zero Trust Network Access ("ZTNA") based secure network communications.VirnetX'ssoftware and technology solutions, including its Secure Domain Name Registry and Technology, VirnetX One, War Room, VirnetX Matrix, and Gabriel Connection Technology, are designed to be device- and location-independent, and enable a secure real-time communication environment for all types of enterprise applications, services, and critical infrastructures. The Company's patent portfolio includes over 200 U.S. and foreign granted patents, validations and pending applications. For more information, please visitwww.virnetx.com.
VirnetX One is a security-as-a-service platform that protects enterprise applications, services, and infrastructure from cyber-attacks using ZTNA. VirnetX One products address a significant need across enterprises of all sizes, as hackers have become more sophisticated, ransomware and malware more costly and disruptive, and the use of corporate and other applications by contemporary remote workforces has continued to rise.
VirnetX MatrixTMprovides superior security for internet-enabled enterprise applications and their connected devices, and for control systems currently deployed by those enterprises (e.g., file servers, data back-up systems, VPN/firewalls). VirnetX MatrixTM provides ZTNA protection, "single-click" ease of use, and is designed to be a highly effective "security umbrella": its added layer of protection is deployed simply, without the need for changes to an enterprise's existing, in-place infrastructure.
War Room provides an industry leading, safe, and secure video conferencing meeting environment where sensitive communications and data is invisible to those unauthorized to view it.
SPECIAL NOTE REGARDING FORWARD LOOKING STATEMENTS
Statements herein may constitute "forward-looking statements" within the meaning of Section 27A of the Securities Act of 1933, as amended (the "Securities Act"), and Section 21E of the Securities Exchange Act of 1934, as amended (the "Exchange Act").These forward-looking statements are based upon our current expectations, estimates, assumptions and beliefs concerning future events and conditions, and may discuss, among other things, expectations about products and product performance, effectiveness of the partnership with WeSecure and the ability to implement VirnetX's technology into WeSecure's products and services and to help organizations worldwide enhance their cybersecurity posture. Any statement that is not historical in nature is a forward-looking statement and may be identified by the use of words and phrases such as "anticipates," "believes," "estimates," "expects," "intends," "plans," "predicts," "projects," "will be," "will continue," "will likely result in" and similar expressions. Readers are cautioned not to place undue reliance on forward-looking statements. Forward-looking statements are necessarily subject to risks, uncertainties, and other factors, many of which are outside our control, and could cause actual results to differ materially from such statements and from our historical results and experience. These risks, uncertainties and other factors include, but are not limited to risks detailed in our filings with the Securities and Exchange Commission (the "SEC"), including in our Annual Report on Form 10-K for the year ended December 31, 2022, and other filings and reports that we may file from time to time with the SEC. Readers are cautioned that it is not possible to predict or identify all the risks, uncertainties and other factors that may affect future results and that the risks described herein should not be considered a complete list. Any forward-looking statement speaks only as of the date on which such statement is made. Except as required by law, we undertake no obligation to update or revise any forward-looking statement as a result of new information, future events or otherwise.
Contact:VirnetX Holding Corporation415.505.0456[emailprotected]
SOURCE VirnetX Holding Corporation
See the article here:
VirnetX Partners with WeSecure - PR Newswire
Noname Security Announces the Industry’s First – GlobeNewswire
SAN JOSE, Calif., April 05, 2023 (GLOBE NEWSWIRE) -- Noname Security, the leading provider of complete and proactive API security, today announced Noname Public Sectors Hardened Virtual Appliance making the API security platform available to the U.S. Federal Government, highly regulated industry customers, and FedRAMP-authorized vendors. The appliance is the first of its kind in the comprehensive API security space and is designed to deliver a drop-in, secure, and scalable system for discovering, monitoring, and protecting mission-critical APIs and data.
Governments and highly regulated industries have unique security needs. Having worked closely with many Federal agencies during my career, I know how impactful it will be to provide this level of security and insight into APIs and provide options that make it easy to meet government standards, said Dean Phillips, Executive Director of Public Sector Programs at Noname Security. The government and regulated industries are not immune from cyber criminals, they are targeted as much if not more than most organizations. Were excited to arm them with the tools they need to protect their assets.
Federal agencies can use the Noname API Security Platform to protect their APIs in real-time and detect vulnerabilities before they are exploited. Noname Securitys Hardened Virtual Appliance makes the API security platform available completely offline with no reliance on internet connectivity, perfect for isolated and controlled environments. It is a finely tuned package of advanced software and premium support built and secured to Federal Government specifications, enabling customers to comply with the most rigorous standards, including Federal Information Processing Standards (FIPS)1 and Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIGs)2. Noname collaborated with a FedRAMP 3PAO, The MindPoint Group, on the development of the Noname Hardened Virtual Appliance.
Noname Securitys Hardened Virtual Appliance enables access to a powerful, complete, and easy-to-use API security platform that helps:
Noname Public Sector LLC has made it easier to deploy, configure and manage the platform via the new Noshell() interface. The shell offers innovative features such as the ability to perform on-demand STIG audits of the internal system itself, while aiming to reduce the overall attack surface of the system.
To learn more about Noname Securitys hardened platform, please contact publicsector@nonamesecurity.com.
Supporting Resources
About Noname Security & Noname Public Sector LLCNoname Public Sector LLC empowers the worlds most critical organizations to protect their most important data. With decades of military and civilian public sector experience, Noname Public Sector combines a deep understanding of government agency requirements with leading expertise on their unique API security considerations. Government agencies using Nonames complete, proactive API security solutions can securely harness their data to serve the public and stay ahead of adversaries. Noname Public Sector LLC is privately-held and based in Herndon, VA.
Noname Security is the leading provider of complete, proactive API Security. Noname works with 20% of the Fortune 500 and covers the entire API security scope Discovery, Posture Management, Runtime Security, and API Security Testing. Noname Security is privately held, remote-first with headquarters in Silicon Valley, California, and offices in Tel Aviv and Amsterdam.
Media ContactStephanie SchlegelOffleash for Nonamenoname@offleashpr.com
1 FIPS 140-2, titled Security Requirements for Cryptographic Modules, is a U.S. government computer security standard used to accredit cryptographic modules. Compliance with the standard is required for equipment used in federal facilities and has become a common stipulation in other public and private IT deployments.
2 Security Technical Implementation Guides (STIGs) are configuration standards developed by the Defense Information Systems Agency (DISA). They are designed to make device hardware and software as secure as possible, safeguarding the Department of Defense (DoD) IT network and systems.
Compliance with STIGs is a requirement for DoD agencies, or any organization that is a part of the DoD information networks (DoDIN). This includes defense contractors that connect to the DoD network or system.
STIGs are also aligned with the Centre for Internet Security (CIS) benchmarks - Level 3.
Read more from the original source:
Noname Security Announces the Industry's First - GlobeNewswire
The 10 Coolest IoT Security Companies: The 2023 Internet Of … – CRN
Security News Dylan Martin April 04, 2023, 09:00 AM EDT
As part of CRNs 2023 Internet of Things 50 list, heres a look at the tools and vendors leading the way in IoT security.
The need for better IoT security capabilities is greater than ever before, and that isnt expected to change any time soon.
This ongoing necessity to monitor and protect against threats to a wide range of connected devices was recently underlined by the U.S. Government Accountability Office, which said in December that the countrys 16 critical infrastructure sectors face increasing cybersecurity threats.
Its not just individual agencies that see the problem. In early March, the Biden administration called for a greater focus on developing secure IoT devices as part of its new National Cybersecurity Strategy, building on previous legislation and other government efforts addressing the issue.
Too often they have been deployed with inadequate default settings, can be difficult or impossible to patch or upgrade, or come equipped with advancedand sometimes unnecessarycapabilities that enable malicious cyber activities on critical physical and digital systems, the White House said in its strategy outline. Recent IoT vulnerabilities have shown just how easily bad actors can exploit these devices to construct botnets and conduct surveillance.
As part of CRNs 2023 Internet of Things 50 list, heres a look at the tools and vendors leading the way in IoT security.
Dylan Martin is a senior editor at CRN covering the semiconductor, PC, mobile device, and IoT beats. He has distinguished his coverage of the semiconductor industry thanks to insightful interviews with CEOs and top executives; scoops and exclusives about product, strategy and personnel changes; and analyses that dig into the why behind the news. He can be reached at dmartin@thechannelcompany.com.
Read more here:
The 10 Coolest IoT Security Companies: The 2023 Internet Of ... - CRN
I accidentally hacked into someone else’s TikTok account. It’s more … – Euronews
After avoiding the TikTok craze for the last five years, I finally cavedtwo months ago and set up an account for work purposes to follow Euronews' recently launched profile.
I used my phone number to sign up as it was new and barely used for anything else, and it was pretty much the personal information I cared the least about.
The platform sent me a login code via SMS, I gave Euronews a follow, scrolled a couple of videos on the "for you" page, and then forgot about my account for a month or so.
The sign-up and login process was very easy. Perhaps a little too easy.
A couple of weeks later, when I next logged into my account, my profile name was different, I had posted five cat videos, and was friends with someone called "Cookies Galaxy".
How was that possible? I appeared to be logged into someone elses account.
According to TJ Sayers, Cyber Threat Intelligence Manager at CIS Center for Internet Security, this is a fairly common problem.
"It's kind of a circumstantial thing where someone will get a new number and move on from an old phone number, and the cellular provider relocates that number to somebody," he told Euronews Next.
I had access to the personal information of the account holder (who appeared to have been inactive since 2020), including a list of comments they had made, every single one of their likes, their direct messages, and their email address.
"It sounds like what happened to you is maybe the persons account you got into didn't have any other additional step for authentication (besides their phone number) when they created their account," he further explained, "so you were able to use the number and log into the account".
While my switch happened unintentionally, malicious attempts to take over phone numbers have boomed with the rise in popularity of cryptocurrencies in 2019, according to the cyber expert. Hackers have increasingly tried to gain access to and lock users out of their phones to take control of important banking accounts, including digital wallets.
"Some people are actively trying to compromise phone numbers and email addresses in order to gain access to accounts for other nefarious purposes," said Sayers.
There are two ways of taking over someone elses number, or "SIM swapping". Hard swapping entails taking control of a persons physical SIM card, while the soft version implies calling the phone provider and impersonating the owner of the number by using information, such as the persons date of birth or address, openly available on the Internet.
"People don't even think that when they post social media stuff, it could be used by an attacker," said Sayers, adding, "what [scammers] will do is socially engineer that customer service agent into transferring your number to their device".
While a pin code is enough to avoid hard SIM swapping, preventing soft swapping takes more effort.
Asking your provider to set up a two-step code with a passphrase or a specific number is one way to do that. To avoid having your social media taken over, you can also use an apps registration lock, which can link your account to non-phone number-based identifiers.
For TikTok, the most straightforward solution is to avoid signing up with your phone number. In addition, you can also set up two-factor authentication (2FA), an extra pin generated on the spot, on top of your regular password. TikTok is still trialing this, but 2FA is already in use at other social media companies, such as Instagram.
Still, experts recommend refraining from using 2FA with text messages, as inadvertent swapping can still occur. "Once that happens, (scammers) can go and reset all of your accounts, because theyll get all of your two-factor authentication codes," said Sayers.
"Back when 2FA or multifactor came around, the predominant venue was to either get the code via text message or to get it via e-mail. Unfortunately, the threat landscape has evolved quite substantially and text messages are no longer the best practice for receiving authentication codes," he added.
"Email is a good option, but even better than that is to have some form of an app on your phone. So like Google Authenticator, Microsoft Authenticator, or Authy".
While authenticators are easily available and companies such as Twitter are moving away from texts, according to Sayers, industry buy-in is still behind.
"It's not really a technological next step that we need. It's more of an adoption next step. We're still pretty behind the curve with trying to get people away from text messages," he said.
Meanwhile, physical security keys such as Yubikey, which need to be plugged into a computer to authenticate and are deemed the most secure authentication technology right now, are becoming more widespread.
"Of course, we're going to see threat actors evolve and they'll start trying to attack those other new methods and then new technology will come out," warned Sayers, adding that the damage a person can suffer will depend on the use they make of social media accounts.
Reputational damage could be huge, according to the expert, but "spear phishing" - gaining access to sensitive data by impersonating the person for nefarious reasons - is also likely.
We live in a virtual world and a lot of times, especially post-COVID, a lot of people are working remotely. So if you can take over a social media account, people may not even second guess that you're contacting them through that account because it looks like you're them. So they can use that to try to gain access to more sensitive information, he explained.
As a bottom line, the expert is pretty clear. "Generally, for social media security, you can't go wrong with a unique long password, and I really emphasise unique and long," he said.
Read more:
I accidentally hacked into someone else's TikTok account. It's more ... - Euronews