Hackers have realized they dont have to go after Bank of America. Instead, they can make a million dollars from an MSP and spread out to its business customers in the process, according to cybersecurity company ThreatLocker co-founder and CEO Danny Jenkins.

Something changed in the last decade where these hackers realized [MSPs] dont have nearly the security that Bank of America or the Department of Defense does, Jenkins said. With a little bit of planning, I can figure out what security software they use, figure out what their staff is like, figure out who they do business with, and now, I can send them direct emails.

MSPs are in the crosshairs, and there are many ways hackers are gaining access. One popular way is for hackers to figure out what security tools an MSP is using. Attackers can use exiting tools against you--and they are--to get into your systems, Jenkins told an audience of MSPs and solution providers at CRN parent The Channel Companys NexGen+ 2021 conference Tuesday.

[Related: ThreatLocker Is Locking Out Ransomware, Providing Peace Of Mind For MSPs]

Once inside an MSPs organization, its easier for the hacker to live off the land--that is, go after the rest of the companys customers, he said.

Adopting a zero-trust framework of never trust, always verify, can help MSPs take control of their own environment, Jenkins said.

We ourselves are seeing a lot of various attempts to breach our security, said David Liu, founder and CEO of solution provider Deltapath, who was in attendance during Jenkins keynote.

The San Jose, Calif.-based company focuses on unified communications and securing VoIP for its customers. Deltapath is no stranger to being a target of hackers looking to breach a solution provider organization, Liu said.

In one case, a Deltapath customer was hacked and a legitimate-appearing email was sent to Deltapath that made it through the companys layers of security. The email looked really authentic, but was luring us to make a document download, which could start an attack. Luckily, the last layer of defense is human and we had enough training to notice something looked fishy, Liu said.

A zero-trust security approach has some limitations, but its a really important strategy, he said.

Removing unnecessary privileges and whitelisting-- which allows everyday applications to have access to things they dont need like PowerShell being able to talk to Microsoft Office--is how MSPs can establish a zero-trust security posture, ThreatLockers Jenkins said.

The only thing QuickBooks needs access to is the QuickBooks folder. SolarWinds didnt need to go out to anything on the internet except SolarWinds. They dont need [access], so take it away, he said. Just checking that box should take away a huge surface area of attack from your system.

Only if access is blocked by default, storage is locked down at the application level and privileges are removed will MSPs be able to get themselves ahead of unavoidable threats, Jenkins said.

We want to be more secure than our neighbors because no ones robbing the house with a big dog, cameras and a gun sign, he said. Its easier to go next door.

See the original post here:
MSPs, Not Bank Of America, Are The New Ransomware Target, Says ThreatLocker - CRN

Reading Time: 5 minutes

Internet security is a branch of computer security which comprises various security measures exercised for ensuring the security of transactions done online. In the process, the internet security prevents attacks targeted at browsers, network, operating systems, and other applications. Today, businesses and governments are more concerned about safeguarding from Cyber attacks and malware programs that originate from the internet. The main aim of Internet security is to set up precise rules and regulations that can deflect attacks that arise from the Internet.

Internet security relies on particular resources and criteria for safeguarding the data that is communicated or transferred online. The safeguarding techniques include different kinds of encryption such as Pretty Good Privacy (PGP). Besides, the other features of a secure Web setup can include firewalls that prevent undesired traffic, and anti-spyware, anti-malware, and anti-virus programs that work from particular networks or devices to watch online traffic for malicious attachments.

An excellent Internet security safeguards financial details and much more of what is controlled by a company or agencys servers and network hardware. Inadequate Internet security can bring down any business where data (Financial or Sensitive) gets routed over the Web.

One of the best examples of the internet security scams is the internet security essentials a rogue security software behaving to protect the Windows computers against malware and viruses installs itself through the use of a trojan horse. The fake antivirus program affected Microsoft operating systems namely the Windows 9x, 2000, XP, Vista, Windows 7 and Windows 8. It relates to the FakeVimes family of fake antivirus malware!

Internet Security Essentials Alert is a fake program which is part of a scam chiefly devised to deceive the user into paying money for malware.

Internet Security Essentials works like a rogue antivirus software. It uses the scare tactics and fakes the user into believing that it has an association with Windows in order to make the user pay for the malware/virus removal. The symptoms of Internet Security Essentials infection are pretty standard. When the computer gets the infection, the user will notice a fake home screen, which is made to look as if it is a window within Windows, as a system component. The fake interface will run phony system scans to deceive the user.

One of the best examples of the internet security scams is the internet security essentials a rogue security software behaving to protect the Windows computers against malware and viruses installs itself through the use of a trojan horse. The fake antivirus program affected Microsoft operating systems namely the Windows 9x, 2000, XP, Vista, Windows 7 and Windows 8. It relates to the FakeVimes family of fake antivirus malware!

Internet Security Essentials Alert is a fake program which is part of a scam chiefly devised to deceive the user into paying money for malware.

Internet Security Essentials works like a rogue anti-virus software. It uses the scare tactics and fakes the user into believing that it has an association with Windows in order to make the user pay for the malware/virus removal. The symptoms of Internet Security Essentials infection are pretty standard. When the computer gets the infection, the user will notice a fake home screen, which is made to look as if it is a window within Windows, as a system component. The fake interface will run phony system scans to deceive the user.

The scan comes back with details of many threats found on the user computer which arent actually present. However, few fake malware/virus files are actually planted by the malicious Internet Security Essentials program. Thereafter, the user is requested to click on a button that says Remove all, but when the user tries doing it, the fake Internet Security Essentials comes back with a message asking the user to pay for the full version of its software to complete the malware cleaning process. The user is directed to a false website that alleges to be the company website of Internet Security Essentials, however, thats just the payment site for the scam.

A variety of Internet security devices and tools that can be used for businesses and government organizations are needed today. One type needs to help detect the intrusion while the other is should help prevent the intrusion. These tools will greatly help the IT staff when it comes to recognizing issues and in keeping the computer networks safe from threats.

The sophisticated programs are meant to be capable of recognizing a range of threats and ward off attacks respectively. The whole process would include the detection of viruses, spyware, malware, worms, etc. The detection tools will closely observe the system and raise the alarm for the system team to look into the issue when there is a malicious activity happening on the network. On the other hand, the prevention systems (anti-malware systems) enable live monitoring and has the potential to prevent attacks.

As a matter of fact, the Comodo Internet Security packs it all and provides complete protection 24/7 even when a user is not monitoring their computer!

The Comodo Internet Security Suite protects from most of the online attacks and malware activities that can steal the sensitive data stored on a computer. The security suite will robustly stop hackers from accessing financial details and personal information.

Malware arising from the internet can hold a system as a hostage and demand money, secretly gather sensitive information about the computing habits of users, internet activity, keystrokes, etc. Stay protected from all of these threats with the latest version of Comodo Internet Security!

For more insights, take a look at the official page of Comodo Internet Security!

Related Resource:

Remote Access Software

Continued here:
What Is Internet Security? | Free Internet Security Suite For PC

LOS ANGELES--(BUSINESS WIRE)--InfoNetworks today announced a new and unique service called Unified Technology Solution. Promoted as the answer to fill an existing void in the marketplace, InfoNetworks Unified Technology Solution offers businesses managed IT services, complete network security, voice and telephony services, and connectivity via a complete package from a single provider.

For more than a year, businesses worldwide have faced unprecedented global events that are dictating policies and procedures. Companies have necessarily cut key budget items, face new challenges, and manage their businesses with reduced workforce. Many of these organizations have been tasked with creating remote infrastructure to help mitigate the ever-changing landscape and support work-from-home or hybrid work environments.

InfoNetworks Unified Technology Solution is designed to address these challenges with an all-inclusive platform that allows employees, managers, and executives to stay connected and secure both in the office and remotely. InfoNetworks data connections support the added influx of traffic to the office while the included cloud-based PBX allows for extensions to be accessible via mobile device or laptop. The Unified Technology Solution network supports a mix of Desktop, Softphones, Teams, SIP and PRI interfaces. All technologies are managed by InfoNetworks experienced Technical Support and Network Engineering Teams and are monitored 24 hours a day, seven days a week by the watchful eye of CyberSecure(SM), an advanced Network Security Software capable of locking-down up to 500,000 end points.

Our Unified Technology Solution is a four-pronged approach, said Bruce Hakimi, Senior Executive at InfoNetworks. By delivering Managed IT, Network Security, Voice and Data under one source, we can maximize the efficiency and productivity of any organization. He further explained: By being able to oversee all network elements from the data connection to internal Local or Cloud based Network, InfoNetworks has the advantage of acting and resolving issues quickly without having to wait for other vendors.

Although some data carriers may offer a cloud infrastructure, it is not a true Managed IT service. Their support is mostly limited to their equipment and servers and does not cover software applications, internal equipment such as PCs, Laptops, Printers, scanners, WiFi Routers and internal network security. If a printer is not working, a server is down or a laptop is hacked, their help desk will not assist. InfoNetworks Unified Technology Solution offers full LAN support giving businesses the advantages of having an IT team at their fingertips without the overhead cost.

It is like having an in-house IT Department that manages and maintains your entire network, from your voice services to your laptops, said Hakimi. Just think about it: how many companies can direct you to one support number for every type of trouble on your platform from your internet being down to an issue with your Network Security?

Visit link:
Unified Technology Solution - An InfoNetworks Service that Delivers Managed IT & Network Security Plus Voice and Internet Solutions - Business...

Attacks, Threats, and Vulnerabilities

Cash-Starved North Korea Eyed in Brazen Bank Hack (Daily Beast) Hackers who stole tens of millions of dollars to fund North Koreas nuclear weapons program in 2016 tried hitting another bank last year, The Daily Beast has learned.

Hacker Attacks Hit Indonesian Agency: Calling for Cyber War? (D-Insights) A cyber attack hits National Cyber and Encryption Agencys (BSSN) website, highlighting the latent threat of cyber warfare.

Operation Secondary Infektion Targets Pfizer Vaccine | Recorded Future (Recorded Future) A fake letter has been discovered that is highly likely an attempt to generate vaccine hesitancy and distrust.

Conti Ransom Gang Starts Selling Access to Victims (KrebsOnSecurity) The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti's malware who refuse to negotiate a ransom payment are added to Conti's victim shaming blog, where confidential files stolen from victims may be

Ransomware Gang Says the Real Ransomware Gang Is the Federal Government (Vice) A day after it was revealed that the US and its allies hacked the infamous REvil ransomware gang, a competing gang published an anti-government rant on its website.

BlackMatter botched tens of millions in ransoms after coding bug caught by Emsisoft (SC Media) Cybersecurity firm helped victims without publicly announcing bug in BlackMatter ransomware, which has since been fixed by the threat group.

Emsisoft cracked BlackMatter ransomware, recovered victims' data (SearchSecurity) Emsisoft found a critical flaw in BlackMatter ransomware, as well as other ransomware families, that helped to decrypt files without paying.

Hackers used billing software zero-day to deploy ransomware (BleepingComputer) An unknown ransomware group is exploiting a critical SQL injection bug found in the BillQuick Web Suite time and billing solution to deploy ransomware on their targets' networks in ongoing attacks.

SolarWinds Hackers Target Another Weak Point in Tech Supply Chain (Wall Street Journal) Firms that resell or manage cloud services are springboards for bigger attacks.

US being hit by huge cyber attacks, Microsoft warns (The Independent) Hundreds of companies and organisations are being hit by a wave of cyber attacks, Microsoft has warned.

Hundreds of U.S. Networks Targeted by Russian Cyber Attack, Microsoft Says (Insurance Journal) The Russian-based agency behind last year's massive SolarWinds cyberattack has targeted hundreds more companies and organizations in its latest wave of

Russia-Linked SolarWinds Hackers Continue Supply Chain Attack Rampage (SecurityWeek) Microsoft warns that the Russia-linked threat group that targeted SolarWinds continues launching supply chain attacks.

Russian Hackers Behind SolarWinds Attack Are Targeting The Supply Chain, Microsoft Says (Daily Caller) The same group of Russian hackers behind the December 2020 SolarWinds attack are targeting companies in the U.S. technology supply chain, Microsoft says.

Russian Cyber Spies Flout Sanctions, Target Tech Sector (Law360) Russian spies behind a cyberattack on software provider SolarWinds that led to breaches at nine U.S. federal agencies have flouted White House sanctions with a new campaign targeting cloud service companies, Microsoft Corp. said Monday.

The Russian hacker group behind the SolarWinds attack is at it again, Microsoft says (NPR.org) According to Microsoft, the group is targeting technology companies that resell and provide cloud services and has been using phishing and password spray to gain entry to targeted networks.

Wave of cyberattacks hitting American companies, Microsoft warns (Newsweek) Microsoft has accused the Russian hacking group Nobelium of being responsible for the attack.

Urgency, Mail Relay Serve Phishers Well on Craigslist (INKY) Craigslist, that old fashioned website people still use to find things locally and urgently has become the latest phishing vector. In addition to the inherent time pressure of its marketplace, a feature on the site that appeals to phishers is the mail relay function. In the service of safety and anonymity, Craigslist lets people seeking or offering things send an email through the system to anyone else.

Cracking WiFi at Scale with One Simple Trick (Cracking WiFi at Scale with One Simple Trick) How I Cracked 70% of Tel Avivs Wifi Networks (from a Sample of 5,000 Gathered WiFi). In the past seven years that Ive lived in Tel Aviv, Ive changed apartments four times. Every time I...

NYT journalist describes his iPhone being hacked, and the precautions he now takes (9to5Mac) A New York Times journalist covering the Middle East has described the experience of his iPhone being hacked, and the security precautions ...

Old Hollywood CCTV camera hack actually works on modern security cameras (CoolTechZone) We decided to prove multiple Hollywood scenes about spoofing video of security cameras and show that in our hands-on research

Janesville schools hit with ransomware attack locking digital systems (Channel3000.com) The School District of Janesville says it was hit with a ransomware attack over the weekend, locking students, staff and parents out of several web-based systems and programs.

Bulletin (SB21-298) Vulnerability Summary for the Week of October 18, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

CISA Raises Alarm on Critical Vulnerability in Discourse Forum Software (SecurityWeek) CISA over the weekend issued an alert on a critical vulnerability in open source discussion platform Discourse.

Critical RCE Vulnerability in Discourse (CISA) Discoursean open source discussion platformhas released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.

2021 Unisys Security Index | Global and Country Insights (Unisys) The Unisys Security Index measures global consumer concerns related to national, personal, financial and Internet security.

Threat Labs Report - September 2021 (Netskope) Cloud-enabled threats: Google Drive remains the app for which Netskope blocks the most malware. Google Gmail, previously not in the top 5, rose as attackers delivered malicious Office documents via email attachments

Appsec Stats Flash (WhiteHat Security) The state of application security is rapidly evolving and there is a need for a more frequent analysis of the threat landscape.

Deepfakes, Cryptocurrency and Mobile Wallets: Cybercriminals Find New Opportunities in 2022 (Check Point Software) Check Point Software 2022 Cyber-security Predictions also anticipates an increase in supply chain attacks in the new year Check Point Software

Menlo Security Survey Sees Orgs Reevaluating Remote Access Strategy (Security Boulevard) A survey of 545 IT decision-makers from organizations in the U.S. and United Kingdom (UK) found three-quarters of respondents (75%) are reevaluating their

As Cyber Events Plague U.S. Execs, Some Still Have No Cyber Plan (PRNewswire) Deloitte's 2021 Future of Cyber survey shows similarities, differences in U.S. and non-U.S. C-suite responses

Its October. Are you aware of cybersecurity yet? (StateScoop) Cybersecurity awareness month gets a ton of flak, especially from those working in cybersecurity. Does it need revision?

(ISC) 2021 Cybersecurity Workforce Study ((ISC)) The (ISC) Cybersecurity Workforce Study includes the Cybersecurity Workforce Estimate, the Cybersecurity Workforce Gap and insights on the challenges and opportunities surrounding cybersecurity workforce development.

How We Can Narrow the Talent Shortage in Cybersecurity (Dark Reading) Filling crucial roles in cybersecurity and addressing the talent shortage requires rethinking who qualifies as a "cybersecurity professional" and rewriting traditional job descriptions.

Cybersecurity M&A Roundup for October 11-24, 2021 (SecurityWeek) A total of 15 cybersecurity-related acquisitions were announced October 11-24, 2021.

Piiano Raises $9M Seed Round to Transform Enterprise Data Privacy (BusinessWire) Piiano, a pioneer of data privacy engineering for the cloud, announced today that it has raised a $9M seed round. The round was led by cybersecurity-f

Devo Whips Up $250M Series E At $1.5B Valuation (Crunchbase News) Cambridge, Massachusetts-based cybersecurity firm Devo Technology has closed a $250 million Series E as the company hopes to ride its strong growth and disrupt the security analytics market.

Onfido acquires EYN to provide innovative acoustic-based liveness detection amid record-breaking global revenue growth (Onfido) -Increased investment in research and development spurs EYN acquisition, pioneers in industry-first acoustic-based anti-spoofing technology-Key strategic hires in CFO and CCO

TransUnion Enhances Consumer Identity Protection Offerings with Agreement to Acquire Sontiq for $638 million (GlobeNewswire News Room) The combined company will offer comprehensive identity solutions, further empowering consumers and businesses to shape and protect their financial futures...

Amentum again hits accelerator with PAE acquisition (Washington Technology) Amentum in year one of its relaunch as a standalone company went out and acquired DynCorp International. Now in year two, Amentum has set its sights on a second major transaction and this time it's buying PAE.

BackBox closes $32 million Series A for the hybrid multi-cloud era (CTECH) The news also comes with the appointment of Andrew Kahl as the new CEO and a move to Dallas

2019 Cybersecurity Workforce Study ((ISC)) The (ISC) Cybersecurity Workforce Study, 2019 is downloadable here. The study is conducted annually to assess the cybersecurity workforce or skills gap and how to recruit, build and strengthen cybersecurity staff or teams.

Researcher Earns $2 Million for Critical Vulnerability in Polygon (SecurityWeek) Security researcher Gerhard Wagner earned a $2 million bug bounty reward for a critical vulnerability in Polygons Plasma Bridge that could have allowed a malicious user to submit the same withdrawal transaction 224 times.

GCHQ 'signs deal with Amazon' to host top-secret material (Computing) The UK's spy agencies will use the cloud to boost the use of AI, analytics and other technologies

Amazon signs deal with British spy agencies to boost use of AI for espionage -FT (Reuters) Britain's spy agencies have given a contract to Amazon Web Services (AWS) to host classified material in a deal aimed at boosting the use of data analytics and artificial intelligence (AI) for espionage, the Financial Times reported on Monday.

Northern Virginia Technology Council Announces 2021 NVTC Capital Cyber (PRWeb) The Northern Virginia Technology Council (NVTC), the trade association representing the national capital regions technology community, today announced the wi

Salt Security Named 2021 CISO Choice Award Winner for Application Security (PR Newswire) Salt Security, the leading API security company, today announced it was named the winner in the Application Security category of the 2021 CISO...

Darktrace Plunges After Peel Hunt Forecasts 50% Downside (Bloomberg) Some experts consider product a gimmick, broker says. Spokeswoman says firm provides protection, customers satisfied.

Cybersecurity firm Darktrace tumbles after brokers bearish note (Times) A high flying cybersecurity specialist lost just over a fifth of its market value yesterday after concerns were raised over the quality of Darktraces products and size of its target market. The group, which listed on Londons main market in April, is set to enter the FTSE 100 tomorrow, replacing th

US retail giants pull Chinese surveillance tech from shelves (TechCrunch) Home Depot, Best Buy, and Lowe's removed the Chinese video surveillance makers over links to human rights abuses.

Cofense Joins Microsoft Intelligent Security Association (MISA) (BusinessWire) Nominated for membership based on Cofense PhishMe's Recipient Sync feature, Cofense has joined the Microsoft Intelligent Security Association (MISA).

CIS Mobile Launches Mobile Integration Center in Northern Virginia Headquarters (EIN) Company Partners with Multiple Tech Providers to Secure Mobile Devices In, Around Federal Facilities

Aryaka Names Ed Pearce as National Channel Director North America (BusinessWire) Aryaka, the leader in fully managed SD-WAN and SASE, chooses Ed Pearce as National Channel Director for North America

Keeper Security Expands Leadership Team with Tristen Yancey as VP of Public Sector (PR Newswire) Keeper Security, the leading provider of zero-knowledge security and encryption software covering password management, dark web monitoring,...

Rick Waddell, Lieutenant General (Ret.), U.S. Army Reserve Joins KnectIQ Advisory Board (PR Newswire) KnectIQ Inc., an innovator in cybersecurity technology, today announced Rick L. Waddell, Lieutenant General (Ret.), U.S. Army Reserve has...

Jumio Launches End-to-End Orchestration for its KYX Platform to Deliver Holistic View of Consumer Identities and Risk (BusinessWire) Jumio, the leading provider of AI-powered end-to-end identity verification, eKYC and AML solutions, today announced the launch of an intuitive no-code

Quest Releases SharePlex 10.1.1 to Expand Oracle Data Replication to Azure Cloud Services, Maximizing Resiliency, Lowering Costs and Reducing Risk (GlobeNewswire News Room) SharePlex 10.1.1 helps customers move their Oracle data in real-time into Microsoft Azure cloud servicesFacilitates continuous high-speed replication of...

AT&T Launches 5G Managed Advanced Security Capabilities to Further Protect Enterprise Network Infrastructure (PR Newswire) What's the news? AT&T* is introducing comprehensive, managed advanced security capabilities for 5G network deployments. The first security...

Illumio Introduces Illumio CloudSecure for Cloud-Native Application Visibility and Control to Accelerate the Path to Zero Trust (Illumio) New Agentless Solution Delivers Zero Trust Segmentation of Cloud-Native Applications in Multi- and Hybrid Cloud Environments

Check Point Software Brings Infosec Institute's Award-Winning Security Awareness Training to Leading Cyber Solutions Platform (Yahoo Finance) Infosec Institute, the leading cybersecurity education company, today announced it has partnered with Check Point Software Technologies to bring its award-winning security awareness training and phishing simulator to the Check Point Technology Partner Alliance. Check Point Software is a leading provider of cybersecurity solutions to governments and corporate enterprises globally.

Group-IB Fraud Hunting Platform Delivers Substantial ROI (PR Newswire) Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation...

CrowdStrike & AWS Provide Protection Against Ransomware & Identity-Based Threats (CrowdStrike) CrowdStrike announced new features to the Falcon platform that work with Amazon Web Services to protect customers from complex ransomware & cyber attacks.

ionir Extends Support for CI/CD Pipeline Acceleration (PR Newswire) ionir, a leader in Kubernetes Data Services, today announced updates to its cloud-native data services platform with new capabilities focused...

Veriff Launches New Account Onboarding, Arming FinTech Companies with Next-Gen Security Features (WIBW) Innovative, built-in KYC requirements ensure trust between businesses and consumers online

Hiscox CyberClear Offering Expands to 50 States (Hiscox) Florida is the latest and final state to be admitted

Ivanti Extends Neurons Platform to Help Customers Further Improve Network Security, Automate Compliance, and Maximize Productivity (Ivanti) Ivanti, the provider of the Ivanti Neurons automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today anno

Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (Mandiant) In December 2020, FireEye uncovered and publicly disclosed a widespread campaign conducted by the threat group we track as UNC2452. In some, but not all, of the intrusions associated with this campaign where Mandiant has visibility, the attacker used their access to on-premises networks to gain unauthorized access to the victims Microsoft 365 environment.

Expert Q&A: How to use honeypots to lure and trap bots (PerimeterX) As bots become more sophisticated, detection and blocking need to stay one step ahead of them.

Dev-Sec Convergence: New Research Details Progress and Challenges on the Road to Secure Innovation (PR Newswire) Nearly all organizations are increasing their investment in application security this year, but they continue to struggle to fully embrace...

Socure Publishes Industrys First Digital Identity Fairness and Inclusion Report (BusinessWire) Socure, the leading provider of digital identity verification and fraud solutions, today at Money 20/20 announced the industrys first Digital Identit

What is a cybersecurity degree? (ZDNet) Thinking about pursuing cybersecurity training? A cybersecurity degree could boost your future career. Here's what to expect in cybersecurity school.

New hacking efforts show Russia undeterred by US actions (TheHill) A year after Russian government hackers compromised almost a dozen U.S. federal agencies, renewed efforts by the same group to target the global IT supply chain are painting a picture of a defiant Russia undeterred by U.S.

China is accused of exporting authoritarian technology. But the west has done so, too, more covertly (The Conversation) While it may be difficult to enact a global set of regulations on surveillance technologies, individual countries can take the lead with enhanced monitoring and stronger laws.

Facebook Whistleblower Frances Haugen Calls for New Tech Laws in Europe (Wall Street Journal) Frances Haugen tells U.K. lawmakers that social-media platforms should be required to disclose actions to combat misinformation and hate speech.

Facebook whistleblower testifies to UK parliament (TechCrunch) Frances Haugen, one of (now) multiple Facebook whistleblowers who have come forward in recent years with damning testimony related to product safety, gave testimony in front of the UK parliament today where, in one key moment, she was invited to clarify her views on end-to-end encryption fo

Britain Wants to Use Its New Cyber Command to 'Hunt' Ransomware Gangs (Gizmodo) A week or so after revelations about an FBI plot to hack a prominent ransomware gang, Britain has announced new offensive operations against cybercrime groups.

Australia plans to force parental consent for minors on social media (Reuters) Australia unveiled plans on Monday to make social media companies obtain parental consent for users under the age of 16, with multimillion dollar fines for failing to comply.

YouTube, TikTok Defend Teen Privacy Plans Amid Facebook Scrutiny (Bloomberg) Senators say Facebook shows protection needed across the board. Companies to argue they have existing protections in place.

WSJ News Exclusive | State Department to Form New Cyber Office to Face Proliferating Global Challenges (Wall Street Journal) The organizational changes are intended to confront cybersecurity challenges like ransomware and waning global digital freedom, the latest overhauls by the administration aimed at prioritizing cyber threats as a top-tier national security issue.

State Department will form new cyber bureau (CNN) The Biden administration is launching a new bureau for cyberspace and digital policy at the State Department as part of an effort to strengthen diplomats' cyber expertise, Secretary of State Tony Blinken announced in an email to the department's workforce on Monday.

US State Department to establish new cyber bureau led by ambassador ( The Jerusalem Post | JPost.com ) The US State Department said on Monday it plans to establish a bureau of cyberspace and digital policy that will be led by a Senate-confirmed ambassador at large, spokesperson Ned Price said.

First on CNN: Biden administration expected to name GOP official who challenged Trump's lies to key election security role (CNN) The Biden administration is expected to name Kim Wyman, a Republican secretary of state who challenged former President Donald Trump's false claims of election fraud, to lead the Department of Homeland Security's efforts to protect future elections from foreign and domestic interference, multiple people familiar with the matter tell CNN.

Julian Assange: what to expect from the extradition appeal (the Guardian) US has assured courts he could be jailed in native Australia and not held under maximum security

Kansas Man Admits Hacking Public Water Facility (SecurityWeek) Roughly seven months after being indicted for his actions, a Kansas man admitted in court to tampering with the systems at the Post Rock Rural Water District.

Secure email group Proton wins Swiss appeal over surveillance rules (Reuters) Geneva-based Proton AG, the company behind ProtonMail and ProtonVPN, has won an appeal regarding its treatment under Swiss law governing telecommunications surveillance, a Swiss court said on Friday.

New Standard Contractual Clauses: 10 Things You Need to Know (cyber/data/privacy insights) On the third anniversary of the General Data Protection Regulation, Cooley launched a series of webinar focused on the GDPR. The GDPR permits the transfer of data from the European Union and the European Economic Area (EEA) to third countries using standard contractual clauses (SCCs), which are a

FBI Given Power To Unlock Capitol Riot Suspect Phone With His Fingerprint (Forbes) January 6 investigators get a warrant to open devices using a defendants fingerprint. Though hed been accused of assaulting officers with pepper spray, forced fingerprint unlocks remain a legally-questionable power.

See more here:
Conti's business model. BillQuick bug exploited to serve ransomware. Hitting BlackMatter. Protecting software supply chains. - The CyberWire

Norton Family is a parental control suite from the respected antivirus vendor, which covers PCs and mobiles. Its an in-depth product that seeks to ensure that your kids stay safe online.

But how does it do that, and exactly what features are included?

In this article, were going to provide a breakdown of the functionality included with Norton Family and what devices it supports, before discussing how good this suite is for parental control duties.

Today's best Norton Family and Norton 360 Deluxe deals

Norton Family is a parental control suite that is designed to keep your children safe when theyre online or offline for that matter (more on that later). It rather niftily provides protection for all your kids, no matter how many, with unlimited devices covered.

The kind of features offered here include monitoring to see what your offspring is up to online, the ability to restrict device usage to certain times, and of course defenses to keep kids from stumbling onto any nastiness while browsing the web.

Note that you also get this parental control package if you buy the more advanced security suites from this firm, namely Norton 360 Deluxe or Norton 360 Premium (in these suites its called Parental Control rather than Norton Family, but its the same thing).

Norton Family can be installed on unlimited devices, and supports not just Windows PCs, but also Android and iOS devices (the only thing you dont get here is support for Macs, basically). Windows 10 (but not Windows 10 S Mode) and Windows 8 are supported but not the Edge browser and on mobile, you need to be running Android 6.0 or better, or if you have an Apple device, iOS 13 or newer.

Want to know what this suite is capable of? Lets look at some of the highlights of Norton Familys feature set. Note that some abilities are only available on certain platforms so app blocking, for instance, is just on Android and well flag this up wherever this is the case.

Web Supervision

A core element of any piece of parental control software, this lets you see where your kids are browsing on the web, and facilitates the blocking of inappropriate sites. Its possible to block content over a whole host of diverse categories (not just the usual options relating to pornography, drugs and so forth).

Time Supervision

As the name suggests, this allows for setting time limits and managing when your kids can use their devices, blocking them off at bedtime or maybe meal times (or you can use Instant Lock to temporarily, but instantly, block a device).

School Time

With home schooling perhaps still on your mind following lockdowns in some countries, this feature helps to manage remote learning on the childs device, keeping them focused on work and not allowing any distractions by limiting web access strictly to educational content (which could be useful for homework time, too).

Search Supervision

This lets you monitor your childs web searching activities to see if theyre looking for anything inappropriate. It also implements Nortons Safe Search to filter out unsuitable search results. Furthermore, videos watched at YouTube are monitored and you can see a thumbnail and description to quickly let you judge whether a viewed clip might be anything potentially dodgy.

Mobile App Supervision

With this feature you can see what apps your kids have downloaded, and block any that you feel are unsuitable. Note, however, this this is for Android devices only, so iOS users are left out here (that said, this isnt Nortons fault, as the reason is wrapped up in the way Apple implements its mobile OS with tight security measures).

Location Supervision

For parents worried about where their child might be not when online, but in the real world instead, Norton Family offers a full system of location tracking (and a 30-day history of where theyve been) for both Android and iOS mobiles. Alert Me is a further feature tied in with this which delivers automatic alerts when a child reaches certain defined locations (school, home and so forth), with impressively in-depth options and controls for these functions.

Monthly/Weekly Reports

Some equally in-depth reports are provided on everything your kids have done, and these can be accessed from a well-organized web portal.

Norton has a good reputation within the security world and the Norton antivirus engine is consistently ranked highly by the independent test labs. That, of course, isnt strictly relevant to the Norton Family product itself, but the pedigree of the developer is always a consideration and this is a quality parental control suite which blends power and convenience with some great filtering and location controls - our Norton Family review goes into more detail.

The asking price for Norton Family is more than reasonable given that it delivers support for an unlimited amount of devices, so no matter how big your family and how much kit is owned therein youll be covered with one subscription.

Thats an impressive value proposition, but the other consideration is whether you might want to plump for Norton 360 Deluxe instead, which includes the Parental Control module.

Now, Norton 360 Deluxe is a bit more expensive if you go by the recommended asking prices, but the internet security suite is invariably heavily discounted, and after price-cutting is generally only a little more expensive than Norton Family (if not the same price, at times). The trade-off is that only five devices are supported by Norton 360 Deluxe, but if thats all you need, then you get a fully-fledged security suite with a whole host of extra features for not a lot more money.

Its worth thinking about, certainly, but the bottom line is both these products offer good value, and feature-wise they compare favorably to rivals very favorably in the case of Norton Family.

Get the best price on your preferred Norton package

Go here to read the rest:
What is Norton Family and what does it do? - TechRadar