fbpx
Surveillance, Security, Monitoring, Automation, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Chinese Secretly Installing Spyware App

China’s Border Guards Secretly Installing Spyware App on Tourists’ Phones

Chinese authorities are secretly installing surveillance apps on smartphones of foreigners at border crossings in the Xinjiang region who are entering from neighboring Kyrgyzstan, an international investigation revealed.

Xinjiang (XUAR) is an autonomous territory and home to many Muslim ethnic minority groups where China is known to be conducting massive surveillance operations, especially on the activities of Uighurs, a Muslim Turkic minority group of about 8 million people.

The Chinese government has blamed the Muslim Turkic minority group for Islamic extremism and deadly attacks on Chinese targets.

According to a joint investigation by New York Times, the Guardian, Süddeutsche Zeitung and more, the surveillance app has been designed to instantly extract emails, texts, calendar entries, call records, contacts and insecurely uploads them to a local server set-up at the check-point only.

This suggests that the spyware app has not been designed to continuously and remotely track people while in China. In fact, in the majority of cases, the report says the surveillance app is uninstalled before the phone is returned to its owner.

The spyware, called Feng Cai (蜂采) or BXAQ, also scans infected Android devices for over 73,000 pre-defined files related to Islamic extremist groups, including ISIS recruitment fliers, bomb-making instructions, and images of executions.

Surveillance, Monitoring, Security, Access Control, Automation, LVT, Liquid Video Technologies, Greenville South Carolina

Besides this, it also looks for segments from the Quran, portions of an Arabic dictionary and information on the Dalai Lama, and for some bizarre reason, the list also includes a song from a Japanese grindcore band called Unholy Grace.

The app can directly be installed on Android phones, but for tourists, journalists, and other foreigners, using Apple devices, the border guards reportedly connect their phones to a hardware-based device that is believed to install similar spyware.

According to researchers at German cybersecurity firm Cure53, who analyzed [PDF] a sample of the surveillance app, the names that appear in Feng Cai app’s source code suggest that the app was developed by a unit of FiberHome, a Chinese telecom manufacturer that is partly owned by the government.

“The app is very simple in terms of its user interface, with just three available functions: Scan, Upload, and Uninstall,” the researchers said.

However, it remains unclear how long the collected information on travelers is stored on the Chinese server, or how the government uses it.

“The Chinese government, both in law and practice, often conflates peaceful religious activities with terrorism,” Maya Wang, a Chinese researcher at Human Rights Watch, told NY Times. “You can see in Xinjiang, privacy is a gateway right: Once you lose your right to privacy, you’re going to be afraid of practicing your religion, speaking what’s on your mind or even thinking your thoughts.”

It’s not the first time when Chinese authorities have been caught using spyware to keep tabs on people in the Xinjiang region, as this kind of intensive surveillance is very common in that region. However, it’s the first time when tourists are believed to have been the primary target.

In 2017, Chinese authorities had forced Xinjiang residents as well into installing a similar spyware app, called Jingwang, on their mobile devices that was intended to prevent them from accessing terrorist information.

Article Provided By: The Hacker News

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Monitoring, Security, Access Control, Networking, Liquid Video Technologies, Greenville South Carolina, Cybersecurity

5 Keys to Improve Your Cybersecurity

Cybersecurity isn’t easy. If there was a product or service you could buy that would just magically solve all of your cybersecurity problems, everyone would buy that thing, and we could all rest easy.

However, that is not the way it works. Technology continues to evolve. Cyber attackers adapt and develop new malicious tools and techniques, and cybersecurity vendors design creative new ways to detect and block those threats. Rinse and repeat.

Cybersecurity isn’t easy, and there is no magic solution, but there are a handful of things you can do that will greatly reduce your exposure to risk and significantly improve your security posture.

The right platform, intelligence, and expertise can help you avoid the vast majority of threats, and help you detect and respond more quickly to the attacks that get through.

Challenges of Cybersecurity

Effective cybersecurity is challenging for a variety of reasons, but the changing perimeter and the confusing variety of solutions don’t help.

Long ago, during a time that is all but a distant memory by tech standards, cybersecurity was built around a concept of inside vs. outside, and us vs. them. The servers, applications, users, and data inside the network were inherently trusted, and everything outside of the network was assumed to be a potential threat.

The advent of free public Wi-Fi, portable laptops, mobile devices, and cloud computing have eroded the idea that there is any sort of perimeter, and most attacks leverage valid credentials and appear to be legitimate users, so the old model of defending the perimeter is no longer valid.

Meanwhile, as new platforms and technologies are developed, cybersecurity vendors inevitably create targeted point solutions for each one.

The result is a confusing mix of tools and services that protect specific facets of the environment, but don’t play well with each other and don’t provide a holistic view of the whole infrastructure so you can understand your security posture as a whole.

The constantly expanding and evolving threat landscape doesn’t make it any easier, either. Attacks are increasingly complex and harder to identify or detect—like fileless or “Living off the Land” (LotL) attacks.

The complexity of the IT infrastructure—particularly in a hybrid or multi-cloud environment—leads to misconfiguration and other human error that exposes the network to unnecessary risk. Attackers are also adopting machine learning and artificial intelligence to automate the process of developing customized attacks and evading detection.

Improve Your Cybersecurity

All of that sounds daunting—like cybersecurity is an exercise in futility—but there are things you can do. Keep in mind that your goal is not to be impervious to attack—there is no such thing as perfect cybersecurity.

The goal is to increase the level of difficulty for an attacker to succeed in compromising your network and to improve your chances of quickly detecting and stopping attacks that occur.

Here are 5 tips to help you do that:

  • Assess your business objectives and unique attack surface — Choose a threat detection method that can address your workloads. For instance, cloud servers spin up and spin down constantly. Your detection must follow the provision and deprovision actions of your cloud platform(s) and collect metadata to follow events as they traverse this dynamic environment. Most SIEMs cannot do this.
  • Eliminate vulnerabilities before they need threat detection — Use vulnerability assessments to identify and remove weaknesses before they become exploited. Assess your full application stack, including your code, third party code, and code configurations.
  • Align data from multiple sources to enhance your use cases and desired outcomes — Collect and inspect all three kinds of data for suspicious activity: web, log, and network. Each data type has unique strengths in identifying certain kinds of threats and together present a whole picture for greater accuracy and actionable context.
  • Use analytics to detect today’s sophisticated attacks — ensure your threat detection methods look at both real-time events and patterns in historical events across time. Apply machine learning to find what you do not even know to look for. If you use SIEM, enlist machine learning to see what correlation missed and better tune your SIEM rules.
  • Align security objectives to your business demands — There is more than one way to improve your security posture and detect threats. While SIEMs are a traditional approach, they are most useful for organizations that have a well-staffed security program. A SIEM alone is not the best solution for security monitoring against today’s web applications and cloud environments.

Article Provided By: TheHackerNews

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Video Surveillance, Surveillance, Monitoring, Access Control, Security, Liquid Video Technologies, Greenville South Carolina

Video Surveillance and the Evolving Needs

Video Surveillance and the Evolving Needs of the End-User: Update, Integrate, Analyze, Act

Video surveillance has long been a critical component of facility management and security plans, and it is only expected to grow. Being able to use this video surveillance footage in relatively new and helpful ways is becoming more and more important.

The Global Video Surveillance Storage market generated $28.52 billion in 2016 and is projected to grow by 18 percent by 2023. With so many resources being devoted to storing video data, it will be more crucial than ever to maximize returns on that investment by increasing capabilities to use that stored video. Based on the massive amounts of data gathered by surveillance technologies, it is becoming increasingly possible to take informed action grounded in analysis of the information gathered.

Demand for these capabilities is increasing and the market is responding with more innovative video surveillance technology than ever. End-users expect their technologies to protect and optimize their businesses and facilities; however, the path to this transformation is a two-way street. The technologies to support the users’ desired needs exist. It is a matter of investment and proper implementation to arrive at a place of optimization for facility security and operations.

Updating Systems: The First Step

When discussing the improvement of end-user experiences, updating outdated technologies may seem like a rudimentary and even obvious step. However, many facilities still rely on simpler systems such as analog cameras that keep footage only for a limited period of time. A video camera is no longer just a static piece of equipment meant to be monitored in real time. They also do not take the step that many have come to expect of providing actionable insights based on data gathered.

Thirty cameras, during a 24-hour period, throughout 30 days, will record 21,600 hours of video. That is a massive amount of data that goes nowhere and is essentially useless with a ‘traditional’ video surveillance system. There is a real and valuable return to be made in the form of insights that can be gathered from all this data to understanding where customers linger, how to improve workflow and increased security capabilities. These insights can even be monetized for interested parties, such as brands selling products in a store, thereby helping the facility’s bottom line. Updating outdated video surveillance equipment is the first step to unlocking the potential of integration and analytics.

Next Up: Systems Integration

Once systems are updated, it becomes possible to unlock the next steps in the optimization of a facility, resulting in increased overall security and better day-to-day operations.  Integration with other building and security systems such as lighting, HVAC and access control allow for a more complete picture of the “pulse” of the building. It also improves the experience and comfort of occupants, staff and patrons.

Let’s take lighting, for example. There are several ways that lighting and video surveillance can work together—the simple replacement of regular light bulbs with LED bulbs can improve visibility for video surveillance systems, while also driving down energy costs. Add in motion-sensor technology, and the lights and cameras can work to deter intruders and capture their image more effectively for law enforcement. By making these changes, it is no longer on the facility manager to look at grainy, poorly lit footage to try and decipher what is going on in the event of an incident. By integrating lighting and video surveillance, the facility manager is empowered to work smarter, not harder with a basis in intelligent data they can rely on.

Analytics, Security and Operations

The ability to analyze endless hours of video footage in a realistic and intelligent way has completely changed the game. Being able to define search parameters when reviewing footage can turn an hours-long review process into one that takes minutes, saving precious time in the event of an incident and allowing personnel to make the best use of their resources. For example, knowing the gender or clothing color of someone they are hoping to identify and being able to search footage accordingly can shave hours off a search.

By integrating analytics with other systems, such as access control, users can gain insight into things like the flow of occupants through a space and who is attempting to access restricted areas. In addition, these technologies can learn patterns and establish what is the norm for the facility they protect.  When something outside of their learned patterns occurs, such as someone trying to access a building after hours, they can detect it and relay that information, as well.

Security has never been the only use for video surveillance. As analytics are being more widely implemented, operational intelligence gathering has also been affected. Some of the most important uses for video surveillance are improving sales or customer service, examining and managing employee productivity and analyzing customer behavior and patterns. Analytics increase the ability of users to examine traffic flow, wait times, the efficiency of retail floor plans and much more. This information can then be utilized to address vulnerabilities and improve the operations of the facility.

Building on existing video surveillance systems (or implementing them from scratch) gives employees the support from technology they have come to expect in other areas of their life. By prioritizing upgrades and layering in integration and analytic technology, facilities can increase productivity, safety and efficiency, while also seeing significant ROI in the form of valuable, usable data, streamlined operations and a better overall experience. Technology is the first line of defense in many cases, but it can also be a support, enabling security and operations professionals to do their job more effectively and with the knowledge that their actions are driven by data.

Article Provided By: SecurityMagazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Access Control, Monitoring, Networking, Liquid Video Technologies, Greenville South Carolina, Data Breach

3 U.S. Universities Disclose Data Breach

Three U.S. Universities Disclose Data Breaches Over Two-Day Span

Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees’ email accounts.

All three universities — Graceland University, Oregon State University, and Missouri Southern State University — have notified the individuals whose personal information was potentially stolen or accessed about the security incidents.

In addition, no evidence has been found of the impacted personal information being stolen or used in a malicious manner while investigating the disclosed data privacy incidents involving all three universities.

Graceland University says in a notice of data breach published on June 14 that an “unauthorized user gained access to the email accounts of current employees,” on March 29, 2019, as well as “from April 1-30 and April 12-May 1, 2019, respectively.”

As the university discovered during the breach investigation, “the personal information of some people who had interacted with these email accounts over the past several years was available during the time the unauthorized user(s) had access.”

The information that could have been accessed during the incident contained:

• full name
• social security number
• date of birth
• address
• telephone number
• email address
• parents/children
• salary information
• financial aid information for enrollment or possible enrollment at Graceland

Oregon State University (OSU) states in a press release that “636 student records and family records of students containing personally identifiable information were potentially affected by a data privacy incident that occurred in early May.”

OSU says that a joint investigation carried out with the help of forensics specialists found that an employee’s hacked email account containing documents with the info of the 636 students and their family members was also used by the attackers to “send phishing e-mails across the nation.”

As detailed by Steve Clark, OSU’s VP for university relations and marketing:

OSU is continuing to investigate this matter and determine whether the cyber attacker viewed or copied these documents with personal information.

According to Clark, the university is also reviewing the protection systems and procedures used to shield OSU’s e-mail accounts and information systems.

Missouri Southern State University (MSSU), the third entity which reported a breach, states in a notice of data breach sent to the Office of the Vermont Attorney General that it was alerted of a possible cyber attack triggered by a phishing email on January 9.

The phishing attack made several victims among the university’s employees which prompted a law enforcement notification. The university officials were told afterward to delay notification of affected individuals until investigations are complete.

MSSU also hired a leading forensic investigation firm to look into the security incident and to “block potential email exploitation, including a mass password reset of all employee Office 365 accounts.”

After analyzing the contents of the impacted Office 365 accounts, MSSU found that the emails contained within stored “first and last names, dates of birth, home addresses, email addresses, telephone numbers, and social security numbers.”

As further explained in the data breach notification send to the Vermont Attorney General by MSSU:

In late March, April, and early May, the University identified emails containing personal information that may have been compromised by the attack. In mid-May, the University confirmed that your first and last name and social security number were contained in the impacted accounts.

Article Provided By: BleepingComputer

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Access Control, Computer Networking, Monitoring, LVT, Liquid Video Technologies, Greenville South Carolina, Banking Apps

US Mobile Banking Apps Have Security Flaws

Most US mobile banking apps have security and privacy flaws, researchers say

You might figure the biggest U.S. banks would have some of the most secure mobile apps. Spoiler alert: not so much.

New findings from security firm Zimperium, shared exclusively with TechCrunch, say most of the top banking apps have security flaws that put user data at risk. The security firm, which has a commercial stake in the mobile security business, downloaded the banks’ iOS and Android apps and scanned for security and privacy issues, like data leaks, which put private user data and communications at risk.

The researchers found most of the apps had issues, like failing to adhere to best coding practices and using old open-source libraries that are infrequently updated.

Some of the apps were using open-source code from GitHub from more than three years ago, said Scott King, Zimperium’s director of embedded security.

Worse, more than half of the banking apps are sharing customer data with at least one advertiser, the researchers said.

An unnamed iOS banking app with an 86/100 risk score (Image: Zimperium)

Banks Apps

Two unnamed Android banking apps each with an 82/100 risk score (Image: Zimperium)

The researchers, who didn’t name the banks, said one of the worst offending iOS apps scored 86 out of 100 on the risk scale for several privacy lapses, including communicating over an unencrypted HTTP connection. The same app was vulnerable to two known remote bugs dating back to 2015. The researchers said the risk scores for the banks’ corresponding Android apps were far higher. Two of the apps were rated with a risk score of 82 out of 100. Both of the apps were storing data in an insecure way, which third-party apps could access and recover sensitive data on a rooted device, said King.

One of the Android apps wasn’t properly validating HTTPS certificates, making it possible for an attacker to perform a man-in-the-middle attack. Several of the iOS and Android apps were capable of taking screenshots of the app’s display, increasing the risk of data leaking.

Zimperium said two-thirds of the Android banking apps are targeted by several malware campaigns, such as BankBot, which tricks users into downloading fake apps from Google Play and waits until the victim signs in to a banking app on their phone. Using an overlay screen, the malware campaigns steal logins and passwords.

The security firm called on banking apps to do more to bolster their apps’ security.

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

0
Security, Monitoring, Networking, Computer Networking, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina, Cisco fixes

Cisco Fixes High Severity Flaws

Cisco Fixes High Severity Flaws in Industrial, Enterprise Tools

Cisco patched two high severity improper input validation vulnerabilities found in the update feature of the Cisco Industrial Network Director (IND) software and the authentication service of Cisco Unified Presence (Cisco Unified CM IM&P Service, Cisco VCS, and Cisco Expressway Series).

Cisco IND is a solution designed to provide full visibility and control of industrial automation networks as detailed on its spec sheet, while Cisco Unified Presence is an enterprise platform for exchanging presence and instant messaging info in and across organizations.

Cisco IND remote code execution vulnerability

The remote code execution (RCE) flaw impacting Cisco IND is tracked as CVE-2019-1861 and it could allow potential authenticated remote attackers to execute arbitrary code on machines running the vulnerable software.

“The vulnerability is due to improper validation of files uploaded to the affected application,” according to Cisco’s security advisory.

“An attacker could exploit this vulnerability by authenticating to the affected system using administrator privileges and uploading an arbitrary file. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges.”

While there are no workarounds for this RCE vulnerability rated with a 7.2 CVSS 3.0 base score by Cisco, the company issued software updates which address this vulnerability starting with Cisco IND 1.6.0.

Cisco Unified Presence denial of service vulnerability

Cisco Unified Presence’s authentication service is affected by a security flaw with a CVSS 3.0 8.6 ratingand tracked as CVE-2019-1845 which could enable unauthenticated remote attackers to create a service outage for users trying to authenticate on vulnerable servers, triggering a denial of service (DoS) condition.

As detailed in Cisco’s security advisory, “The vulnerability is due to insufficient controls for specific memory operations. An attacker could exploit this vulnerability by sending a malformed Extensible Messaging and Presence Protocol (XMPP) authentication request to an affected system.”

“A successful exploit could allow the attacker to cause an unexpected restart of the authentication service, preventing users from successfully authenticating. Exploitation of this vulnerability does not impact users who were authenticated prior to an attack.”

Cisco says that the following software products are impacted by this DoS flaw if running a vulnerable version:

  • Expressway Series configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)
  • TelePresence VCS configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)
  • Unified Communications Manager IM&P Service (multiple releases)

Cisco patched the DoS vulnerability in releases X12.5.3 and later for Cisco Expressway Series and Cisco TelePresence VCS, while for Cisco Unified Communications Manager IM&P users should update to one of the versions listed in the table below:

Cisco Unified CM IM&P Service Major Release First Fixed Release
 10.5(2)  11.5(1) SU6 or 12.5(1)
 11.5(1)  11.5(1) SU6
 12.0(1)  12.5(1)
 12.5(1)  Not vulnerable

According to Cisco’s Product Security Incident Response Team (PSIRT), no malicious or active exploitation for the vulnerabilities described above has been detected.

Article Provided By: bleepingcomputer

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Access Control, Computer Networking, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Security Protections

Apple Security Protections Are Bypassed

Apple MacOS Security Protections Can Easily Bypassed with ‘Synthetic’ Clicks, Researcher Finds

A security researcher has disclosed a new flaw that undermines a core macOS security feature designed to prevent apps — or malware — from accessing a user’s private data, webcam or microphone without their explicit permission.

The privacy protections, recently expanded in macOS Mojave, were meant to make it more difficult for malicious apps to get access to a user’s private information — like their contacts, calendar, location and messages — unless the user clicks ‘allow’ on a popup box. The protections are also meant to prevent apps from switching on a Mac’s webcam and microphone without consent. Apple’s Craig Federighi touted the security features as “one of the reasons people choose Apple” at last year’s WWDC developer conference.

But the protections weren’t very good. Those ‘allow’ boxes can be subverted with a maliciously manufactured click.

It was previously possible to create artificial or “synthetic” clicks by using macOS’ in-built automation feature AppleScript, or by using mouse keys, which let users — and malware — control the mouse cursor using the numeric pad on the keyboard. After fixing these bugs in previous macOS versions, Apple’s current defense is to block all synthetic clicks, requiring the user to physically click on a button.

But Patrick Wardle, a former NSA hacker who’s now chief research officer at Digita Security, said he’s found another way to bypass these protections with relative ease.

Wardle, who revealed the zero-day flaw at his conference Objective By The Sea in Monaco on Sunday, said the bug stems from an undocumented whitelist of approved macOS apps that are allowed to create synthetic clicks to prevent them from breaking.

Typically apps are signed with a digital certificate to prove that the app is genuine and hasn’t been tampered with. If the app has been modified to include malware, the certificate usually flags an error and the operating system won’t run the app. But a bug in Apple’s code meant that that macOS was only checking if a certificate exists and wasn’t properly verifying the authenticity of the whitelisted app.

“The only thing Apple is doing is validating that the application is signed by who they think it is,” he said. Because macOS wasn’t checking to see if the application had been modified or manipulated, a manipulated version of a whitelisted app could be exploited to trigger a synthetic click.

One of those approved apps is VLC, a popular and highly customizable open-source video player that allows plugins and other extensions. Wardle said it was possible to use VLC as a delivery vehicle for a malicious plugin to create a synthetic click on a consent prompt without the user’s permission.

“For VLC, I just dropped in a new plugin, VLC loads it, and because VLC loads plugins, my malicious plugin can generate a synthetic click — which is fully allowed because the system sees its VLC but doesn’t validate that the bundle to make sure it hasn’t been tampered with,” he explained

“And so my synthetic events is able to click and access the users location, webcam, microphone,” he said.

Wardle describe the vulnerability as a “second stage” attack because the bug already requires an attacker — or malware — to have access to the computer. But it’s exactly these kinds of situations where malware on a computer tries to click through on a consent box that Apple is trying to prevent, Wardle said.

He said he informed Apple of the bug last week but the tech giant has yet to release a patch. “This isn’t a remote attack so I don’t think this puts a large number of Mac users immediately at risk,” he said.

An Apple spokesperson did not return a request for comment.

It’s not the first time Wardle has warned Apple of a bug with synthetic clicks. He reported related bugs in 20152017 and 2018. He said it was “clear” that Apple doesn’t take these bugs seriously.

“In this case, literally no-one looked at this code from a security point of view,” he said.

“We have this undocumented whitelisting feature that is paramount to all these new privacy and security features, because if you can generate synthetic events you can generically thwart them of them trivially,” he said.

“It’s important to get this right,” he said.

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Networking, Computer Networking, Access Control, Monitoring, LVT, Liquid Video Technologies, Greenville South Carolina, Network Security

A Way to Improve Network Security

Scientists May Have Identified a New Way to Improve Network Security

With cybersecurity one of the nation’s top security concerns and billions of people affected by breaches last year, government and businesses are spending more time and money defending against it.

Researchers at the U.S. Army Combat Capabilities Development Command’s Army Research Laboratory, the Army’s corporate research laboratory also known as ARL, and Towson University may have identified a new way to improve network security.

Many cybersecurity systems use distributed network intrusion detection that allows a small number of highly trained analysts to monitor several networks at the same time, reducing cost through economies of scale and more efficiently leveraging limited cybersecurity expertise; however, this approach requires data be transmitted from network intrusion detection sensors on the defended network to central analysis severs. Transmitting all of the data captured by sensors requires too much bandwidth, researchers said.

Because of this, most distributed network intrusion detection systems only send alerts or summaries of activities back to the security analyst. With only summaries, cyber-attacks can go undetected because the analyst did not have enough information to understand the network activity, or, alternatively, time may be wasted chasing down false positives.

In research presented at the 10th International Multi-Conference on Complexity, Informatics and Cybernetics March 12-15, 2019, scientists wanted to identify how to compress network traffic as much as possible without losing the ability to detect and investigate malicious activity.

Reducing the amount of traffic transmitted to the central analysis systems

Working on the theory that malicious network activity would manifest its maliciousness early, the researchers developed a tool that would stop transmitting traffic after a given number of messages had been transmitted. The resulting compressed network traffic was analyzed and compared to the analysis performed on the original network traffic.

As suspected, researchers found cyber attacks often do manifest maliciousness early in the transmission process. When the team identified malicious activity later in the transmission process, it was usually not the first occurrence of malicious activity in that network flow.

“This strategy should be effective in reducing the amount of network traffic sent from the sensor to central analyst system,” said Sidney Smith, an ARL researcher and the study’s lead author. “Ultimately, this strategy could be used to increase the reliability and security of Army networks.”

For the next phase, researchers want to integrate this technique with network classification and lossless compression techniques to reduce the amount of traffic that needs to be transmitted to the central analysis systems to less than 10% of the original traffic volume while losing no more than 1% of cyber security alerts.

“The future of intrusion detection is in machine learning and other artificial intelligence techniques,” Smith said. “However, many of these techniques are too resource intensive to run on the remote sensors, and all of them require large amounts of data. A cybersecurity system incorporating our research technique will allow the data most likely to be malicious to be gathered for further analysis.”

Article Provided By: HelpNetSecurity

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Computer Networking, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina, Cybersecurity Law

Thailand Passes Cybersecurity Law

Thailand passes controversial cybersecurity law that could enable government surveillance

Thailand’s government passed a controversial cybersecurity bill today that has been criticized for vagueness and the potential to enable sweeping access to internet user data.

The bill (available in Thai) was amended late last year following criticism over potential data access, but it passed the country’s parliament with 133 positives votes and no rejections, although there were 16 absentees.

There are concerns around a number of clauses, chiefly the potential for the government — which came to power via a military coup in 2014 — to search and seize data and equipment in cases that are deemed issues of national emergency. That could enable internet traffic monitoring and access to private data, including communications, without a court order.

The balance of power beyond enforcement has also been questioned. Critics have highlighted the role of the National Cybersecurity Committee, which is headed by the prime minister and holds considerable weight in carrying out the law. The Committee has been called upon to include representation from the industry and civic groups to give it greater oversight and balance.

Added together, there’s a fear that the law could be weaponized by the government to silence critics. Thailand already has powerful lese majeste laws, which make it illegal to criticize the monarchy and have been used to jail citizens for comments left on social media and websites. The country has also censored websites in the past, including the Daily Mail and, for a nearly six-month period in 2007, YouTube.

“The Asia Internet Coalition is deeply disappointed that Thailand’s National Assembly has voted in favor of a Cybersecurity Law that overemphasizes a loosely-defined national security agenda, instead of its intended objective of guarding against cyber risks,” read a statement from Jeff Paine, managing director of Asia Internet Coalition — an alliance of international tech firms that include Facebook, Google and Apple.

“Protecting online security is a top priority; however, the Law’s ambiguously defined scope, vague language and lack of safeguards raises serious privacy concerns for both individuals and businesses, especially provisions that allow overreaching authority to search and seize data and electronic equipment without proper legal oversight. This would give the regime sweeping powers to monitor online traffic in the name of an emergency or as a preventive measure, potentially compromising private and corporate data,” Paine added.

Reaction to the law has seen a hashtag (#พรบไซเบอร์) trend on Twitter in Thailand, while other groups have spoken out on the potential implications.

Thailand isn’t alone in introducing controversial internet laws. New regulations, passed last summercame into force in near-neighbor Vietnam on January 1 and sparked similar concerns around free speech online.

That Vietnamese law broadly forbids internet users from organizing with, or training, others for anti-state purposes, spreading false information and undermining the nation-state’s achievements or solidarity. It also requires foreign internet companies to operate a local office and store user information on Vietnamese soil. That’s something neither Google nor Facebook  has complied with, despite the Vietnamese government’s recent claim that the former is investigating a local office launch.

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Access Control, Monitoring, Computer Networking, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Privacy

New Privacy Features for Mozilla Firefox

New Privacy Features for Mozilla Firefox, Lockwise Is Live

Mozilla announced new features and changes today that aim to increase the privacy of Firefox users by blocking trackers and offering updates to various Firefox security and privacy services.

These changes include enabling Firefox Enhanced Tracking Protection by default for new users, the official launch of their Firefox Lockwise password management service, an updated Firefox Container addon, and a dashboard for the Firefox Monitor data breach service.

These changes are covered in detail below.

Blocking tracking cookies by default

Mozilla has announced that new Firefox users will now block third-party tracking cookies by default.

When users install Firefox for the first time, the browser will be configured to use the Standard setting for the Content Blocking feature. This setting previously only blocked trackers in Private mode, but has now been changed to also automatically block third-party tracking cookies in normal browsing sessions.

Standard Content Blocking setting
Standard Content Blocking setting

There is one caveat to this default blocking. If you look at the image above, you can see that Firefox “allows some trackers so websites function properly”. This means that trackers on some sites are being allowed if blocking them would break the site and gives the site more time to resolve these issues.

For existing Firefox users, you can enable the blocking of third-party cookies by utilizing the Custom Content Blocking setting and selecting to block Trackers and Third-party trackers under the Cookies setting.

Custom Content Blocking Settings
Custom Content Blocking Settings

Mozilla plans on rolling out this default blocking to existing Firefox users in the near future.

Lockwise Desktop officially launches

In the past, Mozilla offered the LockBox iOS and Android apps, which allowed mobile users to log into their Mozilla account and see login credentials saved from Firefox Desktop.

In May, BleepingComputer broke the news that Mozilla was rebranding their LockBox password management service under a new name called Lockwise. As part of this rebranding, Mozilla was also releasing a Firefox Lockwise for Desktop addon that acts as the cornerstone for the Mozilla password management service.

As of today, this addon is now officially released and can be downloaded from the Firefox Lockwise site.

When installed, the Firefox Lockwise addon converts Firefox’s Login and Passwords panel into a full featured password management service where users can view all of their saved login credentials, create new entries, and edit existing ones.

Firefox Lockwise for Desktop
Firefox Lockwise for Desktop

As long as syncing is enabled, all devices that are logged into the same Mozilla account will now be able to access the saved credentials stored in Firefox Lockwise.

This service, though, still needs improvement as mobile users can currently only view login credentials saved from Firefox Desktop and new credentials cannot be created within the Firefox Lockwise mobile apps.

Firefox Lockwise for iOS
Firefox Lockwise for iOS

If Firefox plans on creating premium offerings from this service, which they are currently considering, they need to update their Lockwise apps in order to allow users to create and save new login credentials. Only then can they compete with other password management services.

Firefox Container

Mozilla has also launched an updated Facebook Container addon that will now block Facebook buttons used on sites that you visit.

When sites utilize Facebook scripts to show Like or Share buttons, Facebook can use these scripts to track you when on the site and between sites. The updated Facebook Container addon will block these buttons so that they are no longer able to track you as shown below.

Blocked Facebook button
Blocked Facebook button on Amazon

Firefox Monitor gets a new dashboard

Finally, Mozilla is launching a new dashboard for their Firefox Monitor data breach notification service.

“Today we’re launching a central dashboard to help you track and manage multiple email addresses, whether it’s your personal email accounts or ones for professional use.”

This new centralized dashboard will allow you to quickly view the email addresses being monitor, the data breaches that have exposed your information, and the passwords that have been exposed across all breaches.

Firefox Monitor Dashboard
Firefox Monitor Dashboard

With this dashboard, Firefox Monitor is beginning to grow into a service that feels more complete rather than thrown together as an value added service for their customers.

It also shows how they continue to increase the service offerings in order to eventually offer premium options as a way to generate revenue.

Article Provided By: BleepingComputer

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

1 2 3 4