Tag: measures | SpinSafe

CISA Systems Hacked: Ivanti Vulnerabilities Exploited, Urgent Security Measures Advised

March 10, 2024/in Internet Security

Officials from the Cybersecurity and Infrastructure Security Agency (CISA) recently disclosed a successful hack of the agency’s systems in February that involved hackers taking advantage of flaws in Ivanti products.

The CISA spokesperson confirmed this security incident, revealing that the agency detected suspicious activities pointing to exploiting Ivanti product vulnerabilities approximately a month ago, as reported by Recorded Future News.

The impact of the CISA breach was contained in two specific systems and swiftly taken offline as part of immediate response measures. Emphasizing the ongoing efforts to modernize and upgrade systems, the spokesperson assured that there is currently no operational impact.

The Impact of the CISA Cyber Breach

According to a person with knowledge, the hacked systems were the Infrastructure Protection (IP) Gateway and the Chemical Security Assessment Tool (CSAT). These two systems held important data about how U.S. infrastructure is interdependent and private sector chemical security plans. CISA has neither confirmed nor denied this information.

CSAT, recognized for storing susceptible industrial data, including tools for high-risk chemical facilities, site security plans, and security vulnerability assessments, was a focal point of the breach.

CISA Confirms Cyber Breach: Ivanti Product Flaws Exploited by Unknown Hackers

In this photo illustration a young man types on an illuminated computer keyboard typically favored by computer coders on January 25, 2021 in Berlin, Germany. 2020 saw a sharp rise in global cybercrime that was in part driven by the jump in online retailing that ensued during national lockdowns as governments sought to rein in the coronavirus pandemic. (Photo : Sean Gallup/Getty Images)

In response to the incident, CISA advised enterprises to study a Feb.29 alert warning of actively exploiting Ivanti Connect Secure and Ivanti Policy Secure gateway vulnerabilities. The vulnerabilities are CVE-2023-46805, 2024-21887, and 2024-21893.

“This is a reminder that any organization can be affected by a cyber vulnerability, and having an incident response plan in place is a necessary component of resilience,” the CISA spokesperson noted.

The CISA is a…

Source…

Kensington Lock and Other Security Measures for Your Computer

October 18, 2023/in Computer Security

Kensington Lock

In the first quarter of 2023, global cyber-attacks surged by 7%, marking a significant uptick compared to the previous year’s figures. In this age of interconnected devices and data highways, the vulnerabilities of our computers go beyond the digital realm.

So, let’s delve into the tangible world of locks and keys. Our focal point? The star of physical computer security – the Kensington Lock. That’s because, in the ever-evolving cyber frontier, defense isn’t merely an option – it’s an absolute necessity.

What is a Kensington Lock?

The Kensington Lock serves as a dependable sidekick for your computer, acting like a trusty leash that tethers your laptop to a fixed object. This ensures it stays firmly in place, be it on a desk or against a wall. With this lock, you can relish the freedom of mobility without the constant concern of your device wandering off.

The technology behind it is refreshingly straightforward. A sturdy cable, often crafted from galvanized steel, threads through the Kensington slot, forming a robust connection. This physical deterrent poses a challenge for opportunistic thieves, serving as a visible obstacle in their path.

So, why is it a game-changer? It’s user-friendly, requiring no technical know-how. Moreover, its conspicuous presence speaks volumes. However, in high-risk scenarios or against determined thieves, it might offer a delay rather than complete prevention. Consider it a valuable addition to your overall security strategy rather than a standalone solution.

It’s crucial to note that the Kensington Lock isn’t the sole contender in the realm of physical security. Alternatives like adhesive plates with a lock slot or security enclosures present unique approaches. Adhesive plates provide an additional layer of security without necessitating a Kensington slot, while security enclosures envelop your device, shielding it from physical tampering.

The Kensington Lock might be reliable in securing your gadget, but it’s worth exploring alternatives to find the best fit for your specific needs.

Kensington Lock

Software and Firmware Security

Computer security is not only about fortifying the physical aspects; you also need to strengthen the digital and…

Source…

China warns of artificial intelligence risks, calls for beefed-up national security measures

May 31, 2023/in Computer Security

China’s ruling Communist Party has warned of the risks posed by advances in artificial intelligence while calling for heightened national security measures.

The statement issued after a meeting Tuesday chaired by party leader and President Xi Jinping underscores the tension between the government’s determination to seize global leadership in cutting-edge technology and concerns about the possible social and political harms of such technologies.

It also followed a warning by scientists and tech industry leaders in the U.S., including high-level executives at Microsoft and Google, about the perils that artificial intelligence poses to humankind.

The meeting in Beijing discussed the need for “dedicated efforts to safeguard political security and improve the security governance of internet data and artificial intelligence,” the official Xinhua News Agency said.

“It was stressed at the meeting that the complexity and severity of national security problems faced by our country have increased dramatically. The national security front must build up strategic self-confidence, have enough confidence to secure victory, and be keenly aware of its own strengths and advantages,” Xinhua said.

“We must be prepared for worst-case and extreme scenarios, and be ready to withstand the major test of high winds, choppy waters and even dangerous storms,” it said.

Xi, who is China’s head of state, commander of the military and chair of the party’s National Security Commission, called at the meeting for “staying keenly aware of the complicated and challenging circumstances facing national security.”

China needs a “new pattern of development with a new security architecture,” Xinhua reported Xi as saying.

China already dedicates vast resources to suppressing any perceived political threats to the party’s dominance, with spending on the police and security personnel exceeding that devoted to the military.

While it relentlessly censors in-person protests and online criticism, citizens have continued to express dissatisfaction with policies, most recently the draconian lockdown measures enacted to combat the spread of COVID-19.

China has been cracking down on its tech sector in an…

Source…