Cybersecurity

U.S. National Cybersecurity Strategy: What we can expect this time around, and what else should be considered
Cybersecurity, Cybersecurity & Technology

U.S. National Cybersecurity Strategy: What we can expect this time around, and what else should be considered

By Todd Moore * It’s often said that the wheels of government move slowly, but the persistent rise in cyberattacks have greased the gears of government to finally move forward with some urgency to address this critical issue. With a National Cybersecurity Strategy anticipated to roll out in the coming weeks, the public and private sectors are eagerly awaiting the outcome. The White House Executive Order on Improving the Nation’s Cybersecurity in May 2021 was the first notable progress marker, outlining steps for the federal government to take towards modernizing the nation’s cybersecurity. This has been furthered by the funding Congress provided to the Cybersecurity and Infrastructure Security Agency, significantly over the requested budget, and Biden’s recent signing of the Quantum ...
Geopolitical Tensions Expected to Further Impact Cybersecurity in 2023
Cybersecurity, Cybersecurity & Technology

Geopolitical Tensions Expected to Further Impact Cybersecurity in 2023

By Beth Maundrill Geopolitics will continue to have an impact on cybersecurity and the security posture of organizations long into 2023. The impact of global conflicts on cybersecurity was thrust into the spotlight when Russia made moves to invade Ukraine in February 2022.  Ukraine’s Western allies were quick to recognize that with this came the threat of Russian-backed cyber-attacks against critical national infrastructure (CNI), especially in retaliation to hefty sanctions. While this may not have materialized in the way many expected, geopolitics is still front of mind for many cybersecurity experts looking to 2023. Cyber Power Russia has always been among a handful of states recognized for their cyber prowess and being the source of many cyber-criminal gangs. However, as p...
US, Japan Sign Agreement for Operational Collaboration on Cybersecurity
Cybersecurity

US, Japan Sign Agreement for Operational Collaboration on Cybersecurity

The United States and Japan have signed a memorandum of understanding to strengthen their operational collaboration on cybersecurity, according to the U.S. Department of Homeland Security (DHS). The memorandum was signed by Japan’s Trade Minister Yasutoshi Nishimura and U.S. Secretary of Homeland Security Alejandro Mayorkas during their meeting in Washington on Friday, DHS said in a statement. According to the DHS, the agreement will allow their agencies to enhance the security of critical infrastructure, foster more partnership opportunities, and continue sharing best practices with Indo-Pacific partners on cybersecurity. “We will work closely to harmonize security systems between Japan and the United States for software and IoT devices, including cooperation in human resource developm...
Chinese authorities declare war on cybercriminals
Cybersecurity

Chinese authorities declare war on cybercriminals

China's public security cracked more than 441,000 cases of telecom and internet fraud, arrested more than 690,000 suspects and busted 39,000 criminal gangs in 2021. BEIJING – Judicial bodies are determined to combat the growing threat posed by internet — and telecom-based swindlers. Yang Zekun reports. The three young men in Shanghai never thought they would be found by the police so quickly — just one day after they provided technical support for telecom and online swindlers who were based overseas. The men wanted to make easy money by offering the swindlers support, but they didn’t make a cent. Instead, earlier this month, they were each fined 5,000 yuan ($715) for violating a new law aimed at fighting telecom and online fraud. Since the law took effect on Dec 1, police in many ci...
GuLoader Malware Utilizing New Techniques to Evade Security Software
Cybersecurity, Cybersecurity & Technology

GuLoader Malware Utilizing New Techniques to Evade Security Software

Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. "New shellcode anti-analysis technique attempts to thwart researchers and hostile environments by scanning entire process memory for any virtual machine (VM)-related strings," CrowdStrike researchers Sarang Sonawane and Donato Onofri said in a technical write-up published last week. GuLoader, also called CloudEyE, is a Visual Basic Script (VBS) downloader that's used to distribute remote access trojans such as Remcos on infected machines. It was first detected in the wild in 2019. In November 2021, a JavaScript malware strain dubbed RATDispenser emerged as a conduit for dropping GuLoader by means of a Base64-encoded VBScript dropper....