1 Burst results for "G. R. U. Main Center"
"gru main center" Discussed on The CyberWire
"Dave Bittner your cyber wire summary for Friday may twenty ninth twenty twenty the US National Security Agency warned yesterday that Russia's Gru continues to exploit the Xm male vulnerability CVA Twenty nineteen ten one forty nine an essay identifies the Russian unit involved as specifically belonging to GRU's main center for special technologies the group commonly known as sand worm. The vulnerability was disclosed patched in June of last year and NSA advises users to apply it. This provides another object lesson in the importance of keeping software up to date the GRU has been exploiting the bug since August two thousand nineteen it also provides another example of the ways in which the historically reticent NSA has become increasingly engaged in public warnings and advice on Cybersecurity Kaspersky outlines a campaign against industrial targets in Japan Italy Germany and the UK the specific goals of the campaign are unknown although Kaspersky says they've observed destructive activity and extraction of data. The attackers used stenography in the data extraction process. That is they hide code in an image this and other aspects of the campaign make the attacks difficult to detect and block yesterday. Us President Trump signed an executive order on preventing online censorship. Intended to address ways in which social media are applying selective censorship that is harming our national discourse it addresses section to thirty of the communications decency. Act which afford civil liability protection to online service providers that act as neutral platforms as opposed to editors the secretary of Commerce will lead a petition for rulemaking to clarify section to thirty federal agencies will evaluate spending on platforms that engage in viewpoint discrimination and the Federal Trade Commission will investigate unfair trade practices related to content moderation among the points. That stand out in the order. Are It's observation? That the protections in section two thirty were designed narrowly to provide certain protection for minors it also emphasizes the Act's provisions that restrictions on content be done in good faith and it asks the Federal Trade Commission to take a close look at social media. Companies outsourcing content moderation to third parties that themselves arguably engage in viewpoint discrimination. The order is widely viewed as a response to the president's recent experiences with twitter at issue is the difficult question of what counts as a neutral supplier of a service and what counts as being a publisher with responsibility for content. Thus should facebook instagram and twitter be treated like sellers of newsprint or like newspapers like telephone company or like a television station. We'll hear more on the executive order from our guest. Ben Yellen of the University of Maryland Center for Health and Homeland Security a little later in the show. Several data breaches and ransomware. Incidents are being reported. Ntt Communications the tokyo-based Telecommunications Service provider giant has disclosed that one of its servers was breached. A relatively small number of customers is so far. Thought to be little more than six hundred. The attack began in a Singapore cloud server from where the attackers moved to an internal server and then to an NT active directory server from which the data was taken the criminal proprietors of Net Walker. Ransomware have also been active. They've hit Michigan State University and given the administration until next Thursday. To Pony up the ransom. If the university doesn't come up with the ransom the amount of which isn't yet publicly known. The extortionist will release the sensitive data. They've stolen to show that they're in earnest. The gang has posted images of directories a passport scan and financial documents leaping computer reports zd net notes. That networker has recently been used against the Australian Logistics Company Toll Group and the Australian city of fights. Net Walker is a ransomware as a service operation. That's actively recruiting new affiliates and finally would have people been learning with respect to cybersecurity during the pandemic emergency as far as we can see. We're learning a great deal about improvisation under pressure and we're also learning that we can live without or at least work without we've been following the COVID pandemic since the cyber wire like many other businesses in our area move to remote work on March sixteenth. This was of course. Consistent with shelter in place guidance from public health authorities Maryland relaxes some of its public health guidelines today and this seems a good point to which to take stock of how the emergency has affected the cyber security sector while the pandemic and its effects are far from over its consequences for cybersecurity. Now seem clear enough. I to suggest some lessons. We might draw from the experience and it also seems to be the right time to roll our coverage of covid nineteen related news into our ordinary coverage of cybersecurity. We conclude this series with today's story. If there's one overarching observation to be made about the pandemic and its effects on cybersecurity. It's that improvisation under pressure creates unexpected challenges risks and opportunities. We'll have a final wrap up Monday with our plan. Final daily update on Kobe. Nineteen and its effects on the cyber security community until then enjoy the weekend and now a word from our sponsor plex track flex track is the ultimate purple teaming platform guiding the healthy collaboration of your red and blue teams through a single web based interface. Flex TRACK DOES THIS BY I. Elevating red teams eliminating the struggle of reporting and allowing the team to focus on. What's important identifying security issues read teams are provided with an easy to use platform that allows reports to be created and then exported with the click of a button saving the team valuable time flex track also powers up blue teams by providing them with a platform to consolidate findings and remediate them in an efficient and timely manner. Gone are the days of five hundred page penetration test reports as plex tracks streamlines. The process with a status tracker integrations with.