Access Control

Critical vulnerability blowing up the internet

With cybersecurity experts saying "the internet’s on fire", the federal government is warning all organizations to be on guard against a “critical internet vulnerability” that could be exploited by organized crime. A number of government departments took some services offline over the weekend to assess the threat posed by software used by an estimated two-thirds of web servers worldwide. [node:read-more:link]

Apple’s digitizing deals costly

Residents of eight U.S. states were permitted by the National Security and Intelligence Review Agency to store state IDs and driver's licences on Apple iPhones but the contracts effectively offload maintenance costs to the states. Apple controls when the feature is launched and what devices are compatible but the states must allocate personnel and resources to support the program “on a timeline to be determined by Apple.” [node:read-more:link]

Extended U.S. 5G restrictions

President Joe Biden has signed off on legislation designed to prevent Chinese companies such as Huawei and ZTE, deemed by the U.S. to be national security threats, from receiving new Federal Communications Commission licences. [node:read-more:link]

Massive hack of Florida-based site

About 200 U.S. companies using the services of a Florida-based IT company, Kaseya, have been hit by a “colossal” ransomware attack. The cybersecurity company, Huntress Labs, says the July 2 hack by a suspected Russia group was spread through corporate networks which used Kasey’s software. [node:read-more:link]

U.S. targets Iran on the web

Thirty-three Internet domains linked to Iran’s state media have been “seized” by the U.S. Justice Department in what it said June 22 is an attempt counter Iranian propaganda and disinformation. Several domains already stated that their sites had been shut down in the U.S. but they remained operational in other countries. [node:read-more:link]

Pulp mills targetted by malware

The RCMP is investigating reports by a pulp-and-paper company in Richmond, B.C., that its systems have been infiltrated by malware. A spokesperson for Paper Excellence Canada Holdings Corp. says communications and some production capability have been affected.  [node:read-more:link]

The perils of Twitter

A supposedly secure video conference of European Union defence ministers recently had an unwelcome participant: a journalist in the Netherlands. Having managed to log in after Dutch Defence Minister Ank Bijleveld inadvertently posted some access details on Twitter, Daniel Verlaan apologized and logged out when challenged by Josep Borrell, the EU’s High Representative for Foreign Affairs and Security Policy. Dutch Prime Minister Mark Rutte has directed his cabinet to improve their security practices. [node:read-more:link]

Chinese charged in data breach

The U.S. has identified four Chinese military officers it has charged with overseeing a massive 2017 cyber attack on Equifax which resulted in the theft of personal data on more than 147 Americans and some foreign nationals listed in the credit-rating agency’s files. The whereabouts of the four suspects is unknown and China denies the allegations. [node:read-more:link]

5G: security or trade issue?

The U.S. administration’s campaign against Huawei being involved in the next-generation communications networks is prompting questions about whether the push is over security or trade issues. A senior lecturer at Harvard says that when the White House tries “to play both ends of that”, it undermines relations with allies. [node:read-more:link]

China’s Silk Road strategy

A report by the London-based International Institute for Strategic Studies warns that even if the U.S. manages to keep its allies from using Chinese telecommunications technology, Beijing’s “digital silk road” strategy enables China to burrow into those countries' economies and infrastructure, creating dependencies that may ultimately weaken alliance ties. [node:read-more:link]

Access Control Application Scenarios

W3C published a report and full minutes of the Workshop on Access Control Application Scenarios, held in Luxembourg on 17th and 18th of November 2009. Participants from 17 organizations examined the current limitations of access control, privacy enhancement, distributed handling of access control, and other challenging use cases. [node:read-more:link]

Firefox exploited by scammers

A flaw in the Mac and Windows versions of Mozilla’s Firefox browser evidently has been used to dupe users into thinking their systems will be disabled if they don’t take action by calling a toll-free number. Mozilla says it is working on a fix for inclusion in an upcoming Firefox release. [node:read-more:link]

Espionage alleged at U.S. bases

Florida Republican Senator Marco Rubio wants the Department of Defense to look into reports that Chinese surveillance technologies are in use at U.S. military facilities. In a letter to Defense Secretary Mark Esper, Rubio says “every day that passes only provides our adversaries additional time to infiltrate and exploit our national security.” [node:read-more:link]

Nextgen security lacking

Senior government officials say the U.S. is seriously lagging on how it can deal with threats to next-generation 5G and supply chain networks. Among other things, they told the Senate Homeland Security Committee that there is neither a comprehensive national plan nor a fully coordinated interagency response. [node:read-more:link]

RuNet a censorship machine?

Wanting to find out whether it can function without the global Internet, Russia plans to begin testing its internal RuNet, starting Nov. 1 and recurring at least annually. It’s seen as the latest move in a series of technical and policy steps to cut citizens off from the rest of the world. The announcement follows approval last April of a Sovereign Internet Law which require all traffic to pass through official channels. [node:read-more:link]


Subscribe to RSS - Access Control