Security News
The ongoing face-off between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the servers of Huawei in 2009 and conducting other cyber-attacks to steal critical data. China's Ministry of State Security made the allegations in a posting on WeChat, claiming that in 2009 US intelligence services "Began to invade servers at Huawei headquarters and continued to monitor them."
The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software. The Qakbot administrators use a system of tiered servers to control the Qakbot malware installed on infected computers.
Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich. FIDO2 is the second major version of the Fast IDentity Online authentication standard, and FIDO2 keys are used for passwordless authentication and as a multi-factor authentication element.
Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative. "This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium's resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck said.
The future of telecommunication was also a hot topic at the premier VON: Evolution Africa event, the first to take place in Africa in its 26-year history. Cybertech Africa in Rwanda included an exciting exhibition of innovative cyber companies and startups, with three of those startups selected to pitch their ideas to the audience, and more hoping for the chance to present.
The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill after it was unanimously passed by both houses of the parliament last week, marking a significant step towards securing people's information. "The Bill provides for the processing of digital personal data in a manner that recognizes both the rights of the individuals to protect their personal data and the need to process such personal data for lawful purposes and for matters connected therewith or incidental thereto," the Indian government said.
The latest full new version of Firefox is out, marking the first of two "Monthly" upgrades you'll see this month. Firefox version upgrades happen every 28 days, rather than once a month, so whenever a release comes out early enough in the month, there will be a second upgrade squeezed in at the end.
The numerical score can be represented as a qualitative severity rating to help organizations properly assess and prioritize their vulnerability management processes and prepare defences against cyber-attacks.CVSS version 1 was released in February 2005, developed then by a small group of pioneers with the aim of industry-wide adoption, with FIRST appointed that April to drive the future development of what would become a critical tool in the sector's arsenal.
What's old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023. Previously, in November 2022, the cybersecurity company highlighted a China-nexus campaign leveraging USB devices to infect entities in the Philippines with four distinct malware families.