Subscribe: CircleID: News Briefs
http://www.circleid.com/rss/rss_news/
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
attacks  circleid twittermore  circleid  data  fcc  follow circleid  follow  internet  mdash  net neutrality  rules  twittermore 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: CircleID: News Briefs

CircleID: News Briefs



Latest news postings on CircleID



Updated: 2017-05-25T20:18:00-08:00

 



5G Frequency Fees Are Waived in Singapore to Help Drive Market Tests

2017-05-25T13:18:00-08:00

Singapore government has waived telecom frequency fees for 5G trials until December 2019 in order to catalyze market growth and discovery of potential use cases. According to a ZDNet report, industry regulator, Infocomm Media Development Authority (IMDA), says this would lower regulatory barriers and encourage industry players to explore potential applications of 5G networks. "Singapore's Minister for Communications and Information Yaacob Ibrahim said such enhancements would be critical to support the deployment of key components such as Internet of Things (IoT), which was one of four technology focus areas IMDA had identified as critical in the nation's digital transformation. ... other focus areas were artificial intelligence (AI) and data science, cybersecurity, and immersive media, which included virtual reality (VR) and augmented reality (AR) technologies."

Follow CircleID on Twitter

More under: Mobile Internet, Policy & Regulation, Telecom, Wireless




Al-Jazeera, HuffPost Arabi Among 21 News Sites Blocked by Egypt, Plus Possible Legal Action

2017-05-25T12:28:00-08:00

At least 21 news sites critical of the government in Egypt, including the Qatari channel Al-Jazeera and Huffington Post’s Arabic-language site HuffPost Arabi, have been blocked. Ruth Michaelson reporting in The Guardian: "The state-run news agency Mena announced late on Wednesday night that 21 websites had been blocked because they were 'spreading lies' and 'supporting terrorism'. The full list of banned sites was not provided, but Mena added that legal action against the outlets was forthcoming. ... The blocking of the 21 sites followed raids on several news sites in Cairo, even those with little history of critical coverage."

Follow CircleID on Twitter

More under: Censorship, Internet Governance




Emergency Patch Issued for Samba, WannaCry-type Bug Exploitable with One Line of Code

2017-05-25T11:51:00-08:00

The team behind the free networking software Samba has issued and emergency patch for a remote code execution vulnerability. Tom Spring reporting from Threatpost writes: "The flaw poses a severe threat to users, with approximately 104,000 Samba installations vulnerable to remote takeover. More troubling, experts say, the vulnerability can be exploited with just one line of code." The Samba team which issued the patch on Wednesday, says "all versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."

"Comparisons are being made between the WannaCry ransomware attacks... because like WannaCry, the Samba vulnerability could be a conduit for a 'wormable' exploit that spreads quickly. Also, any exploit taking advantage of the Samba vulnerability would also take advantage of bugs in the same SMB protocol used by the NSA exploits used to spread WannaCry." –Tom Spring, Threatpost, 25 May 2017

No signs of attacks yet in the 12 hours since its discovery was announced. "[I]t had taken researchers only 15 minutes to develop malware that made use of the hole. ... This one seems to be very, very easy to exploit ... more than 100,000 computers [are found] running vulnerable versions of the software, Samba, free networking software developed for Linux and Unix computers. There are likely to be many more." –Jeremy Wagstaff and Michael Perry, Reuters, 25 May 2017

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity, Malware




ICANN to Release Hundreds of Domain Names Matching Country Names

2017-05-24T12:00:01-08:00

Hundreds of country and territory domain names are likely to be finally released this year based on the new resolution that calls for ICANN to take "all steps necessary" to do so. Kevin Murphy reporting in Domain Incite: "The ICANN board last week passed a resolution calling for the organization to clear a backlog of over 60 registry requests to start selling or using country and territory names in their gTLDs. Some of the requests date back to 2014. They’ve all been stuck in red tape while ICANN tried to make sure members of the Governmental Advisory Committee was cool with the names being released."

Follow CircleID on Twitter

More under: Domain Names, ICANN, Policy & Regulation




U.S. Federal Communications Commission Votes 2-1 for Net Neutrality Rollback

2017-05-19T12:30:01-08:00

"The U.S. Federal Communications Commission voted 2-1 on Thursday to advance a Republican plan to reverse the Obama administration's 2015 'net neutrality' order." David Shepardson reporting in Reuters: "The public will have until mid-August to offer comments before the FCC votes on a final plan. [FCC chairman] Pai wants public input on whether the FCC has the authority or should keep its 'bright line' rules barring internet companies from blocking, throttling or giving 'fast lanes' to some websites. He has not committed to retaining any rules, but said he favors an 'open internet.'"

Follow CircleID on Twitter

More under: Net Neutrality, Policy & Regulation




Google Launches IoT Service for Managing Devices at Scale

2017-05-16T14:17:00-08:00

Google today announced a fully-managed Google Cloud Platform (GCP) service called Google Cloud IoT Core, aimed at allowing companies to securely connect and manage IoT devices at scale. Indranil Chakraborty, Google Cloud Product Manager says: "Many enterprises that rely on industrial devices such as sensors, conveyor belts, farming equipment, medical equipment and pumps — particularly, globally distributed ones — are struggling to monitor and manage those devices for several reasons." Those reasons Chakraborty says include: operational cost and complexity, patchwork security, and data fragmentation. "Cloud IoT Core is designed to help resolve these problems by removing risk, complexity and data silos from the device monitoring and management process."

Follow CircleID on Twitter

More under: Cloud Computing, Internet of Things




Bell Canada Discloses Loss of 1.9 Million Email Addresses to Hacker, Says No Relation to WannaCry

2017-05-16T12:34:00-08:00

Bell Canada, nation’s largest telecommunications company, disclosed late on Monday the illegal access of Bell customer information by an anonymous hacker. The information obtained are reported to include email addresses, customer names and/or telephone numbers. From the official release: "There is no indication that any financial, password or other sensitive personal information was accessed. ... The illegally accessed information contains approximately 1.9 million active email addresses and approximately 1,700 names and active phone numbers. ... This incident is not connected to the recent global WannaCry malware attacks."

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, Cybersecurity, Email




Net Neutrality Is a Smashing Success by FCC's Preferred Metric, Reports Free Press Researcher

2017-05-16T11:32:00-08:00

"If investment is the FCC's preferred metric, then there's only one possible conclusion: Net Neutrality and Title II are smashing successes," says Free Press Research Director S. Derek Turner, author of a new report released by the consumer advocacy group. The report titled, "It's Working: How the Internet Access and Online Video Markets Are Thriving in the Title II Era," examines internet-industry developments in the two years since the Federal Communications Commission's February 2015 Open Internet Order which resulted in the adoption of strong Net Neutrality rules and reclassification of broadband-internet access as a Title II telecommunications service. — "The restoration of Title II for broadband-internet access was designed to preserve what the FCC rightly calls the internet's virtuous cycle of investment and innovation," says Turner. "All available data indicate that the 2015 decision to adopt strong rules on a sound legal footing is working as intended, benefiting internet users, broadband-access providers and the myriad businesses that distribute services over the open internet." — The centerpiece of President Trump's FCC chairman, Ajit Pai, "is his demonstrably false claim that the mere existence of Title II authority has caused a reduction in broadband investment. ... This claim is both false on its face — aggregate investment by publicly traded ISPs is up since the FCC's vote — and completely illogical. –Turner Other findings from the report: — "Aggregate capital investments at publicly traded ISPs were 5 percent higher during the two-year period following the FCC’s Open Internet vote when compared to the two years prior to the vote. Claims of a decline are based on manipulated data, and in any event, do not support a causal impact from Title II." — "Capital investments were higher at 16 of the 24 publicly traded ISP firms (or units) following the FCC’s vote. These increases are due primarily to continued core network expansion." — "During the two years following the adoption of the Open Internet Order, cable-industry physical network investments increased 48 percent compared to the amount invested during the two prior years. Cable ISPs’ core network investments accelerated dramatically during 2016, representing the highest single-year jump since 1999." — "Telecom-company spending on fiber-to-the-home network terminals and terminal ports rose nearly 50 percent during 2016." Follow CircleID on TwitterMore under: Access Providers, Broadband, Net Neutrality, Policy & Regulation [...]



WikiLeaks Releases CIA Malware Implants Called Assassin and AfterMidnight

2017-05-16T06:48:00-08:00

The recent heavy news coverage of WannaCry has overshadowed the latest WikiLeaks release of critical CIA malware documentation: user manuals for two hacking tools named AfterMidnight and Assassin. Darlene Storm reporting in Computerworld writes: "WikiLeaks maintains that 'Assassin' and 'AfterMidnight' are two CIA 'remote control and subversion malware systems' which target Windows. Both were created to spy on targets, send collected data back to the CIA and perform tasks specified by the CIA… The leaked documents pertaining to the CIA malware frameworks included 2014 user's guides for AfterMidnight, AlphaGremlin — an addon to AfterMidnight — and Assassin. When reading those, you learn about Gremlins, Octopus, The Gibson and other CIA-created systems and payloads."

Follow CircleID on Twitter

More under: Cybersecurity, Malware




WannaCry Ransomware Cyberattack Spreading to Countries Across the World, 45K Attacks Reported So Far

2017-05-12T13:56:00-08:00

Security researchers are reporting a massive attack today, dubbed "WannaCry", which has reached 45,000 attacks in 74 countries around the world so far, mostly in Russia. Kaspersky Lab's Global Research & Analysis reports that the attack is initiated through an SMBv2 remote code execution in Microsoft Windows. "This exploit (codenamed 'EternalBlue') has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14. Unfortunately, it appears that many organizations have not yet installed the patch. ... while unpatched Windows computers exposing their SMB services can be remotely attacked with the 'EternalBlue' exploit and infected by the WannaCry ransomware, the lack of existence of this vulnerability doesn't really prevent the ransomware component from working." — "A few hours ago, Spain's Computer Emergency Response Team CCN-CERT, posted an alert on their site about a massive ransomware attack affecting several Spanish organizations. The alert recommends the installation of updates in the Microsoft March 2017 Security Bulletin as a means of stopping the spread of the attack." –Kaspersky Lab — "The National Health Service (NHS) in the U.K. also issued an alert and confirmed infections at 16 medical institutions. We have confirmed additional infections in several additional countries, including Russia, Ukraine, and India." –Kaspersky Lab — "The malware used in the attacks encrypts the files and also drops and executes a decryptor tool. The request for $600 in Bitcoin is displayed along with the wallet. It’s interesting that the initial request in this sample is for $600 USD, as the first five payments to that wallet is approximately $300 USD. It suggests that the group is increasing the ransom demands." –Kaspersky Lab — "The malware was made available online on 14 April through a dump by a group called Shadow Brokers, which claimed last year to have stolen a cache of “cyber weapons” from the National Security Agency (NSA). At the time, there was skepticism about whether the group was exaggerating the scale of its hack." –The Guardian — Trump ordered emergency meeting: Reuters reports that U.S. homeland security adviser was ordered by President Trump, to hold an emergency meeting Friday night "to assess the threat posed by a global computer ransomware attack in at least 150 countries." — Update, Monday, May 15 from BBC / Microsoft warns ransomware cyberattack is a wake-up call: "It blamed governments for storing data on software vulnerabilities which could then be accessed by hackers. It says the latest virus exploits a flaw in Microsoft Windows identified by, and stolen from, US intelligence." — Clues point to North Korean Nicole Perlroth and David Sanger report in the New York Times / May 15:  " Intelligence officials and private security experts say that new digital clues point to North Korean-linked hackers as likely suspects in the sweeping ransomware attacks that have crippled computer systems around the world." Follow CircleID on TwitterMore under: Cyberattack, Cybercrime, Cybersecurity, Malware [...]



Trump Signs Cybersecurity Executive Order, Experts Weigh in on the New Draft

2017-05-11T11:24:00-08:00

The long-waited cybersecurity executive order expected to launch sweeping reviews of the federal government's digital vulnerabilities, was signed today by President Trump. Eric Geller reporting in Politico writes: "The directive is Trump's first major action on cyber policy and sets the stage for the administration's efforts to secure porous federal networks that have been repeatedly infiltrated ... While the White House has yet to publish the finished order ... Cyber specialists who have studied that [early] version said the order breaks little new ground but is vastly improved over early drafts, which omitted input from key government policy specialists. The final version, cyber watchers say, essentially reaffirms the gradually emerging cyber policy path of the past two administrations."

Follow CircleID on Twitter

More under: Cybersecurity, Law, Policy & Regulation




FCC Reports Site Attacked Over Net Neutrality Comments, Senators Seek Evidence

2017-05-10T16:26:00-08:00

In follow up to FCC's report that the agency's online comment system was subjected to multiple DDoS attacks over the weekend, U.S. federal lawmakers are demanding answers as to what exactly happened. A letter sent on Tuesday to FCC Chairman Ajit Pai by Sens. Ron Wyden (D-Ore.) and Brian Schatz (D-Hawaii), reads in part: "A denial-of-service attack against the FCC's website can prevent the public from being able to contribute to this process and have their voices heard. Any potentially hostile cyber activities that prevent Americans from being able to participate in a fair and transparent process must be treated as a serious issue." The senators have given FCC until June 8 to answer the following questions: 1. Please provide details as to the nature of the DDoS attacks, including when the attacks began, when they ended, the amount of malicious traffic your network received, and an estimate of the number of devices that were sending malicious traffic to the FCC. To the extent that the FCC already has evidence suggesting which actor(s) may have been responsible for the attacks, please provide that in your response. 2. Has the FCC sought assistance from other federal agencies in investigating and responding to these attacks? Which agencies have you sought assistance from? Have you received all of the help you have requested? 3. Several federal agencies utilize commercial services to protect their websites from DDoS attacks. Does the FCC use a commercial DDoS protection service? If not, why not? To the extent that the FCC utilizes commercial DDoS protection products, did these work as expected? If not, why not? 4. How many concurrent visitors is the FCC’s website designed to be able to handle? Has the FCC performed stress testing of its own website to ensure that it can cope as intended? Has the FCC identified which elements of its website are performance bottlenecks that limit the number of maximum concurrent visitors? Has the FCC sought to mitigate these bottlenecks? If not, why not? 5. Did the DDoS attacks prevent the public from being able to submit comments through the FCC’s website? If so, do you have an estimate of how many individuals were unable to access the FCC website or submit comments during the attacks? Were any comments lost or otherwise affected? 6. Will commenters who successfully submitted a comment—but did not receive a response, as your press release indicates—receive a response once your staff have addressed the DDoS and related technical issues? 7. Does the FCC have all of the resources and expertise it needs in order to combat attacks like those that occurred on May 8? Follow CircleID on TwitterMore under: Cybersecurity, Net Neutrality [...]



Several New TLDs in Limbo as ICANN Conducts Investigation

2017-05-08T08:20:00-08:00

A number of new gTLD applicants, including .gay and .music are criticizing ICANN for conducting an investigation into its own controversial practices. Kevin Murphy reporting in Domain Incite writes: "Seven proposed new gTLDs, including the much-anticipated .music and .gay, are currently trapped in ICANN red tape hell as the organization conducts a secretive probe into how its own staff handled Community Priority Evaluations. The now broad-ranging investigation seems to have been going on for over six months but does not appear to have a set deadline for completion. Applicants affected by the delays don’t know who is conducting the probe, and say they have not been contacted by anyone for their input."

Follow CircleID on Twitter

More under: ICANN, Top-Level Domains




French Presidential Candidate Confirms Massive Hack, Emails Dumped Online Two Days Before Election

2017-05-06T08:23:00-08:00

Leading French presidential candidate Emmanuel Macron's campaign confirmed on Friday a "massive" computer hack that dumped its campaign emails online less than two days before the election. Eric Auchard and Bate Felix reporting in Reuters: "As much as 9 gigabytes of data were posted on a profile called EMLEAKS to Pastebin, a site that allows anonymous document sharing. It was not immediately clear who was responsible for posting the data ... Macron's political movement En Marche! (Onwards!) confirmed that it had been hacked. ... Comments about the email dump began to appear on Friday evening just hours before the official ban on campaigning began. The ban is due to stay in place until the last polling stations close. ... Former economy minister Macron's campaign has previously complained about attempts to hack its emails, blaming Russian interests in part for the cyber attacks."

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, Cybersecurity




Seattle Restores ISP Privacy Rules. Could be First of Many Cities to Defeat FCC's Privacy Roll Back

2017-05-05T15:37:00-08:00

The city of Seattle this week will move forward with its own plan to restore broadband user privacy rules despite the recent law passed by U.S. Congress, signed by President Trump in April, which gave ISPs the green light to collect customer data. Brandon Macz reporting in the Capital Hill Times: "The Federal Communications Commission in October passed rules that would have required explicit consent from consumers for ISPs to share the data they collect, such as financial, health and browsing history details. Congress passed a law, signed by President Donald Trump on April 3, that overturned those FCC rules before they were set to take effect. Seattle Chief Technology Officer Michael Matt Miller said Mayor Ed Murray asked what power the city has to restore those privacy rules at the city level, which turns out to be allowed under municipal code. ... [Miller says:] 'We have talked to a number of cities that are exploring how they implement protections for their consumers.'"

Follow CircleID on Twitter

More under: Access Providers, Broadband, Policy & Regulation, Privacy




The Economist: Data, the Oil of the Digital Era

2017-05-05T14:16:00-08:00

In its latest print edition, The Economist calls the world's most valuable resource to be no longer oil, but data. The article argues that today's titans — Alphabet (Google's parent company), Amazon, Apple, Facebook and Microsoft — are the giants that deal in data, the oil of the digital era and they seem unstoppable. "Internet companies' control of data gives them enormous power. Old ways of thinking about competition, devised in the era of oil, look outdated in what has come to be called the 'data economy' ... A new approach is needed. ... Rebooting antitrust for the information age will not be easy. It will entail new risks: more data sharing, for instance, could threaten privacy. But if governments don't want a data economy dominated by a few giants, they will need to act soon."

Follow CircleID on Twitter

More under: Data Center, Policy & Regulation, Privacy




China Steps Up Media Pressure, Extends Restrictions to Blogs, Apps and Other Digital Media

2017-05-05T13:25:00-08:00

"China's latest restrictions on online news and commentary will extend to blogs, online forums, mobile apps, instant messaging tools and other forms of digital media under rules published May 2 by the Cyberspace Administration of China." Mark Melnicoe reporting in BNA: "The rules require online publishers to obtain government licenses before being allowed to produce news or commentary. They also require editors to be Chinese citizens and receive approval from relevant government authorities, while staffers undergo governmental training and screening. Online publishers' editing and business operations must be separate, and no private funding of new online media enterprises will be allowed under the rules. The rationale for the measures is that China is 'experiencing a transitional period which is very important for the authorities.'"

Follow CircleID on Twitter

More under: Censorship, Internet Governance




Germany Investigating Legal Grounds to Destroy Servers Used to Carry Out Cyberattacks

2017-05-05T13:09:00-08:00

Hans-Georg Maassen, Germany's head of the German Federal Office for the Protection of the Constitution says large amounts of data were seized during the May 20015 cyberattack on lower house of parliament (Bundestag). APT28, a Russian hacking group, is accused and Maassen says Russia is increasing cyberattacks, propaganda and other efforts to destabilize German society. Andrea Shalal reporting from Berlin in the Reuters: "Maassen told reporters that Germany was working hard to strengthen its cyber defenses, but also needed the legal framework for offensive operations. Berlin was studying what legal changes were needed to allow authorities to purge stolen data from third-party servers, and to potentially destroy servers used to carry out cyber attacks."

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity, Policy & Regulation




Internet Heavy Weights Staying Out of Net Neutrality Battle

2017-05-02T12:49:00-08:00

"Some of the biggest names on the internet are trying to stay out of the contentious, public fight over the future of the Obama-era net neutrality rules." Ali Breland reporting in The Hill: "Google and other household names encouraged the Federal Communications Commission (FCC) to enact the rules in 2015. But now with the regulations on the chopping block, those companies believe the change will have little effect on their bottom line and are trying not to get dragged in. They could face pressure, though, from consumer groups and net neutrality advocates, who see them as crucial allies to saving the rules."

Follow CircleID on Twitter

More under: Net Neutrality, Policy & Regulation




NSA to Stop Collecting American Emails To and From Overseas

2017-04-28T11:30:00-08:00

U.S. National Security Agency (NSA) will halt its controversial warrantless surveillance program which collects Americans' emails and texts sent to and from people overseas and that mention a foreigner under surveillance, according to a New York Times report today. Betsy Woodruff reporting in the Daily Beast writes: "The FISC ruling is expected to be publicized soon, and to indicate that the NSA has stopped using this surveillance tactic because it couldn't fully comply with procedures designed to protect Americans' constitutional rights. ... The surveillance tactic at issue is known as 'about' collection ... [that] lets the NSA store and read internet communications pertaining to foreign targets that move through American companies. 'About' collection is the process by which the NSA searches through those electronic communications it collects as they're in traffic in transit across the Internet backbone."

Follow CircleID on Twitter

More under: Cybersecurity, Privacy