Aggregator

一项新的内部审计建议，美国司法部和联邦调查局需要重新定义打击勒索软件获得成功的指标。 这份长达26页的审计报告于9月17日发布。美国司法部监察长Michael Horowitz在报告中详细阐述了该部门从2021年4月到2023年9月期间与勒索软件相关的行动，报告还涵盖了计划于2024年初对LockBit的打击行动。 调查发现，美国司法部和联邦调查局在更有效地打击勒索软件方面有三个需要改进的领域。 应改进衡量打击勒索软件成功的指标 司法部需要一种更好的方式“来确定哪些勒索软件威胁的指标（包括打击勒索软件行动的衡量指标）最为重要，且能够展示其打击勒索软件威胁行动的有效性。” 调查人员查阅的文件显示，司法部目前将与勒索软件相关的“成功”定义为：在报告的勒索软件事件中，“案件在72小时内立案、并入现有案件、解决或采取行动的比例提高到65%”。 联邦调查局表示，2023年，针对47%的勒索软件事件，在72小时内采取了行动，这一数字较2022年的39%有所上升。 此外，联邦调查局和司法部还设定目标，希望在2022年和2023年将与勒索软件相关的查封或没收案件数量增加10%。 调查人员指出：“我们认为，司法部现有的勒索软件指标并未真正反映其打击恶意行为者行动的有效性。” “无论司法部是否继续将勒索软件作为优先任务，都应确定哪些指标最具影响力，以确保能够准确衡量其打击行动的效果。” 报告肯定了司法部和联邦调查局多项基础设施破坏行动的成效，尤其针对LockBit、Hive和AlphV等勒索软件团伙的行动。通过这些行动，两家机构向当前和过去的受害者提供了数百个解密密钥。联邦调查局特别制定了一项战略，专门针对那些构成并推动勒索软件生态系统的行为者、基础设施和资金来源。 调查人员表示，他们认为司法部应该进一步追踪破坏勒索软件行动的成效，将破坏次数和向受害者提供的解密密钥数量作为衡量成功的重要指标。 应加强推进机构间协调和信息共享 审计报告指出，司法部尚未为未来两年制定关于勒索软件的行动计划，也未按要求在过去两个财年通过performance.gov报告任何进展。 Horowitz及其团队还发现，一些勒索软件调查因不同执法机构之间的内部矛盾而受阻，这些机构往往拒绝共享信息。 他们表示：“协调失败和冲突未能化解，损害了调查、起诉以及执法间的关键合作关系，也浪费了资源，破坏了公众对司法部的安全感、国家安全以及对政府的信任。” 联邦调查局的官员告诉调查人员，曾有两起相关勒索软件案件分别由不同联邦检察官监督，但“他们未按要求根据解除冲突政策共享信息。” 一位刑事部门官员还透露，全国各地的检察官办公室对这一政策的了解和执行情况存在差异。 应重新审视并制定NCIJTF机构的使命和职能 审计报告还指出，联邦调查局需要为其领导的国家网络调查联合工作组（NCIJTF）的刑事任务中心制定更加明确和具体的使命。 NCIJTF负责协调2021年和2022年整个政府的勒索软件行动计划，但在国会于2022年成立了新的多机构联合勒索软件工作组（JRTF）后，NCIJTF的职能陷入不确定的状态。 报告发现，NCIJTF“在打击勒索软件方面未产生任何有意义的成果”，自新的工作组成立以来，其作用变得模糊不清。 Horowitz表示：“我们发现，联合勒索软件工作组的成立削弱了刑事任务中心的作用，导致其在打击勒索软件方面的角色不再明确。” 美国司法部副助理检察长Bradley Weinsheimer在回复审计报告的信中表示，他认同调查结果，并承诺将致力于解决这些问题。 联邦调查局网络部门助理主任Bryan Vorndran也对相关建议表示赞同，并承诺联邦调查局将更明确地界定NCIJTF的角色。     转自安全内参，原文链接：https://www.secrss.com/articles/70544 封面来源于网络，如有侵权请联系删除

Основатель мессенджера меняет правила игры в пользу закона.

Authors/Presenters:Zhanghao Wu, Wei-Lin Chiang, Ziming Mao, Zongheng Yang, Eric Friedman, Scott Shenker, Ion Stoica

Awarded Outstanding Paper!

Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.

Permalink

The post USENIX NSDI ’24 – Can’t Be Late: Optimizing Spot Instance Savings under Deadlines appeared first on Security Boulevard.

距离《龙腾世纪：影障守护者》发售还有一个多月，由志愿者组成的汉化组天邈组在著名 Mod 网站 Nexusmods 发布了上一代《审判》的汉化包。汉化范围涵盖了所有游戏本体内容，及其官方 DLC：《向下进军》、《哈肯之颚》、《入侵者》和各种装备扩展包。汉化补丁覆盖的是英文文本，所以游戏安装语言需要是「英文」。补丁是基于 Frosty 环境与原版环境，与 daimod 模组不兼容。

Грядущие инициативы создадут новый вектор развития цифровой обороны.

9 月 22 日 13 时 40 分，深蓝航天的星云一号可重复使用运载火箭，在内蒙古额济纳旗戈壁腹地实施高空垂直回收飞行试验。火箭按照预定程序三台发动机点火起飞，到达预定高度后，两侧发动机关闭，依靠单台发动机推力稳定姿态并减速上升，到达最高点之后依靠单台发动机推力调节平稳下降，横移约 200 米后，在回收场上空的预定高度成功解锁展开并锁定着陆支腿，但是在最后着陆关机段出现异常，导致箭体出现部分损毁。深蓝在数小时内就公布了一份关于试飞、目标和问题初步评估声明，它同时还公布了图像和视频，其中包括无人机近距离拍摄的火箭尝试垂直着陆但失败的爆炸视频，相当震撼。深蓝表示它完成了 11 个主要任务中的 10 个，计划 11 月进行另一次高空试飞。

A vulnerability was found in Apache Tomcat up to 9.0.89/10.1.24/11.0.0-M20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TLS Handshake Handler. The manipulation leads to resource consumption. This vulnerability is known as CVE-2024-38286. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Lattice-based cryptography is a quantum-resistant encryption method that uses complex mathematical lattices, offering security against quantum computing attacks. Unlike traditional encryption methods such as RSA and ECC, which are vulnerable to quantum computers, lattice-based cryptography remains secure due to the computational difficulty of solving lattice problems. It is expected to play a central role in post-quantum cryptography, with applications across government, military, and commercial sectors, ensuring secure communications and data protection in the quantum era.

The post Exploring the foundations of lattice-based cryptography appeared first on Security Boulevard.

Is your B2B SaaS freemium model truly driving growth? Discover how to fine-tune your freemium strategy to attract the right users, nurture them towards conversion, and achieve long-term success.

The post Freemium Model Optimization for B2B SaaS: A Strategic Growth Approach appeared first on Security Boulevard.

地震学家起初认为仪器有故障。地震监测站于 2023 年 9 月监测到的信号与地震或火山爆发特有的频率不匹配。然而全世界的监测器都侦测到了持续九天、每 92 秒脉动一次的信号。这一神秘信号被称为 unidentified seismic object（或 USO）。一年后，科学家认为他们破译了 USO——格陵兰岛东部因气候变化发生的山体滑坡引发了海啸，海啸在狭窄的峡湾内来回翻腾了九天。这一事件展示了气候变化如何以隐蔽的方式重构我们的世界。气候变化的后果并不总是显而易见的、可预测的、可测量的或可解释的。我们正进入一个气候不确定的新时代。

As organizations grapple with increasingly sophisticated cyber threats, many are rethinking their approach to managing security. Recently, Nuspire’s leadership team—including CEO Lewie Dunsworth, Chief Security Officer J.R. Cunningham, Chief Technology Officer Michael Wilson, and Product Manager Marcy Elder—gathered for a webinar to share their insights on what’s next for cybersecurity management.  Reimagining Cybersecurity Management  Five years ago, when Lewie joined ... Read More

The post A Fresh Approach to Cybersecurity: Unifying Intelligence, Technology and Human Expertise appeared first on Nuspire.

The post A Fresh Approach to Cybersecurity: Unifying Intelligence, Technology and Human Expertise appeared first on Security Boulevard.

In today's fast-paced business environment, employees increasingly turn to unauthorized IT solutions, called Shadow IT, to streamline their work and boost productivity. This article explores the prevalence of shadow IT, the risks it poses and discusses strategies for managing it. [...]

Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes. What is hotpatching? “Hotpatching has been around for years in Windows Server 2022 Azure Edition, but always required running a VM in Azure or on Azure Stack HCI. When Windows Server 2025 becomes generally available, you will be able to run the edition you want, where you want – … More →

The post Windows Server 2025 gets hotpatching option, without reboots appeared first on Help Net Security.

Cloudflare announced AI Audit, a set of tools to help websites of any size analyze and control how their content is used by AI models. For the first time, website and content creators will be able to quickly and easily understand how AI model providers are using their content, and then take control of whether and how the models are able to access it. Additionally, Cloudflare is developing a new feature where content creators can … More →

The post Cloudflare AI Audit helps websites control how their content is used by AI models appeared first on Help Net Security.

Data discovery and classification are foundational for data security, data governance, and data protection.