 President Biden is preparing a huge U.S. cybersecurity strategy to revamp, headed by the Office of The National Cyber Director. The plan aims to incentive key actors to get involved with cybersecurity. More: - According to reports, the President has directed six different teams to work on this issue.
- Staff members involved in the draft include Rob Knake, deputy national cyber director for strategy and budget, Harry Krejsa, acting assistant national cyber director for strategy and research, and Matthew Ferren, cyber policy advisor.
- While the exact content of the strategy is not known, researchers have stated that the U.S. should focus more on strengthening defensive capabilities, improving the cybersecurity workforce, which suffers from a gap in talent, strengthening domestic cooperation between institutions and states, etc.
Zoom Out: - President Biden has taken several cybersecurity-related initiatives that have led to policy. Biden signed an executive order that directed companies to report their breaches faster than they currently do.
- Biden also signed an order that establishes cybersecurity employees' work rotation, enabling them to get experience in multiple federal agencies.
| |
 The Tor Project team has announced the updated version of Tor Browser, 11.5. This version aims to bypass censorship by enabling users to connect automatically to Tor and continue their search. More: - The new highlighted feature is named Connection Assist. Before this update, Tor users had to figure out on their own how to create a bridge and use internet browsing. From now on, Tor users will be able to automatically create a bridge by having the browser offer country-specific options.
- Tor is also launching a new feature that makes HTTPS-only browsing the default mode.
- The browser has also released updates that make it more difficult for threat actors to footprint its users. The way Tor hopes to do this is by using standardized fonts that replace the fonts in standard devices.
- Lastly, the project has also vowed to release these updates in its Android version, which at the moment is not equal in features to other operating systems.
| |
 A message from SECURITY COMPASS Current approaches to Threat Modeling simply don’t work. - They are manual and inconsistent
- They take too long
- They don’t scale
- They don’t give developers what they need
Here you can find a series of posts breaking down how you can anticipate threats earlier in the software development life cycle to create more secure software. Learn more about current threat modeling challenges. See how a new, developer-centric approach to threat modeling can help your organization deliver secure software faster. Read Series on Threat Modeling And, yes, we understand that threat modeling is a time-consuming process that requires the expertise of security professionals and figuring out the best approach to mature application security programs can be difficult, especially with increasing internal demands for a faster time to market. According to this Total Economic Impact™study, SD Elements enabled its users to decrease the time needed to develop security requirements for products by 90%. See how
| |
 Mantis botnet was used to deploy the largest HTTPS distributed denial-of-service attack ever. The cyberattack happened in June 2022. More: - Thousands of Cloudflare customers were hit with cyberattacks, causing outages and service delays.
- While it was known that DDoS attacks caused the outage, researchers have now revealed that a botnet known as Mantis was used by the threat actor to execute the DDoS.
- Mantis Botnet is a malware that uses virtual machines to carry out cyberattacks, making it more difficult to defend against even though it only releases 5,000 bots.
- The Cloudflare attack only lasted 30 seconds but created 26 million requests per second, totaling 212 million HTTPS requests. The attack affected websites in Indonesia, Brasil, Russia, U.S., and India.
| |
 A message from CALIBER What To Do With Your Capital Gains of $100K or More Did you know there are now very attractive ways of reinvesting your your cap gains and putting them back to work, while turning the tax man away for years? There’s a rare gift from the IRS to incentivize private investment in underserved US areas. If you have 2022 capital gains from the sale of a business, stock, stock options, crypto, property, or other investments, Opportunity Zone investing can unlock these benefits: - Defer paying your cap gains taxes until 2027
- Unlock compounding potential on your gains
- Permanently escape taxation on reinvestment gains.
However, there are lots of myths and misconceptions about the qualifications and the deadlines, even by seasoned investors and advisors. Learn how it works and bust through the myths with this special no-cost investor guide from Caliber - The Wealth Development Company. Grab The Investor Guide
| |
 North Korean hackers are using H0ly Gh0st ransomware to breach victims. The threat actors are mainly targeting businesses and business owners, continuing the country's strategy of remotely targeting companies and employers who could be hacked or scammed and then taken advantage of. More: - H0ly Gh0st ransomware is used by the H0ly Gh0st hacker group.
- The threat actor uses a relatively standard scheme among hackers.
- First, it encrypts all of the victim's files, sends a sample as proof that they have indeed been breached, and then they ask for ransom paid for in Bitcoin.
- The amount that the group usually asks for is believed to range from one to five BTC.
- Their website shows text that claims that the group's goal is to close the gap between the rich and the poor.
- Researchers have discovered that the group is using four different variants of the malware, three of which are written in GO and one in C++. The group is being tracked by Microsoft's security research team.
Zoom Out: - North Korea has been linked with numerous hacking campaigns. A group known as Lazarus stole $600M worth of crypto from the Ronin bridge in Axie Infinity.
- The group recently also hacked Horizon bridge, managing to steal over $100M.
- The U.S. government recently warned healthcare organizations and private companies to be careful from North Korea-backed hackers who are targeting the U.S.
| |
 Cybersecurity company Bishop Fox has raised $75M in a Series B funding round. The funding was led by Garrick Capital Partners. More: - The company has been active for 17 years, while it was co-founded and led by Vinnie Lu.
- Bishop Fox offers a software platform that simulates cyberattacks, allowing companies to spot the vulnerabilities in their cyber defense. Bishop currently sells the platform to Google, Equifax, Zoom, Sonos, and John Deere.
- The company is not profitable, but Lu stated that this is on purpose, as it is prioritizing growth over profit at the moment. Bishop Fox has managed to hit growth targets this year, as it has tripled its revenue and has grown its staff by one-third.
- Bishop Fox works with 25% of the Fortune 100 companies.
| |
Quick Hits: - Elon Musk gave a shout-out to Boxabl, calling it a "cool product." Invest in Boxabl today with over 15,000+ investors!*
- Microsoft is reportedly investigating user reports that claim that some apps are not working ever since the company released its June updates. The affected apps are MS Access 2013 and 2016.
- A new tool that infects servers with a botnet and overrides security protocols and log-in credentials has been tracked.
- Researchers from the New Jersey Institute of Technology have demonstrated a way through which hackers can remove identity protection software and bypass any anonymous users' defense mechanisms.
- Fatigued? Gaining weight? Hyper stressed? Uncover the root cause by testing hormone/nutrient levels with an at-home lab kit. Code INSIDE for 20% off.*
*This is a sponsored post.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 Ford. | |
Security Compass is on a mission to accelerate software time-to-market while managing risk. | |
Learn how OZ investments unlock tax incentives and compounding on your cap gains. Start here. | |
