Connect with us

Cyber Security

Legality of Security Research to be Decided in US Supreme Court Case

Published

on

A ruling that a police officer’s personal use of a law enforcement database is “hacking” has security researchers worried for the future.

Independent security researchers, digital-rights groups, and technology companies have issued friend-of-the-court briefs in a US Supreme Court case that could determine whether violating the terms of service for software, hardware, or an online service equates to hacking under the law.

The case—Nathan Van Buren v. United States—stems from the appeal of Van Buren, a police sergeant in Cumming, Georgia, who was found guilty in May 2018 of honest services wire-fraud and a single charge of violating the Computer Fraud and Abuse Act (CFAA) for accessing state and government databases to look up a license plate in exchange for money. While Van Buren was authorized to use the Georgia Crime Information Center (GCIC) to access information, including license plates, federal prosecutors argued successfully that he exceeded that authorization by looking up information for a non-law enforcement purpose.

With the appeal accepted by the US Supreme Court, security researchers and technology companies are concerned with the potential for the case to turn independent vulnerability research into unauthorized access and, thus, a prosecutable offense. If the US Supreme Court rules that Van Buren’s actions are a violation of the CFAA, it will undermine software and cloud security, says Casey Ellis, chief technology officer and founder of crowdsourced bug bounty firm Bugcrowd.

“Unauthorized access is one of the main purposes of security research—by making it illegal, researchers will be unable to effectively do their jobs, the organization will not be able to close all vulnerabilities, and attackers will win,” Ellis says, adding, “the purpose of the CFAA is to outlaw malicious cyberattacks, not grant organizations the ability to halt vulnerability reporting by holding ethical researchers legally accountable for their actions.”

The list of interested parties filing so-called Amicus briefs in the case pit the usual suspects against each other: Digital rights groups—such as the American Civil Liberties Union, the Center for Democracy and Technology, and  Electronic Frontier Foundation—against law enforcement—specifically, the Federal Law Enforcement Officers Association, and security researchers and security firms—such as Rapid7 and Bugcrowd—against organizations such as the financial group Managed Funds Association (MFA) and mobile voting firm Voatz

The MFA worried about “faithless employees” stealing client information, financial information and trade secrets, while Voatz raised its concerns that independent research—such as a recent paper authored by Massachussetts Institute of Technology (MIT) researchers that found significant security issues with its mobile voting application—is not in the cause of security. On September 3, Voatz filed its brief in response to the filing on behalf of security researchers. 

“We’re not advocating to limit anyone’s freedom – we’re saying it’s difficult to distinguish between good and bad faith attacks in the midst of a live election,” the company said in a statement sent to Dark Reading. “For everyone’s sake, it’s better to work collaboratively with the organization — bad actors disguise themselves as good actors on a regular basis. All attempts to break into or tamper with an election system during a live election need to be treated as hostile unless prior authorization was specifically granted.”

The MIT research used the Voatz app and a reverse-engineered version of the backend server, and never took place during a live election, according to a paper published at the prestigious USENIX Security Conference last month. 

“As performing a security analysis against a running election server would raise a number of unacceptable legal and ethical concerns, we instead chose to perform all of our analyses in a ‘cleanroom’ environment, connecting only to our own servers,” Michael Specter, a PhD candidate in computer science at MIT, and his co-authors stated in the paper. A later analysis funded by Voatz actually verified all the vulnerabilities plus a significant number of additional issues.

Yet, other technology companies and organizations have voiced support for security researchers and limiting the application of the Computer Fraud and Abuse Act. In their joint Amicus brief, software-developer tools maker Atlassian, browser maker Mozilla, and e-commerce platform firm Shopify all supported security researchers’ efforts.

“Effective computer security … entails creating systems that are resilient to computer hackers. That requires letting people, including members of the robust community of independent security researchers, probe and test our computer networks,” the companies stated, adding “[a]n overbroad reading of the CFAA, however, chills … critical security research. Security experts may not think it worth the risk to conduct their research without a clear definition of what it means to ‘exceed authorized access,’ especially when mere terms of service violations have been used to impose criminal penalties in the past.”

Security researchers are not the only ones at risk, says Bugcrowd’s Ellis. Anyone who uses a computer system in a way not intended by the manufacturer could find themselves the target of legal action and, perhaps, prosecution, he says.

“The law is so broadly written that it criminalizes acts that otherwise violate a website’s terms of services, from lying about your name on a Web form to the socially beneficial security testing that ethical security researchers undertake,” he says. “A broader interpretation of ‘exceeds unauthorized access’ in CFAA works directly against the goals of a safer and more resilient Internet.”

A date for oral arguments in the case has not been set.

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT’s Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline … View Full Bio

Recommended Reading:

More Insights

Source: https://www.darkreading.com/risk/legality-of-security-research-to-be-decided-in-us-supreme-court-case/d/d-id/1338874?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Cyber Security

Galaxy S17

Published

on

Table of Contents

Samsung Galaxy S17 2021: Release Date, Specifications, Price and More!
This is what it looks like!

Samsung Galaxy S172021: Hello Friends. How are you? I hope you are all well. For those who want to buy a replacement phone, it may be great news that Samsung Galaxy S 2021, which is the most famous brand in the world, will bring a new Samsung phone or sell. We heard this phone news via online media. There are many types of videos that can be shared on video sharing media. The Samsung Galaxy S17 2021 smartphone is one of the most awaited mobiles in the world.

This phone will be the most expensive mobile of the year. If you are able to understand the phone, the Samsung Galaxy S17 will come with a replacement Android OS model. This smartphone’s Release Date, Price and Full Specification is shared. Keep reading and stay with us.

Samsung Galaxy 17’s display contains many types of news that we know. However, not all information is accurate. Experts have stated that this collection will have a full-screen display. The display resolution will be 1445×3040 pixels. Let’s take a look at the full specifications of this phone. The Galaxy S17 specifications include a 6. 1-inch Super AMOLED full-screen display with 1445×3040 pixels. This smartphone also features a 19:5:9 ratio.

Full Specification for Samsung Galaxy S17

A chipset snapdragon 870+ processor will be found. The storage will be 12GB RAM and 256GB ROM. Support for 1TB external SD cards will be provided. 6G Network technology could be added to it with support for 5G, 4G and 3G Networks, but that’s a rumor. No one can guarantee it. The specifications for the Samsung Galaxy S17 include:

  • 48 MP Front Camera
  • 5 Cameras with LED Flash (96MP + 64MP+ 48MP + 32MP+ 32MP + 16MP).
  • 16 K video Opportunity
  • Super AMOLED Display with 1440×3040 Pixel Resolution
  • Water and scratch-resistant glass (Corning Gorilla Glass7+), Light sensor Proximity sensor, Accelerometer Compass, Gyroscope
  • Processor: Octa-core, 2840 MHz, Kryo 500, 64-bit, 7nm.
  • Android Q 10 OS
  • 7000 mAh Battery
  • Fast Charging supported
  • Support via wireless
  • video 3840×2160 (4K HD) (60 FPS), 1920×1080(Full HD), (240fps), 1280×720(HD) (1280fps), 960 FPS)
  • Dimension: 5.90×2.77×0.31 inches (149.4×7.8 mm).
  • Fingerprint Sensor
  • Face ID
  • Waterproof
  • Dual Nano SIM Card
  • Many more features

Samsung Galaxy S17 2021: Battery and RAM.

Samsung Galaxy 17 2021 battery is a great choice for those who use the internet and want to play online games. The batteries are fast and can be charged quickly and last a long time. The massive 6360mAh battery in this Samsung smartphone is impressive. The massive 6360mAh lithium-ion battery in this Samsung smartphone is impressive. The Samsung Galaxy S17 has a 64MP + 43MP + 32MP + 16MP rear camera. There’s also a 48MP camera for video calls and selfies. Two storage options and two RAM options are available on the Samsung smartphone. This smartphone has 10GB/12GB RAM and 256GB or 512GB internal memory. A MicroSD card can be used to expand storage up to 1TB.

Samsung Galaxy S17 Price

This phone is not expensive, and it’s usually $1270. When Samsung officially announces the value, we will keep you informed. Keep watching our website to see all the latest updates and get the ultimate phone, the most capable.

Samsung Galaxy S17 Release Date

It is expected to be released 10 Oct 2020, but we will inform you about the exact date after the official announcement by Samsung, the largest worldwide company. We will have to wait and see.

Samsung Galaxy S17 Price

This phone is expected to be $1270. We will keep you informed about the official announcement by Samsung. Keep checking our website for all the latest information.

Country Price (Expected)
1. Samsung Galaxy S17 Price in India 54900 INR.
2. Samsung Galaxy S17 Price in Pakistan 119500 PAK.
3. Samsung Galaxy S17 Price in USA Country 1270 USD

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/galaxy-s17/

Continue Reading

Cyber Security

How To Connect AirPods To Lenovo Laptop?

Published

on

We now live in a wireless earbud era, which has revolutionized and changed the way we listen to and experience music. Apple AirPods are one of the most popular wireless earbuds on the market, and they’ve completely transformed our way of listening to and consuming music, especially as we learned to use Bluetooth to connect directly with our ThinkPad.

One of the amazing features of the AirPods that people don’t seem to talk about is their ability to connect to non-Apple devices that accept Bluetooth, such as a ThinkPad or other Lenovo laptop.

In this article, I’ll go through how to connect AirPods to a Lenovo laptop, as well as what to do if they refuse to pair. I’ll also show you what you can do if your Lenovo laptop doesn’t have Bluetooth capability and you want to connect your Airpods.

In a few simple steps, learn how to connect your AirPods to your Windows PC.

Apple’s AirPods are Bluetooth earbuds that are completely cordless and developed specifically for iOS devices like the iPhone and iPad. However, AirPods are compatible with a wide range of other devices, including Android phones and computers.

Of course, if you use AirPods with a PC, you won’t be able to use Siri because that feature is only available when the buds are connected to an iPhone or iPad.

SEE ALSO:

Top 5 Best Text to Speech (TTS) Softwares

However, if you want to use your AirPods with your |along with your > PC while they aren’t paired with your iPhone, here’s how to do it.

It is extremely possible to connect any type of AirPods to your Lenovo laptop or ThinkPad, and if you are in a hurry, follow these instructions.

How to connect AirPods to a Lenovo laptop is as follows:

  1. To access settings, press Windows key + I.
  2. Select Devices from the Settings menu.
  3. Bluetooth should be enabled.
  4. Add Bluetooth or other devices is the option to choose.
  5. Bluetooth is a good option.
  6. Now, take your AirPods case and open the cover.
  7. Press and hold the button on the back of your AirPods case.
  8. When you see a white light, release the button.
  9. Choose your AirPods from the list of devices that have been discovered.
  10. To finish, click Done.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/how-to-connect-airpods-to-lenovo-laptop/

Continue Reading

Cyber Security

Bitdefender Ransomware Vaccine

Published

on

The “Bitdefender ransomware vaccine” can be seen here.

To address the escalating ransomware menace, Bitdefender is distributing a ‘vaccine.’

Bitdefender, a Romanian security software provider, has released a free replacement programme to prevent your machine from being infected by ransomware.

Table of Contents

Bitdefender Ransomware Vaccine

The Bitdefender Antiransomware vaccine protects your system from crypto-ransomware such as CTB-Locker, Locky, and TeslaCrypt by making it appear as though it has already been infected with malware.

Various ransomware strains, such as variants of Locky and TeslaCrypt, frequently employ a mechanism that detects if a computer has already been infected with the malware and had its files encrypted. Bitdefender’s new software, on the other hand, claims to be able to mimic these checks, meaning that if your computer is ever infected with ransomware, the virus will bypass it.

“In some ways, the new technology is an offshoot of the Cryptowall vaccine programme,” said Catalin Cosoi, Bitdefender’s senior security strategist. “We had been looking for a solution to prevent this ransomware from encrypting files even on PCs that were not covered by Bitdefender antivirus, and we recognised we could expand the thought.”

SEE ALSO:

Dell informed customers that updates released patch to fix critical vulnerabilities

The original Cryptowall vaccine tool functioned similarly, but it may soon become obsolete and in need of an upgrade to keep up with how ransomware evolves and becomes more complex.

Bitdefender’s latest tool covers many more ransomware variants than before, but it’s not an all-in-one solution or blatant prevention tool.

Ransomware has recently taken on new forms, including a strain that targets WordPress sites rather than computers. As a result, this new anti-ransomware vaccine should not be viewed as a long-term solution, as more sophisticated threats may arise sooner rather than later.

Bitdefender isn’t the only company working on a ransomware vaccination. Sean Williams, a developer, is working on a tool called Cryptostalker to prevent ransomware from infecting Linux systems, while researcher Sylvain Sarméjeanne is working on a Locky-fighting tool.

Bitdefender Antivirus Free Edition with Combination Crypto-Ransomware Vaccine User Questions

Bitdefender Antivirus Free Edition is what I’m using. Is it required or suggested to utilise this Bitdefender tool in addition?

The Position of Bitdefender on Ransomware and Decryptors

Remediation for Ransomware: Bitdefender Ransomware Protection can help you recover ransomware-encrypted files (& etc.)
Does BitDefender Anti-Virus Free come with the ransomware protection that BitDefender Anti-Ransomware Free offers?

Vaccine Against Crypto-Ransomware in Combination Has Been Released

By leveraging gaps in the crypto ransomware families’ spreading mechanisms, Bitdefender anti-malware experts have created a replacement vaccine tool that may guard against known and possibly future versions of the CTB-Locker, Locky, and TeslaCrypt crypto ransomware families.

SEE ALSO:

Microsoft Detailed the Steps Involved in the Processing of Vulnerability Reports

“In some ways, the new tool is an offshoot of the Cryptowall vaccine programme.” Catalin Cosoi, the Chief Security Strategist, explained. “We had been looking for a solution to prevent this ransomware from encrypting files even on PCs that were not covered by Bitdefender antivirus, and we recognised we could expand the thought.”

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/bitdefender-ransomware-vaccine/

Continue Reading

Cyber Security

Windows Firewall Allow Ping

Published

on

Table of Contents

Using Group Policy, enable ICMP (PING) over the Windows Firewall with Advanced Security

Prerequisites

On Windows 7, Windows 8, Windows Server 2008, Windows, or Server 2012, you’ll need the Group Policy Management Tools. These are part of the Remote Server Administration Tools (RSAT), which may be downloaded from Microsoft’s website.

Instructions

Please follow these instructions to activate ICMP on devices using Windows Firewall with Advanced Security (Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2012).

  1. Using the Group Policy Management Tool, you can edit an existing Group Policy object or create a new one.
  2. Expand the node pc Configuration/Policies/Windows Settings/Security Settings/Windows Firewall with Advanced Security/Windows Firewall with Advanced Security/Inbound Rules in the pc Configuration/Policies/Windows Settings/Security Settings/Windows Firewall with Advanced Security/Windows Firewall with Advanced Security/Windows Firewall with Advanced Security/Windows Firewall with Advanced Security/
  3. Click Next after selecting the Custom radio button.
  4. Select the radio box for All Programs and then click Next.
  5. Select ICMPv4 from the Protocol Type: sink list and click Customize…
  6. Check the radio selection for All ICMP types and then click OK.
  7. Note: If you want to limit ICMP to specific types, you need allow at least Echo Request.
  8. You can either limit which IP addresses ICMP can and cannot communicate with, or tick the Any IP address radio buttons to allow all, then click Next.
  9. Click Next after checking the Allow Connection radio option.
  10. Select which profiles will be affected by the rule. At the very least, tick the Domain profile checkbox and then click Next.
  11. Remove the Name: field from the rule and give it a relevant name. If desired, create an outline and then click Finish to depart and save the new law.
  12. Using the Group Policy Management Tool, verify that the Group Policy Object is applied to the appropriate computers.
    Allow pings over the Windows firewall.

SEE ALSO:

Top 10 Best Android Emulator for Windows Mobile Applications-2019

Overview

Ping requests are prohibited by default if you have the Windows Firewall Allow Ping option activated. The University Information Security Office’s (ISO) vulnerability scanners are unable to work as a result of this. Follow the procedures below to configure your firewall to allow pings.

To complete these tasks, you may be asked for administrator access.

Firewall in Windows

  1. Open Windows Firewall by searching for it and clicking on it.
  2. On the left, select Advanced Settings.
  3. Click Inbound Rules in the left pane of the resultant window.
  4. File and Printer Sharing (Echo Request – ICMPv4-In) is one of the fundamentals.
  5. Enable each rule by right-clicking it and selecting Enable Rule.

Firewalls from third parties

See Vulnerability Scanners if you use a third-party firewall application or appliance.

It’s difficult to hide all conceivable ways of enabling ping on all possible firewalls because each third-party firewall is set differently.

However, to fill out the form to configure your firewall, you’ll need the following information:

  • Many firewalls allow you to whitelist specific IP addresses or ranges. Vulnerability Scanners has the IP ranges for UISO scanners.
  • Some firewalls allow specified protocols or services to pass through. You should enable ping in certain instances. The setting is known as “ping” or “incoming ping” on some firewalls. Others inquire about it using the technical term “ICMP Echo Reply.” Allow this protocol in either case.
  • Many firewalls also include options for allowing specific ports to communicate (do not confuse networking TCP ports with the physical serial, parallel, USB, or Ethernet ports). Don’t worry about those settings for the UISO scanner; only “ping” (ICMP Echo Reply), which doesn’t require ports, has to be enabled. With other reasons, you’ll want to allow or disallow specific ports, but it’s pointless to try to do so for the UISO scanner.

SEE ALSO:

Windows Defender Mistakenly Considered Citrix Services as Malware

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/windows-firewall-allow-ping/

Continue Reading
Energy28 mins ago

Green Chemicals Market | Evolving Opportunities with BASF SE, Braskem SA, Cargill Inc., and More| Expected Incremental Growth of $ 71.32 billion by 2025

Fintech52 mins ago

Aite-Novarica Group research ranks 7 core providers for digital banking solutions

Esports53 mins ago

Twitch to reportedly add new chat moderation features

Esports1 hour ago

Battlefield 2042 beta reportedly starting on Oct. 6

Esports1 hour ago

Hecarim and Udyr to receive buffs, Jarvan IV and Irelia among champions to be nerfed in League Patch 11.20

Esports1 hour ago

The difference-makers: The best junglers at Worlds 2021

Energy1 hour ago

$ 1.52 Bn growth opportunity in Household Water Purifier Filter Market 2021-2025 | Technavio estimates 14.38% YOY growth in 2021 amid pandemic

Esports2 hours ago

Everything you need to know about Tracking and Skinning in New World

Esports2 hours ago

Everything you need to know about mining in New World

Esports2 hours ago

How to Remove Gems in Diablo 2 Resurrected

Esports2 hours ago

New World Interactive Map Tools Help Players Explore Aeternum While Offline

Esports2 hours ago

Diablo 2 Resurrected Server Status: How to Check

Energy2 hours ago

AutoGrid To Provide Turnkey ‘Virtual Power Plant’ to Clean Power Alliance’s Power Response Program to Improve Reliability of California Grid

Esports2 hours ago

Best GPU water coolers

Esports2 hours ago

Anivia player creates army of minions in League’s URF mode

Esports2 hours ago

AiAi is coming to Fall Guys: Ultimate Knockout on Sept. 30 in new Super Monkey Ball crossover

Energy2 hours ago

Silvercorp to Highlight Innovative Waste Reduction Initiatives in Upcoming Annual Sustainability Report

Esports2 hours ago

How to watch IEM Fall Europe

Energy2 hours ago

Mountain Province Diamonds Announces Quarterly Sales Results

Esports3 hours ago

When is the Warzone Halloween Event Start Date?

Esports3 hours ago

How to Reset Skills in Diablo 2 Resurrected

Esports3 hours ago

When is the New World Pre-Download Time?

Esports3 hours ago

When is the New World Pre-Download Time?

Energy3 hours ago

La flotte d’équipements de construction de routes sans pilote de XCMG, la plus importante au monde, termine un projet national d’entretien routier

Esports3 hours ago

Will Amazon Games’ New World Release on Console?

Energy3 hours ago

Quanta Services to Participate in the Wolfe Research Utilities, Midstream and Clean Energy Conference

Energy3 hours ago

Maverix Acquires Gold Stream and Enters into Strategic Partnership with Auramet

Energy3 hours ago

Applied Blockchain, Inc. Provides Business and Partnership Update

Fintech3 hours ago

Signifyd Collaborates with Capital One To Help Retailers Combat False Positives

Energy3 hours ago

FMC Corporation announces dates for third quarter 2021 earnings release and webcast conference call

Trending