The US government should take action to ban TikTok rather than negotiate with the social media app, Brendan Carr, one of five commissioners at the Federal Communications Commission, told a local media outlet in an interview. 

With more than 200 million downloads in the U.S. alone, the app’s immense popularity is concerning because ByteDance, a Chinese company, owns it. That means there’s potential for data on US residents to flow back to China. However, the FCC has no power to ban TikTok directly, but Congress previously acted after Carr raised concerns regarding Chinese telecom firms, including Huawei. 

TikTok is currently in negotiations with Council on Foreign Investment in the U.S. (CFIUS), a multi-agency government body charged with reviewing business deals involving foreign ownership, to determine whether it can be divested by ByteDance to an American firm and remain operational in the United States. 

Earlier this year in September, the New York Times reported, that a deal was taking shape but not yet in its final form and that Department of Justice official Lisa Monaco was concerned the deal did not provide enough insulation from China. 

"I don’t believe there is a path forward for anything other than a ban," Carr said, citing recent incidents regarding how TikTok and ByteDance managed American consumer's data. “Perhaps the deal CFIUS ends up cutting is an amazing, airtight deal, but at this point, I have a very, very difficult time looking at TikTok’s conduct thinking we’re going to cut a technical construct that they’re not going to find a way around.” 

A few months ago, Carr sent letters to Apple and Google asking the tech giants to remove TikTok from their respective app stores. The commissioner is now calling for a nationwide ban despite the efforts made by both parties – the US government and TikTok – to come to an agreement. 

“Commissioner Carr has no role in or direct knowledge of the confidential discussions with the US government related to TikTok and is not in a position to discuss what those negotiations entail” a TikTok spokesperson responded. “We are confident that we are on a path to reaching an agreement with the US government that will satisfy all reasonable national security concerns.” 

For now, it’s still business as usual for a Chinese app in the US, though it may be a good idea for creators to have a backup plan in case of a ban. YouTube Shorts is a good option, and it pays better too.

 

The attack came in the wake of the recent state-sponsored attack on the US cybersecurity firm FireEye. The company's CEO, Kevin Mandia said in his blog that the attackers primarily sought information pertaining to certain government customers.  

The attack came two weeks after the virtualization software company publicly disclosed vulnerabilities. According to the company malicious actor (s) is accessing —VMware workspace one, Connector, Identity Manager, and Identity Manager Connector products for Windows and Linux. However, the identities of malicious actors and when all of this started have not been disclosed. 

VMware is an American Software Company that provides cloud computing and virtualization software and services. VMware was one of the commercially successful companies to virtualize the x86 architecture.

Its desktop software runs on Microsoft Windows, Linux, and macOS, while its enterprise software hypervisor for servers, VMware ESXi, is a bare-metal hypervisor that runs directly on server hardware without requiring an additional underlying operating system. 

It was about in late November when Vmware had addressed the attacking threat and pushed temporary workarounds to dig deeper into the issue. However, the ‘escalation-of-privileges ‘bug resolution had to wait till the 3rd of December 2020 to get resolved. 

The same day witnessed the United States Cybersecurity and Infrastructure Security Agency (CISA) releasing a brief bulletin to encourage administrators to review, apply, and patch as soon as possible.

Meanwhile, as per the National Security Advisor, VMware didn’t clearly disclose that the bug was being actively exploited by the attackers, which led to adversaries leveraging the vulnerability for launching attacks to steal data and exploit shared authentication systems. 

''The misuse via shell injection led to the installation of a web shell and follow up malicious activity where Security Assertion Markup Language (SAML) in the form of authentication assertions generated and sent to Microsoft Active Directory Federation Services, which allow actors access to protected data," the agency said. 

Security Assertion Markup Language or SAML an Open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). 

Besides insisting on the organizations to update compromised systems to the latest version, the agency is also moving forward towards securing strong management. 

As of now, the threat hasn’t gone anywhere; the US National Security Advisory has advised the agencies to monitor all the systems, scan server logs for the presence of "exit statements" that indicate possible malicious activity. 

The increasing vulnerability of U.S. space systems lately has incited its rivals to begin with their development of mechanisms for disabling space assets as a method of 'hobbling the joint force' and subverting the economic performance of the nation.

The purpose of this progression is the dependence of America's military forces which are spread across the world for communications, navigation, reconnaissance, and weather forecasts and that the most critical infrastructure sectors in the U.S. economy depend on space frameworks for fundamental administrations.

As of late certain reports from intelligence agencies indicate that enemies have now started focusing not only on satellites, but also on the ground stations that control them, the links between the satellites and the stations, and the ability of the users to access certain services, like the Global Positioning System.

The reports depict various ways in which the U.S. space capabilities may be debased, from electronic jamming of signs to high-power lasers that visually impair sensors to physical attacks on control centers.

It is clearly evident that the dangers to the U.S. space system are increasing consistently, and cyber-attacks offer the broadest exhibit of alternatives to the greatest grouping of troublemakers. 

Against that background, just the previous month a national-security contractor ManTech, came up with a 'novel approach' to deal with protecting military, intelligent, and commercial space assets against cyber-attacks.

Dubbed as Space Range, and it permits users to 'replicate' space networks in a controlled environment with the goal that their vulnerability to cyber aggression can be evaluated. The $2 billion company headquartered in Northern Virginia, has been doing this kind of work for quite a while. It had created the defense department's first cyber test range in 2009, and three years ago even launched an Advanced Cyber Range Environment.

Space Range, which began on May 4, is unique in the sense that it permits profoundly talented cyber experts to attacks exact replicas of satellites, ground stations, uplinks/downlinks, and so forth in a hyper-realistic environment that is air-gapped from the outside world.

As a company press release puts it that gives players the “ability to find hidden vulnerabilities, misconfigurations and software bugs on precise network replications.” The entire framework depends on a software-defined infrastructure model that can be reconfigured in hours as opposed to weeks.

That good news when time and money of the users is concerned, however, the most significant feature of Space Range is that it offers engineers and operators a protected and legitimate setting where to practically investigate the 'hardening' of their overhead resources against cyber-attack.

Nevertheless, with space quickly turning into a field of extraordinary competition, there isn't a lot of uncertainty that the Pentagon's recently introduced Space Force will be 'robustly funded' going ahead.

ManTech's Space Range will in no time, probably transform into a significant tool in assisting the government and industry to figure out where training and hardening outlays should be concentrated.

Airat Khairullin, the Minister of Digital Development of Public Administration, Information Technologies and Communications of the Republic of Tatarstan, told about the main directions of the Ministry's work, the center for digital transformation of the Republic of Tatarstan, as well as about the work of the sovereign Internet in Tatarstan and correspondence in messengers.

"If someone tomorrow decides to physically block the DNS server system for Russia, our IP routing may be disrupted. Therefore, we are talking about allowing traffic to be routed at the junction of Russian and foreign providers."

According to him, Tatarstan has already created the appropriate infrastructure for the sustainable protection of the Internet from external attacks. Thus, all 10 thousand social objects of the Republic are connected to the Internet through the Data Processing Center (DPC) in the IT Park. There is a second data center for disaster resilience in the Council State.

"And technically, if the DPC of the IT Park is destroyed by fire or flood, we have a fault tolerance point, and within this logic, it is also a sovereign Internet," he said.
In an interview with journalists, Khairullin also shared that he uses popular messengers, including the Telegram blocked in Russia.

The Minister also commented on the statement of Pavel Durov regarding the insecurity of using WhatsApp and calls to remove it.

"Any application carries a vulnerability. The question of compromises is to be completely without a phone and use pigeon mail or use messengers," said Khairullin.

On November 12, the Prime Minister of the Republic signed a decree on the establishment of the Tatarstan Digital Technology Center. The new institution was created to improve the quality of life of Tatarstan citizens, accelerate the receipt of public services, as well as simplify the interaction between the state, society and business.

Recall that Khairullin previously said that 7 cyberattacks occur on the DPS every day. Therefore, to improve the security system next year, the Ministry of Digital Affairs of the Republic of Tatarstan has planned a competition for white hat hackers who will have to try to find the shortcomings and vulnerabilities of the Republican website of public services and hack it. The exact date when this experiment will take place has not yet been determined.

NEW DELHI: The Centre on Monday informed the Supreme Court that it would need 3 more months to finalize the process of updating and notifying the intermediary guidelines for social media in India, as per the reports by PTI. These new rules will be aimed at curbing the alleged exploitation of various social media platforms like Facebook and WhatsApp; major issues like fake news, hate speech, defamatory posts, and anti-national activities will be regulated by the updated guidelines which are expected by the last week of January.

After the top courts inquired about the steps taken on this subject, an affidavit had been filed, in which the government said that the country witnessed an exponential increase in the kind of posts and messages that incite hatred, disrupts social harmony and threatens country’s integrity, and therefore, a greater control over the internet is required to safeguard national security.

On the basis of the appeals filed by social media giants like WhatsApp, Facebook, and Twitter, who argued that the cases will probably have national security implications, the court assembled all the related cases and transferred them to the High Courts. After the government provides the court a draft of revised intermediaries guidelines, the next hearing will take its course, which is expected on January 15.

The Internet has become a powerful tool which can potentially cause “unimaginable disruption to the democratic polity”, The Ministry of Electronics and Information Technology told the court.

Although technology has facilitated economic growth and progress, it also heightened the concerns regarding social harmony and national security. “As the internet has emerged as a potent tool to cause unimaginable disruption to the democratic polity, it was felt that the extant rules be revised for effective regulation of intermediaries, keeping in view the ever-growing threats to individual rights and the nation’s integrity, sovereignty, and security,” remarked the ministry in the affidavit. “After collating and analyzing all the details from stakeholder participation and inter-ministerial consultation, the deponent has bonafide belief that a further period of three months would be required for finalizing and notifying the final revised rules in accordance with law.”

Prior to Tamil Nadu’s agreement on transferring the cases to the top courts, the Attorney Journal said, “WhatsApp and Facebook after coming to India can't say they can't decrypt information.”

Director of the FSB Alexander Bortnikov said that terrorist can disguise their hacking attacks under the actions of special services of specific States and this threatened to political and military conflicts. He stated this at the XVIII international meeting of heads of intelligence, security and law enforcement agencies in Sochi.

According to the FSB, terrorist groups create and develop their own cyber units.

Bortnikov called on intelligence agencies of other countries to support Russia's demand to deposit encryption keys for mobile devices. Fighting terrorism is ineffective as long as they use closed channels of communication on the Internet, he explained.

"The main tool of communication between bandits are still Internet Messengers with high crypto protection. In this regard, we consider it a serious problem that a number of the world's leading IT companies do not want to cooperate with intelligence agencies in the field of information security,” Bortnikov said.

He also called on the special services to join efforts in identifying and blocking terrorist and extremist materials on the Internet and to establish cooperation with leading technology companies for this purpose.

Bortnikov also noted that the capabilities of terrorists in the future can grow due to the growing availability of artificial intelligence technologies. And with their help, the militants will be able to analyze large amounts of information, including illegally obtained databases.

In addition, the FSB Director said that international terrorists are increasingly using "confidential cryptocurrencies" to financially fuel their criminal activities. According to Bortnikov, terrorists create shell companies that legally participate in trading on stock exchanges, invest in real estate and various sectors of the economy. At the same time, criminals are increasingly using not bitcoin, but so-called “confidential cryptocurrencies”, which guarantee the anonymity of transactions.

Also, Alexander Bortnikov said about the threat of massive terrorist attacks using unmanned aerial vehicles. According to Bortnikov, the use of unmanned aerial vehicles capable of delivering various cargoes by terrorists will become a "real challenge" for the world's intelligence services.

It is important to add that this year the FSB has identified 39 terrorist attacks in preparation and eliminated 32 terrorists.

All the member countries of The North Atlantic Treaty Organization (NATO) are confident that all the member countries would retaliate if even a single member country is under cyber-attack.

The member countries include European countries, the US and Canada.

According to Article 5 of the founding treaty of NATO, “a collective defence commitment” could be made under the above circumstances. The article hasn’t been provoked since the 9/11 attack.

Per sources, “Cyber-space” has been designated as a domain which shall be defended and operated effectively like land, sea and air.

NATO hasn’t made such claims for the first time. The “Wannacry ransomware” attack which had wreaked havoc in the UK and NHS didn’t get the support of the Article 5.

There is no doubting the fact that considering an attack on one country as an attack on other countries too will be a herculean task when it comes to implementation.

The aspects and dimensions of an attack when it comes to cyber-crime and cyber-space are way different and abstract as compared to other forms of war.

Countries like Russia and Ukraine have been a part of such debates for quite some time now and there is no resolving and finding out the actual dimensions of an “attack”.

The team of the Ukranian president Vladimir Zelensky promised to hold the next presidential elections in Ukraine using Estonia's experience in electronic technologies.

Mikhail Fedorov, advisor to the President of Ukraine on the development of digital technologies, assured that Ukrainians will be able to vote online using the Vote system during the next presidential election as early as 2024.

"We already have The Vote project. It will be surveys at the first stage, through which the President, Prime Minister and others will find out the real opinion of the inhabitants of the country," Fedorov said.

Currently, only one country in the world uses the online voting system in parliamentary elections, it is Estonia. There, the voter is identified using a chip ID card or MobileID, and a PIN code is required to enter the system.

The authorities of Ukraine are going to supplement these opportunities with identification using an electronic signature, Mobile ID and maybe Smart ID for phones. In addition, it is possible to change your choice and vote, as well as check whether the vote is counted correctly when counting votes in the Central Election Commission.

It is known that the widespread introduction of electronic technologies has become a kind of visiting card of Estonia and its know-how in the eyes of the world community.

At the same time, many experts note that the use of the Internet in the elections of authorities is quite controversial because of security problems.

Recall that on July 30, the President of Ukraine Vladimir Zelensky signed a decree on measures to improve access to electronic services in the country. This document introduces a unified web portal of electronic services, where Ukrainians will be able to access information about themselves in the state registers using an electronic cabinet. The decree also approves the conduct of electronic elections and electronic census of the population in Ukraine.

Previously, Ehacking News reported that the Russian government has determined the basic parameters of the future electronic passport. Documents of the new type will be issued to Russians from 2020 in Moscow, and it is planned to fully switch to digital passports by 2022.

It turned out that more than half of Russians are not ready to issue electronic passports. They believe that this document is not secure; in addition, they fear possible failures in the system and database. The results of a survey of the All-Russian Public Opinion Research Center proof this. A nationwide survey was conducted on July 25, 2019. The survey was attended by Russians aged 18 years.

According to the Russians, one of the key advantages of an electronic passport is its universality, as one document contains all the data. Citizens also noted the durability of this document format, low risks of loss, compactness and its practicality.

According to 22% of Russians, this document in electronic form is not secure. Another 8% of Russians are afraid of possible failures in the system and database. 4% believe that the risks of the new document format are associated with the possible leakage of data to third parties and the loss of the passport.

According to respondents, the most useful functions of an electronic passport can be the ability to use it as a Bank card (payment for services, receiving salaries/pensions/benefits and other charges); the function of storing several documents at the same time (passport, driver's license, employment record, etc.), as well as signing and sending documents to the State institution without visiting it.

“According to Russians, the least useful functions of an e-passport are the opening of an Individual Enterprise / LLC (47%); entering into contracts with organizations in electronic form (52%) and notarization of electronic documents (53%)," - noted in the All-Russian Public Opinion Research Center.

State Duma Deputy Svetlana Bessarab commented on the survey data. In her opinion, everyone who doubts the security of an electronic document should be able to keep a paper one.

Deputy Chairman of the Duma Committee on Information Technology and Communications Andrei Svintsov expressed the opinion that the full digitalization of the economy will allow staying ahead of competitors, to create more comfortable conditions for citizens.

The Transport Safety Forum was held in St. Petersburg last week, in which the Chief Designer of GLONASS JSC Mikhail Korablev took part. He reported that the new Federal Target Program has a task to protect signals of future satellites from hacker attacks.

It is worth noting that GLONASS is a Russian satellite navigation system, one of only two fully functioning global satellite navigation systems in the world for today.

According to Mr Korablev, the task is to improve the accuracy of the GLONASS system and to increase the security of the signal, to combat spoofing (an attack on a satellite in which a navigation signal is faked).

"The attack of the ship management system is a problem. All ships use satellite navigation. There is a confirmed fact of information attacks on ships that do not allow making it possible to determine the location. Therefore, one of the tasks of the new program, in addition to improving accuracy, is to increase security," said Korablev.

It is not yet known how the satellite signal will be protected because the new Federal Target Program for the development of the GLONASS navigation system for the period 2021-2030 has not yet been approved. Currently, it is in the process of negotiation and should soon be sent for approval to the Government of the Russian Federation.

In the future, the entire GLONASS navigation system will be upgraded to the new GLONASS-K2 devices, which are fully assembled on the basis of domestic products. The first GLONASS-K2 satellite is scheduled to be launched into orbit at the end of 2019 - the beginning of 2020. It’s interesting to note that, currently, the GLONASS system orbital network includes 26 satellites.

The report of the US Special Prosecutor Robert Mueller does not contain any evidence of Russian interference in the American elections, said Dmitry Peskov, Press Secretary of the Russian President. He expressed regret that documents of such poor quality influence Russian-American relations.

The American authorities on the eve, April 19, published an edited version of the report of Mueller. The preparation of the report took about two years. The US Special Prosecutor investigated the possible interference of Russia in the US elections in 2016, the Trump team’s conspiracy with the Russian authorities, as well as whether the US President obstructed justice.

Mueller concluded that there was no collusion between the headquarters of American President Donald Trump and Russia. At the same time, according to the Special Prosecutor, Russia tried to influence the elections in the United States, acting in social networks and by hacking the mail servers of the Democratic Party.

"So, where did the American taxpayer’s money go? But let the American taxpayers themselves ask these questions," Peskov concluded.

According to him, the published report does not contain any new information. "All the information was in different media earlier. The report does not have reasoned evidence that the Russian Federation intervened in the electoral process in America. We still do not accept such accusations," Peskov added.

It should be noted that in December it became known that the US Department of Justice spent about $30 million for carrying out investigation about Russian intervention.

The Russian Foreign Ministry is also convinced that the report of the Muller does not contain a single piece of evidence. This was stated by Georgiy Borisenko, Director of the North America Department of the Russian Foreign Ministry.

Elections have knocked the country's doors!

There is a rising need to acknowledge all the raging political demands and needs of the citizens of the country.

To satiate the burning requisites of the nation, a comprehensive dash-board, open source platform(https://github.com/CSPF-Founder/CampaignManager) is here.

Brought to you by AVS Labs pvt ltd, Campaign Manager is available at a minimal price.

CAMPAIGN MANAGER works for the erudite management of election campaigns.

The versatile open source application is super user-friendly and is easy to install on one's own server.

One of the best aspects of this open source platform is that it's also available in customized versions on demand.

This is a substantial initiative towards meeting the political requisites of the population in need.

This application is specifically designed to work extensively in under-developed and developing countries.

WHY CAMPAIGN MANAGER?

Other e-government portals and campaign solutions are ruinously expensive. But CM is an open source.

Political parties and individuals could in a hassle-free way download and install it on their servers.

CM owners also entertain host servers and provide training in case of lack of proficiency on the downloader's part.

CM'S INTERFACE!

The application significantly proposes three roles for the users:
• Admin
• Data Entry Person
• Feeder

The ADMIN keeps a close and regular check on the issues entered and prioritizes them. Also it's their job to instruct the right person for the job via the dash-board.

The FEEDER is any individual who reports issues or problems according to the area/ ward/ constituency.
The feeders include people like party members, media-men etc.

The DATA ENTRY PERSON is that person who shall be instructed by the feeder to report an issue on their behalf in case they can't.

Supremely Outstanding Benefits of CM

It's an amazing utility that caters to the political needs of the citizens.

It aids the political leaders to comprehend and view the problems feeded in by the citizens.

It's an excellent mechanism for managing and resolving the peoples’ current issues.
 
Get the Source code and guide from here:
https://github.com/CSPF-Founder/CampaignManager

The Moscow City Court sentenced to seven years in prison an entrepreneur and ex-FSB officer Georgii Fomchenkov. The case was heard behind closed doors because of secrecy.

Recall that Fomchenkov was arrested on December 5, 2016. He is the fourth defendant involved in the case of State treason of employees of the FSB. So, Sergei Mikhailov, the Head of one of the divisions of the Information Security Center of FSB, his subordinate major Dmitrii Dokuchaev and Ruslan Stoyanov, an employee of the Computer Incident Investigation Department of Kaspersky Lab, were arrested in this case. It should be noted that Ruslan worked until 2006 in law enforcement agencies.

It is known that Mikhailov received 22 years in prison and a fine of 400 thousand rubles, Stoyanov received 14 years and a fine of 150 thousand rubles.

According to media reports, the defendants are accused of transferring secret information to foreign intelligence services. 

Colonel Mikhailov and his subordinates carried out operational development in the case of Pavel Vrublevskii, the founder and CEO of the processing company Chronopay. It turned out that they gave the FBI secret information about the ways and methods of conducting operational and investigative activities in the case of Vrublevskii, who is considered to be a cybercriminal in the United States. They earned on the sale of State secrets 10 million rubles.

In addition, Fomchenkov previously engaged in business on the Internet. In the early 2000s, he had the payment services that were popular among the webmasters of pornography sites, spammers, and owners of pharmacy resources.

An interesting fact is that the detention of Stoyanov and Mikhailov happened shortly after the arrest of Vladimir Anikeev, the Head of the hacker group Humpty - Dumpty. Officially, the FSB does not connect these two events. However, Anikeev was interrogated in the case of Fomchenkov.