Month: March 2024

Kickstart AI app innovation at your organization. Get the Building Intelligent Apps: Team Readiness and Skilling Toolkit to learn how to assess your team’s readiness and empower them to start building intelligent apps. Find guidance on creating a plan for success and training resources to help developers build and modernize apps in Azure. Request the toolkit to: See how to foster confidence with in-depth, hands-on learning materials to expand your team’s knowledge and eliminate common barriers to building with AI. Discover ways to overcome hesitation about cost and complexity and remain competitive by equipping your development team to build intelligent apps with AI and advanced technologies. Explore best practices and tools to manage and optimize workloads and get the most from your investment after deployment.

NIST is pleased to announce a new Notice of Funding Opportunity (NOFO) to support Regional Alliances and Multistakeholder Partnerships to Stimulate (RAMPS) cybersecurity education and workforce development. The funding expands the existing RAMPS program* and anticipates awarding an additional fifteen awards of up to $200,000 through cooperative agreements.

As part of the Department of Commerce’s Principles for Highly Effective Workforce Investments and Good Jobs Principles, RAMPS will support the NIST-led NICE program. NICE works with government, academia, and the private sector to advance cybersecurity education and workforce. Effective partnerships will focus on bringing together employers and educators to focus on developing the skilled and diverse workforce to meet industry needs within a local or regional economy. 

Applicants must demonstrate through letters of commitment that, in addition to the applicant, at least one of each of the following types of organizations is committed to being part of the proposed regional alliance:

• at least one institution of higher education or nonprofit training organization, and
• at least one local employer or owner or operator of critical infrastructure.

A webinar for interested applicants will be held on April 8, 2024, at 3-4pm Eastern Time to provide general information regarding this funding opportunity, offer general guidance on preparing applications, and answer questions.

Deadline to apply: May 24, 2024

View this funding Opportunity on Grants.gov

The 15th Hackers On Planet Earth (HOPE) conference will be held from July 12-14, 2024. At St. John’s University Queens, NY.

The Call for Participation is now open!

SUBMIT YOUR HOPE PROPOSAL

Talks & Panels

Speaking at HOPE is a magical and unique experience. We encourage people of all backgrounds and experience levels to pursue their ideas for talks. We often have discussions by professors and intelligence experts sharing the schedule with presentations from young people who are just getting started. HOPE is filled with diverse thought, opinion, and experience. That’s why your ideas are welcome here.

We have some tips on making your proposal as good as it can be. The conference will have multiple simultaneous speaker tracks for solo talks, panel discussions, keynotes, and more. Email [email protected] with your completed proposal. If your proposal is accepted, you will hear back from us in the coming weeks. Regardless, we hope to see you in July!

Workshops

Over the three decades of HOPE conferences, workshops have become a big part of what makes HOPE a unique, interactive, and fun experience. Perhaps you have knowledge or skills that are best shared in a hands-on environment. Perhaps you’re presenting a talk and want to give a follow-up workshop for your audience to learn more. We welcome your proposals!

Past HOPE conferences have each hosted several dozens of workshops that were enjoyed by many – in a small room, or large, in a more intimate environment or a large open area. We have tips and guidelines that will help you make your workshop submission more likely to be accepted. Workshops at past HOPE conferences include such diverse topics as: electronics, coding, how to submit FOIA (Freedom of Information) requests, hacking Wi-Fi routers, making tea, dealing with COVID, improving education, music synthesis, brain-computer interfaces, and much more. Send your proposal (one proposal per email!) to [email protected].

Other

* Villages. The conference has space for groups to set up thematic gathering places for attendees to congregate and socialize. Proposals will have the name of the village and what will be featured there. If you have an idea for a village, email us at [email protected].

* Performances. HOPE has settings for music and other performances. If you’re a musician/artist who would like to perform in front of the HOPE crowd, email us at [email protected]. Be sure to tell us something about your performance ideas. If you have recorded material, links to that would be very helpful.

* Exhibitions and Installations. We have all kinds of space for art and exhibits. If you have an idea for something that you think could fit in here (such as futuristic art inspired by the hacker and phreak ethos or works that examine society from a technological angle, etc.), email us at [email protected] with details.

* Vendors. For a small fee, vendors with hacker-oriented wares will be able to set up a table and sell to attendees. All vendors are subject to approval by HOPE staff and must be relevant in some way to the hacker community. If you’re interested, email [email protected] for more details.

* More! Your ideas that don’t fit into any of these categories are welcome. Email [email protected] and tell us about them. We’re always looking to try something new.

TOPICS OF INTEREST

No matter what part of HOPE you choose to be involved in, you will encounter all sorts of hacker-related themes. If you find yourself interested in any of the topics below, then you’ll definitely have fun at HOPE! And if you have anything you want to share from this small list, we encourage you to submit a speaker and/or workshop proposal using the instructions above.

Programming

Intrusion Methods and Defense

Spying, Counterintelligence, and Tradecraft

Social Engineering

System Architecture, Design, and Circuitry

Social Impacts of Technology

Hacker History

Hacker Morality

Cryptanalysis, Cryptology, Cryptography

Election Security

Artificial Intelligence

Infrastructure

Green Tech

Retrocomputing

Telephony

Ham Radio

Quantum Computing

Censorship

Linux

Biometrics

Anonymity

Engineering

DMCA

Forensics

Net Neutrality

Right to Repair

Cyberterrorism

Biohacking

VPNs

Hackerspaces

Ransomware

Government Institutions

Privacy

SQL Injection

Exploits

Mechanics

Surveillance and Countersurveillance

Coding

Pentesting

Tiger Teaming

Trashing

Bluetooth

Cybercrime

Malware

Military

GDPR

Mesh Networks

Log4J

Blockchains

Whistleblowing

Shodan

Smartphones

Viruses

Robotics

Phreaking

Script Kiddies

Car Hacking

Hacktivism

Piracy

Stuff Not on This List

Learn more Here

Here is free training about AI and Microsoft security tools.

Tuesday, March 26, 2024 11:00 AM Pacific Time / 2:00 PM Eastern Time Stronger identity management is a key element of fortifying your organization’s defenses against security compromises. In this second session of an exclusive four-part webinar series, you can learn how AI-driven tools in Microsoft Copilot for Security and Microsoft Entra help simplify endpoint security with proactive measures. Experts will cover how to: Identify and mitigate identity risks Troubleshoot daily identity tasks Strengthen security access in the era of AI Don’t miss your chance to elevate your security defenses—register now.

Microsoft Copilot for Security Beyond Basics: Reduce Identity Risk with AI

Register now >

NIST plans to update NIST IR 7621 Rev. 1, Small Business Information Security: The Fundamentals and is issuing this Pre-Draft Call for Comments to solicit feedback. The public is invited to provide input by 12:00 p.m. ET on May 16, 2024.
Details
Since NIST IR 7621 Revision 1 was published in November of 2016, NIST has developed new frameworks for cybersecurity and risk management and released major updates to critical resources and references. This revision will focus on clarifying the publication’s audience, making the document more user-friendly, aligning with other NIST guidance, updating the narrative with current approaches to cybersecurity risk management, and updating appendices. Before revising, NIST invites the public to suggest changes that would improve the document’s effectiveness, relevance, and general use to better help the small business community understand and manage their cybersecurity risk.
NIST welcomes feedback and input on any aspect of NIST IR 7621 and additionally proposes a list of non-exhaustive questions and topics for consideration:
• How have you used or referenced NIST IR 7621?
• What specific topics in NIST IR 7621 are most useful to you?
• What challenges have you faced in applying the guidance in NIST IR 7621?
• Is the document’s current level of specificity appropriate, too detailed, or too general? If the level of specificity is not appropriate, how can it be improved?
• How can NIST improve the alignment between NIST IR 7621 and other frameworks and publications?
• What new cybersecurity capabilities, challenges, or topics should be addressed?
• What topics or sections currently in the document are out of scope, no longer relevant, or better addressed elsewhere?
• Are there other substantive suggestions that would improve the document?
• Are there additional appendices in NIST IR 7621, or resources outside NIST IR 7621, that would add value to the document?
Submit Comments
• The comment period closes at 12:00 p.m. ET on May 16, 2024.
• View the Pre-Draft Call for Comments.
• View the publication.
• Submit comments using this comment template to [email protected] with “Comments on NIST IR 7621” in the subject field.
• Email questions to [email protected].

Read More

Malicious copies of popular apps have been discovered on the Apple App Store. These apps are designed to be mistaken for legitimate apps and conduct malicious activity, such as stealing login credentials and other sensitive information. Malicious crypto wallet drainers and password vault impersonations have been reported to target unsuspecting victims and trick them into entering their credentials and crypto seed phrases, allowing threat actors to access their accounts to steal their funds and identities.   Leather warned about a malicious Leather app on the Apple App Store. They emphasized that users should refrain from inputting their secret seed phrases into the fake app and prompted victims to transfer their cryptocurrency into a new wallet to protect user assets from being drained by threat actors. They further advised users that the only legitimate Leather download is available directly from their website. As of March 12, the fake Leather app is no longer available on the Apple App Store.   Similar to Leather, Rabby Wallet does not yet offer an app through the Apple App Store. In addition to the fake versions of Rabby Wallet discovered on the platform in October and December 2023, a malicious crypto drainer app, dubbed Rabby Wallet and Crypto Solution, was uploaded to the Apple App Store in February. Apple has since removed all three cases.   The Apple App Store also approved a malicious imitation of the LastPass app. The fake app, dubbed LassPass, resembled the legitimate app’s branding, logo, and interface. The malicious copycat has since been removed, as it violated Apple’s copycat app guidelines. The persistence of malicious copycat apps and the recurring vulnerabilities in Apple’s app verification process highlight the critical need for more robust app screening procedures to prioritize user safety and security.

NIST will host a workshop on the development of a new block cipher mode of operation on June 20–21, 2024, at the National Cybersecurity Center of Excellence in Rockville, Maryland. 

Important Dates

Workshop: June 20–21, 2024

Submission deadline: May 1, 2024

Notification date: May 17, 2024

Registration deadline: June 13, 2024

NIST plans to develop a new mode of the AES that is a tweakable, variable-input-length-strong pseudorandom permutation (VIL-SPRP) with a reduction proof to the security of the underlying block cipher.

The term “accordion cipher mode” (or “accordion mode”) refers to a mode that acts as a cipher on a range of input sizes. A well-designed accordion mode could potentially provide significant advantages over most of the block cipher modes that NIST currently approves. For example, an accordion mode could provide better resistance to cut-and-paste attacks than CBC, or it could be adapted to provide authenticated encryption with associated data (AEAD) with better properties than GCM, such as resistance to nonce misuse, support for short tags, nonce hiding, and key commitment. An accordion mode could also be adapted to provide key wrapping that is more efficient than KW and KWP.

NIST intends to post preliminary ideas and plans by early April 2024. The goal of the workshop is to solicit public input on the specific requirements for the design and use of an accordion mode and the evaluation criteria in the development process. Potential topics for discussion include:

• Parameter lengths for the accordion mode: keys, tweaks, data input
• Whether the accordion mode should support an underlying block cipher with 256-bit blocks
• Formal security goals for the accordion mode
• Requirements and features for the main use cases (e.g., AEAD )
• Potential design strategies
• Performance targets
• Implementation considerations
• The development and standardization process

Attendees may submit extended abstracts or slides for a short presentation (up to 10 minutes) for any number of the sessions. Submissions must be provided electronically in PDF format and sent to [email protected] by May 1, 2024. NIST will post the accepted abstracts and presentations on the workshop website, though no formal proceedings will be published. 

Most of the workshop sessions are expected to include a panel discussion or extensive open discussion. Time will also be allotted for impromptu “lightning talks” — brief presentations of recent research results without slides. All sessions and lightning talks will be recorded.

Waivers of the registration fee are available for a limited number of students, but no waivers are available for speakers.

Updates and additional information will be posted to the workshop website and ciphermodes-forum email distribution list. Instructions for subscribing to the email forum can be found at https://csrc.nist.gov/Projects/block-cipher-techniques/email-list-ciphermodes-forum.

Inquiries: [email protected]

Learn More About This Workshop

March 22, 2024 | 2:00 PM – 3:00 PM | (GMT-05:00) Eastern Time (US & Canada)

Join us at Microsoft Discovery Hour: Differentiate with AI-Powered Intelligent Apps to discover how to drive competitive advantages using cloud computing, data, and AI. During this free event, you’ll explore ways to modernize, build, deploy, and scale applications with speed, flexibility, and enterprise-grade security using Azure services for AI, containers, and databases. Explore real-life use cases to understand ways to improve customer experiences and open new business opportunities with intelligent applications.

Who should attend:

• Chief technology, digital, experience, information, marketing, finance, and security officers
• Vice presidents, general managers, and directors of software and application development, engineering, and software architecture
• Vice presidents, general managers, and directors of product developmentDuring this event, you’ll be able to:
• Get to know the core data, AI, and app technologies used to build intelligent apps.
• Identify ways to reimagine and create a robust, modernized app strategy that builds on the architectural foundations of cloud-first applications.
• Discover opportunities to create revenue-building products and services based on Azure services.

Here’s what you can expect:

• EVENT PRESENTATION
• Welcome
• How AI is changing what software makes possible
• Real-world examples
• Reimagining app strategy in the era of AI
• Question and answer
• Closing

Click here for the Microsoft Event Code of Conduct.

Disclaimer: Microsoft Discovery Hour: Differentiate with AI-Powered Intelligent Apps is open to the public and offered at no cost. Prior to registering for this event, government employees must check with their employers to ensure that their participation is permitted and in accordance with applicable policies and laws.

Register Here

This Joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this updated Joint Cybersecurity Advisory to disseminate known IOCs and TTPs associated with the ALPHV/BlackCat ransomware as a service (RaaS) identified through FBI investigations as recently as February 2024.

This advisory provides updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released April 19, 2022, and to this advisory released December 19, 2023. ALPHV/BlackCat actors have since employed improvised communication methods by creating victim-specific emails to notify of the initial compromise. Since mid-December 2023, of the nearly 70 leaked victims, the Healthcare and Public Health sector has been the most commonly victimized. This is likely in response to the ALPHV/BlackCat administrator’s post encouraging its affiliates to target hospitals after operational action against the group and its infrastructure in early December 2023.

FBI, CISA, and HHS encourage critical infrastructure organizations to implement the recommendations in the mitigations section of this advisory to reduce the likelihood and impact of ALPHV/BlackCat ransomware and data extortion incidents.

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners are releasing this Joint Cybersecurity Advisory to warn of Russian state-sponsored cyber actors’ use of compromised Ubiquiti EdgeRouters to facilitate malicious cyber operations worldwide.

The FBI, NSA, US Cyber Command, and international partners assess the Russian General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center (GTsSS), also known as APT28, Fancy Bear, and Forest Blizzard (Strontium), have used compromised EdgeRouters globally to harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spearphishing landing pages and custom tools.

The US Department of Justice, including the FBI, and international partners recently disrupted a GRU botnet consisting of such routers. However, owners of relevant devices should take the remedial actions described in the advisory to ensure the long-term success of the disruption effort and to identify and remediate any similar compromises.