Information Technology

Mozilla is adding new privacy features to Firefox Focus on Android, announcing on Tuesday that it is introducing “Total Cookie Protection” to the platform as a way to stop cookies from tracking you across the web.

your best browser bets

Mozilla told ZDNet that the tool’s goal is to combat cross-site tracking, which allows companies to monitor what websites users visit and what products they search for. “Have you ever signed up for a contest to win a big-screen TV or a vacation to an exotic location? Or have you joined a big retailer loyalty program so you can save money? If you answered yes to either of these questions, you may be exchanging your name, home address, email address, phone number, and sometimes even your birthdate to companies who are building your profile with the information you freely provide,” Mozilla explained. “Companies use those profiles to help them make ads that are targeted at convincing you to purchase, like resurfacing an item you were shopping for. When you go online, there are similar tactics that work behind the scenes to gather information about you and your browsing behavior and track you when you go from site to site.”Mozilla first announced “Total Cookie Protection” last year and said Firefox Focus on Android will be the first Firefox mobile browser to have it. “Total Cookie Protection” is part of a larger set of privacy features that Mozilla calls Enhanced Tracking Protection (ETP).The “Total Cookie Protection” feature effectively creates separate “cookie jars” for all the websites you visit, confining the cookies a website deposits in your browser to a jar assigned specifically to that website. 
Mozilla

“This way, no other websites can reach into the cookie jars that don’t belong to them and find out what the other websites’ cookies know about you. Now, you can say good-bye to those annoying ads following you and reduce the amount of information that companies gather about you whenever you go online,” Mozilla said. The company is also giving Android users of Firefox Focus access to SmartBlock and other privacy features, which Mozilla said help “fix issues related to Total Cookie Protection and other pro-privacy measures.”The additional features are needed because some websites host content on other servers, and if the expected cookies are not sent to those servers because of Total Cookie Protection, some content will not appear. “With a simple workaround, we can allow these maps to appear, without disabling any pro-privacy measures, while still giving sites time to come up with a proper fix,” Mozilla explained. “And for users who opt into stricter tracking protection, SmartBlock also provides replacements for commonly-blocked trackers, keeping websites working. These replacements are bundled with Firefox, minimizing the risk of any tracking taking place.” More

A high-impact vulnerability allowing remote code execution to take place has impacted millions of end-user router devices. 

On Tuesday, SentinelOne published an analysis of the bug, tracked as CVE-2021-45388 and deemed critical by the research team. The vulnerability impacts the KCodes NetUSB kernel module. KCodes solutions are licensed by numerous hardware vendors to provide USB over IP functionality in products including routers, printers, and flash storage devices.  KCodes NetUSB, the subject of a SEC Consult Vulnerability Lab analysis in the past, is proprietary software used to facilitate these connections — and the software is currently “used by a large number of network device vendors,” of which the security flaws “affect millions of end-user router devices,” according to SentinelOne.Researcher Max Van Amerongen discovered the bug while examining a Netgear device. The kernel module, NetUSB, did not properly validate the size of packets fetched via remote connections, allowing a potential heap buffer overflow. According to Amerongen, although a malicious payload would be difficult to write to trigger CVE-2021-45388 due to coding restraints, an exploit could result in the remote execution of code in the kernel.  SentinelOne says that vendors including Netgear, TP-Link, DLink, and Western Digital license the software, and all of them are now aware of the security flaw. 

The researchers disclosed their findings to KCodes directly on September 9, as it made more sense to inform the source who could then distribute a patch for everyone rather than just inform Netgear based on a single product test. A proof-of-concept patch was made available on October 4 and was sent to all vendors on November 17. Firmware updates, such as those detailed in the advisory issued by Netgear, have either been issued or are underway.  At the time of writing, no exploitation has been discovered in the wild.  “While we are not going to release any exploits for it, there is a chance that one may become public in the future despite the rather significant complexity involved in developing one,” the researchers say. Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

When it comes to cyberattacks, it’s not so much matter a question of if an organization will be targeted, but when.
Image: perinjo/GETTY
Early in December 2021, the Catalan government suffered its worst distributed denial of service (DDoS) cyberattack ever. In the space of a few hours, attackers routed 350Gbps of data to the Generalitat’s information systems, representing 100 times more traffic than it would typically receive within the same timeframe. The incident was contained within three hours.

ZDNet Recommends

A couple of months prior to the DDoS attack on the Generalitat, the Autonomous University of Barcelona (UAB) was forced to revert to pen, paper and chalkboards when it was hit by a ransomware attack. The connection to the network was reset at the end of December, with most email accounts having been recovered – and a double authentication system applied – which allowed virtual classes to resume. While most systems have since been restored, others aren’t expected to be fully functional until the end of January. SEE: A winning strategy for cybersecurity (ZDNet special report)These incidents are, unfortunately, not outliers. According to the Spanish National Institute of Cybersecurity (INCIBE), Spain has seen more than 150,000 cyberattacks since the beginning of the COVID-19 pandemic. Other high-profile cases include: an attack in April last year on the Spanish government agency that manages unemployment benefits; Catalan hospital Moisés Broggi; Barcelona’s public bicycle service, Bicing; as well as a number of companies including beer company Damm. Security firm Checkpoint reveals Spanish companies are now exposed to 961 threats every week, 61% more than in 2020. Clearly, a worrying trend is emerging.A global nightmareThe latest report from the Cybersecurity Agency of Catalonia, issued in mid-December 2021, points out that “there is an escalation in the magnitude of cyberattacks, the importance of the objectives and the impact they provoke, which constitute a threat to economic and social stability” – not just in Catalonia or Spain, but throughout the world.The report estimates that cyberattacks against critical infrastructures and supplies (water, electricity, gas) during the second quarter of 2021 increased 300% globally compared to the previous quarter. It also highlights the fragility of the education sector, where cyberattacks have increased by 200%. This escalation comes as no surprise. A 2017 report from Cybersecurity Ventures predicted that there would be a ransomware attack against businesses every 11 seconds on average by 2021. The pandemic, which has fostered an ecosystem of working from home that is pretty weak by IT security standards, coupled with the fact that exploits are relatively cheap and easy to attain on the dark markets, are to blame.

Experts have warned repeatedly that cybersecurity is a key issue that companies need to make a priority for economic recovery. While companies in Spain are increasingly taking out insurances against cyber threats, payments demanded by ransomware attackers have increased to an average of €182,000, meaning insurers have bumped up their premiums by 25-40%. Small and medium enterprises (SMEs) are paying the price. Marc Alier, professor and researcher at the Polytechnical University of Catalonia (UPC), tells ZDNet there are many factors that have contributed to the rise in cyberattacks in recent years. For one, web apps, unified systems for authentication, working from home and social engineering have created the perfect recipe for phishing and consequent ransomware attacks, he says. SEE: CIO priorities: 10 challenges to tackle in 2022The malicious program that infected the Autonomous University of Barcelona (UAB) encrypted 650,000 files and folders that contained information relating to the campus going back eight years. In October 2021, Spanish media published that ransomware outfit PYSA was responsible for the attack, which demanded 60 bitcoins from the university – approximately €3 million – in exchange for its data. Only 8% of companies that pay the ransom get the totality of their files back. Dean of UAB, Javier Lafuente, quickly made it clear that the institution was not going to pay up. This is in keeping with the recommendation of the Spanish National Institute of Cybersecurity (INCIBE), which states: “never pay the ransom, as it encourages cyber criminals to continue operating in this way.”UAB speculated that phishing techniques might have been used to capture credentials from students or staff that were then exploited to gain admin status and deploy ransomware tools. Some of the institution’s IT services not only needed to be restored, but entirely reconstructed.

Nico Castellano, cybersecurity teacher and organizer of hacking and IT security conference No cON Name, says the attack on UAB should come as little surprise given its use of out-of-date software that attackers were able to exploit. Social engineering did the rest. Castellano adds that the problem with this kind of attack is that “cyber criminals stay in your system a while to detect vulnerabilities so that they know exactly what to encrypt and [hold to ransom]. Therefore, it’s difficult to know to what extent systems have been compromised.” Marc Alier, from the Polytechnical University of Barcelona, adds that “the perimeter of attack in a university is large” because students, professors and administrative personnel can all be targeted with social engineering. “If mail was hacked, what is the real scope of the UAB attack?”Cryptocurrency has become intrinsically linked with ransomware attacks because it is considered untraceable, meaning finding out who the bad guys are is tricky. Yet Marc Rocas, former president of the Catalan Blockchain Association, believes blaming cryptocurrency is “unjustified” and only reveals “ignorance in this field.” “It’s like wanting to get rid of small banknotes when ransoms were requested in these kinds of notes,” he says. Alier considers that cryptocurrencies and the Blockchain might help people become more cyber-aware. He points out that, 10 years ago, few people knew how Twitter worked. Today, it’s commonplace. “Security will work the same way,” says Alier. SEE: Log4j flaw: This new threat is going to affect cybersecurity for a long timeA little optimism is a good thing – yet organizations and employees working from home should take a diligent approach to protecting themselves. In 2022, ransomware attacks are expected to become even more complex and personalized.Oriol Torruella, director of the Cybersecurity Agency of Catalonia, says organizations should be prepared and be aware of their level of digitization. “Investment in cybersecurity should be a priority and companies and institutions need a plan to implement not only technological measures but also organizational measures and training,” he adds. There is no shortage of reasons for greater vigilance when it comes to IT security. Yet when you consider that 90% of security breaches are a result of human error – combined with a society made considerably more vulnerable by the COVID-19 pandemic – it is becoming increasingly clear why, as Torruella says, cybersecurity involves us all. More

Microsoft has confirmed that suspected China-based cyber criminals are targeting the Log4j ‘Log4Shell’ flaw in VMware’s Horizon product to install NightSky, a new ransomware strain that emerged on December 27. The financially motivated ransomware attacks target CVE-2021-44228, the original Log4Shell flaw disclosed on December 9, and mark one new threat posed by the critical vulnerability that affects internet-facing software, systems and devices where vulnerable versions of the Java-based Log4j application error-logging component are present.

more Log4j

“As early as January 4, attackers started exploiting the CVE-2021-44228 vulnerability in internet-facing systems running VMware Horizon. Our investigation shows that successful intrusions in these campaigns led to the deployment of the NightSky ransomware,” Microsoft notes in an update to its recommendations for mitigating Log4Shell. SEE: Log4j zero-day flaw: What you need to know and how to protect yourselfMicrosoft’s findings add more details to a report last week from the digital arm of the UK’s National Health Service (NHS) that attackers are targeting VMware’s Horizon server software that use vulnerable versions of Log4j. That report noted attackers installed a malicious Java file that injects a web shell into the VM Blast Secure Gateway service, but it didn’t indicate whether ransomware was deployed.   Horizon is one of a number of VMware’s software products affected by Log4j flaws. The case demonstrates the difficulties admins face in identifying systems affected by Log4j. VMware has detailed which versions of Horizon components are or are not vulnerable, and the different remediation steps for each if they are vulnerable. Its advisory indicates that at least one version of each Horizon on-premise component is vulnerable. Vulnerable on-premise components include Connection Server and HTML Access, the Horizon Windows Agent, Linux Agent, Linux Agent Direct Connect, Cloud Connector, and vRealize Operations for Desktop Agent. VMware has released updated versions or provided scripted mitigation workarounds.   

Microsoft says the attacks are being performed by a China-based ransomware operator it’s tracking as DEV-0401, which has previously deployed LockFile, AtomSilo, and Rook. The group has also exploited internet-facing systems running Confluence (CVE-2021-26084) and on-premises Exchange servers (CVE-2021-34473), according to Microsoft.  According to BleepingComputer, malware researchers at MalwareHunterTeam identified NightSky as a new ransomware group on December 27.   However, Czech-based malware analyst Jiří Vinopal, who published an analysis of NightSky on GitHub today, argues NightSky is just a new version of Rook ransomware with a few key design and encryption changes, including that NightSky is delivered as a VMProtect file. BleepingComputer notes that NightSky is using “double extortion”, where the attacker not only encrypts a target’s data but steals it and threatens to leak it if a ransom is not paid. One victim received an $800,000 ransom demand for a NightSky decryptor.SEE: Log4j flaw could be a problem for industrial networks ‘for years to come’As ZDNet reported yesterday, the US Cybersecurity and Infrastructure Security Agency (CISA) on Monday said it had not seen Log4Shell exploitation result in significant intrusions beyond the attack on the Belgian Defense Ministry. However, it also warned the lack of significant intrusions was no reason to reduce the urgency of remediation. Attackers who have already exploited targets can lay low for months afterwards, waiting for defenders to drop their guard before moving on their new access. And big penalties might await firms that don’t apply available patches if vulnerable systems expose consumer data. The FTC last week warned it would come after private sector firms that failed to protect consumer data exposed as a result of Log4j. CISA’s assessment that the Log4j threat is far from over chimes with Microsoft’s assessment, which stresses that Log4j is a “high-risk situation” in part because many organizations can’t easily tell what products and services are affected by Log4j. Microsoft said the Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe: “The vulnerabilities affect not only applications that use vulnerable libraries, but also any services that use these applications, so customers may not readily know how widespread the issue is in their environment.” Microsoft also said customers should use scripts and scanning tools to assess their risk and impact, but warns that it has seen attackers using many of the same inventory techniques to locate targets: “Sophisticated adversaries (like nation-state actors) and commodity attackers alike have been observed taking advantage of these vulnerabilities. There is high potential for the expanded use of the vulnerabilities.” More

Organisations today lack a proper framework that will help them respond quickly when they experience a cybersecurity incident. Governments can help by establishing clear guidelines and protocols, but overly restrictive requirements may discourage companies from disclosing they suffered a breach. As it is, companies are on edge that they may face litigation from customers when a security incident occurs. More were moving to keep things under wrap over concerns about class action lawsuits or any other potential legal action, said Forrester’s senior analyst Jess Burn, who specialises in incident response and crisis management as well as security training.

Insurance and attorney-client privilege often got in the way of full transparency from these companies, particularly in North America where the society was perceived to be highly litigious, Burn said in a video interview with ZDNet. Organisations would disclose what was required by regulators and park everything else under a dedicated contract that ensured investigations, following a breach, were kept under attorney-client privilege, she said. This meant that any party involved in the investigation could be prevented from disclosing confidential communications between the breached organisation and its lawyers.   Burn observed that lawyers increasingly were involved in any communication that companies released with regards to a breach. Reports and documentations on the breach assessment, which organisations might be required to carry out and pay for when they suffered an incident, also would be heavily controlled.

The complexity of determining and understanding the extent of a breach also further compounded the issue. She explained that some cyber insurance providers would not cover state-sponsored attacks, but defined such breaches so broadly that it would take some effort before attacks were officially attributed. This could drive some organisations to stay silent until they were able to fully ascertain their position before reporting the breach, she said. Firms should already know who to call Legal issues aside, organisations foremost should have a plan in place to help them navigate quickly when there is a cybersecurity incident. This still is lacking in most companies today. Too many still were parking the bulk of their money on protection, rather than defining how they needed to respond in the event of a security incident, said Richard J. Watson, Asia-Pacific cybersecurity consulting leader at EY Global. The top priority for companies should be to ensure they had a framework on how they should respond to a breach, he said in an interview with ZDNet. This would was critical in building up cyber resilience and ensure network availability, especially as employees worked from home and remotely, he said. Companies simply were not prepared and would attempt to work out how they should respond in the midst of a security incident, said CrowdStrike’s Asia-Pacific Japan services director Mark Goudie. “It’s like a doctor flipping through a manual book while operating on a patient,” Goudie said in an interview. “They’re haven’t trained and aren’t ready.” Burn concurred, adding that many organisations waited until they were breached to call in the investigators. “The best practice is to have a retainer in place and have some onboarding before a breach happens,” she said. “Bring in a company that can assess your readiness and incident response plan, and run through a tabletop exercise to get your team and executives ready.” “The mistake is to wait and call a hotline of some well-known incident response provider for help [after a breach occurs]. It’s too late. You would waste three to five days [which] they [need to] understand your company workflow and systems. You need to establish a relationship with them and an outside attorney, and have them help you rehearse your entire incident response plan,” she noted. Goudie added that having a retainer ensured organisations had access to help when a major vulnerability, such as the recent Log4j, was uncovered. Incident response services providers, for instance, would be inundated with service calls and were likely to prioritise existing customers over new ones that had yet to sign a retainer. In addition, an incident response plan would better enable organisations to identify a threat more quickly, have visibility of the threat, and respond quickly. The goal here was to prevent the security incident from escalating into a data breach, he said. adding that there often was a window during which this could be stopped. Watson noted that while it was easy to detect when there were suspicious activities within the network, it was tougher to determine the severity of a potential breach. He, too, suggested organisations worked with an incident response vendor to help them navigate breaches, during which two courses of action needed to happen. Companies first had to work out whether there was any data exfiltration or privacy violation and, hence, decide if the relevant authorities must be notified of the security incident. Affected organisations then had to figure out the type of breach that occurred and potentially prepare for data preservation, he said. This could impact the speed of response since it was essential that evidence and diagnostics data be preserved.

Companies that failed to properly prepare or have a well-defined process in place likely would end up rebuilding their systems, as this was the fastest way to get their operations up and running. In the process of doing so, however, they could end up removing all evidence. This meant that they would not be able to identify and understand the cause the breach, so the vulnerability could be plugged to prevent a recurrence, Watson said. Companies that did not make efforts to preserve evidence in an attack also might limit their ability to file an insurance claim, he added.   He said EY espoused a seven-step approach in the event of a security incident, which encompassed mobilising the planned response, acquiring evidence, investigating, threat hunting, containment, mitigation, and recovery. He reiterated the need for a more balanced division of investment in security protection as well as response and recovery. Goudie also underscored the importance of establishing response plans and playbooks for different threats, whether these were ransomware or nation-state attacks. These should guide the operations team on what they needed to do so they could react quickly, he said. Regulations to drive information sharing Noting that most regulations currently were focused on data breach and ensuring there was adequate disclosure, Watson also called for more reporting on other types of incidents such as ransomware and indicators of compromise. Pushing organisations to share information on attack activities they identified and blocked in their network could benefit the industry, particularly if other organisations had failed to stop similar attack tactics, he said. He suggested governments led efforts to establish common standards or platforms for information sharing on indicators of compromise, so organisations within critical sectors such as finance, utility, and manufacturing could leverage such networks of knowledge. Having standardised protocols also would automate such processes and ease the submission and sharing of data, he said. Watson further mooted the need for regulations to go beyond protection and include incident response, such as a minimum set of requirements mandating how companies must respond in the event of a breach. “There’s implicit trust right now that companies are carrying out adequate investigation, since the onus is on them to report to the authorities, but we know that companies generally don’t have sufficient response in place,” he said. “You can’t know what you don’t know. And yet, regulations now rest on the fact that companies are doing a good job sizing the breach and responding.” Such assumptions reflected an inherent flaw in the system, he said, stressing the need for organisations to have the appropriate incident response framework and resources in place. Goudie, though, noted that mandates and punishments could result in further penalising organisations that already were victims of a breach. Regulations that were overly restrictive also could see companies spending more time responding to mandates than on responding to the security incident itself, he said. He, too, pitched the need for metrics to drive information sharing so the industry could better understand and learn how threat actors gained access to breached networks. Such data could be distributed to the relevant authorities and shared amongst companies in the affected vertical. He noted that threat actors typically used the same tactics and procedures to carry out attacks, including those targeting certain industry sectors. “If we can understand their playbook and inform the vertical about how a victim [in that vertical] was compromised, this helps the whole industry become more resilient for the next attack,” he said. Burn noted that any unwillingness to provide information and the lack of transparency were detrimental to the security industry, during a time when there should be more data sharing to better combat attacks. With the general public now used to seeing news about security incidents amidst the rise in breaches, she said consumers were more forgiving when companies suffered a cyber attack. However, they would be less inclined to do so if businesses were found to be less forthright about a breach and made efforts to hide the truth from customers, the Forrester analyst said.   She pointed to Norwegian manufacturing company Norsk Hydro, which won much praise for its openness and transparency after suffering a ransomware attack in 2019. It shared details about the incident and how it worked to recover from it, after refusing to pay the ransom. “I think we need to find a way [to address] concerns about lawsuits and fight attacks with transparency,” Burn said. She added that while companies should be penalised if their negligence was found to be the cause of a breach, organisations should be given some latitude to not be penalised for telling the truth.  RELATED COVERAGE More

Panasonic has informed investors that it will introduce optional four-day work weeks to help employees achieve better work-life balance.During the company’s sustainability management briefing, president and group CEO Yuki Kusumi told investors that introducing a four-day work week will mean the company can “flexibly accommodate diverse situations of our employees”.”We must support the wellbeing of each employee at Panasonic to enhance our competitiveness … Panasonic has approximately 240,000 employees globally with diverse personalities and capabilities. Our responsibility is to strike an ideal balance between the work style and lifestyle for our diverse human capital,” she said. Kusumi also said Panasonic will introduce a work-from-home system that will enable it to retain employees whose partners may have been transferred to another location.She added Panasonic will revise its appraisal system, and promotion and screening system, which the company believes will better support challenges faced by individuals in both their work and home life. Separately, the Japanese conglomerate has provided an update on its investigation into the data breach the company experienced in November. It detailed that candidate applicant and internship related information, business partner contact details, and other business-related information provided by business partners and information generated internally by the company were accessed unlawfully during the breach. Individuals impacted are being informed, Panasonic said.

“Panasonic Corporation has been investigating the cause and impact of the unauthorized access in cooperation with an external security advisor. As a result, it was confirmed that a third-party illegally accessed the file server in Japan via the server of an overseas subsidiary,” the company stated. “There was no evidence of unauthorised access to business systems other than the file server in question. Although to date the investigation has not found any evidence that any illegally accessed files have been leaked, the company has been taking measures based on the potential for such leakage.”Panasonic also noted that no files related to or containing personal information about individual customers were found to be hosted on the server, and that following the discovery of the cyberattack, it “immediately implemented additional security countermeasures, including strengthening access controls from overseas locations, resetting relevant passwords, and strengthening server access monitoring”.”Panasonic Corporation will continue to improve its information security measures and adopt measures to prevent recurrence,” the company said.  “Based on the results of the investigation and advice from external advisors, the company will enhance the monitoring, control, and security of its networks, servers, and PCs throughout its global operations.”Related CoverageFujitsu to redesign Singapore office to support flexible workingThe company’s 500 Singapore-based employees will also have the option to work remotely 90% of the time.90% of millennials and Gen-Z do not want to return to full-time office work post-pandemicA Citrix study found that corporations expect people born after 1981 to deliver an extra $1.9 trillion in profits.Work less but produce more? In Japan, Microsoft is trying to solve that puzzleMicrosoft’s four-day working week trial in Japan has produced significant productivity growth among employees. More

Cybersecurity firm Check Point Research has released new data from 2021 showing that among their customers, there was a significant increase in overall cyberattacks per week on corporate networks compared to 2020.Researchers attributed some of the increases, which were concentrated toward the end of the year, to the Log4J vulnerability discovered in December. Check Point said in a report that 2021 was a record-breaking year for cyberattacks and the Log4J vulnerability only made things worse.

more Log4j

“Last year, we saw a staggering 50% more cyber attacks per week on corporate networks compared to 2020 – that’s a significant increase. We saw cyber attack numbers peak towards the end of the year, largely due to the Log4J vulnerability exploit attempts,” said Omer Dembinsky, data research manager at Check Point Software.  “New penetration techniques and evasion methods have made it much easier for hackers to execute malicious intentions. What’s most alarming is that we’re seeing some pivotal societal industries surge into the most attacked list. Education, government and healthcare industries made it into the top 5 most attacked industries list, worldwide.” 
Check Point Research
Check Point found that for 2021, overall attacks per week on corporate networks grew 50% compared to 2020 and in Q4, they saw an all-time high in weekly cyberattacks per organization of 925. Check Point’s customers in the education and research space dealt with an average of 1,605 attacks per organization every week, the highest volume of attacks they saw. This represented a 75% increase compared to 2020. The government, defense, military and communications industries were not far behind, averaging around 1,100 attacks weekly per organization.When they broke their internal data down by region, they found organizations on the African continent saw the highest volume of attacks in 2021 with an average of 1,582 weekly attacks per organization. Organizations in the APAC region saw an average of 1,353 weekly attacks per organization while Latin America dealt with 1,118 attacks weekly and Europe saw 670 attacks weekly. North America was last with a weekly average of 503. 
Check Point Research

Check Point bases its numbers off of their internal ThreatCloud tool that pulls data from hundreds of millions of sensors worldwide. Dembinsky said he expected the numbers to increase for 2022 as hackers “continue to innovate and find new methods to execute cyberattacks, especially ransomware.” “We’re in a cyber pandemic, if you will. I strongly urge the public, especially those in the education, government and healthcare sectors, to learn the basics on how to protect themselves,” Dembinsky said. “Simple measures such as patching, segmenting your networks and educating employees can go a long way in making the world safer.”  More

On Monday, Signal’s founder and CEO, Moxie Marlinspike, announced that he’s stepping down from his role after almost a decade of working with the company. Marlinspike detailed in a blog post that he would remain on Signal’s board to continue to “help manifest Signal’s mission.” He added that Signal’s executive chairman and WhatsApp co-founder, Brian Acton, would be stepping in as Signal’s interim CEO while looking for a permanent replacement. “I now feel very comfortable replacing myself as CEO based on the team we have, and also believe that it is an important step for expanding on Signal’s success,” he wrote. “I’ve been talking with candidates over the last few months, but want to open up the search with this announcement in order to help find the best person for the next decade of Signal. Please get in touch if that might be you!” Marlinspike added that the company has grown faster than he could have imagined, and that “exciting work” is coming soon to the app. “People increasingly find value and peace of mind in Signal (technology built for them instead of for their data), and are increasingly willing to sustain it,” Marlinspike said. “Every day, I’m struck by how boundless Signal’s potential looks, and I want to bring in someone with fresh energy and commitment to make the most of that.” The encrypted messaging developer has grown exponentially since it was founded as a nonprofit in 2014. Signal has managed to stand out from competitors like WhatsApp by not supporting advertising within the app and keeping the app free to use for everyone. In addition, the company recently launched an in-app sustainer program last month to rely on donations from users to keep its technology afloat. Signal also announced last April that it would test cryptocurrency payments in collaboration with MobileCoin to bring fast peer-to-peer payments to mobile without a bank’s involvement. However, there hasn’t been an update on if crypto payments would become a mainstay on the messaging app.   More