Information Technology

Australia’s Therapeutic Goods Administration (TGA) is getting a digital makeover, after the federal government announced on Friday it would invest AU$12 million over four years to make it happen.
As part of the revamp, TGA’s business systems and infrastructure will be digitised and cybersecurity measures will be bolstered.
Specifically, it will enable medical companies to use automatic data transfer to deliver drug reaction reports on patient safety from their own internal databases into the TGA Adverse Events Management System (AEMS) database, saving up to 15 minutes per report. This will be a change to the current process that requires reports that are submitted in PDF format, as well as other formats, to be manually entered into the database. 
See also: ADHA details My Health Record breach attempt
Minister for Health Greg Hunt touted the revamp would help cut red tape for more than 4,000 businesses that apply to register medicines and medical devices annually, saying it would result in earlier approvals of medical products.
“The TGA receives around 26,000 applications every year for medicines and medical devices to be listed or amended on the Australian Register of Therapeutic Goods (ARTG), which allows them to be imported, sold, and used in Australia,” he said.
“The digital changes will enable simpler and more secure interactions between government and industry to apply for, track, pay, and manage listings for regulated and subsidised health-related products and services.”
The program is being delivered as part of the federal government’s deregulation agenda, which has been designed to reduce the cost of doing business with government and performing regulatory compliance through targeted technology investment.
The agenda received just over AU$156 million when the Australian government handed down its 2019-20 Mid-Year Economic and Fiscal Outlook at the end of last year.
Earlier this week, the Morrison government announced as part of its AU$800 million Digital Business Package that cutting regulatory red tape will be one of its priorities. He added that the government has plans to dedicate AU$7 million in two blockchain pilots that aim to reduce business regulatory compliance costs and nearly AU$11.5 million for regtech commercialisation.
But red tape reduction is not only happening at the federal level. On Thursday, the New South Wales government launched its open-source rules-as-code platform to help industry and other government bodies digitise regulation for easier compliance.
The state government said through the platform, industry and other government bodies would be able to incorporate digital rules directly into their own IT systems and see any future rule changes be automatically applied.
The platform has launched with the digital version of the Community Gaming Regulation 2020, which identifies the conditions for running community games by charities, not-for-profits, and businesses.
Related Coverage
Australian government fronts up $19 million for digital health tech development
Elsewhere, RMIT Online and the Digital Health Cooperative Research Centre have announced a suite of digital health short courses.
Australian Medical Association calls for telehealth permanency
The measures put in place amid COVID-19 are ‘strongly’ supported by the AMA to become a lasting feature of Australia’s health system.
Electronic prescriptions in Australia to be available at end of May
The fast-tracked rollout is one of the measures announced by the federal government amid the COVID-19 outbreak.
AU$7.5m stumped up by Australian government for research into healthcare AI
The funding will dispersed via grants through the federal government’s Medical Research Future Fund.
Nearly 23 million Aussies have a My Health Record, but only 13 million are using it
The online medical file has around 1.8 billion documents in it. More

Image via Alex Haney
Facebook has filed a lawsuit today against two companies for creating and distributing malicious browser extensions that scraped user data without authorization from the Facebook and Instagram websites.
Named in the lawsuit are BrandTotal Ltd., an Israeli-based company with a Delaware subsidiary, and Unimania Inc., incorporated in Delaware.
The two companies are behind UpVoice and Ads Feed, two Chrome extensions available on the official Chrome Web Store since September and November 2019, where they racked up more than 5,000 and 10,000 installs, respectively.
“BrandTotal enticed users to install the UpVoice extension from the Google Chrome Store by offering payments in exchange for installs, in the form of online gift cards, and claiming that the users who installed the extension became ‘panelists . . . [who] impact the marketing decisions and brand strategies of multi-billion dollars (sic) corporations’,” Facebook said in court documents filed today.

UpVoice website
“Similarly, Unimania promoted its Ads Feed extension on the Google Chrome Store by claiming that the users became ‘a panel member of an elite community group that impacts the advertising decisions of multi-billion dollar corporations!’,” Facebook added.
But Facebook claims that despite their descriptions, both extensions were malicious and designed to scrape public and non-public data from users’ online accounts.
According to court documents, Facebook claims the UpVoice extension scraped data from user profiles at Facebook, Instagram, Amazon, Twitter, LinkedIn, Pinterest, and YouTube.
Similarly, Ads Feed collected data from users accessing their Facebook, Instagram, Amazon, Twitter, and YouTube profiles, respectively.
Scraped data usually included user profile information (name, user ID, gender, date of birth, relationship status, and location information), advertisements and advertising metrics (name of the advertiser, image and text of the advertisement, and user interaction and reaction metrics), and user Ad Preferences (user advertisement interest information) — none of which the company was authorized to possess.
The Menlo Park-based social media giant claims that data illegally acquired through the two extensions has been re-packaged and sold as “marketing intelligence” via BrandTotal’s website.
Facebook claims the two companies are the same
Facebook says both extensions used almost identical code to scrape data from users and sent the data back to the same remote servers. In fact, Facebook believes the two companies are the same.
“Defendants shared common employees and agents,” Facebook explained in its complaint.
“For example, BrandTotal’s Chief Product Officer and General Manager (Ex. 5), created Facebook accounts in the name of Unimania and the Ads Feed extension. BrandTotal’s Chief Technology Officer and co-founder (Ex. 5) also administered Unimania accounts on Facebook.”
Facebook is now seeking to put a stop to this schem. The social network has asked a judge to issue a permanent injunction against both companies to prevent them from accessing the Facebook and Instagram websites, block them from developing further extensions, and has asked for compensatory damages based on the two companies’ previous profits.
Both extensions are still available for download
Yet, in spite of the extensive data scraping behavior detected by Facebook, even against Google-owned services, the two extensions are still available on the Chrome Web Store.
Facebook said it tried numerous times to have them taken down, but Google has not responded to its requests.
Unimania, before developing the Ads Feed extension, was previously involved in another scandal in 2018 when AdGuard found four of the company’s Chrome extensions scraping Facebook user data.
Since early 2019, Facebook’s legal department has been filing lawsuits against several third-parties that have been abusing its platform. Previous lawsuits include: 
March 2019 – Facebook sues two Ukrainian browser extension makers (Gleb Sluchevsky and Andrey Gorbachov) for allegedly scraping user data.August 2019 – Facebook sues LionMobi and JediMobi, two Android app developers on allegations of advertising click fraud.October 2019 – Facebook sues Israeli surveillance vendor NSO Group for developing and selling a WhatsApp zero-day that was used in May 2019 to attack attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials.December 2019 – Facebook sued ILikeAd and two Chinese nationals for using Facebook ads to trick users into downloading malware. February 2020 – Facebook sued OneAudience, an SDK maker that secretly collected data on Facebook users.March 2020 – Facebook sued Namecheap, one of the biggest domain name registrars on the internet, to unmask hackers who registered malicious domains through its service.April 2020 – Facebook sued LeadCloak for providing software to cloak deceptive ads related to COVID-19, pharmaceuticals, diet pills, and more.June 2020 –  Facebook sued to unmask and take over 12 domains containing Facebook brands and used to scam Facebook users.June 2020 – Facebook sued MGP25 Cyberint Services, a company that operated an online website that sold Instagram likes and comments.June 2020 – Facebook sued the owner of Massroot8.com, a website that stole Facebook users’ passwords.August 2020 – Facebook sued MobiBurn, the maker of an advertising SDK accused of scraping user data.August 2020 – Facebook sues the owner of Nakrutka, a website that sold Instagram likes, comments, and followers. More

The US Treasury Department has published guidelines today to be used in special circumstances where a ransomware payment may break US sanctions.
The guidelines apply to situations where an individual or company has had its data encrypted by a ransomware gang that is either sanctioned or has affiliations with a cybercrime group sanctioned by the US Treasury in years past.
The Treasury says that making a ransomware payment in this type of situation may violate Treasury sanctions and incur a legal investigation against the entities involved, which could be:
The victim;
The financial institutions which processed the ransom payment; and
Intermediaries such as cyber-insurance firms and companies involved in digital forensics and incident response.
US officials say that in these situations, victims should contact the Treasury’s Office of Foreign Assets Control (OFAC) before deciding on making the payment.
“OFAC encourages victims and those involved with addressing ransomware attacks to contact OFAC immediately if they believe a request for a ransomware payment may involve a sanctions nexus,” the agency said today.
Companies who contact law enforcement agencies when they get infected will also be looked favorably upon “in determining an appropriate enforcement outcome if the situation is later determined to have a sanctions nexus.”
According to the OFAC’s advisory, the following individuals/groups have been sanctioned, and ransomware payments to these groups, directly or to a nexus, are considered to be a sanctions violation:
The Treasury published this guideline today because of the aftermath of the ransomware attack on wearables maker Garmin. The attack was carried out with a ransomware strain named WastedLocker, believed to be the successor of the BitPaymer ransomware, and connected to the EvilCorp group.
Garmin is said to have paid the ransom demand.
ZDNet, along with reporters from the Wall Street Journal and other news outlets, reached out to the Treasury following the incident to inquire if Garmin had broken US sanctions by making a payment to an EvilCorp nexus.
Sources next to the Treasury, but not in the department, told ZDNet that the Treasury was aware that by fully blocking ransom payments might lead to situations where some companies might not be able to recover their data and would be forced to shut down or suffer considerable losses.
The Treasury declined to comment at the time but has released today an advisory detailing its stance on the matter.
But today’s document also doesn’t mean that victims and cyber-security firms have a clear path to break sanctions by notifying OFAC of a payment in advance.
The Treasury specifically said today that “license applications involving ransomware payments demanded as a result of malicious cyber-enabled activities will be reviewed by OFAC on a case-by-case basis with a presumption of denial.” [Emphasis ours]
Those who do not abide by the new guidelines risk huge fines. More

Image: Kon Karampelas

At the Virus Bulletin 2020 security conference today, members of the Facebook security team have disclosed more details about one of the most sophisticated malware operations that has ever targeted Facebook users.
Known internally at Facebook as SilentFade, this malware gang was active between late 2018 and February 2019, when Facebook’s security team detected their presence and intervened to stop their attacks.
SilentFade utilized a combination of a Windows trojan, browser injections, clever scripting, and a bug in the Facebook platform, showing a sophisticated modus operandi rarely seen with malware gangs targeting Facebook’s platform.
The purpose of SilentFade’s operations was to infect users with the trojan, hijack the users’ browsers, and steal passwords and browser cookies so they could access Facebook accounts.
Once they had access, the group searched for accounts that had any type of payment method attached to their profile. For these accounts, SilentFade bought Facebook ads with the victim’s funds.

Image: Krave and Urgilez VB talk
Despite operating only for a few months, Facebook said the group managed to defraud infected users of more than $4 million, which they used to post malicious Facebook ads across the social network.
The ads, which usually appeared in the geographical location of the infected user, to limit their exposure, used a similar template.
They used URL shorteners and images of celebrities to lure users on sites selling shady products, such as weight loss products, keto pills, and more.

Image: Krave and Urgilez VB talk
Facebook discovered SilentFade’s operations in February 2019, following reports from users of suspicious activities and illegal transactions originating from their accounts.
During the subsequent investigation, Facebook said it found the group’s malware, previous malware strains, and campaigns dating back to 2016, and even tracked down the gang’s operations to a Chinese company and two developers, which the company sued in December 2019.
SilentFade’s beginnings
According to Facebook, the SilentFade gang began operating in 2016, when it first developed a malware strain named SuperCPA, primarily focused on Chinese users.
“Not a lot is known about this malware as it isprimarily driven by downloaded configuration files, but we believe it was used for click fraud – thus CPA in this case refers to Cost Per Action – through a victim install-base in China,” Facebook’s Sanchit Karve and Jennifer Urgilez wrote in their SilentFade report.
But Facebook says the group abandoned the SuperCPA malware in 2017 when they developed the first iteration of the SilentFade malware. This early version infected browsers to steal credentials for Facebook and Twitter accounts, with a focus on verified and high-follower profiles.
But development on SilentFade picked up in 2018 when its most dangerous version and the one used in the 2018 and 2019 attacks came to be.
How SilentFade spread online
Karve and Urgilez say the gang spread the modern version of SilentFade by bundling it with legitimate software they offered for download online. Facebook said it found ads by the two SilentFade developers posted on hacking forums where they were willing to buy web traffic from hacked sites or other sources, and have this traffic redirected towards the pages hosting the SilentFade-infected software bundles.

Image: Krave and Urgilez VB talk
Once users got infected, SilentFade’s trojan would take control over a victim’s Windows computer, but rather than abuse the system for more intrusive operations, it only replaced legitimate DLL files inside browser installations with malicious versions of the same DLL that allowed the SilentFade gang to control the browser.
Targeted browsers included Chrome, Firefox, Internet Explorer, Opera, Edge, Orbitum, Amigo, Touch, Kometa, and the Yandex Browser.
The malicious DLLs stole credentials stored in the browser, but, more importantly, browser session cookies.
SilentFade then used the Facebook session cookie to gain access to the victim’s Facebook account without needing to provide neither credentials nor a 2FA token, passing as a legitimate and already-authenticated account holder.
The Facebook platform bug
Here is where SilentFade showed its true sophistication.
Facebook said the malware used clever scripting to disable many of the social network’s security features, and even discovered and used a bug  in its platform to prevent users from re-enabling the disabled features.
Karve and Urgilez said that in order to prevent users from finding out that someone might have accessed their account or was posting ads on their behalf, the SilentFade gang used its control over the browser to access the user’s Facebook settings section and disable:
Site notifications
Chat notification sounds
SMS notifications
Email notifications of any kind
Page-related notifications.
But SilentFade didn’t stop here. Knowing that Facebook’s security systems might detect suspicious activity and logins and notify the user via a private message, the SilentFade gang also blocked the Facebook for Business and Facebook Login Alerts accounts that sent these private messages in the first place.

Image: Krave and Urgilez VB talk
The SilentFade group then searched for a bug in the Facebook platform and abused it every time the user tried to unblock the accounts, triggering an error and preventing the users from remove the two account bans.

Image: Krave and Urgilez VB talk
“This was the first time we observed malware actively changing notification settings, blocking pages, and exploiting a bug in the blocking subsystem to maintain persistence in a compromised account,” Facebook said.
“The exploitation of this notification-related bug, however, became a silver lining that helped us to detect compromised accounts, measure the scale of SilentFade infections, and map abuse originating from user accounts to the malware responsible for the initial account compromise.”
Facebook refunded all users
Facebook said it patched the platform bug, reverted the malware’s notification-blocking actions, and refunded all users whose accounts were abused to buy malicious Facebook ads.
The company also didn’t stop here, and throughout 2019 tracked down the malware and its creators all across the web. Clues were found in a GitHub account that apparently was hosting many of the libraries used to build the SilentFade malware.
Facebook tracked down this account and the SilentFade malware to ILikeAd Media International Company Ltd., a Hong Kong-based software company founded in 2016, and Chen Xiao Cong and Huang Tao, the two men behind it. Facebook sued the company and the two devs in December 2019 in a legal case that is still ongoing.
Facebook also said SilentFade was part of a larger trend and a new generation of cybercrime actors that appear to reside in China and have persistently targeted its platform and its juicy 2-billion userbase.
This also includes the likes of Scranos, FacebookRobot, and StressPaint.

Image: Krave and Urgilez VB talk More

UK security experts found a flaw of “national significance” while analysing technology from Chinese networking company Huawei, according to a government report.
Huawei’s software engineering and cybersecurity practices have been criticised in the annual report (PDF) from the Huawei Cyber Security Evaluation Centre (HCSEC), which was set up by the UK government and the networking giant to evaluate equipment which is to be used in UK networks. 
The centre was opened in 2010, with the aim of reducing any potential risk from using Huawei’s technologies as part of the UK’s critical national infrastructure. As such, the HCSEC annual report provides detailed analysis of the company’s software, engineering and cybersecurity processes.
“HCSEC’s work has continued to identify concerning issues in Huawei’s approach to software development bringing significantly increased risk to UK operators, which requires ongoing management and mitigation,” the report said, adding that limited progress has been made on the issues raised in the previous report.
Overall, the board that oversees the centre said it could only provide “limited” assurance that all risks to UK national security from Huawei’s involvement in the UK’s critical networks can be sufficiently mitigated long-term.
“The increasing number and severity of vulnerabilities discovered, along with architectural and build issues, by the relatively small team in HCSEC is a particular concern. If an attacker has knowledge of these vulnerabilities and sufficient access to exploit them, they may be able to affect the operation of a UK network, in some cases causing it to cease operating correctly,” it warned.
The report said a flaw of “national significance” had been discovered during HCSEC’s work this year. 
When a flaw is identified, HCSEC usually reports it to the NCSC, the telecoms company, and to Huawei to fix it. 
But the report noted: “In rare circumstances, where the impact of the vulnerability is of national significance, the release of full details of the vulnerability to Huawei may be delayed to allow the UK community to assess and mitigate the impact. This occurred during 2019.” According to the BBC this flaw was related to broadband – but officials do not believe anyone exploited it.
The report said that its finding referred to basic engineering competence and cybersecurity hygiene – not flaws deliberately introduced. “NCSC does not believe that the defects identified are a result of Chinese state interference,” the report said.
But it also said that major quality problems were still being found in the products analysed by HCSEC.
“Sustained evidence of poor coding practices was found, including evidence that Huawei continues to fail to follow its own internal secure coding guidelines. This is despite some minor improvements over previous years,” the report said.
HCSEC said that in 2019, it identified “critical, user-facing vulnerabilities” in fixed access products. It said these were caused by “particularly poor code quality” and the use of an old operating system.
“The vulnerabilities were a serious example of the issues that are more likely to occur given the deficiencies in Huawei’s engineering practices, and during 2019 UK operators needed to take extraordinary action to mitigate the risk,” the report said.
While Huawei has since fixed the specific vulnerabilities in the UK, this has introduced an additional major issue into the product, adding further evidence that deficiencies in Huawei’s engineering processes remain, the report added.
Huawei said that it continues “significant” investment to improve its products. “The report acknowledges that while our software transformation process is in its infancy, we have made some progress in improving our software engineering capabilities,” the company said, adding that all vendors should be evaluated against an equally robust benchmark, “to improve security standards for everyone”.
The report only covers 2019. However, this year Huawei’s position as a key provider of network technology in the UK has started to change significantly. In July, the government told telecoms operators to halt the purchase of 5G equipment from the Chinese company from 2021, a move largely driven by national security concerns. Telecoms companies are also required to remove all of Huawei’s technology from their 5G networks over the next seven years. More

Image: Cloudflare

After attacks against API servers have constantly risen over the past few years, Cloudflare has launched today a new security tool to secure these systems against automated exploitation attempts.
Named the Cloudflare API Shield, this new service will be available for free for all Cloudflare account holders, regardless of pricing plan.
APIs, or Application Programming Interfaces, are exactly what their name says they are — interfaces between different applications. The work by receiving instructions or queries from a “client” and performing a pre-defined action.
APIs are used in a wide variety of ways. They can be embedded inside self-standing apps and allow components to talk to each other, or they can be web-based systems that allow remote “clients” (apps, devices, servers, users) to connect to the API server and relay queries or commands and receive data.
These web-based systems are particularly exposed to attacks, as they always sit online, open to queries from anyone.
According to industry reports, attacks on web-based API endpoints have grown in number and volume in recent years, and are expected to rise as more companies move to the cloud, where APIs are the glue that holds most companies’ infrastructure together.
The Cloudflare API Shield was built for these systems —the web-based APIs— that are exposed online all the time and susceptible to attacks such as automated login attempts, command injections, user data enumeration, and more.
Cloudflare’s new API Shield works by using a “deny-all” security policy, which the company calls “positive security.”
Once configured for an API server, the API Shield will deny all incoming connections if they don’t provide a cryptographic certificate and key that the API owner has generated in the API Shield dashboard and installed on all approved client devices, may them be mobile apps, IoT devices, web servers, or others.
Working with encryption and certificates sounds complicated, but Cloudflare says this is why it created API Shield in the first place, as a place to automate all these operations as part of a web dashboard.
“We’ll initially support [API] JSON traffic and, based on customer feedback, we will consider extending schema protection to binary protocols, such as gRPC,” Cloudflare said in a press release today.
“Once we are sure that requests reaching customer’s origin comply with the designed schema, we will start including additional security functionalities.”
Planned features include rate limiting, DDoS protection, web application rules specifically designed for APIs, and API analytics. More

Imperva has announced the acquisition of database security startup jSonar for an undisclosed amount. 

The deal was made public on Thursday. Imperva said the acquisition “will pioneer a bold new approach to securing data through all paths, including on-premises, cloud, multi-cloud and Database-as-a-Service (DBaaS).” 
Financial details were not disclosed. 
Founded in 2013, jSonar is a database security specialist based in Waltham, MA, and Vancouver, B.C. Led by co-founders Ron Bennatan and Ury Segal, the company offers an all-in-one platform for enterprise database security and compliance. 
As the enterprise moves away from traditional, in-house setups and adopts various modern data architectures and cloud environments, securing data has become a complex and often time-consuming prospect for IT professionals. 
CNET: SIM swap fraud: How to prevent your phone number from being stolen
Imperva will combine the firm’s Data Security offering — software for database discovery, sensitive data classification, vulnerability detection, and security controls — with the technologies developed by jSonar to simplify the whole process.
jSonar’s analytics and Security Orchestration, Automation and Response (SOAR) platform will also be integrated into Imperva solutions. Overall, jSonar’s portfolio is touted as a way to bolster data repository integration for both on-premise and cloud environments, all while reducing overall cost. 
The acquisition has also resulted in a shift on the management level, as Bennatan, currently acting as CTO of jSonar, will join Imperva as the new chief of Imperva’s Data Security business. The Data Security unit will include both the jSonar and Imperva product lines. 
It appears that other organizations also saw the potential of the small database security startup. In June, jSonar secured a $50 million cash injection from Goldman Sachs during the firm’s first round of funding.
Speaking to ZDNet at the time, Bennatan explained that the company’s mission is a simple one: 

“We just make good database and data repository security. Really, really simple. That’s what we do. We make security products for where data lives, but we do it in a very good way.”

TechRepublic: FBI says hackers want to stoke doubt about the 2020 election
The transaction, expected to close in mid-October, is subject to customary closing conditions, and regulatory approval.
“Enterprises have shifted focus from compliance to data security while demanding lower costs and more measurable benefits,” says Pam Murphy, Imperva CEO. “This combination of two uniquely qualified trailblazers will signal a new approach to data security that puts an emphasis on usability and value with sustained and complete coverage for three initiatives organizations need to implement — security, compliance, and privacy.”

Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

A surge of phishing emails aimed at stealing steal corporate Microsoft Office 365 usernames and passwords is targeting a wide range of organisations and is trying to use captchas as an unusual technique to lull victims into a fall sense of security.
Captchas are usually used by online services as a means of ensuring security by requiring some sort of human input – such as checking a box or identifying particular images – to prevent automated activity by bots. In this case, cyber criminals are apparently harnessing a set of captchas to help their campaign.

More on privacy

The goal of the attack is to steal corporate Microsoft Office 365 usernames and passwords. These could be used to gain access to sensitive information, as a means of compromising the network with ransomware or even launching additional attacks against other companies that have a relationship with the victim organisation.
SEE: Security Awareness and Training policy (TechRepublic Premium)
Industries targeted by the attacks include finance, technology, manufacturing, government, pharmaceuticals, oil and gas, hospitality and more.
The campaign has been discovered and detailed by cybersecurity researchers at Menlo Security and involves phishing emails containing links that direct to a webpage posing as a Microsoft Office 365 login portal. It’s likely the attacks are customised depending on the selected target.
But rather than taking the potential victim straight to the fake page, the credential phishing site is obscured behind captchas, requiring the user to confirm they’re not a bot.
This could be an effort to make the fake log-in page look more legitimate, because people have got used to a captcha page serving as a security check.
But this isn’t the only captcha check used by the attackers, with a second stage asking the user to identify images of bicycles and a third stage asking users to identify the tiles containing a crosswalk. Only then will they be taken to the fake Office 365 login page.
SEE: This worm phishing campaign is a game-changer in password theft, account takeovers
These additional checks helps prevent automated services from reaching the phishing page and potentially identifying it as malicious – and providing the attackers with a better chance of stealing login credentials.
“The campaign is very prolific,” Vinay Pidathala, director of security research at Menlo Security told ZDNet. “With the data we have, we would classify this as a successful campaign.”
It’s uncertain what sort of operation is behind this phishing campaign, but it’s likely that it’s still active. In order to help protect against this and other phishing attacks, it’s recommended that organisations apply multi-factor authentication and that users should be wary of opening links or attachments in emails that come from an unknown source.
MORE ON CYBERSECURITY More