The United States needs a Department of Cybersecurity

By: Ted Schlein

This week more than 40,000 security professionals will attend RSA in San Francisco to see the latest cyber technologies on display and discuss key issues. No topic will be higher on the agenda than the Russian-sponsored hack of the American 2016 election, with debate about why the country has done so little to respond and what measures should be taken to deter future attempts at subverting our democracy.

For good reason. There is now clear evidence of Russian interference in the election with Special Counsel Mueller’s 37-page indictment of 13 Russians, yet the attack on U.S. sovereignty and stability has gone largely unanswered. The $120 million set aside by Congress to address the Russian attacks remains unspent. We expelled Russian diplomats, but only under international pressure after the poisoning of a former Russian spy and his daughter.

Recent sanctions are unlikely to change the behavior of the Putin administration. To put it bluntly, we have done nothing of substance to address our vulnerability to foreign cyberattacks. Meanwhile, our enemies gain in technological capability, sophistication and impact.

Along with the Russians, the Chinese, North Koreans, Iranians and newly derived nation states use cyber techniques on a daily basis to further their efforts to gain advantage on the geopolitical stage. It is a conscious decision by these governments that a proactive cyber program advances their goals while limiting the United States.


African embassy in Dublin targeted by cyber criminals with hackers gaining access to entire nation’s digital data

By: Craig Farrell

The Dublin consulate’s web system was breached for ten days in February — with passwords and emails comprised during the attack

AN African embassy in Ireland was hacked by cyber criminals, the Irish Sun can reveal.

The Dublin consulate’s web system was breached for ten days in February — with passwords and emails comprised during the attack.

Security experts revealed that the hackers had access to all the nation’s digital data — including extremely sensitive political information.

Lastline intelligence threat director Andy Norton told the Irish Sun: “We track infections from sophisticated tools.

“In the course of our investigation, one of the tools compromised was an African ambassador based out of Dublin.

“They were able to comprise the email passwords and ­website passwords, which depending on the threat actor, can be used for the purposes of espionage, financial gain or a number of other purposes.

“Whoever perpetrated the breech would have been able to log in as the ambassador and send emails as the ambassador.

“They would have had access to read conversations or view any electronic ­information that was on their system. So they would have full access to the politically sensitive information.”


Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

By: Swati Khandelwal

A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month—almost 18 months after receiving the responsible disclosure report.

The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users’ Windows login credentials, just by convincing victims to preview an email with Microsoft Outlook, without requiring any additional user interaction.

The vulnerability, discovered by Will Dormann of the CERT Coordination Center (CERT/CC), resides in the way Microsoft Outlook renders remotely-hosted OLE content when an RTF (Rich Text Format) email message is previewed and automatically initiates SMB connections.

A remote attacker can exploit this vulnerability by sending an RTF email to a target victim, containing a remotely-hosted image file (OLE object), loading from the attacker-controlled SMB server.

Since Microsoft Outlook automatically renders OLE content, it will initiate an automatic authentication with the attacker’s controlled remote server over SMB protocol using single sign-on (SSO), handing over the victim’s username and NTLMv2 hashed version of the password, potentially allowing the attacker to gain access to the victim’s system.


Japan’s FSA Suspends Two Cryptocurrency Exchanges Due to Poor KYC/AML Practices


Since the Coincheck hack that gifted some unknown cyberpunks $500 million worth of the altcoin XEM and the Zaif exchange system mishap, crypto-friendly Japan has increased its regulatory oversight on cryptocurrency exchanges in the nation. On Friday, April 6, the Japanese financial watchdog has pulled the trigger on two bitcoin exchanges who have gone against its statutes.

No Room for Errors

According to reports, the Japanese Financial Services Agency (FSA) has ordered Eternal Link and FSHO to cease their operations for two months, effective immediately. With this latest development, Eternal Link will be out of service until June 5, 2018, while FSHO will resume on June 7, 2018.

It is worth noting that the FSHO is now a serial offender and this is not a particularly good sign for the exchange. On March 8, the regulatory authority ordered FSHO along with another registered exchange Bitstation to suspend trading for one month, due to lack of proper security for customer data.


The FSA had to take disciplinary actions against the two cryptocurrency exchanges after investigating the operations of the firms for several months and discovered that both operators had not been making serious efforts to conduct proper know-your-customer (KYC) checks. Also, the exchanges failed to implement procedures that would enable them to report suspicious money laundering transactions to the FSA promptly.

The FSA strongly condemned the inactions of both exchanges stating that they are not carrying out their business operations in compliance with the Act on Prevention of Transfer of Revenue due to Crime (Act No. 22 of 2007).

Notably, the agency also indicated in the cease order that Eternal Link violated the laws in the nation by using customers’ deposits to pay for company expenses, even though it had intentions to replace the funds shortly after.


Für Krypto-Anleger: Dieses Smartphone kann angeblich nicht gehackt werden.

By: msn finanzen

Wie das Portal “CNET” berichtet, soll im August ein Smartphone speziell für Krypto-Anleger auf den Markt kommen. Besonders macht es nicht nur das vorinstallierte Wallet für Bitcoin, Ethereum und Co., sondern allem voran die Tatsache, dass das Smartphone laut Hersteller nicht “hackbar” sein soll.Sie möchten in Kryptowährungen investieren? Unsere Ratgeber erklären, wie es innerhalb von 15 Minuten geht:

Auf die Sicherheit bedacht

Der brasilianische Konzern Sikur setzt mit seinen Smartphones insbesondere auf das Thema Sicherheit. Der neueste Spross aus Sikurs Reihen, das “SikurPhone”, ist mit seiner Hardware-Ausstattung nichts besonderes: Ein 5,5 Zoll-Display ist inzwischen Standard. Die 13 Megapixel-Kamera ist ebenso bei Nokia und auch bei Xiaomi zu finden. Hinzu kommen 4 GB Arbeitsspeicher und 64 GB interner Datenspeicher. Ausschlaggebend soll jedoch die Sicherheit des Android-Smartphones sein. Das Unternehmen versichert, dass das Gerät vollständig verschlüsselt sei und damit “unhackbar”.

In einem Statement ließ Sikur-CEO Cristiano Iop verlauten: “Informationen sicher auf unseren Geräten zu speichern ist eine unserer Stärken. Wir waren bei Browser- und Messaging-Sicherheit erfolgreich. Also fragten wir uns, wieso nicht auch bei Kryptowährungen?”.


Snowden Releases NSA Documents Showing Bitcoin Was “#1 Priority”

By: C Edward Kelso

Xkeyscore. MAC addresses. OAKSTAR. MONKEYROCKET. Edward Snowden is at it again. This time the world’s most notorious whistleblower has handed over National Security Agency (NSA) documentation to online investigative news outlet The Intercept revealing an invasive covert program to track bitcoin users using spy tools he uncovered during his infamous first go-round. The implications include the future of privacy along with warrantless data collection being used to prosecute bitcoiners such as Ross Ulbricht of Silk Road.

Snowden Reveals How NSA Tracked Bitcoin Users

Ever get the feeling you’re being watched? Department of Homeland Security (DHS) Acting Assistant Secretary for Legislative Affairs Brian de Vallance, in a November 2013 letter to Congress, worried that “with the advent of virtual currencies and the ease with which financial transactions can be exploited by criminal organizations, DHS has recognized the need for an aggressive posture toward this evolving trend.” Infamous whistleblower Edward Snowden seems to have found a trove of heavily redacted, classified NSA documents attesting to that “aggressive posture.”

It’s fitting Mr. Snowden should share them with The Intercept, an online investigative news organization founded by his benefactor, attorney turned journalist Glenn Greenwald. Mr. Greenwald was then writing for The Guardian, and the two unleashed the largest batch of government security documents ever revealed about US and UK global surveillance.


Snowden Releases NSA Documents Showing Bitcoin Was "#1 Priority"

Interestingly, the documents tracking bitcoin users stem from roughly the same period, 2013. They detail bitcoiners all over the world were targeted as powers granted the NSA under the rubric of fighting terrorism expanded, and might have even begun to play a role in early crypto prosecutions such as Ross Ulbricht and Silk Road.

American Civil Liberties Union’s Patrick Toomey, of its National Security Project, explained, “If the government’s criminal investigations secretly relied on NSA spying, that would be a serious concern. Individuals facing criminal prosecution have a right to know how the government came by its evidence, so that they can challenge whether the government’s methods were lawful. That is a basic principle of due process. The government should not be hiding the true sources for its evidence in court by inventing a different trail.”



Este móvil es una cartera ultra segura para criptomonedas.


El auge de las criptomonedas estás crean en sí mismo nuevos segmentos y nichos de mercado en la escena móvil. Los móviles ultra seguros y encriptados siempre han existido, pero con el paso del tiempo se van adaptando a las nuevas tecnologías y tendencias. Y en esta ocasión desde la compañía SIKUR han querido crear un móvil de gama media ultra seguroorientado a las criptomonedas. O lo que es lo mismo, un dispositivo tan seguro que podemos llevar en él todo lo referente a nuestras inversiones en estas monedas virtuales sin temor ataques y hackeos.

Es imposible de hackear

La mayor amenaza para nuestra cartera de criptomonedas son los hackeos, y precisamente este móvil lo que nos ofrece es una seguridad total a la hora de gestionar nuestra cartera de Bitcoin u otra criptomoneda.

Por eso desde SIKUR aseguran que su móvil no se puede hackear. De hecho ofrecieron a una empresa con grandes conocimientos en hackeos, como es HackerOne ,dos meses para hackear este móvil, y les fue imposible. Por lo demás cuenta con un procesador de gama media MediaTek, 4GB de RAM, pantalla de 5,5 pulgadas Full HD, Android 7 y la imposibilidad de instalar otras apps que no sean de SIKUR. Sólo se venderán 20000 unidades a un precio de 800 dólares, muy elevado, pero en este caso justificado, porque pagamos en seguridad para nuestras criptomonedas.


The 9 most exciting phones and gadgets from MWC 2018.


Every spring, the smartphone world revolves around Mobile World Congress. Exhibitors and attendees from more than 200 countries congregate in the halls of the Fira Gran Via in Barcelona, Spain, debuting the latest in mobile tech. MWC is the largest mobile trade show on Earth. We’ve surveyed the announcements from every major tech company at the show this week. Here are the highlights.
Samsung Galaxy S9
With the Galaxy S9, Samsung is doubling down on its winning formula. The new GS9 and S9+ have all the features Galaxy phones are known for, plus a few additions. Samsung moved the fingerprint sensor away from the camera so you won’t smudge the lens anymore, and photo performance in low light is improved thanks to the camera’s variable-aperture system. You also get Apple-inspired animated emoji and a new DeX dock that turns the phone into a desktop PC. Ships March 16 for $720. Choose the unlocked option. And did we mention it comes in Lilac Purple?
Nokia 8110 4G
Remember that phone from The Matrix where the receiver panel slid out to reveal the number pad? Take the blue pill because it’s back, courtesy of HMD Global, which now makes Nokia phones. The new Nokia 8110 comes shaped and colored like a banana too. The battery lasts over three weeks, but if you’re hoping for Android apps, look elsewhere. This is a standard old-school feature phone with its own download store—and, in true retro fashion, it comes with a copy of Snake.
Huawei MateBook X Pro
Just when you think there are no new capabilities to squeeze out of laptops, Huawei pushes the envelope. The new MateBook X Pro has a remarkable 14-inch 3,000 x 2,000 pixel touchscreen with such small bezels that it fits into a standard 12-inch notebook chassis. Huawei claims this ultraportable has the highest screen-to-body ratio of any laptop in the world. It’s also loaded with the latest Intel 8th Generation Core chips, an Nvidia GeForce MX150 graphics card, four Dolby Atmos-approved speakers, a fingerprint sensor, and 12-plus hours of battery life. The coolest detail: a webcam pops out of one of the function keys on the keyboard like the headlights on an old Corvette.
Usually, a new phone at MWC will boast a fancy new screen or camera, but the SikurPhone’s sales pitch is strong security and data encryption. It claims that the SikurPhone is “hack-proof” and that its bespoke wallet app is the perfect way to keep your cryptocurrencies safe. It’s an Android phone with encryption plastered all over it, and a custom app store that only includes vetted apps. To back its claims, the company hired bug bounty hunters HackerOne to try to crack the phone. So far, the experts have failed. Sikur is asking $850 for the device, but that price includes peace of mind.

Presentan un teléfono seguro para invertir en bitcoins: ¿de qué se trata?

By: Desiree Jaimovich

Barcelona (enviada especial). SikurPhone es un teléfono diseñado especialmente para los que tienen (o están interesados en tener) inversiones en bitcoins. Se supone que ofrece mayor comodidad y seguridad para gestionar las criptomonedas por varios motivos.

El teléfono tiene un sistema operativo “propio”, que en realidad no es más que una versión personalizada del Android 7.0. Desde el celular no se pueden bajar aplicaciones de Google Play, sino solo aquellas que estén diseñadas especialmente dentro del ecosistema de la empresa.

Al no estar en contacto con apps de terceros, el móvil está menos expuesto a ser hackeado, destaca Alexandre Vasconcelos, vocero de Sikur. Esto es un buen punto, teniendo en cuenta que tan solo en 2017, Google tuvo que eliminar unas 700 mil aplicaciones maliciosas y expulsar a más de 100 mil desarrolladores de su tienda virtual, por intentar afectar los dispositivos de los 2 mil millones de usuarios de Android que hay en el mundo.

Los creadores del teléfono dicen que tan sólo en la última semana sometieron el equipo al testeo de un centenar de hackers y ninguno logró romper las barreras de seguridad del sistema