Cengage to Buy Cybersecurity Training platform, Infosec

Read Time:1 Minute, 52 Second

Cengage to Buy Cybersecurity Training platform, Infosec

A global education technology company based in Boston has signed a $191M deal to buy the cybersecurity training platform, Infosec.

Cengage Group announced the planned addition to its ed2Go business on Monday. The deal is expected to close in the first quarter of 2022. 

“The online, employer-paid cybersecurity training segment is currently a $1bn market, with expectations that it will grow to $10bn annually by 2027,” said Cengage CEO Michael Hansen. 

He added: “Combining Infosec with our already-successful Workforce Skills business will provide top-line growth, expand our base of recurring revenue and accelerate our opportunity within the space.”

Infosec was founded in 2004 by its current chief executive Jack Koziol who will remain at the helm to manage the transition. The company is based in Wisconsin and provides skills development and certification programs for the cybersecurity industry. 

“Cengage Group has the same level of passion for making learning accessible, affordable and applicable to today’s cybersecurity professionals,” said Jack Koziol, CEO and Founder of Infosec. 

He added: “Building on ed2go’s history in online training, Infosec will benefit from Cengage Group’s scale and expertise, which means we can reach more cybersecurity professionals and employers that are looking to not only grow their careers but to keep businesses, governments and people safe from cyber threats.”

Infosec employs around 100 people and offers more than 1,400 online cybersecurity courses. Nearly all Infosec’s current employees will reportedly be joining Cengage’s workforce of 4,500 people. 

According to Cyber Seek, there are just under 600,000 vacant cybersecurity roles in the United States. Research by Burning Glass Technologies suggests that around half of these positions require at least one certification. 

“We can’t hire people fast enough,” Hansen told The Boston Globe. “Right now, the demand for workforce skills courses is just exploding, and it’s exploding in very specific job categories,” he said. 

Hansen continued: “There is such a labor shortage. Every CEO tells me that…the labor shortage is really a skills shortage.”

News of Cengage’s planned purchase comes as rival British publishing house Pearson announced its acquisition of Credly, a digital workforce credentialing service provider, for around $200m.

Read More

Aussie Tech Entrepreneur Extradited Over SMS Fraud

Read Time:1 Minute, 56 Second

Aussie Tech Entrepreneur Extradited Over SMS Fraud

A Russian-born tech entrepreneur has been extradited to the United States from Australia to face charges relating to a multi-million-dollar text messaging consumer fraud scheme.

The arrival in America of 41-year-old dual Russian and Australian citizen Eugeni Tsvetnenko was announced by the Federal Bureau of Investigation (FBI) on Friday. Tsvetnenko – also known as “Zhenya” – was extradited on charges of conspiracy to commit wire fraud, wire fraud, aggravated identity theft and conspiracy to commit money laundering.

Prosecutors allege that former Perth resident Tsvetnenko conspired with others to operate an auto-subscribing scheme that signed cell phone users to receive premium paid for content via text message without their knowledge or consent. 

“Eugeni Tsvetnenko is alleged to have surreptitiously subscribed hundreds of thousands of cell phone users to a $9.99 per-month charge for recurring text messages they did not approve or want,” said US attorney Damian Williams.  

Victims of the scheme received text messages on horoscopes, celebrity gossip and trivia facts. The scheme’s operators defrauded victims of approximately $41,389,725 and made around $20m in profits. 

Tsvetnenko’s alleged co-conspirators include Darcy Wedd, the operator of telecommunications company Mobile Messenger, and Fraser Thompson, Mobile Messenger’s senior vice president of strategic operations. 

“Tsvetnenko and his co-conspirators concocted a scheme that turned thousands of mobile phone customers into unwitting subscription service participants, as alleged,’ said FBI assistant director-in-charge Michael J. Driscoll said.

He added: “These customers incurred monthly charges for services they never subscribed to and, in many cases, disregarded as spam until the charges turned up on their monthly statements.”

Prosecutors allege that at the start of 2012, Wedd, Thompson and two other Mobile Messenger senior executives recruited Tsvetnenko to their auto-subscribing scheme to boost their company’s revenue. Tsvetnenko allegedly agreed and established two new content providers based in Australia, CF Enterprises and DigiMobi, to auto-subscribe on Mobile.

CC-3 allegedly provided Tsvetnenko with lists of phone numbers to target, along with instructions on how to auto-subscribe without being caught by making it appear as if the customers had genuinely chosen to buy the text-messaging services.

Tsvetnenko is further accused of working with co-conspirators to launder the proceeds of the auto-subscribing scheme.

Read More

Prison for Dark Overlord Collaborator

Read Time:1 Minute, 51 Second

Prison for Dark Overlord Collaborator

A Canadian man has been sentenced to prison in the United States for trading in stolen identities and collaborating with the Dark Overlord cyber extortionist group.

Using the screen name GoldenAce, Slava Dmitriev bought and sold hundreds of illegally obtained IDs on the dark web. The 29-year-old resident of Vaughn, Ontario, traded in Social Security numbers and other personally identifiable information, including names and dates of birth belonging to American citizens. 

Between May 2016 and July 2017, Dmitriev made approximately $100K by selling 1,764 items (mostly stolen identities) via the darknet marketplace AlphaBay.

An investigation into Dmitriev’s cyber-criminal activities revealed that he aided the Dark Overlord with their illegal activities on multiple occasions. On June 16 2016, Dmitriev sent access credentials to the group for a New York-based dentist he had purchased on a criminal marketplace. The dentist subsequently became the victim of a cyber extortion attack perpetrated by the group. 

A month later, Dmitriev received a spreadsheet from the Dark Overlord containing approximately 200,000 stolen identities. Investigators also determined that in May 2017, Dmitriev sold data stolen by the group containing the identity of a victim residing in La Quinta, California.

Dmitriev was arrested in Greece in September 2020 through the coordinated efforts of the Federal Bureau of Investigation (FBI) and the Hellenic Police. When Greek police searched the residence where Dmitriev was staying, they located a computer containing emails discussing the buying and selling of identities and Social Security numbers, as well as a video about how to commit identity theft.

Dmitriev was extradited to the United States in January 2021 to face a charge of fraud and related activity in connection with access devices. On Wednesday, he was sentenced to three years in federal prison, followed by three years of supervised release.

“Dmitriev stole the identities of hard-working citizens of the United States and thought he was safe from prosecution while overseas,” said Phil Wislar, acting special agent in Charge of FBI Atlanta.  

He added: “This sentence will serve as a reminder that the FBI will always work diligently with International Law Enforcement partners to bring justice to citizens who have been victimized.”

Read More

Outdated IoT healthcare devices pose major security threats

Read Time:38 Second

More than half (53%) of the IoT (internet of things) and internet of medical things (IoMT) devices used in healthcare contain critical cybersecurity risks, according to The State of IoMT Device Security report by Cynerio, which analyzed devices from more than 300 hospitals in the US.

Cynerio makes IoT and security systems for heathcare providers. For the report, more than 10 million IoT and IoMT devices were scanned. Cynerio used a connector which, when connected to a SPAN (switched port analyzer) port on the core switch of a network, collects device traffic information for each device connected to the network. This information was then analyzed by an in-house AI algorithm to help identify vulnerabilities and threats.

To read this article in full, please click here

Read More

[R1] Nessus 10.1.0 Fixes One Third-Party Vulnerability

Read Time:24 Second
Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (Underscore.js) was found to contain a vulnerability, and an updated version has been made available by the provider.

Out of caution and in line with good practice, Tenable has opted to upgrade the Underscore.js component to address the potential impact of the issue. Nessus 10.1.0 updates Underscore.js to version 1.13.1 to address the identified vulnerability.

Read More

Securing Critical Infrastructure: The Essential Role of Public-Private Partnerships

Read Time:4 Minute, 30 Second

Government collaboration with industry can help drive strategic planning and tactical operations to address cyberthreats.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) states, “Public-private partnerships are the foundation for effective critical infrastructure security and resilience strategies, and timely, trusted information sharing among stakeholders is essential to the security of the nation’s critical infrastructure.” We couldn’t agree more.

Critical infrastructure is highly susceptible to cyberattacks, as seen with the SolarWinds attack in late 2020, which impacted global governments and critical infrastructure providers, and in the ransomware attacks on Colonial Pipeline and JBS Meat last year. However, with the proper IT infrastructure security in place, organizations can mitigate the risk of cyberattacks and protect their vulnerable data.

We believe it’s imperative for global governments to leverage the combined resources and expertise of government, industry and other stakeholders to enhance cybersecurity. Public-private partnerships play a critical role in establishing the strategic frameworks and tactical operational mechanisms necessary to secure data and IT infrastructure.

In the U.S., there are many federal agencies involved in public-private partnerships. For example, CISA and other government agencies are partnering with the information technology and communications industries to identify and to develop strategies to help address supply chain risk management challenges. Additionally, the National Cybersecurity Center of Excellence (NCCoE) leverages expertise from both the public and private sectors to develop cybersecurity guidance and solutions, aligned with international standards and the National Institute of Standards and Technology (NIST) Cybersecurity Framework, to address real-world sector-specific and cross-sector cybersecurity challenges. For example, the NCCoE has announced a project on Implementing a Zero Trust Architecture, which will develop “how-to” guides and example approaches to help organizations on their journey to adopt zero trust strategies.

The President’s National Security Telecommunications Advisory Committee (NSTAC) and the Joint Cyber Defense Collaborative (JCDC) are critical public-private partnerships that should be further advanced over the next year. The NSTAC and JDCD allow for agencies to join efforts on combating cyberthreats through strategic planning and proactive defense measures.

How NSTAC supports public-private cybersecurity initiatives

NSTAC aims to assist agencies dealing with telecommunications that affect national security and emergency preparedness. The NSTAC brings together IT and communications sector industry leaders and executives from many of our country’s largest and most influential companies, as well as cybersecurity experts from the White House, CISA and other government agencies to provide advice on securing telecommunications and digital technologies to protect the nation. I have the privilege of supporting Tenable co-founder Jack Huffard, who serves as a member of the NSTAC.

The NSTAC is currently working on a multi-phase project for improving internet resilience. Under the initial phase of this project, the NSTAC released a report to the President on Software Assurance in the Information and Communications Technology and Services Supply Chain. For the second phase, the NSTAC is currently developing a report on recommendations for adopting zero trust architectures. In the next couple of months, NSTAC will launch the third phase of this project, focused on addressing cybersecurity challenges associated with the convergence of Information Technology and Operational Technology, which is vital to further protect industrial control systems and other critical infrastructure from cyberattacks.

How the JCDC supports public-private cybersecurity initiatives

The JCDC was established by CISA to create a collaborative environment for federal agencies and the companies involved to prevent cyber intrusions and implement national cyber defense plans. The JCDC joins forces with federal agencies, state and local governments, and private-sector companies to protect our nation’s critical infrastructure. CISA Director Jen Easterly noted that the JCDC allows for “a shared situational awareness of the threat environment, so that we understand it better to develop whole-of-nation comprehensive cyber defense plans to deal with the most significant threats to the nation to include significant threats to our critical infrastructure.”

Tenable was recently named as an Alliance Partner for the JCDC, meaning we will be collaborating with CISA across a range of cybersecurity issues and challenges, to provide strategic insights and operational response acumen. Managing vulnerabilities is essential to secure critical IT infrastructure and the work done by JCDC and CISA promotes the prioritization of network security. Federal agencies across the nation need to adopt initiatives put forth by the JCDC to ensure their networks are protected from vulnerabilities, like the recent Apache Log4J flaw, which has impacted billions of devices worldwide. The JCDC and CISA have been quick to respond and help protect the nation’s infrastructure from this vulnerability, a vital effort, especially given that recent research from Tenable shows that nearly 30% of organizations hadn’t begun scanning for Log4J as of late December.

Conclusion

As cyberattacks become more sophisticated, building collaborative communities between the public and private sectors is crucial to synchronize operations and take preventative measures as a unified front to critical infrastructure threats.

In order to complete many large-scale projects, the expertise and technology from private-sector entities, as well as the resource support and convening power of global governments, are what permit public-sector proposals to come to fruition.

Learn More

Log4Shell: 5 Steps The OT Community Should Take Right Now
CISA’s Binding Operational Directive on Managing Unacceptable Risk Vulnerabilities in Federal Enterprises Is Key to Stopping Federal Cyberattacks
Unpacking the U.S. National Security Memorandum on Improving Cybersecurity for Critical Infrastructure

Read More

Twelve-Year-Old Linux Vulnerability Discovered and Patched

Read Time:49 Second

It’s a privilege escalation vulnerability:

Linux users on Tuesday got a major dose of bad news — a 12-year-old vulnerability in a system tool called Polkit gives attackers unfettered root privileges on machines running most major distributions of the open source operating system.

Previously called PolicyKit, Polkit manages system-wide privileges in Unix-like OSes. It provides a mechanism for nonprivileged processes to safely interact with privileged processes. It also allows users to execute commands with high privileges by using a component called pkexec, followed by the command.

It was discovered in October, and disclosed last week — after most Linux distributions issued patches. Of course, there’s lots of Linux out there that never gets patched, so expect this to be exploited in the wild for a long time.

Of course, this vulnerability doesn’t give attackers access to the system. They have to get that some other way. But if they get access, this vulnerability gives them root privileges.

Read More

US Revokes China Unicom’s License

Read Time:1 Minute, 35 Second

US Revokes China Unicom’s License

The US government has effectively stripped another Chinese telecoms player of its license to operate in the country on national security grounds.

The new Federal Communications Commission (FCC) order ends the ability of China Unicom Americas to provide telecoms services within the US.

It follows a March 2021 finding by the FCC in which it said the Chinese vendor had “failed to dispel serious concerns” about its continued operations.

In its ruling late last week, the FCC claimed that, as a state-owned enterprise, China Unicom “is subject to exploitation, influence and control by the Chinese government and is highly likely to be forced to comply with Chinese government requests without sufficient legal procedures subject to independent judicial oversight.”

It said this is more likely today than two decades ago when the firm’s license was first approved. The FCC is particularly concerned about Beijing’s ability to “access, store, disrupt and/or misroute US communications” and therefore conduct state-backed cyber-espionage via China Unicom.

“China Unicom Americas’ conduct and representations to the commission and Congress demonstrate a lack of candor, trustworthiness, and reliability that erodes the baseline level of trust that the Commission and other US government agencies require of telecommunications carriers given the critical nature of the provision of telecommunications service in the United States,” the FCC added.

According to the FCC order, “mitigation” would not address these national security concerns.

The firm now has 60 days to stop providing its services within the US.

China Unicom Americas is the latest of several Chinese state-owned telecoms firms caught in the middle of escalating hostility between Beijing and Washington.

Last year, China Telecom Americas also had its license revoked. In contrast, several years before that, the Trump administration blocked China Mobile USA’s application to enter the US market.

China Telecom is currently appealing the revocation of its license.

Read More