Month: February 2024

1. Data Resilience: Data resilience refers to the ability of data to remain available and in-tact despite various challenges or threats. It involves measures to ensure that data is protected from loss, corruption, or unauthorized access. Data resilience strategies typically include data backup, replication, encryption, and disaster recovery planning. The focus is on safeguarding the integrity and accessibility of data, regardless of the specific threats or incidents faced.

2. Cyber Resilience: Cyber resilience, on the other hand, encompasses a broader scope of resilience within the context of cybersecurity. It refers to an organization’s ability to continue operating and delivering its services despite cyber threats, attacks, or incidents. Cyber resilience involves not only protecting data but also safeguarding all aspects of an organization’s digital environment, including networks, systems, applications, and processes. It encompasses preventive measures, detection capabilities, incident response plans, and recovery strategies. Cyber resilience aims to minimize the impact of cyber incidents on an organization’s operations, reputation, and stakeholders.

In summary, while data resilience specifically focuses on ensuring the availability and integrity of data, cyber resilience addresses the broader spectrum of challenges related to cybersecurity, including data protection as well as the overall resilience of digital systems and operations.

How to achieve Data and Cyber Resilience

Attaining both data resilience and cyber resilience involves a combination of proactive measures, ongoing efforts, and strategic planning. Here are some key steps for achieving each:

Data Resilience:

1. Data Backup and Redundancy: Regularly back up your data and ensure redundancy across multiple locations or storage systems to mitigate the risk of data loss due to hardware failure, human error, or cyber-attacks.

2. Data Encryption: Implement encryption protocols to protect sensitive data both in transit and at rest, ensuring that even if data is compromised, it remains unreadable and unusable to unauthorized individuals.

3. Access Controls: Enforce strong access controls and user authentication mechanisms to limit access to data only to authorized personnel. Implement role-based access control (RBAC) to ensure that individuals have access only to the data necessary for their roles.

4.Data Integrity Checks: Implement mechanisms to regularly verify the integrity of data, such as checksums or digital signatures, to detect and prevent data tampering or corruption.

5. Disaster Recovery Planning: Develop comprehensive disaster recovery plans that out-line procedures for restoring data in the event of a data breach, natural disaster, or other catastrophic events.

Cyber Resilience:

1. Risk Assessment and Management: Conduct regular risk assessments to identify potential cyber threats and vulnerabilities within your organization’s digital infrastructure. Develop and implement risk management strategies to mitigate these risks effectively.

2. Security Awareness Training: Provide ongoing security awareness training to employees to educate them about common cyber threats, phishing scams, and best practices for maintaining cybersecurity hygiene.

3. Incident Response Planning: Develop and regularly test incident response plans to en-sure a coordinated and effective response to cyber incidents. Clearly define roles and responsibilities, establish communication channels, and outline procedures for containing, investigating, and recovering from cyber-attacks.

4. Continuous Monitoring: Implement continuous monitoring tools and technologies to detect and respond to cyber threats in real-time. Utilize security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint detection and response (EDR) solutions to enhance threat visibility and response capabilities.

5.  Collaboration and Information Sharing: Foster collaboration and information sharing within the cybersecurity community, including sharing threat intelligence, best practices, and lessons learned from cyber incidents. Participate in industry-specific Information Sharing and Analysis Centers (ISACs) and collaborate with law enforcement agencies and cybersecurity organizations.

By implementing these measures and adopting a proactive approach to data and cyber resilience, organizations can better protect their data, systems, and operations from cyber threats and ensure continuity in the face of adversity.

The post Definition of Data Resilience and Cyber Resilience and their attainment appeared first on Cybersecurity Insiders.

In recent years, NSO Group made headlines amid allegations of developing espionage software intended for government use in combating criminal activity. However, the company faced scrutiny for enabling individuals and organizations to spy on rivals, opposition figures, and business associates.

Following these revelations, the US government imposed a trade ban on NSO Group’s operations across the country pending further review.

One notable incident involved a Saudi prince reportedly using NSO Group’s Pegasus software to uncover Amazon CEO Jeff Bezos’s affair with Lauren Sanchez in 2020.

Now, NSO Group is back in the spotlight with the development of a new intelligence-gathering tool known as ‘MMS Fingerprint.’

Essentially, MMS Fingerprint is another form of spyware designed to clandestinely gather intelligence from users, with or without their knowledge.

From a technical standpoint, it functions similarly to the Pegasus mobile spyware and can target devices running Android, iOS, Blackberry, or Windows operating systems.

Security analysts at cybersecurity and telecom firm ENEA have identified MMS Fingerprint as a zero-click device profiling software distributed via Multimedia Messaging Service (MMS). Unlike focusing on specific operating system vulnerabilities, this tool relies heavily on MMS traffic.

Once installed, MMS Fingerprint continually scans for vulnerabilities in mobile operating systems, transmitting gathered intelligence to command-and-control servers for tailoring Pegasus or other spyware as per the hacker’s instructions.

Cathal McDaid, a researcher at ENEA, emphasizes the importance of remaining vigilant against such online mobile threats and calls on governments to refrain from engaging with firms involved in such activities.

The post Tainted NSO Group gets involved in another data privacy controversy appeared first on Cybersecurity Insiders.

Although Telegram is a niche messaging service in the US and Canada, it’s absolutely gigantic worldwide, with over 104 million users in India alone. If you’re new to the service, stats like that can be a little intimidating — but they shouldn’t be, at least not on their own. Here’s what you need to know about Telegram’s security, including how to stay safe day-to-day.

JUMP TO KEY SECTIONS

The Sony Xperia 5 V was one of the most powerful compact phones released in 2023 and yet for many of us, it wasn’t even an option, as Sony chose to only launch the Sony Xperia 1 V in the United States. While there’s still a possibility that the Xperia 5 V might come to the US later, it might be too late, given the arrival of powerful new flagships like the Samsung Galaxy S24 series.

It’s unclear if the US will ever see Sony’s compact flagship again, but there are a few things I’d like to see improved. With that in mind, here’s my wishlist for what I’d like to see in the Sony Xperia 5 VI in 2024.

Think of the biggest, most complicated Swiss Army Knife you’ve ever seen, one with more tools than you could ever use. Now, give it a USB-C port, a stylus, and four cameras on the back. Congratulations, you’ve got the Samsung Galaxy S24 Ultra. That might be oversimplifying one of the most capable Android phones on the market, but the analogy isn’t too far off. Let’s get into our Samsung Galaxy S24 Ultra review, and you’ll see what I mean.

Samsung Galaxy S24 Ultra review: At a glance

The return of Samsung’s Exynos chipset in the Galaxy S24 series once again leaves us with a high-end flagship series sporting a key hardware difference depending on where you reside. To recap, all Galaxy S24 Ultra owners and S24 and S24 Plus customers in the US, Canada, China, Taiwan, and Hong Kong all receive the Snapdragon 8 Gen 3 for Galaxy chipset. Customers who buy the Galaxy S24 or S24 Plus in Europe, the UK, India, and other regions receive the Exynos 2400 for Galaxy.

We’ve already covered the low-level Snapdragon 8 Gen 3 and Exynos 2400 specifications; today, we’re diving into our test results to explore what differences, if any, there are to be found when using these phones. To make the test completely fair, we’ve grabbed both Exynos and Snapdragon versions of the regular Galaxy S24, ensuring consistent battery capacity, display specs, and other hardware for our side-by-side comparison.

TikTok is perhaps the most controversial mainstream social network after Elon Musk’s X. Some people accuse it of being superficial, and worsening attention spans as well as the self-image of teenagers. Its harsher critics say that it can be used to spread misinformation, or that it might even be a potential attack vector for the Chinese government. So what’s the reality of the situation? Is TikTok safe to be on?

JUMP TO KEY SECTIONS

Today is the day Google announced the first developer preview for Android 15. While the update doesn’t bring a ton of new stuff to Android, it does introduce a feature that some people will likely find to be pretty handy.

If you’ve been toying around with Android 15 DP1, you may have come across “Notification cooldown.” According to the description, it’s a feature that will gradually lower the volume of successive notifications from the same app. Simply put, it’s designed to prevent you from feeling inundated if you suddenly get a ton of notifications around the same time.

Samsung is now rolling out the much-awaited first software update for the Galaxy S24 series. Thanks to a tip from Mishaal Rahman, we now know exactly what the update contains. But if you’re in the US, don’t go looking for that OTA just yet. The update is only rolling out in South Korea for now, but it should hit US Galaxy S24 units pretty soon. After all, Samsung promised to update the phones in February.

Anyhow, there are a bunch of improvements in the new Galaxy S24 series update, including those users had been asking for since the launch of the phones.