Threat Intelligence

7/6/2018
12:56 PM
50%
50%

Putin Pushes for Global Cybersecurity Cooperation

At a Moscow-based security conference, Russian President Vladimir Putin said countries should work together amid the rise of cyberthreats.

Russian President Vladimir Putin called on countries to better cooperate in the fight against cyberattacks during his address at a Moscow security conference.

Putin discussed how cyberthreats have escalated around the world and said "some nations' egoism" and "attempts to act squarely to their own advantages" have damaged data stability around the world, ABC News reports. 

Russia has recently joined efforts with European countries on an agreement to protect personal data, Putin said. He claims Russia would develop a system to automate data exchange between the private sector and law enforcement to improve on security, the report states.

The topic of Russian election meddling was not addressed.

Read more details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
No SOPA
50%
50%
No SOPA,
User Rank: Ninja
7/9/2018 | 10:51:41 AM
Should Politicians Have Hands in InfoSec?
I have to ask if politicians should even have a hand in the InfoSec world outside being inputs describing the issues they currently face.  There is a fine line between government influencing the evolution of tech (Internet) and politicians trying to influence tech in their favor (Ben Lawsky and Bitcoin, allegedly).  If we see Putin's voice as simply the first type of input, then great.  His name does in fact call to mind issues in the cyber landscape whether or not he himself calls them out.  But if he is in a position of power to make policy then, no, he nor any other politician who is not knowledgeable of tech should have direct influence on its evolution.  That is the job of technologists working closely with leaders such as politicians, doctors, educators and so on.  However, too often we see politicians with their own agendas, bias and hopes of personal gain trying to bully science and tech into doing what they want.  For that reason alone we should watch this with caution.  And for those politicians who are knowledgeable of tech, their input should also be viewed with caution, because the opportunity to drive policy toward a specific goal formed with that inside knowledge is also in danger being driven for the wrong reasons.  Politicians who are active policy makers simply shouldn't have a hand in defining tech, rather only in helping pass informed policies approved by the scientific and tech communities.  Information Security can NOT be seen as subject to the whims of politicians, especially at the global level.  
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
7/6/2018 | 2:48:59 PM
Pot Calling kettle black
Isn't this rather like Equifax hosting a cyber security seminar?  Or Wells Fargo on banking and investment ethics?  IBM on employee retention?  
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18519
PUBLISHED: 2018-11-19
BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain privileges via a Trojan horse "%PROGRAMFILES%\BFK 5.2.9\syscrb.exe" file because of insecure permissions for the BUILTIN\Users group.
CVE-2018-19355
PUBLISHED: 2018-11-19
modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfi...
CVE-2008-7320
PUBLISHED: 2018-11-18
** DISPUTED ** GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision.
CVE-2018-19358
PUBLISHED: 2018-11-18
GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms (involving the busconfig...
CVE-2018-19351
PUBLISHED: 2018-11-18
Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHand...