Market Sectors

block 10

<p>1</p>

Education | Training

GSN 2012 Awards announced: White House deputy of homeland security recognized for leadership at annual gala

GSN Awards 2012

Hundreds of the best of the homeland security community’s federal, state and municipal government officials, government contractors, systems integrators, IT vendors and physical security product and solutions providers all came together the night of November 29 in a ballroom of the Washington, D.C. convention center to receive accolades.

The GSN awards dinner, which has become a Washington tradition over the last four years, offered a chance for the excellence and civic-minded spirit of homeland security efforts nationwide to be recognized.

Not only were the best tools and technologies acknowledged , but the people and groups who use them, from local police departments in Florida and Washington state, to the White House, were honored at the event.

During the awards ceremonies, Richard Reed, Deputy Assistant to President Obama for Homeland Security, received the second annual Government Security News/Raytheon Award for Distinguished Leadership and Innovation in Public Safety and Security. Reed was chosen for tireless work in his key role in leading the development of national policy related to resilience, transborder security and community partnerships. He has been described as the president’s eyes and ears during disasters. In crises, such as the Gulf oil spill, H1N1 pandemic, and Haiti earthquake, Reed has sprung into action at the White House, coordinating information and gathering people to cope with these catastrophes.

Reed told Government Security News in an interview after the dinner that gatherings like GSN’s awards ceremony were invaluable in demonstrating that the hard work of creating a resilient, strong response to crises is performed by thousands of individuals, like those in attendance. Gatherings that bring the diverse emergency response and homeland security communities together can broaden perspectives and spur new ideas, he said.

Reed has been a determined, mostly behind-the-scenes, captain of federal emergency response efforts during the Bush and Obama administrations, helping prepare for, and respond to, some of the worst natural disasters the nation has known, from one of the deadliest tornado seasons in history in the Midwest, to historic wild fires in the west, and massive storms in the eastern U.S.

Reed said the key to capable response to such staggering events lies not only in federal hands, but in enabling state, local and even personal responses. Getting resources and training in place before disasters happen goes a long way in an effective response and recovery, he said. “The true first responders are friends, neighbors and co-workers” in the immediate aftermath of a disaster, said Reed. Local police, firefighters and other agencies arrive second, he said. Enabling people with information concerning what resources are available or where they can go for help or supplies empowers them, said Reed.

Government Security News managing partner Adrian Courtenay has made the GSN/Raytheon award an annual tradition. The prize is sponsored by the Raytheon Company, a technology and innovation leader specializing in defense, homeland security and other government markets throughout the world, which is headquartered in Waltham, MA.

Notable 2012 government excellence award winners included the local police departments in Tampa and St. Petersburg, FL, for their ground-breaking work in preparing for the Republican National Convention in Tampa this past summer. The departments put together comprehensive plans to gently defuse potentially volatile political demonstrations at the event. Both departments were also praised for implementing an innovative interoperable communications network during the GOP convention.

The Lawrence Livermore National Laboratory was recognized for its groundbreaking work on a small radiation detector. The Naval Air Systems Command won an award for its work on the Kestrel Wide Area Persistent Surveillance program, which developed an aerostat for long-term surveillance capabilities to protect ground soldiers in Afghanistan.

The complete list of GSN’s 2012 Award winners appears below: 

CATEGORY 1 – VENDORS OF IT SECURITY PRODUCTS AND SOLUTIONS

 

Best Anti-Malware Solution

 

Invincea

 

Best Identity Management Platform

 

Alert Enterprise

 

Best Certificate Management Solution

 

Entrust

 

Best Compliance /Vulnerability Assessment Solution

 

Agiliance

 

Best Data Security/Loss Management Solution

 

WAVE Systems

 

Best Endpoint Security Solution

 

StillSecure

 

Best Forensic Software

 

Silvertail

 

Best Intelligence Data Fusion and Collaborative Analysis Solution

 

Lookingglass Cyber Solutions

 

Best Intrusion Detection/Prevention Solution

 

Intellidyne

Vanguard Integrity Professionals

 

Best Network Security/Enterprise Firewall

 

Black Lotus

 

Best Privileged Access Management Solution

 

Kikusema

Xceedium

 

Best Real-Time Dynamic Network Analysis

 

Fidelis Security

 

Best Continuous Monitoring Solution

 

ForeScout

Redseal

 

Best Security Incident/Event Management Solution (SIEM)

 

NetIQ

 

CATEGORY 2 – VENDORS OF PHYSICAL SECURITY PRODUCTS & SOLUTIONS

 

PHYSICAL SECURITY ACCESS CONTROL & INDENTIFICATION

 

Best Biometric Identification Solution

 

Fulcrum Biometrics

 

Best Integrated System for HSPD 12/FIPS 201 Compliance

 

Brivo

 

Best Platform for Physical and Logical Access

 

Alert Enterprise

 

COMMUNICATIONS

 

Best Interoperable First Responder Communications

 

Covia Labs

 

Best Mass Notification Systems

 

AtHoc

 

Best Regional or National Public Safety Communications Deployment

 

Desktop Alert

 

DETECTION PRODUCTS

 

Best Explosives Detection Solution

 

AS&E

 

Best Long Range Detection Systems

 

Vidisco

 

Best Nuclear/Radiation Detection

 

Lawrence Livermore National Laboratory

 

VIDEO SURVEILLANCE

 

Best Intelligent Video Surveillance Solution

 

Panasonic

 

Best Thermal/Night Vision/Infrared Cameras

 

HGH Infrared Systems

Vumii

 

Best Network IP Cameras

 

Axis Communications

 

Best Video Storage/Digital Transmission Systems

 

Panasonic

 

OTHER PRODUCTS

 

Best Perimeter Protection Solution

 

Senstar

 

Best Crash Barriers

 

Nasatka

 

Best Physical Security Information Management (PSIM) Solution

 

NICE Systems

 

SERVICES

 

Best Disaster Preparedness or Disaster Recovery & Clean-up Service

 

High-Rise Escape Systems

 

Best Facility Security/Force Protection Service

 

Whitestone Group

 

Best Homeland Security Training/Higher Education Solutions

 

Bellevue University

 

Category 3: Government Security News 2012 Government Excellence Awards

 

Most Notable Airport Security Award

 

Defense Manpower Agency

 

Most Notable Maritime/Port Security Program

 

Ohio Department of Public Safety/Northern Border Initiative

 

Most Notable Railroad/Mass Transit Security Program

 

Denver Regional Transportation Authority

 

Most Notable Critical Infrastructure Program, Project or Initiative

 

U.S. Veterans Administration Hospital, Tucson, AZ

 

Most Notable Cyber Security Program, Project or Initiative

 

U.S. Department of Energy

 

Most Notable Emergency Response Implementation

 

U.S. National Guard

Federal Emergency Management Agency (FEMA)

 

Most Notable Law Enforcement Interdiction, Arrest or Counter-Terrorism Program

 

Orange County Intelligence Assessment Fusion Center

 

Most Notable Municipal/County Programs, Projects or Initiatives

 

Seattle, Washington Police Department

Tampa and St. Petersburg, Florida Police Departments

 

Federal Government

 

Naval Air Systems Command (Kestrel Wide Area Persistent Surveillance)

GSN 2012 Homeland Security Awards program open for entries

The Government Security News 2012 Homeland Security Awards Program officially opened for entries on May 1, once again featuring 45 Awards in three broad Categories:Best Vendors of IT Security Products and Solutions, Best Vendors of Physical Security Products and Solutions and the 2011 Government Excellence Awards.

Returning as corporate Sponsors of the 2012 Program are BRS Laboratories of Houston, TX -- a leading software development company for video behavioral recognition software that deploys easily and rapidly on large scale video networks and provides actionable information without inundating end users with false alarms -- and Entrust, Inc. , of Dallas, TX, which offers physical/logical access, mobile security, certificate management and other identity-based solutions to governments and large enterprises.  Additional sponsors will be announced, and profiles of all 2012 sponsors, will be published in coming weeks. Companies interested in joining the ranks of sponsors of the 2012 Awards Program should contact GSN Publisher and World Business Media President, Edward Tyler, at 212-344-0759, ext. 2001.

The cost to submit an entry in the 2012 program is $295 for vendors of IT security and physical security products and solutions. As in previous years, there is no cost for entries in the 10 categories of awards for federal, state and local government agencies. Vendors of IT and physical security products and solutions may nominate themselves or be nominated by colleagues or government clients, while government agencies or departments may similarly nominate themselves or be nominated by other agencies, colleagues or vendors.

According Adrian Courtenay, managing partner of World Business Media, several new categories created in 2011 to acknowledge successful initiatives of federal, state or local agencies in responding to emergencies, countering terrorism and preventing crime will again be included in 2012. These categories are “Most Notable Emergency Response Implementation – Federal, State or Local”; “Most Notable Law Enforcement Interdiction, Arrest or Counter Terrorism Program – Federal, State or Local”; and “Most Notable Counter Terrorism or Crime Prevention Program”.

In the 2011 contest, the Bastrop Country, TX, Unified Command (including county, state and federal government agencies) was awarded the trophy for “Most Notable Emergency Response Implementation” in battling 2011 Texas wildfires in Bastrop County. The United States Customs and Border Protection, Detroit Sector, was winner in the “Most Notable Law Enforcement Interdiction or Arrest” category for a dramatic arrest on St. Clair River in Detroit, and the Los Angeles Police Department was recognized for having the “Most Notable Law Enforcement Counter Terrorism or Crime Prevention Program.”

Another category that was new in 2011, “Most Notable Cyber Security Program or Technology – Government or Military”, will also be continued, in recognition of the emergence of Cyber Security as a vitally important component of overall security for any nation. The winner of this award in 2011 was the National Oceanic and Atmospheric Administration.

The 2012 Awards Program will once again culminate with a gala awards dinner in the fall, at a venue to be announced shortly. In the 2011 program, the “GSN/Raytheon Award for Distinguished Leadership and Innovation” was introduced and presented to Admiral Thad Allen (US Coast Guard-ret.), who came out of retirement twice in recent years to serve his country, first in heading up the federal response to Hurricanes Katrina and Rita, and later in managing the response to the Deepwater Horizon oil spill in the Gulf of Mexico.

In remarks for the 2011 Awards Dinner audience, Admiral Allen said the continuing work of technology companies and first responders was key in any disaster. He urged everyone to become a “lifelong rapid learner” to better cope with disasters, both man-made and natural. He also said “reconciling opportunity and competency” when disaster strikes is essential to any effective recovery, and being on top of the latest, most effective technology is a product of being a lifelong rapid learner. He also said clear communications is also a key to effective response and amplified his call for a nationwide interoperable first responder radio network. 

Photos of the 2010 awards reception and dinner are available at www.flickr.com/photos/[email protected]/, and video interviews with Admiral Allen, as well as sponsors and winners in the 2011 Awards program, are available at the GSN Video Center at www.gsnmagazine.com/videocenter.

Entry forms and other information about the 2012 Awards Program are available at www.gsnmagazine.com/hsa2012/welcome.

GSN 2011 Awards Program opens for entries on April 26

Government Security News has announced that its 2011 Homeland Security Awards Program  will officially open for business and start accepting entries in the program’s 45 awards categories on Tuesday, April 26.

The 2011 program contains a number of exciting new categories, reflecting the dynamically changing threat environment, in all three of the overall awards groupings: Best Vendors of IT Security Products and Solutions, Best Vendors of Physical Security Products and Solutions, and the 2011 Government Excellence Awards.

The cost for each entry in the 2011 program is $295 for vendors of IT security and physical security products and solutions. As in previous years, there is no cost for entries in the 10 categories of awards for federal, state and local government agencies.

Vendors of IT and physical security products and solutions may nominate themselves or be nominated by colleagues or government clients, while government agencies or departments may similarly nominate themselves or be nominated by other agencies, colleagues or vendors.

Adrian Courtenay, Managing Partner of GSN’s parent company, World Business Media, LLC, cited two intriguing new categories in the government sector that have been selected to acknowledge solid “boots on the ground” achievements of federal, state or local agencies in responding to emergencies, countering terrorism and stopping crime. These categories are “Most Notable Emergency Response Implementation – Federal, State or Local” and “Most Notable Law Enforcement Interdiction, Arrest or Counter Terrorism Program – Federal, State or Local.”

Acknowledging the increasing importance of cyber security and the threat of cyber war among nation-states, Courtenay also pointed out that the government awards in 2010 have been expanded to include a category titled, “Most Notable Cyber Security Program or Technology – Government or Military.”

Returning for its third year as a sponsor of the GSN Awards Program is founding sponsor ArcSight, now a business unit of Hewlett Packard Software and Solutions, whose enterprise threat and risk platform is an integrated product for collecting, analyzing and assessing security and risk information. ArcSight is also a repeat winner in the GSN awards program for its Security Incident Event Management (SIEM) products for collecting, analyzing and assessing security incident event information.

Also returning as event sponsors are General Dynamics C4, located in Phoenix, AZ, a major developer and integrator of secure communications and information systems and technology; and  Mutualink, another GSN award winner, which creates networks of interoperable communities that can instantly share radio, voice, text, video and data files, and telephone communications in a secure environment.

The fourth and final sponsor to date in the 2011 Awards Program is Behavioral Recognition Systems, Inc., of Houston, TX, also known as BRS Labs, whose software uses the fascinating, scientifically developed cognitive reasoning and artificial intelligence of behavioral analytics to leverage a stream of intelligence from millions of surveillance cameras worldwide, in order to provide alerts regarding abnormal or suspicious behavior.

Profiles of each of the 2011 sponsors will be posted on the GSN Web site in the coming weeks.

Additional companies or organizations interested in joining the ranks of 2011 sponsors of the GSN 2011 Homeland Security Awards Program should contact GSN Publisher and World Business Media President, Edward Tyler, at 212-344-0759, ext. 2001.

According to Courtenay, the 2011 Awards Program will culminate with the annual awards dinner in early November at a venue to be announced shortly. “It’s going to be hard to top last year’s elegant dinner and spectacular after-dinner keynote presentation by four-star General Barry McCaffrey (USA-Ret.). But we’re going to try!”

In 2010, the GSN awards were presented to a sold-out ballroom at the JW Marriott Hotel in Washington, DC, that included many distinguished government and military officials, academics, law enforcement and public safety professionals from across the country, along with the systems integrators, defense contractors and vendors of products and solutions used in homeland security.

Photos of the 2010 awards reception and dinner are available at:

www.flickr.com/photos/[email protected]/.

Further information and entry forms for the 2011 Awards Program are available at:

www.gsnmagazine.com/hsa2011/welcome.

General Dynamics Satellite Simulator Trains Space Mission Operators from Across the U.S. Department of Defense

SCOTTSDALE, Ariz -- General Dynamics Mission Systems received a contract from the U.S. Navy to restore and maintain a satellite system simulator for students at the Naval Postgraduate School, Spacecraft Research and Design Center / Adaptive Optics Center of Excellence. The simulator, a model of a Navy Fleet Satellite (FLTSAT) communications satellite, will help students hone their skills in managing the technical aspects of space systems including satellite command, control and communications and troubleshooting satellite and constellation anomalies.

 

"The General Dynamics Naval Satellite Operations Center (NAVSOC) team has worked with the Naval Postgraduate School for more than 10 years. Updating the simulator to perform just like the actual system is a tremendous training opportunity for these advanced degree students," said Manny Mora, a vice president and general manager of General Dynamics Mission Systems. "They will have a realistic, 'hands-on' learning experience, while we support the development of future U.S. Department of Defense space engineers and leaders."

The General Dynamics team also supports instructors teaching a wide range of space-related topics to Naval Postgraduate School students from across the U.S. Department of Defense. The academic programs include mastery of the technical aspects of space systems including design, development, installation and maintenance of spacecraft, space payloads, supporting earth stations, terminals and command, control and communications connectivity.

The General Dynamics NAVSOC team is located at Naval Air Station, Point Mugu, Calif., supporting the Navy's operation of the FLTSAT and Ultra-high Frequency Follow-on communication satellite constellations. 

Recently, the team completed all on-orbit testing for the Navy's new Mobile User Objective System (MUOS) satellite communications system before it was turned over to the Navy for day-to-day operations.

The Naval Postgraduate School is a graduate university offering masters and doctoral degrees in more than 70 fields of study to the U.S. Armed Forces, Department of Defense civilians and international partners.

General Dynamics Mission Systems is a business unit of General Dynamics (NYSE: GD). For more information about General Dynamics Mission Systems, please visit gdmissionsystems.com and follow us on Twitter @GDMS.

 

SOURCE General Dynamics Mission Systems

Related Links

http://www.gdmissionsystems.com

Conference to Explore the Promise Artificial Intelligence Holds for the Cybersecurity Sector

BROOKLYN, N.Y., May 30, 2018 -- The NYU Tandon School of Engineering's Future Labsentrepreneurial network will bring together leading cybersecurity practitioners and researchers to explore the rapidly emerging promises and risks that artificial intelligence hold for cybersecurity.

 

Aimed at helping professionals at established enterprises, startups, and research institutions understand recent advancements in AI technology and how talent challenges play a role in the balance between progress and security, "Focus AI: Cybersecurity" is the latest in the Future Labs' speaker series for New York City's entrepreneurial community. It will take place on Monday, June 4, 2018, from 5 to 8 p.m. at the Midtown Manhattan offices of sponsoring partner PwC.

Panelists include:

  • Larry Trittschuh, chief security officer, Americas at Barclays
  • Michael J. Landewe, co-founder of security firm Avanan
  • Carol Lee, partner at PwC and leader of technology-sector initiatives
  • Lucas Nelson, security expert and partner at venture fund Lytical Ventures and Kauffman Fellows
  • Dawud Gordon, Ph.D, founder of behavioral biometrics startup TwoSense
  • Damon McCoy, NYU Tandon assistant professor of computer science and engineering and a member of NYU'sCenter for Cybersecurity

McCoy's research focuses on empirically measuring the security and privacy of technology systems, and he recently received attention for his long-term study of ransomware, a type of malware that encrypts the files of infected hosts and demands payment for their restoration. It is timely work given that the Online Trust Alliance called 2017 "the worst year ever in data breaches and cyber incidents" worldwide, and the global costs of such attacks are expected to reach up to $6 trillion annually by 2021. McCoy has led numerous research investigations into cybercrime using large data sets.

The conference will provide an important forum for discussion about AI technologies, industry needs, and investment opportunities surrounding cyber risk, which Warren Buffett deemed a greater threat to mankind than nuclear weapons. With a recent survey showing that almost 40 percent of enterprise organizations already deploy AI-based security analytics to some extent, and that figure expected to steadily increase, cybersecurity providers are racing to implement advanced AI-driven solutions for their clients.

For more information or to register, visit https://goo.gl/JjPYQ9.

About the New York University Tandon School of Engineering
The NYU Tandon School of Engineering dates to 1854, the founding date for both the New York University School of Civil Engineering and Architecture and the Brooklyn Collegiate and Polytechnic Institute (widely known as Brooklyn Poly). A January 2014 merger created a comprehensive school of education and research in engineering and applied sciences, rooted in a tradition of invention and entrepreneurship and dedicated to furthering technology in service to society. In addition to its main location in Brooklyn, NYU Tandon collaborates with other schools within NYU, one of the country's foremost private research universities, and is closely connected to engineering programs at NYU Abu Dhabi and NYU Shanghai. It operates Future Labs focused on start-up businesses in downtown Manhattan and Brooklyn and an award-winning online graduate program. For more information, visit http://engineering.nyu.edu.

www.facebook.com/nyutandon
@NYUTandon

SOURCE NYU Tandon School of Engineering

HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm

Systems Affected

Network systems

Overview

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government:

  • a remote access tool (RAT), commonly known as Joanap; and
  • a Server Message Block (SMB) worm, commonly known as Brambul.

The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.

FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and enable network exploitation. DHS and FBI are distributing these IP addresses and other IOCs to enable network defense and reduce exposure to any North Korean government malicious cyber activity.

This alert also includes suggested response actions to the IOCs provided, recommended mitigation techniques, and information on how to report incidents. If users or administrators detect activity associated with these malware families, they should immediately flag it, report it to the DHS National Cybersecurity and Communications Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and give it the highest priority for enhanced mitigation.

See the following links for a downloadable copy of IOCs:

NCCIC conducted analysis on four malware samples and produced a Malware Analysis Report (MAR). MAR-10135536.3 – RAT/Worm examines the tactics, techniques, and procedures observed in the malware. Visit MAR-10135536.3 – HIDDEN COBRA RAT/Worm for the report and associated IOCs.

Description

According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using both Joanap and Brambul malware since at least 2009 to target multiple victims globally and in the United States—including the media, aerospace, financial, and critical infrastructure sectors. Users and administrators should review the information related to Joanap and Brambul from the Operation Blockbuster Destructive Malware Report [1] in conjunction with the IP addresses listed in the .csv and .stix files provided within this alert. Like many of the families of malware used by HIDDEN COBRA actors, Joanap, Brambul, and other previously reported custom malware tools, may be found on compromised network nodes. Each malware tool has different purposes and functionalities.

Joanap malware is a fully functional RAT that is able to receive multiple commands, which can be issued by HIDDEN COBRA actors remotely from a command and control server. Joanap typically infects a system as a file dropped by other HIDDEN COBRA malware, which users unknowingly downloaded either when they visit sites compromised by HIDDEN COBRA actors, or when they open malicious email attachments.

During analysis of the infrastructure used by Joanap malware, the U.S. Government identified 87 compromised network nodes. The countries in which the infected IP addresses are registered are as follows:

  • Argentina
  • Belgium
  • Brazil
  • Cambodia
  • China
  • Colombia
  • Egypt
  • India
  • Iran
  • Jordan
  • Pakistan
  • Saudi Arabia
  • Spain
  • Sri Lanka
  • Sweden
  • Taiwan
  • Tunisia

Malware often infects servers and systems without the knowledge of system users and owners. If the malware can establish persistence, it could move laterally through a victim’s network and any connected networks to infect nodes beyond those identified in this alert.

Brambul malware is a brute-force authentication worm that spreads through SMB shares. SMBs enable shared access to files between users on a network. Brambul malware typically spreads by using a list of hard-coded login credentials to launch a brute-force password attack against an SMB protocol for access to a victim’s networks.

Technical Details

Joanap

Joanap is a two-stage malware used to establish peer-to-peer communications and to manage botnets designed to enable other operations. Joanap malware provides HIDDEN COBRA actors with the ability to exfiltrate data, drop and run secondary payloads, and initialize proxy communications on a compromised Windows device. Other notable functions include

  • file management,
  • process management,
  • creation and deletion of directories, and
  • node management.

Analysis indicates the malware encodes data using Rivest Cipher 4 encryption to protect its communication with HIDDEN COBRA actors. Once installed, the malware creates a log entry within the Windows System Directory in a file named mssscardprv.ax. HIDDEN COBRA actors use this file to capture and store victims’ information such as the host IP address, host name, and the current system time.

Brambul

Brambul malware is a malicious Windows 32-bit SMB worm that functions as a service dynamic link library file or a portable executable file often dropped and installed onto victims’ networks by dropper malware. When executed, the malware attempts to establish contact with victim systems and IP addresses on victims’ local subnets. If successful, the application attempts to gain unauthorized access via the SMB protocol (ports 139 and 445) by launching brute-force password attacks using a list of embedded passwords. Additionally, the malware generates random IP addresses for further attacks.

Analysts suspect the malware targets insecure or unsecured user accounts and spreads through poorly secured network shares. Once the malware establishes unauthorized access on the victim’s systems, it communicates information about victim’s systems to HIDDEN COBRA actors using malicious email addresses. This information includes the IP address and host name—as well as the username and password—of each victim’s system. HIDDEN COBRA actors can use this information to remotely access a compromised system via the SMB protocol.

Analysis of a newer variant of Brambul malware identified the following built-in functions for remote operations:

  • harvesting system information,
  • accepting command-line arguments,
  • generating and executing a suicide script,
  • propagating across the network using SMB,
  • brute forcing SMB login credentials, and
  • generating Simple Mail Transport Protocol email messages containing target host system information.

Detection and Response

This alert’s IOC files provide HIDDEN COBRA IOCs related to Joanap and Brambul. DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware.

When reviewing network perimeter logs for the IP addresses, organizations may find instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find some traffic relates to malicious activity and some traffic relates to legitimate activity.

Impact

A successful network intrusion can have severe impacts, particularly if the compromise becomes public. Possible impacts include

  • temporary or permanent loss of sensitive or proprietary information,
  • disruption to regular operations,
  • financial losses incurred to restore systems and files, and
  • potential harm to an organization’s reputation.

Solution

Mitigation Strategies

DHS recommends that users and administrators use the following best practices as preventive measures to protect their computer networks:

  • Keep operating systems and software up-to-date with the latest patches. Most attacks target vulnerable applications and operating systems. Patching with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
  • Maintain up-to-date antivirus software, and scan all software downloaded from the internet before executing.
  • Restrict users’ abilities (permissions) to install and run unwanted software applications, and apply the principle of least privilege to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
  • Scan for and remove suspicious email attachments. If a user opens a malicious attachment and enables macros, embedded code will execute the malware on the machine. Enterprises and organizations should consider blocking email messages from suspicious sources that contain attachments. For information on safely handling email attachments, see Using Caution with Email Attachments. Follow safe practices when browsing the web. See Good Security Habits and Safeguarding Your Data for additional details.
  • Disable Microsoft’s File and Printer Sharing service, if not required by the user’s organization. If this service is required, use strong passwords or Active Directory authentication. See Choosing and Protecting Passwords for more information on creating strong passwords.
  • Enable a personal firewall on organization workstations and configure it to deny unsolicited connection requests.

Response to Unauthorized Network Access

Contact DHS or your local FBI office immediately. To report an intrusion and request resources for incident response or technical assistance, contact DHS NCCIC ([email protected] or 888-282-0870), FBI through a local field office, or FBI’s Cyber Division ([email protected] or 855-292-3937).

References

Revisions

  • May 29, 2018: Initial version

Expert Providers Deliver School Emergency Management Solution

VINELAND, N.J., April 12, 2018 -- ComTec Cloud, Division of ComTec Systems Inc., and Sonitrol Security of Delaware Valley announced today that they have standardized the design and installation of a new Education Security and Monitoring System to provide advanced security and enhanced communications for schools.

"ComTec is proud to continue our legacy of providing leading technology solutions to the educational community," said Mike Vertolli, President of ComTec Systems. ComTec Cloud Services built the iConnect-EDU platform and integrated ALERT Advanced Layered Emergency Response Tools modules for enhanced safety and communications: from automatically locking down the school and integrated emergency paging, to in-building signage, we are helping to protect our students and community."

The offering includes hardware and software to trigger an emergency response; an emergency notification system; integration with core systems including access control, Sonitrol Intrusion Detection with live audio feeds to the Sonitrol central station, the phone system, and the school public address system; and strobe lights, emergency buttons, and signage within the buildings. The emergency notification solution is integrated with a smartphone app to communicate with parents, students, and staff.

"This solution leverages the full capabilities of Sonitrol. After over 53 years in the security industry, Sonitrol has delivered services to over 12,000 schools nationally and over 400 in PA, NJ, and DE.  With the launch of our school alerting solution, we are offering an array of cutting-edge safety tools that better enable school districts to offer the best information to emergency responders, staff, parents, and students in the event of a situation," said Joe Allen, Vice-President/Owner of Sonitrol. "With 24x7 live monitoring and the active alerting system, this will give parents peace of mind."

The notification technology provides needed information on a timely basis.  With both SMS and in-app notifications, the system is a powerful way to communicate in a controlled manner.  The system allows one-way alerts, for example, a late opening message, and also enables two-way communications, for instance, the athletic staff can acknowledge that they will turn on the field lights.  Authorized users can push a message to thousands or a few individuals, and require acknowledgment or reply if necessary.

"We always wanted Cumberland County TEC to be at the forefront of technology and safety.  CCTEC was designed to represent the best technology in a next generation school.  We have done a great deal of research on the technology options for this solution.  ComTec's integrated mass notification system combined with Sonitrol's security and safety offering has delivered the community a state of the art platform that has exceeded all expectations," said Gene Mercoli, Business Administrator of Cumberland County Technology Education Center. "ComTec and Sonitrol worked well with Garrison Architects and Pennoni Associates to design the solution into our infrastructure.  This enhanced communications technology will deliver real-time information to emergency responders, staff, parents, and even students. The ability for the school to require acknowledgment to notifications will positively impact our daily activities."

To learn about this exciting solution, please join us for an interactive event with lunch on Thursday, April 26th at Flying Fish Brewing Company in Somerdale, NJ at 900 Kennedy Blvd from 1:30 PM to 4:30 PM.  RSVP with Claudia at 877-652-3060 or [email protected]

About ComTec
ComTec Systems has been delivering technology solutions since 1988 and has evolved into one of the fastest growing and most successful business telecommunications and managed cloud services providers. ComTec Systems has four divisions— ComTec Cloud Services, ComTec Consulting, ComTec USA and ComTec Financial Services. Together they provide clients with the latest technologies to address their essential business needs. More information at https://ComTecCloud.net.

About Sonitrol
Since 1964, Sonitrol Security of Delaware Valley has been the trusted name for providing security to businesses and Educational Facilities in North America, with a combination of human know-how and the latest technology.  We often catch criminals before they gain entry to our customers' facilities.  Sonitrol Security of Delaware Valley provides unique audio intrusion detection, access control, video surveillance and fire detection systems, and has assisted in over 176,000 documented apprehensions.  More information at https://sonitrolde.com.

About Cumberland County Technology Education Center

Cumberland County Technology Education Center (CCTEC) is a four-year vocational public high school located in Bridgeton, New Jersey that serves students in ninth through twelfth grades from across Cumberland County, New Jersey, operating as part of the Cumberland County Vocational School District.  More information at https://www.cumberland.tec.nj.us

OFFSET “Sprinters” to Pursue State-of-the-art Solutions for Second Swarm Sprint

DARPA’s OFFensive Swarm-Enabled Tactics (OFFSET) program envisions future small-unit infantry forces using small unmanned aircraft systems (UASs) and/or small unmanned ground systems (UGSs) in swarms of 250 robots or more to accomplish diverse missions in complex urban environments. By leveraging and combining emerging technologies in swarm autonomy and human-swarm teaming, the program seeks to enable rapid development and deployment of breakthrough swarm capabilities.

To continue the rapid pace and further advance the technology development of OFFSET, DARPA is soliciting proposals for the second “swarm sprint.” Each of the five core “sprints” focuses on one of the key thrust areas: Swarm Tactics, Swarm Autonomy, Human-Swarm Team, Virtual Environment, and Physical Testbed. This second group of “Swarm Sprinters” will have the opportunity to work with one or both of the OFFSET Swarm Systems Integrator teams to develop and assess tactics as well as algorithms to enhance autonomy.

The focus of the second sprint is enabling improved autonomy through enhancements of platforms and/or autonomy elements, with the operational backdrop of utilizing a diverse swarm of 50 air and ground robots to isolate an urban objective within an area of two city blocks over a mission duration of 15 to 30 minutes. Swarm Sprinters will leverage existing or develop new hardware components, algorithms, and/or primitives to enable novel capabilities that specifically demonstrate the advantages of a swarm when leveraging and operating in complex urban environments.

The conclusion of the second sprint is aligned with a physical and virtual experiment, where “sprinters” will be able to more deeply integrate and demonstrate their technology developments. The sprinters will have the opportunity to work with DARPA and the Swarm Systems Integrators to further expand the capabilities relevant to operational contexts.

“As operations in urban environments continue to evolve, our warfighters need advanced capabilities to keep up with the ever-changing complexity of the urban scenario,” said Timothy Chung, program manager in DARPA’s Tactical Technology Office (TTO). “The focus on enhancing autonomy in operational contexts will further advance future swarming capabilities allowing the warfighter to outmaneuver our adversaries in these complex urban environments.”

The announcement for this second swarm sprint follows the awarding of contracts to the first cohort of OFFSET Swarm Sprinters to:

  • Lockheed Martin, Advanced Technology Laboratories
  • SoarTech, Inc.
  • Charles River Analytics, Inc.
  • University of Maryland
  • Carnegie Mellon University

Each of these inaugural sprinters will focus on generating novel tactics for a multi-faceted swarm of air and ground robots in support of the mission to isolate an urban objective, such as conducting reconnaissance, generating a semantic map of the area of operations, and/or identifying and defending against possible security risks.

Instructions for submitting a proposal to participate in the second core swarm sprint (under Amendment 2), as well as full OFFSET program details, are available on the Federal Business Opportunities website: https://go.usa.gov/xRhPC. Proposals are due at 1:00 p.m. Eastern on April 30, 2018. Please email questions to [email protected].

(More information about OFFSET and swarm sprint thrust areas is available here: https://youtu.be/c7KPBHPEMM0 and http://www.darpa.mil/work-with-us/offensive-swarm-enabled-tactics.)

# # #

New Lockheed Martin Readiness Contract Strengthens Sustainment Industry

ORLANDO, Fla., March 16, 2018 -- Lockheed Martin (NYSE: LMT) was awarded a seven-year, $3.53 billion contract to globally sustain more than 300,000 fielded Training Aids, Devices, Simulators and Simulations (TADSS), including live-fire ranges and instrumentation systems. The Army Contracting Command – Orlando, in support of the U.S. Army Program Executive Office for Simulation, Training and Instrumentation (PEO STRI) awarded the Army TADSS Maintenance Program (ATMP) contract.

ATMP allows maintainers to use mobile devices with advanced management information technology to efficiently and effectively track and maintain a wide range of training systems. This allows the Army to have maximum operational awareness and make informed decisions using on-demand access to accurate, complete and timely data.

"Lockheed Martin is proud of the trust and confidence the Army shows in us by selecting us to provide a worldwide, integrated, one-stop training systems maintenance and sustainment program," said Amy Gowder, general manager and vice president, Lockheed Martin Training and Logistics Solutions. "Along with supporting efficient readiness and training, ATMP will maintain thousands of jobs supporting direct TADSS sustainment, while bolstering other jobs across the U.S. in the TADSS supply chain."

This contract brings together Lockheed Martin with teammates PULAU Corporation, Cubic Global Defense, and several large and small businesses, which specialize in TADSS maintenance and sustainment, through a mobile, technology-enabled workforce. The ATMP contract will employ thousands of people when fully implemented. 

For additional information, visit LockheedMartin.com/ATMP

About Lockheed Martin
Headquartered in Bethesda, Maryland, Lockheed Martin is a global security and aerospace company that employs approximately 100,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services.

About PULAU Corporation
PULAU Corporation is a full-spectrum training and logistics services company providing training and logistics services. As a family-owned and -operated company with 40 years of experience, PULAU embraces its founding principles of providing high quality services and outstanding customer support and service.

About Cubic Global Defense
Cubic Global Defense, a business division of Cubic Corporation (NYSE: CUB), is a leading provider of live, virtual, constructive and game-based training solutions, special operations and intelligence for the U.S. and allied forces. For more information about Cubic, please visit the company's website at www.cubic.com.

 

SOURCE Lockheed Martin

Related Links

http://www.lockheedmartin.com

Northeastern University Launches "Pop-Up Classrooms" Using Data Analytics to Design Short-Format Courses

SAN FRANCISCO, Feb. 28, 2018 -- Northeastern University today announced the launch of a new computer science program that will utilize "pop-up classrooms" to train working professionals in the areas of computer science, data science and software engineering. Offered at the university's Silicon Valley campus and in San Francisco, the Professional Topics series is designed for people who wish to earn a master's degree in computer science, and classes will bolster the knowledge of students who already have experience in this field. Courses will initially address the areas of search, deep learning, and data visualization, with a wider range of topics introduced over the coming year.

The program will apply data science to determine which types of courses should be offered at precisely the right times and the right locations that will allow students to balance their schedules and optimize their educational experience.

The Professional Topics series will be led by Ricardo Baeza-Yates, the Chief Technology Officer of NTENT, a semantic search technology company based in Carlsbad, California. Dr. Baeza-Yates will oversee the growth of the computer science programs offered in Silicon Valley and San Francisco, and he will also recruit full and part-time faculty from the local community who can enrich the courses and programs in both locations, and ultimately throughout the Northeastern University College of Computer and Information Science network with his deep industrial and research experience.

Dr. Baeza-Yates' research interests include algorithms and data structures, information retrieval, web search and data mining, and data science and visualization. Prior to joining NTENT, Dr. Baeza-Yates served as Vice President of Research at Yahoo Labs in charge of many worldwide sites including Barcelona, Haifa, and London as well as teams in San Francisco and Silicon Valley. He is a co-author of the best-selling textbook, Modern Information Retrieval, and he is also a fellow of both the ACM and IEEE, the main professional associations in computing.

The Professional Topics series is the second in a suite of newly-announced computer science programs offered in the Bay Area. Previously, Northeastern announced a partnership with Lookout, a leading mobile security startup, to launch a micro credential program in San Francisco that allows working professionals to take courses and bolster their skills in emerging areas of computer science.

For more information about Northeastern University's new Professional Topics series, please visit: http://www.northeastern.edu/siliconvalley/academic_program/professional-topics/

About Northeastern University
Founded in 1898, Northeastern is a global research university that pushes learning and discovery far beyond the boundaries of classroom and campus. This distinctive approach is built on a tradition of actively engaging our university community with industry and nonprofit partners around the world. Northeastern is the recognized leader in experiential learning, powered by the world's most far-reaching and innovative cooperative education program. We offer students opportunities for professional work, research, service, and global learning with more than 3,000 employers in more than 100 countries. The same spirit of engagement guides a use-inspired research enterprise that integrates faculty across disciplines to solve global challenges. We focus on issues where we have maximum impact, including physical and cybersecurity, drug discovery and delivery, coastal sustainability, and global resilience. External funding for faculty research exceeded $140 million last year, growing by 189 percent since 2006. Our regional campuses in Charlotte, North Carolina; Seattle; Silicon Valley; and Toronto are platforms for flexible professional learning programs, undergraduate and graduate experiential opportunities, and industry research partnerships. Northeastern offers a comprehensive range of undergraduate and graduate programs leading to degrees through the doctorate in nine colleges and schools.

Press Contact:
Lisette Rauwendaal
Lumina Communications
650-450-3883
[email protected]

SOURCE Northeastern University

Related Links

http://www.northeastern.edu

Pages

 

Recent Videos

IntraLogic's official release of the "One Button" Lockdown system on CBS 2 News.
HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...