The document is a newsletter from Cyber Risk GmbH discussing various topics related to cybersecurity and biosecurity. It discusses the need for more cybersecurity experts with backgrounds in biology and life sciences due to increasing risks at the intersection of digital information and biological systems. It then provides explanations of DNA computing and cryptography, how DNA can be used to store digital data, and the concept of biosteganography using DNA encoded microdots to hide encrypted messages. The newsletter concludes by warning about fraudulent emails impersonating the National Cyber Security Centre and provides a summary of articles in the newsletter on topics like countering hack-for-hire groups and the EU Cybersecurity Threat Landscape Methodology.
Innovative field of cryptography: DNA cryptography cscpconf
DNA cryptography is a new instinctive cryptographic field emerged with the research of DNA
computing, in which DNA is used as information shipper and the modern biological technology is
used as accomplishment tool. The speculative study and implementation shows method to be
efficient in computation, storage and transmission and it is very powerful against certain attacks.
The contemporary main difficulty of DNA cryptography is the lack of effective protected theory
and simple achievable method. The most important aim of the research of DNA cryptography is
explore peculiarity of DNA molecule and reaction, establish corresponding theory, discovering
possible development directions, searching for simple methods of understand DNA cryptography,
and Laing the basis for future development. DNA cryptography uses DNA as the computational
tool along with several molecular techniques to manipulate it. Due to very high storage capacity of DNA, this field is becoming very talented. Presently it is in the development phase and it requires a lot of work and research to reach a established stage. By reviewing all the prospective and acerbic edge technology of current research, this paper shows the guidelines that need to be deal with development in the field of DNA cryptography.
The Amazing Ways Artificial Intelligence Is Transforming Genomics and Gene Ed...Bernard Marr
It is predicted that artificial intelligence (AI) will transform many aspects of our life including healthcare and genomics. AI and machine learning have helped us to understand the genome of organisms and will potentially change the way we treat disease, determine effective drugs and edit genes.
Dinis Guarda "Hacking the DNA of Humanity with Blockchain and AI"Stanislav Bachmann
Dinis Guarda - CEO and Founder Ztudium - blocksdna presentation on Hackit 4.0: Hacking the DNA of humanity with Blockchain and AI
HackIT is an annual cybersecurity conference that gathers the best technical researchers and top players of the cybersecurity industry to explore cutting-edge technologies together. In 2018, HackIT focused on the use of blockchain technology.
Join our community:
Website - https://hacken.live/2CRnP9g
Twitter - https://hacken.live/2q0VFjC
Facebook - https://hacken.live/2R24YLJ
Instagram - https://hacken.live/2CpF3cw
Reddit - https://hacken.live/2CS4zIM
Telegram community - https://hacken.live/2RYnMwA
#hackit #cybersecurity #blockchain #hacking
Dinis Guarda "Hacking the DNA of Humanity with Blockchain and AI""Hacken_Ecosystem
Dinis Guarda - CEO and Founder Ztudium - blocksdna presentation on Hackit 4.0: Hacking the DNA of humanity with Blockchain and AI
HackIT is an annual cybersecurity conference that gathers the best technical researchers and top players of the cybersecurity industry to explore cutting-edge technologies together. In 2018, HackIT focused on the use of blockchain technology.
Join our community:
Website - https://hacken.live/2CRnP9g
Twitter - https://hacken.live/twitter_hackit
Facebook - https://hacken.live/facebook_hackit
Instagram - https://hacken.live/instagram_hackit
Reddit - https://hacken.live/reddit
Telegram community - https://hacken.live/tg-hackit
#hackit #cybersecurity #blockchain #hacking #ai #dna
Slides contain information about why bioinformatics appeared,
who bioinformaticians are, what they do, what kind of cool applications and challenges in bioinformatics there are.
Slides were prepared for the Bioinformatics seminar 2016, Institute of Computer Science, University of Tartu.
Innovative field of cryptography: DNA cryptography cscpconf
DNA cryptography is a new instinctive cryptographic field emerged with the research of DNA
computing, in which DNA is used as information shipper and the modern biological technology is
used as accomplishment tool. The speculative study and implementation shows method to be
efficient in computation, storage and transmission and it is very powerful against certain attacks.
The contemporary main difficulty of DNA cryptography is the lack of effective protected theory
and simple achievable method. The most important aim of the research of DNA cryptography is
explore peculiarity of DNA molecule and reaction, establish corresponding theory, discovering
possible development directions, searching for simple methods of understand DNA cryptography,
and Laing the basis for future development. DNA cryptography uses DNA as the computational
tool along with several molecular techniques to manipulate it. Due to very high storage capacity of DNA, this field is becoming very talented. Presently it is in the development phase and it requires a lot of work and research to reach a established stage. By reviewing all the prospective and acerbic edge technology of current research, this paper shows the guidelines that need to be deal with development in the field of DNA cryptography.
The Amazing Ways Artificial Intelligence Is Transforming Genomics and Gene Ed...Bernard Marr
It is predicted that artificial intelligence (AI) will transform many aspects of our life including healthcare and genomics. AI and machine learning have helped us to understand the genome of organisms and will potentially change the way we treat disease, determine effective drugs and edit genes.
Dinis Guarda "Hacking the DNA of Humanity with Blockchain and AI"Stanislav Bachmann
Dinis Guarda - CEO and Founder Ztudium - blocksdna presentation on Hackit 4.0: Hacking the DNA of humanity with Blockchain and AI
HackIT is an annual cybersecurity conference that gathers the best technical researchers and top players of the cybersecurity industry to explore cutting-edge technologies together. In 2018, HackIT focused on the use of blockchain technology.
Join our community:
Website - https://hacken.live/2CRnP9g
Twitter - https://hacken.live/2q0VFjC
Facebook - https://hacken.live/2R24YLJ
Instagram - https://hacken.live/2CpF3cw
Reddit - https://hacken.live/2CS4zIM
Telegram community - https://hacken.live/2RYnMwA
#hackit #cybersecurity #blockchain #hacking
Dinis Guarda "Hacking the DNA of Humanity with Blockchain and AI""Hacken_Ecosystem
Dinis Guarda - CEO and Founder Ztudium - blocksdna presentation on Hackit 4.0: Hacking the DNA of humanity with Blockchain and AI
HackIT is an annual cybersecurity conference that gathers the best technical researchers and top players of the cybersecurity industry to explore cutting-edge technologies together. In 2018, HackIT focused on the use of blockchain technology.
Join our community:
Website - https://hacken.live/2CRnP9g
Twitter - https://hacken.live/twitter_hackit
Facebook - https://hacken.live/facebook_hackit
Instagram - https://hacken.live/instagram_hackit
Reddit - https://hacken.live/reddit
Telegram community - https://hacken.live/tg-hackit
#hackit #cybersecurity #blockchain #hacking #ai #dna
Slides contain information about why bioinformatics appeared,
who bioinformaticians are, what they do, what kind of cool applications and challenges in bioinformatics there are.
Slides were prepared for the Bioinformatics seminar 2016, Institute of Computer Science, University of Tartu.
BioinformaticsPurpose Bioinformatics is the combination of comp.docxrichardnorman90310
Bioinformatics
Purpose: Bioinformatics is the combination of computer science and biology which used various methods of storing and retrieving the biological data which have pros and cons, scientists are able to discover new information on various diseases, its mutation, it helps in differentiating one organism from another by analyzing their genetic data, biological development and will stop various crimes, disadvantages and develops the algorithm that helps in measuring the sequence similarity.
1. Introduction: Bioinformatics is a field which include molecular biology, statistics, issues, computer problems, and extensive mathematics complex problem. It has two stages deliberately gather various insights from the natural information and to make a computational model. It can be found in the study area of precision and preventive medicine.
0. Background info on of bioinformaticsComment by R Daniel Creider: A, B, C and D are not a part of the introduction. The outline is not organized correctly
0. How to approach bioinformatics?
1. Goals of Bioinformatics
0. Development of efficient algorithms
0. Extension of experimental data by predictions
1. Advantages of bioinformatics
1. World is getting information on new discovery and crimes are prevented
1. Discover new information on various diseases
1. How organisms mutate
1. How it analyses data to differentiate one organism from another
1. Disadvantages of bioinformatics
2. Data manipulation, complexity, lack of well-trained manpower to use the software
2. Misuse of the information
0. Problems behinds it
0. Data about the genetic information lack proper analyzed
0. Importance of Bioinformatics
3. Genetic research
0. Genomics and proteomics
1.
Solution
of the problem
1. Use software wisely
1. Decrease its complexity
1. Future of the bioinformatics
2. Bioinformatics is the present and future of biotechnology
0. Use for research and exchange information for comparison, storage and analysis
BIOINFORMATICS: A Technical Report
Texas A&M University-Commerce
Bishow KunwarComment by R Daniel Creider: Your name comes before the name of the University.
Abstract
The main aim of Bioinformatics is to improve the various methods of storing, retrieving and organizing the biological data by critically evaluating the data. The effectiveness of bi informatics in the field of genetics and genomics is playing its part in a way that particularly in textual mining of biological development. Bioinformatics is the application which is the mix of two fields (software engineering and science). It is a field that includes different things like sub-atomic science, measurement issues, software engineering issues, and broad arithmetic complex issues.
Keywords; Bioinformatics, Genetic, Genomic, Biological Development
Introduction:
Bioinformatics is the application which is the combination of two fields (computer science and biology). It is a field that involves multiple things like molecular .
BioinformaticsPurpose Bioinformatics is the combination of comp.docxjasoninnes20
Bioinformatics
Purpose: Bioinformatics is the combination of computer science and biology which used various methods of storing and retrieving the biological data which have pros and cons, scientists are able to discover new information on various diseases, its mutation, it helps in differentiating one organism from another by analyzing their genetic data, biological development and will stop various crimes, disadvantages and develops the algorithm that helps in measuring the sequence similarity.
1. Introduction: Bioinformatics is a field which include molecular biology, statistics, issues, computer problems, and extensive mathematics complex problem. It has two stages deliberately gather various insights from the natural information and to make a computational model. It can be found in the study area of precision and preventive medicine.
0. Background info on of bioinformaticsComment by R Daniel Creider: A, B, C and D are not a part of the introduction. The outline is not organized correctly
0. How to approach bioinformatics?
1. Goals of Bioinformatics
0. Development of efficient algorithms
0. Extension of experimental data by predictions
1. Advantages of bioinformatics
1. World is getting information on new discovery and crimes are prevented
1. Discover new information on various diseases
1. How organisms mutate
1. How it analyses data to differentiate one organism from another
1. Disadvantages of bioinformatics
2. Data manipulation, complexity, lack of well-trained manpower to use the software
2. Misuse of the information
0. Problems behinds it
0. Data about the genetic information lack proper analyzed
0. Importance of Bioinformatics
3. Genetic research
0. Genomics and proteomics
1.
Solution
of the problem
1. Use software wisely
1. Decrease its complexity
1. Future of the bioinformatics
2. Bioinformatics is the present and future of biotechnology
0. Use for research and exchange information for comparison, storage and analysis
BIOINFORMATICS: A Technical Report
Texas A&M University-Commerce
Bishow KunwarComment by R Daniel Creider: Your name comes before the name of the University.
Abstract
The main aim of Bioinformatics is to improve the various methods of storing, retrieving and organizing the biological data by critically evaluating the data. The effectiveness of bi informatics in the field of genetics and genomics is playing its part in a way that particularly in textual mining of biological development. Bioinformatics is the application which is the mix of two fields (software engineering and science). It is a field that includes different things like sub-atomic science, measurement issues, software engineering issues, and broad arithmetic complex issues.
Keywords; Bioinformatics, Genetic, Genomic, Biological Development
Introduction:
Bioinformatics is the application which is the combination of two fields (computer science and biology). It is a field that involves multiple things like molecular ...
Suggested solution for navigating genetic data regulation, privacy and ease of use. DNA Guide, Inc.
Mobile platform for visual map of personal genetic data.
Deep learning in medicine: An introduction and applications to next-generatio...Allen Day, PhD
Deep learning has enabled dramatic advances in image recognition performance. In this talk I will discuss using a deep convolutional neural network to detect genetic variation in aligned next-generation sequencing human read data. Our method, called DeepVariant, both outperforms existing genotyping tools and generalizes across genome builds and even to other species. DeepVariant represents a significant step from expert-driven statistical modeling towards more automatic deep learning approaches for developing software to interpret biological instrumentation data.
0 A Work Project, presented as part of the requireme.docxoswald1horne84988
0
A Work Project, presented as part of the requirements for the Award of a Masters
Degree in Management from the Nova School of Business and Economics
Illumina:
The sustainability of its competitive position
Marta Gonçalves Serra #1467
A project carried out on the Strategy course, under the supervision of
Professor Luís Almeida Costa
December 2014
1
Acknowledgements
I would like to sincerely thank my supervisor, Professor Luís Almeida Costa, for his
patient guidance, availability and advice he has given me throughout the course of this
project. His mentorship was essential for the success of this work and ultimately, for my
overall and round learning. I would also like to thank Stathis Kanterakis, member of the
Bioinformatics team at Illumina (Cambridge, United Kingdom) for all the information he
shared with me regarding Illumina and the Sequencing Market. He also made possible the
opportunity to visit Illumina’s site at Cambridge and to directly meet employees. All his
contributions were essential to get a greater insight of the company. Additionally, I would
also like to thank my sister, Eva Serra, currently a PhD student at Cambridge and the
Wellcome Trust Sanger Institute, for her continued support in terms of scientific and
technical understanding of the human genome area.
2
Introduction
This work project presents a case study about the sustainability of the competitive position of
Illumina in the Sequencing Market. This is a very recent market, which is growing at
unexpected rates and is contributing for many scientific discoveries. Illumina is currently the
market leader in the sequencing devices manufacturing business and aims to become the
leading company from manufacturing to end-users. Traditionally, Illumina manufactures
instruments and pass them to the next intermediaries, which are service providers. However,
more recently Illumina has not only been manufacturing devices but also developing and
selling solutions directly to consumers. In such a dynamic and fast-growing market,
predicting the future of the industry is particularly difficult. Furthermore, firms face important
challenges when trying to sustain (and enhance) their competitive position. This is precisely
the challenge that Illumina is facing. Since the objective was to conduct and in depth analyze
the competitive situation of a company – Illumina –, the elaboration of a case study seemed to
be the most appropriate approach.
The work project is composed by a case study and a case discussion. The case study starts
with an overview of the Sequencing Market. We then describe Illumina’s positioning in terms
of market segments and products offered. After that, we present some facts about Illumina’s
performance. Finally, we leave some questions for discussion. The case discussion will focus
on the value creation potential of Illumina and the sustainability .
AUDIO CRYPTOGRAPHY VIA ENHANCED GENETIC ALGORITHMijma
As communication technologies surged recently, the secrecy of shared information between communication parts has gained tremendous attention. Many Cryptographic techniques have been proposed/implemented to secure multimedia data and to allay public fears during communication. This paper expands the scope of audio data security via an enhanced genetic algorithm. Here, each individual (audio sample) is genetically engineered to produce new individuals. The enciphering process of the proposed technology acquires, conditions, and transforms each audio sample into bit strings. Bits fission, switching, mutation, fusion, and deconditioning operations are then applied to yield cipher audio signals. The original audio sample is recovered at the receiver's end through a deciphering process without the loss of any inherent message. The novelty of the proposed technique resides in the integration of fission and fusion into the traditional genetic algorithm operators and the use of a single (rather than two) individual(s) for reproduction. The effectiveness of the proposed cryptosystem is demonstrated through simulations and performance analyses.
The OK! technology - Exposé v3.26 20170208 (LinkedIn)Manuel Mejías
Kreissontech 21 is a Mexican startup. OK! is our first patented malware prevention technology. OK! is based on immune system design and software hygiene techniques.
The OK! technology - Exposé v3.26 20170208Manuel Mejías
Kreissontech 21 is a Mexican startup. OK! is our first patented malware prevention technology. OK! is based on immune system design and software hygiene techniques.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
BioinformaticsPurpose Bioinformatics is the combination of comp.docxrichardnorman90310
Bioinformatics
Purpose: Bioinformatics is the combination of computer science and biology which used various methods of storing and retrieving the biological data which have pros and cons, scientists are able to discover new information on various diseases, its mutation, it helps in differentiating one organism from another by analyzing their genetic data, biological development and will stop various crimes, disadvantages and develops the algorithm that helps in measuring the sequence similarity.
1. Introduction: Bioinformatics is a field which include molecular biology, statistics, issues, computer problems, and extensive mathematics complex problem. It has two stages deliberately gather various insights from the natural information and to make a computational model. It can be found in the study area of precision and preventive medicine.
0. Background info on of bioinformaticsComment by R Daniel Creider: A, B, C and D are not a part of the introduction. The outline is not organized correctly
0. How to approach bioinformatics?
1. Goals of Bioinformatics
0. Development of efficient algorithms
0. Extension of experimental data by predictions
1. Advantages of bioinformatics
1. World is getting information on new discovery and crimes are prevented
1. Discover new information on various diseases
1. How organisms mutate
1. How it analyses data to differentiate one organism from another
1. Disadvantages of bioinformatics
2. Data manipulation, complexity, lack of well-trained manpower to use the software
2. Misuse of the information
0. Problems behinds it
0. Data about the genetic information lack proper analyzed
0. Importance of Bioinformatics
3. Genetic research
0. Genomics and proteomics
1.
Solution
of the problem
1. Use software wisely
1. Decrease its complexity
1. Future of the bioinformatics
2. Bioinformatics is the present and future of biotechnology
0. Use for research and exchange information for comparison, storage and analysis
BIOINFORMATICS: A Technical Report
Texas A&M University-Commerce
Bishow KunwarComment by R Daniel Creider: Your name comes before the name of the University.
Abstract
The main aim of Bioinformatics is to improve the various methods of storing, retrieving and organizing the biological data by critically evaluating the data. The effectiveness of bi informatics in the field of genetics and genomics is playing its part in a way that particularly in textual mining of biological development. Bioinformatics is the application which is the mix of two fields (software engineering and science). It is a field that includes different things like sub-atomic science, measurement issues, software engineering issues, and broad arithmetic complex issues.
Keywords; Bioinformatics, Genetic, Genomic, Biological Development
Introduction:
Bioinformatics is the application which is the combination of two fields (computer science and biology). It is a field that involves multiple things like molecular .
BioinformaticsPurpose Bioinformatics is the combination of comp.docxjasoninnes20
Bioinformatics
Purpose: Bioinformatics is the combination of computer science and biology which used various methods of storing and retrieving the biological data which have pros and cons, scientists are able to discover new information on various diseases, its mutation, it helps in differentiating one organism from another by analyzing their genetic data, biological development and will stop various crimes, disadvantages and develops the algorithm that helps in measuring the sequence similarity.
1. Introduction: Bioinformatics is a field which include molecular biology, statistics, issues, computer problems, and extensive mathematics complex problem. It has two stages deliberately gather various insights from the natural information and to make a computational model. It can be found in the study area of precision and preventive medicine.
0. Background info on of bioinformaticsComment by R Daniel Creider: A, B, C and D are not a part of the introduction. The outline is not organized correctly
0. How to approach bioinformatics?
1. Goals of Bioinformatics
0. Development of efficient algorithms
0. Extension of experimental data by predictions
1. Advantages of bioinformatics
1. World is getting information on new discovery and crimes are prevented
1. Discover new information on various diseases
1. How organisms mutate
1. How it analyses data to differentiate one organism from another
1. Disadvantages of bioinformatics
2. Data manipulation, complexity, lack of well-trained manpower to use the software
2. Misuse of the information
0. Problems behinds it
0. Data about the genetic information lack proper analyzed
0. Importance of Bioinformatics
3. Genetic research
0. Genomics and proteomics
1.
Solution
of the problem
1. Use software wisely
1. Decrease its complexity
1. Future of the bioinformatics
2. Bioinformatics is the present and future of biotechnology
0. Use for research and exchange information for comparison, storage and analysis
BIOINFORMATICS: A Technical Report
Texas A&M University-Commerce
Bishow KunwarComment by R Daniel Creider: Your name comes before the name of the University.
Abstract
The main aim of Bioinformatics is to improve the various methods of storing, retrieving and organizing the biological data by critically evaluating the data. The effectiveness of bi informatics in the field of genetics and genomics is playing its part in a way that particularly in textual mining of biological development. Bioinformatics is the application which is the mix of two fields (software engineering and science). It is a field that includes different things like sub-atomic science, measurement issues, software engineering issues, and broad arithmetic complex issues.
Keywords; Bioinformatics, Genetic, Genomic, Biological Development
Introduction:
Bioinformatics is the application which is the combination of two fields (computer science and biology). It is a field that involves multiple things like molecular ...
Suggested solution for navigating genetic data regulation, privacy and ease of use. DNA Guide, Inc.
Mobile platform for visual map of personal genetic data.
Deep learning in medicine: An introduction and applications to next-generatio...Allen Day, PhD
Deep learning has enabled dramatic advances in image recognition performance. In this talk I will discuss using a deep convolutional neural network to detect genetic variation in aligned next-generation sequencing human read data. Our method, called DeepVariant, both outperforms existing genotyping tools and generalizes across genome builds and even to other species. DeepVariant represents a significant step from expert-driven statistical modeling towards more automatic deep learning approaches for developing software to interpret biological instrumentation data.
0 A Work Project, presented as part of the requireme.docxoswald1horne84988
0
A Work Project, presented as part of the requirements for the Award of a Masters
Degree in Management from the Nova School of Business and Economics
Illumina:
The sustainability of its competitive position
Marta Gonçalves Serra #1467
A project carried out on the Strategy course, under the supervision of
Professor Luís Almeida Costa
December 2014
1
Acknowledgements
I would like to sincerely thank my supervisor, Professor Luís Almeida Costa, for his
patient guidance, availability and advice he has given me throughout the course of this
project. His mentorship was essential for the success of this work and ultimately, for my
overall and round learning. I would also like to thank Stathis Kanterakis, member of the
Bioinformatics team at Illumina (Cambridge, United Kingdom) for all the information he
shared with me regarding Illumina and the Sequencing Market. He also made possible the
opportunity to visit Illumina’s site at Cambridge and to directly meet employees. All his
contributions were essential to get a greater insight of the company. Additionally, I would
also like to thank my sister, Eva Serra, currently a PhD student at Cambridge and the
Wellcome Trust Sanger Institute, for her continued support in terms of scientific and
technical understanding of the human genome area.
2
Introduction
This work project presents a case study about the sustainability of the competitive position of
Illumina in the Sequencing Market. This is a very recent market, which is growing at
unexpected rates and is contributing for many scientific discoveries. Illumina is currently the
market leader in the sequencing devices manufacturing business and aims to become the
leading company from manufacturing to end-users. Traditionally, Illumina manufactures
instruments and pass them to the next intermediaries, which are service providers. However,
more recently Illumina has not only been manufacturing devices but also developing and
selling solutions directly to consumers. In such a dynamic and fast-growing market,
predicting the future of the industry is particularly difficult. Furthermore, firms face important
challenges when trying to sustain (and enhance) their competitive position. This is precisely
the challenge that Illumina is facing. Since the objective was to conduct and in depth analyze
the competitive situation of a company – Illumina –, the elaboration of a case study seemed to
be the most appropriate approach.
The work project is composed by a case study and a case discussion. The case study starts
with an overview of the Sequencing Market. We then describe Illumina’s positioning in terms
of market segments and products offered. After that, we present some facts about Illumina’s
performance. Finally, we leave some questions for discussion. The case discussion will focus
on the value creation potential of Illumina and the sustainability .
AUDIO CRYPTOGRAPHY VIA ENHANCED GENETIC ALGORITHMijma
As communication technologies surged recently, the secrecy of shared information between communication parts has gained tremendous attention. Many Cryptographic techniques have been proposed/implemented to secure multimedia data and to allay public fears during communication. This paper expands the scope of audio data security via an enhanced genetic algorithm. Here, each individual (audio sample) is genetically engineered to produce new individuals. The enciphering process of the proposed technology acquires, conditions, and transforms each audio sample into bit strings. Bits fission, switching, mutation, fusion, and deconditioning operations are then applied to yield cipher audio signals. The original audio sample is recovered at the receiver's end through a deciphering process without the loss of any inherent message. The novelty of the proposed technique resides in the integration of fission and fusion into the traditional genetic algorithm operators and the use of a single (rather than two) individual(s) for reproduction. The effectiveness of the proposed cryptosystem is demonstrated through simulations and performance analyses.
The OK! technology - Exposé v3.26 20170208 (LinkedIn)Manuel Mejías
Kreissontech 21 is a Mexican startup. OK! is our first patented malware prevention technology. OK! is based on immune system design and software hygiene techniques.
The OK! technology - Exposé v3.26 20170208Manuel Mejías
Kreissontech 21 is a Mexican startup. OK! is our first patented malware prevention technology. OK! is based on immune system design and software hygiene techniques.
Similar to Cyber_Risk_in_Switzerland_July_2022.pdf (20)
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
1. P a g e | 1
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Cyber Risk GmbH
Handelsregister des Kantons Zürich, Firmennummer: CHE-244.099.341
Dammstrasse 16, 8810 Horgen, Switzerland
Tel: +41 79 505 89 60 Web: https://www.cyber-risk-gmbh.com
July 2022, top cyber risk and compliance related
local news stories and world events
Dear readers,
We need more cybersecurity experts with background in
biology and life sciences. No, it is not a joke.
According to Randall Murch, cyberbiosecurity involves the
understanding, protection, mitigation, investigation, and attribution of
unwanted surveillance, intrusions, and malicious and harmful activities
which can occur within or at the interfaces of comingled life and medical
sciences, that affect security, competitiveness, and resilience.
Areas of concern include the privacy of patient data, the security of public
health databases, the integrity of diagnostic test data, the integrity of public
biological databases, the security implications of automated laboratory
systems, disease surveillance and outbreak management data, and the
security of proprietary biological engineering advances. Biological
information is measured, monitored, altered, and converted to digital
information. Digital information can be used to manipulate biological
systems.
2. P a g e | 2
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Cybersecurity is always important when digital information is propagated
and stored through networks of connected electronic devices.
Biosecurity refers to the threat to humans, living organisms and the
environment, as the result of the exposures to biological agents, such as
pathogens, that occur naturally or intentionally.
Securing the information flow in systems, and providing cyberbiosecurity
training to persons having authorized access, is critical for public health,
economic security, and national security for every country.
Pathogen detection, identification, and tracking is shifting to methods
relying on whole genomes. We increasingly rely on genome databases, and
these databases are increasingly becoming the targets for cyberattacks
from state sponsored but independent groups and the organized crime.
The protection of the privacy of individuals, growers, and retailers is
another major cyberbiosecurity challenge, as we need to collect pathogen
genomic data from infected individuals or agricultural and food products
during disease outbreaks to improve disease modeling and forecast.
The fact that genome databases are most utilized by the research
community increases the risks, as the research community is not always
following cybersecurity standards and best practices. The culture of trust
and the willingness to share without considering information security rules
is becoming a major vulnerability.
The access to pathogen sequences will lead to malicious use. Many
genomes of animal and plant pathogens are accessible to all users of
pathogen genome databases. We even had recommendations that open
access to pathogen genomes should be promoted (Committee on Genomics
Databases for Bioterrorism Threat Agents, 2004). The reduced cost of
synthetic DNA technology and the advancement in synthetic biology
reversed this approach, but many databases are still not properly secured.
Most security measures are designed to protect from external attacks.
Insiders pose substantial threats, as they already have authorized access to
critical systems. Insiders include employees of the organization, employees
of trusted business partners, suppliers and service providers.
The threats posed by insiders can be unintentional or intentional, both of
which should be accounted for in cyberbiosecurity assessments and
training programs. Unintentional incidents include phishing or social
engineering attacks from outside parties. They can be the results of
negligence or misjudgement, and cyberbiosecurity training can
dramatically reduce them.
3. P a g e | 3
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Intentional incidents include insiders that commit fraud for financial gain,
or seek to sabotage the organization. It can be the result of bribery or
blackmail from foreign governments, competing organizations, or the
organized crime. Employees must be trained to recognize the modus
operandi of such persons.
____________________________________________
This is an unusual editorial. We will start with some DNA for Non –
Biologists, and we will discuss DNA computing, biocryptography and
biosteganography. What do you think, can we replace 0 and 1 with adenine
(A), thymine (T), guanine (G) and cytosine (C)? Can we use as storage
medium synthesized DNA molecules with A, T, G, and C in a sequence
corresponding to the order of the bits in a digital file?
DNA stands for deoxyribonucleic acid. Eukaryote is any cell or organism
that possesses a clearly defined nucleus. Humans and many other
organisms have eukaryotic cells.
In eukaryotes, the DNA is inside the nucleus. DNA is made of chemical
building blocks called nucleotides. A DNA molecule consists of two long
polynucleotide chains. Each of these chains is known as a DNA chain, or a
DNA strand.
The four types of nitrogen bases found in nucleotides are: adenine (A),
thymine (T), guanine (G) and cytosine (C). Remember these names, they
will be used like the 0 and 1 in computing. As we will see below, the data,
instead of being stored in 0s and 1s, will now be stored in the form of A, T,
G, C. The order, or sequence, of these bases determines what biological
instructions are contained in a strand of DNA.
DNA sequencing is the process of determining the order of the four bases:
thymine (T), adenine (A), cytosine (C), and guanine (G) in a molecule of
DNA. Comparing healthy and mutated DNA sequences can diagnose
diseases and guide patient treatment. It allows for faster and individualized
medical care.
The complete genetic information of an organism is called genome. The
study of the genome is called genomics. Humans inherit one half of their
DNA from their father and one half from their mother.
DNA computing
In DNA computing, computations are performed using biological
molecules, not traditional silicon chips. Richard Feynman introduced the
idea in 1959, but DNA computing was formally demonstrated in 1994,
4. P a g e | 4
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
when Leonard Adleman presented how molecules could be used to solve
computational problems.
Three years after Leonard Adleman's huge step, researchers from the
University of Rochester developed logic gates made of DNA. This is
another huge step, as logic gates convert binary code moving through a
computer into signals that the computer uses to perform operations.
These logic gates are an important step toward creating a computer that
has a structure similar to that of an electronic PC. But there are some
important differences: The large supply of DNA makes it a cheap resource,
and DNA computers are way smaller than today's computers.
In DNA computing, instead of the 0 and 1 (the binary alphabet used by
traditional computers), we use the four-character genetic alphabet, A, G, C,
and T - where A is adenine, G is guanine, C is cytosine, and T is thymine.
To store a binary digital file as DNA, the individual bits are converted from
0 and 1 to the letters A, C, G, and T that represent adenine, cytosine,
guanine, and thymine. The physical storage medium is a synthesized DNA
molecule with adenine, cytosine, guanine, and thymine in a sequence
corresponding to the order of the bits in the digital file. To recover the data,
the sequence A, C, G, and T of the DNA is decoded back into the original
sequence of bits 0 and 1.
DNA computing is harnessing the enormous parallel computing ability and
high memory density of bio-molecules and is changing dramatically what is
possible in cryptography. DNA cryptography includes encryption and
steganography. We can produce encoded DNA (enDNA) by transforming a
binary string into the quaternary code of DNA nucleotides, A, G, C, and T.
But we will learn more about it below.
DNA is an excellent medium for data storage, with information density of
petabytes of data per gram (a petabyte is 1 million gigabytes). The quantity
of data that can be stored in biological mediums far exceeds the capacity of
magnetic tapes and disks.
There are 4 nucleotides, and each nucleotide can store 2 bits as a binary
string (A = 00, T = 01, C = 10, G = 11). A set of 4 nucleotides can store 1
byte. Over 10 trillion DNA molecules can fit into an area no larger than 1
cubic centimeter, and with this amount of DNA, a computer would be able
to hold 10 terabytes of data. We need more? We simply add more DNA
molecules.
Researchers have successfully encoded audio, images and text files into
synthesized DNA molecules, and then successfully read the information
from the DNA and recovered the files.
5. P a g e | 5
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
With DNA storage, we can store massive quantities of data in media having
very small physical volume.
A huge advantage of DNA storage over optical, magnetic, and electronic
media, is the fact that DNA molecules can survive for thousands of years,
so a digital archive encoded in this form could be recovered by people after
thousands of years.
DNA storage technology will not become obsolete. It's not like floppy disks
or CDs.
With DNA storage we also dramatically improve environmental
sustainability, and we have way less greenhouse gas emissions, energy
consumption and water use.
The main disadvantages of DNA storage are the slow encoding speed and
the high cost. But year after year we have less costs and higher speed.
The technology will become commercially viable on a large scale in a few
years, to the point where DNA storage can function effectively for general
backup applications and even primary storage.
Today, we have the technology to manufacture DNA molecules with
arbitrary sequences. It is good to say that the molecules we make are not
biological DNA, they're synthetic DNA.
There's no life, no cells, no organisms involved in this type of digital data
storage. We're using DNA as a medium to store information, synthetic
DNA.
Biosteganography
During the Cold War, spies used microdot cameras to photograph and
reduce documents onto a single tiny piece of film.
The piece of film could be embedded into the text of a letter as small as a
period (.). Microdots were also hidden in other things.
The FBI’s March 2020 Artifact of the Month (photo, next page) was more
than just a toy—it was a tool of espionage tradecraft. A German spy used
this doll to smuggle secret photographs to Nazi Germany.
The photos were reduced in size so that the film they were on was as small
as the period at the end of a sentence. Spies hid this film, called a
“microdot,” on the doll, where it was virtually invisible to regular censors.
6. P a g e | 6
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
How did microphotography work? Spies would photograph espionage
material with a camera. Then, through a special contraption of lenses, they
would copy the image, reduce it in size, and imprint it on especially
sensitized film. The Germans concealed microdots on letters and other
materials they could carry across borders or mail to dead letter boxes in
Europe. (A dead letter box was a fake address that acted as a cutout
between a spy and German intelligence headquarters).
In DNA Steganography, we can also encrypt hidden messages within
microdots, this time within DNA encoded microdots. We have a plain text
message, we encrypt it, and then we convert the letters of the encrypted
message into combinations of Thymine (T), Adenine (A), Cytosine (C), and
Guanine (G), creating a synthetic strand of DNA - we create synthesized
DNA with adenine, cytosine, guanine, and thymine in a sequence
corresponding to the order of the bits in the digital file.
A tiny piece of DNA with the message is then placed into a normal piece of
DNA which is then mixed with DNA strands of similar length. The mixture
is then dried on paper that can be cut into microdots, with each dot
7. P a g e | 7
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
containing billions of strands of DNA. It is very difficult to detect, and only
one strand from the billions of strands within the microdot contains the
message, that is also encrypted.
What about digital watermarking? Well, it can only become better. We can
place tiny DNA authentication stamps to easily detect counterfeits or
copyright infringements.
The moral of the story: Don’t buy books from John le Carré for the
summer. Buy some DNA computing books. Just kidding, of course.
_________________________________________________
According to the Nationale Zentrum für Cybersicherheit (National Cyber
Security Centre - NCSC), we have some fraudulent emails in the name of
the NCSC. Do not open them, and do not reply to these emails.
Currently, cybercriminals are sending fraudulent emails in the name of the
NCSC. The unknown perpetrators are using a domain name (ncscS.ch) that
looks deceptively similar to that of the NCSC (ncsc.ch).
The perpetrators' intentions are currently unknown. The emails do not
contain any malicious links or email attachments. However, as the email
offers a "refund" of money, there is a suspicion that the attempted fraud is
an advance payment scam. You can report your case at:
https://www.report.ncsc.admin.ch/en/chat
8. P a g e | 8
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
In my experience, it is possible (but not proved) that the perpetrators want
to have a list of persons that are not security aware and answer to these
emails. These persons can be investigated and targeted in a sophisticated
way.
The NCSC received reports with phishing attempts where no link was sent,
but a callback was requested. One example phishing attempt started with
an email without a phishing link, but which had an invoice attached from a
company, in this example a company supposedly from France called
"Paiement Techmania LLC". The invoice claimed that a payment of CHF
540 has been received for the renewal of an antivirus subscription. In case
of problems with the payment, the recipient should call the telephone
number given.
In this case, however, no one answered the phone. Instead, a few hours
later, the victim's call was returned from a similar number. The caller
stated that he would cancel the order and refund the money that had
supposedly been paid. To this end, the purported seller sent an email, but
this time with a link to a phishing website.
The Swiss National Cyber Security Centre (NCSC) is doing a very good job.
Welcome to our monthly newsletter.
Best regards,
George Lekatis
General Manager, Cyber Risk GmbH
Dammstrasse 16, 8810 Horgen
Phone: +41 79 505 89 60
Email: george.lekatis@cyber-risk-gmbh.com
Web: www.cyber-risk-gmbh.com
Cyber Risk GmbH, Handelsregister des Kantons Zürich, Firmennummer:
CHE-244.099.341
9. P a g e | 9
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 1 (Page 12)
Countering hack-for-hire groups
Shane Huntley, Director, Threat Analysis Group
Number 2 (Page 16)
Keeping PowerShell: Security Measures to Use and Embrace
Number 3 (Page 18)
Apple expands industry-leading commitment to protect users
from highly targeted mercenary spyware
Number 4 (Page 22)
DARPA-Funded Study Provides Insights into Blockchain
Vulnerabilities
New report details how centralization can be introduced, affecting security
Number 5 (Page 24)
European Union Agency for Cybersecurity (ENISA)
ENISA Cybersecurity Threat Landscape Methodology
Number 6 (Page 27)
NIST Announces First Four Quantum-Resistant Cryptographic
Algorithms
Federal agency reveals the first group of winners from its six-year
competition.
10. P a g e | 10
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 7 (Page 31)
Executive Order on Protecting Access to Reproductive
Healthcare Services
Number 8 (Page 36)
Botnet Disrupted in International Cyber Operation
Number 9 (Page 39)
FBI Las Vegas Federal Fact Friday:
Social Media Money Flipping Scam
Number 10 (Page 41)
NIST Releases Draft IR 8409
Measuring the Common Vulnerability Scoring System Base Score
Equation
Number 11 (Page 43)
Voices from DARPA Podcast Episode 57
Unmasking Misinformation & Manipulation
11. P a g e | 11
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 12 (Page 44)
FINMA revises capital requirements for banks
Number 13 (Page 46)
Next Generation of Intelligence Analysts Present Research on
Foreign Social Media Campaigns
Number 14 (Page 48)
Helping users stay safe: Blocking internet macros by default in
Office (and recent developments)
12. P a g e | 12
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 1
Countering hack-for-hire groups
Shane Huntley, Director, Threat Analysis Group
As part of TAG's mission to counter serious threats to Google and our
users, we've published analysis on a range of persistent threats including
government-backed attackers, commercial surveillance vendors, and
serious criminal operators.
Today, we're sharing intelligence on a segment of attackers we call hack-
for-hire, whose niche focuses on compromising accounts and exfiltrating
data as a service.
In contrast to commercial surveillance vendors, who we generally observe
selling a capability for the end user to operate, hack-for-hire firms conduct
attacks themselves.
They target a wide range of users and opportunistically take advantage of
known security flaws when undertaking their campaigns. Both, however,
enable attacks by those who would otherwise lack the capabilities to do so.
We have seen hack-for-hire groups target human rights and political
activists, journalists, and other high-risk users around the world, putting
their privacy, safety and security at risk. They also conduct corporate
espionage, handily obscuring their clients’ role.
To help users and defenders, we will provide examples of the hack-for-hire
ecosystem from India, Russia, and the United Arab Emirates and context
around their capabilities and persistence mechanisms.
How Hack-For-Hire Operations Work
The hack-for-hire landscape is fluid, both in how the attackers organize
themselves and in the wide range of targets they pursue in a single
campaign at the behest of disparate clients.
Some hack-for-hire attackers openly advertise their products and services
to anyone willing to pay, while others operate more discreetly selling to a
limited audience.
For example, TAG has observed Indian hack-for-hire firms work with third
party private investigative services — intermediaries that reach out for
services when a client requires them — and provide data exfiltrated from a
successful operation.
13. P a g e | 13
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
This is detailed in depth in today’s Reuters investigation into the Indian
hack-for-hire ecosystem. We have also observed Indian hack-for-hire firms
work with freelance actors not directly employed by the firms themselves.
The breadth of targets in hack-for-hire campaigns stands in contrast to
many government-backed operations, which often have a clearer
delineation of mission and targets.
A recent campaign from an Indian hack-for-hire operator was observed
targeting an IT company in Cyprus, an education institution in Nigeria, a
fintech company in the Balkans and a shopping company in Israel.
Recent Hack-for-Hire Campaigns
India
Since 2012, TAG has been tracking an interwoven set of Indian hack-for-
hire actors, with many having previously worked for Indian offensive
security providers Appin and Belltrox.
One cluster of this activity frequently targets government, healthcare, and
telecom sectors in Saudi Arabia, the United Arab Emirates, and Bahrain
with credential phishing campaigns. These credential phishing campaigns
14. P a g e | 14
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
have ranged from targeting specific government organizations to AWS
accounts to Gmail accounts.
TAG has linked former employees of both Appin and Belltrox to Rebsec, a
new firm that openly advertises corporate espionage as an offering on its
company website.
Russia
While investigating a 2017 credential phishing campaign that targeted a
prominent Russian anti-corruption journalist, we discovered the Russian
attacker targeting other journalists, politicians across Europe, and various
NGOs and non-profit organizations.
15. P a g e | 15
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
But what stuck out during this investigation was the breadth of targeting,
which also included individuals that had no affiliation with the selected
organizations, and appeared to be regular, everyday citizens in Russia and
surrounding countries. This hack-for-hire actor has been publicly referred
to as 'Void Balaur'.
These campaigns were similar regardless of target, consisting of a
credential phishing email with a link to an attacker-controlled phishing
page. The lures ranged from fake Gmail and other webmail provider
notifications to messages spoofing Russian government organizations.
After the target account was compromised, the attacker generally
maintained persistence by granting an OAuth token to a legitimate email
application like Thunderbird or generating an App Password to access the
account via IMAP. Both OAuth tokens and App Passwords are revoked
when a user changes their password.
During our early investigation, TAG discovered the attacker’s public
website (no longer available) advertising account hacking capabilities for
email and social media services. The site claimed to have received positive
reviews on Russian underground forums such as Dublikat and Probiv.cc.
Over the past five years, TAG has observed the group targeting accounts at
major webmail providers like Gmail, Hotmail, and Yahoo! and regional
webmail providers like abv.bg, mail.ru, inbox.lv, and UKR.net.
To read more: https://blog.google/threat-analysis-group/countering-hack-
for-hire-groups/
16. P a g e | 16
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 2
Keeping PowerShell: Security Measures to Use and Embrace
Cybersecurity authorities from the United States, New Zealand, and the
United Kingdom recommend proper configuration and monitoring of
PowerShell, as opposed to removing or disabling PowerShell entirely.
This will provide benefits from the security capabilities PowerShell can
enable while reducing the likelihood of malicious actors using it undetected
after gaining access into victim networks.
The following recommendations will help defenders detect and prevent
abuse by malicious cyber actors, while enabling legitimate use by
administrators and defenders.
This Cybersecurity Information Sheet from the National Security Agency
(NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the
New Zealand National Cyber Security Centre (NZ NCSC), and the United
Kingdom National Cyber Security Centre (NCSC-UK) provides details on
using PowerShell® and its security measures.
PowerShell® is a scripting language and command line tool included with
Microsoft Windows®. Similar to Bash for open-source operating systems
(e.g., Linux®), PowerShell extends the user experience as an interface into
the operating system.
PowerShell was introduced in Windows Vista® and has evolved with each
Windows version. PowerShell can help defenders manage the Windows
operating system, by:
- Enabling forensics efforts,
- Improving incident response, and
- Allowing automation of common or repetitive tasks.
In Microsoft’s cloud platform Azure®, PowerShell can help to manage
Azure resources, permitting administrators and defenders to build
automated tools and security measures.
However, the extensibility, ease of use, and availability of PowerShell also
presents an opportunity for malicious cyber actors.
17. P a g e | 17
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Many publicly-acknowledged cyber intrusions, including those by
ransomware actors, have used PowerShell as a postexploitation tool.
This technique is not new, as malicious actors often find ways to target or
use legitimate system software.
The authors’ recommendations mitigate cyber threats without obstructing
PowerShell’s functionality, which aligns to Microsoft’s guidance on
maintaining operational PowerShell use.
Blocking PowerShell hinders defensive capabilities that current versions of
PowerShell can provide, and prevents components of the Windows
operating system from running properly.
Recent versions of PowerShell with improved capabilities and options can
assist defenders in countering abuse of PowerShell. The Australian Cyber
Security Centre (ACSC) has also offered comprehensive configuration
guidance on securing PowerShell.
To read more: https://media.defense.gov/2022/Jun/22/2003021689/-1/-
1/1/CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_
AND_EMBRACE_20220622.PDF
18. P a g e | 18
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 3
Apple expands industry-leading commitment to protect users
from highly targeted mercenary spyware
Apple is previewing a groundbreaking security capability that offers
specialized additional protection to users who may be at risk of highly
targeted cyberattacks from private companies developing state-sponsored
mercenary spyware. Apple is also providing details of its $10 million grant
to bolster research exposing such threats.
Apple detailed two initiatives to help protect users who may be personally
targeted by some of the most sophisticated digital threats, such as those
from private companies developing state-sponsored mercenary spyware.
Lockdown Mode — the first major capability of its kind, coming this fall
with iOS 16, iPadOS 16, and macOS Ventura — is an extreme,
optional protection for the very small number of users who face grave,
targeted threats to their digital security.
Apple also shared details about the $10 million cybersecurity grant it
announced last November to support civil society organizations that
conduct mercenary spyware threat research and advocacy.
“Apple makes the most secure mobile devices on the market. Lockdown
Mode is a groundbreaking capability that reflects our unwavering
commitment to protecting users from even the rarest, most sophisticated
attacks,” said Ivan Krstić, Apple’s head of Security Engineering and
Architecture. “While the vast majority of users will never be the victims of
19. P a g e | 19
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
highly targeted cyberattacks, we will work tirelessly to protect the small
number of users who are. That includes continuing to design defenses
specifically for these users, as well as supporting researchers and
organizations around the world doing critically important work in exposing
mercenary companies that create these digital attacks.”
Lockdown Mode offers an extreme, optional level of security for the very
few users who, because of who they are or what they do, may be personally
targeted by some of the most sophisticated digital threats, such as those
from NSO Group and other private companies developing state-sponsored
mercenary spyware.
Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura
further hardens device defenses and strictly limits certain functionalities,
sharply reducing the attack surface that potentially could be exploited by
highly targeted mercenary spyware.
At launch, Lockdown Mode includes the following protections:
- Messages: Most message attachment types other than images are
blocked. Some features, like link previews, are disabled.
- Web browsing: Certain complex web technologies, like just-in-time
(JIT) JavaScript compilation, are disabled unless the user excludes a
trusted site from Lockdown Mode.
- Apple services: Incoming invitations and service requests, including
FaceTime calls, are blocked if the user has not previously sent the
initiator a call or request.
- Wired connections with a computer or accessory are blocked when
iPhone is locked.
20. P a g e | 20
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
- Configuration profiles cannot be installed, and the device cannot enroll
into mobile device management (MDM), while Lockdown Mode is
turned on.
Apple will continue to strengthen Lockdown Mode and add new
protections to it over time. To invite feedback and collaboration from the
security research community, Apple has also established a new category
within the Apple Security Bounty program to reward researchers who find
Lockdown Mode bypasses and help improve its protections. Bounties are
doubled for qualifying findings in Lockdown Mode, up to a maximum of
$2,000,000 — the highest maximum bounty payout in the industry.
Apple is also making a $10 million grant, in addition to any damages
awarded from the lawsuit filed against NSO Group, to support
organizations that investigate, expose, and prevent highly targeted
cyberattacks, including those created by private companies developing
state-sponsored mercenary spyware.
The grant will be made to the Dignity and Justice Fund established and
advised by the Ford Foundation — a private foundation dedicated to
advancing equity worldwide — and designed to pool philanthropic
resources to advance social justice globally. The Dignity and Justice Fund
is a fiscally sponsored project of the New Venture Fund, a 501(c)(3) public
charity.
“The global spyware trade targets human rights defenders, journalists, and
dissidents; it facilitates violence, reinforces authoritarianism, and supports
political repression,” said Lori McGlinchey, the Ford Foundation’s director
of its Technology and Society program. “The Ford Foundation is proud to
support this extraordinary initiative to bolster civil society research and
advocacy to resist mercenary spyware. We must build on Apple’s
commitment, and we invite companies and donors to join the Dignity and
Justice Fund and bring additional resources to this collective fight.”
The Dignity and Justice Fund expects to make its first grants in late 2022
or early 2023, initially funding approaches to help expose mercenary
spyware and protect potential targets that include:
- Building organizational capacity and increasing field coordination of
new and existing civil society cybersecurity research and advocacy
groups.
- Supporting the development of standardized forensic methods to detect
and confirm spyware infiltration that meet evidentiary standards.
21. P a g e | 21
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
- Enabling civil society to more effectively partner with device
manufacturers, software developers, commercial security firms, and
other relevant companies to identify and address vulnerabilities.
- Increasing awareness among investors, journalists, and policymakers
about the global mercenary spyware industry.
- Building the capacity of human rights defenders to identify and
respond to spyware attacks, including security audits for organizations
that face heightened threats to their networks.
To read more: https://www.apple.com/newsroom/2022/07/apple-
expands-commitment-to-protect-users-from-mercenary-spyware/
22. P a g e | 22
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 4
DARPA-Funded Study Provides Insights into Blockchain
Vulnerabilities
New report details how centralization can be introduced, affecting security
Distributed ledger technology, such as blockchains, has become more
prevalent across a variety of contexts over the past decade. The premise is
that blockchains operate securely without any centralized control and that
they are immutable or unsusceptible to change.
Given its mission to create and prevent technological surprise, DARPA
endeavored to understand those security assumptions and determine to
what degree blockchains are actually decentralized. As such, the agency
engaged cybersecurity research and consulting firm Trail of Bits to examine
the fundamental properties of blockchains and the cybersecurity risks
associated with them.
The study resulted in a report that provides holistic analysis that’s available
to anyone considering blockchains for important matters so they can better
understand the potential vulnerabilities within these systems.
“The report demonstrates the continued need for careful review when
assessing new technologies, such as blockchains, as they proliferate in our
society and economy” said Joshua Baron, DARPA program manager
23. P a g e | 23
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
overseeing the study. “We should not take any promise of security on face
value and anyone using blockchains for matters of high importance must
think through the associated vulnerabilities.”
To learn more, access the report here:
https://www.trailofbits.com/reports/Unintended_Centralities_in_Distrib
uted_Ledgers.pdf
24. P a g e | 24
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 5
European Union Agency for Cybersecurity (ENISA)
ENISA Cybersecurity Threat Landscape Methodology
Policy makers, risk managers and information security practitioners need
up to date and accurate information on the current threat landscape,
supported by threat intelligence. The EU Agency for Cybersecurity (ENISA)
Threat Landscape report has been published on an annual basis since
2013.
The report uses publicly available data and provides an independent view
on observed threats agents, trends and attack vectors.
ENISA aims at building on its expertise and enhancing this activity so that
its stakeholders receive relevant and timely information for policy-
creation, decision-making and applying security measures, as well as in
increasing knowledge and information for specialised cybersecurity
communities or for establishing a solid understanding of the cybersecurity
challenges related to new technologies.
The added value of ENISA cyberthreat intelligence efforts lies in offering
updated information on the dynamically changing cyberthreat landscape.
These efforts support risk mitigation, promote situational awareness and
proactively respond to future challenges.
Following the revised form of the ENISA Threat Landscape Report 2021,
ENISA continues to further improve this flagship initiative.
ENISA seeks to provide targeted as well as general reports,
recommendations, analyses and other actions on future cybersecurity
scenarios and threat landscapes, supported through a clear and publicly
available methodology.
By establishing the ENISA Cybersecurity Threat Landscape (CTL)
methodology, the Agency aims to set a baseline for the transparent and
systematic delivery of horizontal, thematic, and sectorial cybersecurity
threat landscapes. The following threat landscapes could be considered
as examples.
- Horizontal threat landscapes, such as the overarching ENISA Threat
Landscape (ETL), a product which aims to cover holistically a wide-range
of sectors and industries.
25. P a g e | 25
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
- Thematic threat landscapes, such as the ENISA Supply Chain Threat
Landscape, a product which focuses on a specific theme, but covers many
sectors.
- Sectorial threat landscape, such as the ENISA 5G Threat Landscape,
focuses on a specific sector. A sectorial threat landscape provides more
focused information for a particular constituent or target group.
Recognising the significance of systematically and methodologically
reporting on the threat landscape, ENISA has set up an ad hoc Working
Group on Cybersecurity Threat Landscapes2 (CTL WG) consisting of
experts from European and international public and private sector entities.
The scope of the CTL WG is to advise ENISA in designing, updating and
reviewing the methodology for creating threat landscapes, including the
annual ENISA Threat Landscape (ETL) Report.
The WG enables ENISA to interact with a broad range of stakeholders for
the purpose of collecting input on a number of relevant aspects.
The overall focus of the methodological framework involves the
identification and definition of the process, methods, stakeholders and
tools as well as the various elements that, content-wise, constitute the
cyberthreat Landscape (CTL).
26. P a g e | 26
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
To read more: https://www.enisa.europa.eu/publications/enisa-threat-
landscape-methodology
27. P a g e | 27
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 6
NIST Announces First Four Quantum-Resistant Cryptographic
Algorithms
Federal agency reveals the first group of winners from its six-year
competition.
The U.S. Department of Commerce’s National Institute of Standards and
Technology (NIST) has chosen the first group of encryption tools that are
designed to withstand the assault of a future quantum computer, which
could potentially crack the security used to protect privacy in the digital
systems we rely on every day — such as online banking and email software.
The four selected encryption algorithms will become part of NIST’s post-
quantum cryptographic standard, expected to be finalized in about two
years.
“Today’s announcement is an important milestone in securing our
sensitive data against the possibility of future cyberattacks from quantum
computers,” said Secretary of Commerce Gina M. Raimondo. “Thanks to
NIST’s expertise and commitment to cutting-edge technology, we are able
to take the necessary steps to secure electronic information so U.S.
businesses can continue innovating while maintaining the trust and
confidence of their customers.”
The announcement follows a six-year effort managed by NIST, which in
2016 called upon the world’s cryptographers to devise and then vet
encryption methods that could resist an attack from a future quantum
computer that is more powerful than the comparatively limited machines
available today. The selection constitutes the beginning of the finale of the
agency’s post-quantum cryptography standardization project.
“NIST constantly looks to the future to anticipate the needs of U.S.
industry and society as a whole, and when they are built, quantum
computers powerful enough to break present-day encryption will pose a
serious threat to our information systems,” said Under Secretary of
Commerce for Standards and Technology and NIST Director Laurie E.
Locascio. “Our post-quantum cryptography program has leveraged the top
minds in cryptography — worldwide — to produce this first group of
quantum-resistant algorithms that will lead to a standard and significantly
increase the security of our digital information.”
Four additional algorithms are under consideration for inclusion in the
standard, and NIST plans to announce the finalists from that round at a
28. P a g e | 28
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
future date. NIST is announcing its choices in two stages because of the
need for a robust variety of defense tools.
As cryptographers have recognized from the beginning of NIST’s effort,
there are different systems and tasks that use encryption, and a useful
standard would offer solutions designed for different situations, use varied
approaches for encryption, and offer more than one algorithm for each use
case in the event one proves vulnerable.
Encryption uses math to protect sensitive electronic information, including
the secure websites we surf and the emails we send. Widely used public-key
encryption systems, which rely on math problems that even the fastest
conventional computers find intractable, ensure these websites and
messages are inaccessible to unwelcome third parties.
However, a sufficiently capable quantum computer, which would be based
on different technology than the conventional computers we have today,
could solve these math problems quickly, defeating encryption systems. To
counter this threat, the four quantum-resistant algorithms rely on math
problems that both conventional and quantum computers should have
difficulty solving, thereby defending privacy both now and down the road.
The algorithms are designed for two main tasks for which encryption is
typically used: general encryption, used to protect information exchanged
across a public network; and digital signatures, used for identity
authentication. All four of the algorithms were created by experts
collaborating from multiple countries and institutions.
For general encryption, used when we access secure websites, NIST
has selected the CRYSTALS-Kyber algorithm. Among its advantages are
comparatively small encryption keys that two parties can exchange easily,
as well as its speed of operation.
For digital signatures, often used when we need to verify identities
during a digital transaction or to sign a document remotely, NIST has
selected the three algorithms CRYSTALS-Dilithium, FALCON and
SPHINCS+ (read as “Sphincs plus”).
Reviewers noted the high efficiency of the first two, and NIST recommends
CRYSTALS-Dilithium as the primary algorithm, with FALCON for
applications that need smaller signatures than Dilithium can provide. The
third, SPHINCS+, is somewhat larger and slower than the other two, but it
is valuable as a backup for one chief reason: It is based on a different math
approach than all three of NIST’s other selections.
29. P a g e | 29
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Three of the selected algorithms are based on a family of math problems
called structured lattices, while SPHINCS+ uses hash functions. The
additional four algorithms still under consideration are designed for
general encryption and do not use structured lattices or hash functions in
their approaches.
While the standard is in development, NIST encourages security experts to
explore the new algorithms and consider how their applications will use
them, but not to bake them into their systems yet, as the algorithms could
change slightly before the standard is finalized.
To prepare, users can inventory their systems for applications that use
public-key cryptography, which will need to be replaced before
cryptographically relevant quantum computers appear.
They can also alert their IT departments and vendors about the upcoming
change. To get involved in developing guidance for migrating to post-
quantum cryptography, see NIST’s National Cybersecurity Center of
Excellence project page at: https://www.nccoe.nist.gov/crypto-agility-
considerations-migrating-post-quantum-cryptographic-algorithms
All of the algorithms are available on the NIST website at:
https://csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-
cryptography-standardization/round-3-submissions
30. P a g e | 30
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
To read more: https://www.nist.gov/news-events/news/2022/07/nist-
announces-first-four-quantum-resistant-cryptographic-algorithms
31. P a g e | 31
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 7
Executive Order on Protecting Access to Reproductive
Healthcare Services
By the authority vested in me as President by the Constitution and the laws
of the United States of America, it is hereby ordered as follows:
Section 1. Policy.
Nearly 50 years ago, Roe v. Wade, 410 U.S. 113 (1973), articulated the
United States Constitution’s protection of women’s fundamental right to
make reproductive healthcare decisions.
These deeply private decisions should not be subject to government
interference. Yet today, fundamental rights — to privacy, autonomy,
freedom, and equality — have been denied to millions of women across the
country.
Eliminating the right recognized in Roe has already had and will continue
to have devastating implications for women’s health and public health
more broadly.
Access to reproductive healthcare services is now threatened for millions of
Americans, and especially for those who live in States that are banning or
severely restricting abortion care.
Women’s health clinics are being forced to close — including clinics that
offer other preventive healthcare services such as contraception — leaving
many communities without access to critical reproductive healthcare
services.
Women seeking abortion care — especially those in low-income, rural, and
other underserved communities — now have to travel to jurisdictions
where services remain legal notwithstanding the cost or risks.
In the face of this health crisis, the Federal Government is taking action to
protect healthcare service delivery and promote access to critical
reproductive healthcare services, including abortion.
It remains the policy of my Administration to support women’s right to
choose and to protect and defend reproductive rights. Doing so is essential
to justice, equality, and our health, safety, and progress as a Nation.
32. P a g e | 32
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Sec. 2. Definitions.
(a) The term “agency” means any authority of the United States that is an
“agency” under 44 U.S.C. 3502(1), other than one considered to be an
independent regulatory agency, as defined in 44 U.S.C. 3502(5).
(b) The term “reproductive healthcare services” means medical, surgical,
counseling, or referral services relating to the human reproductive system,
including services relating to pregnancy or the termination of a pregnancy.
Sec. 3. Protecting Access to Reproductive Healthcare Services.
(a) Within 30 days of the date of this order, the Secretary of Health and
Human Services shall submit a report to the President:
(i) identifying potential actions:
(A) to protect and expand access to abortion care, including medication
abortion; and
(B) to otherwise protect and expand access to the full range of
reproductive healthcare services, including actions to enhance family
planning services such as access to emergency contraception;
(ii) identifying ways to increase outreach and education about access to
reproductive healthcare services, including by launching a public
awareness initiative to provide timely and accurate information about such
access, which shall:
(A) share information about how to obtain free or reduced cost
reproductive healthcare services through Health Resources and Services
Administration-Funded Health Centers, Title X clinics, and other
providers; and
(B) include promoting awareness of and access to the full range of
contraceptive services, as well as know-your-rights information for those
seeking or providing reproductive healthcare services; and
(iii) identifying steps to ensure that all patients ‑- including pregnant
women and those experiencing pregnancy loss, such as miscarriages and
ectopic pregnancies — receive the full protections for emergency medical
care afforded under the law, including by considering updates to current
guidance on obligations specific to emergency conditions and stabilizing
care under the Emergency Medical Treatment and Labor Act, 42 U.S.C.
1395dd, and providing data from the Department of Health and Human
Services concerning implementation of these efforts.
33. P a g e | 33
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
(b) To promote access to reproductive healthcare services, the Attorney
General and the Counsel to the President shall convene a meeting of
private pro bono attorneys, bar associations, and public interest
organizations in order to encourage lawyers to represent and assist
patients, providers, and third parties lawfully seeking these services
throughout the country.
Sec. 4. Protecting Privacy, Safety, and Security.
(a) To address potential heightened safety and security risks related to the
provision of reproductive healthcare services, the Attorney General and the
Secretary of Homeland Security shall consider actions, as appropriate and
consistent with applicable law, to ensure the safety of patients, providers,
and third parties, and to protect the security of clinics (including mobile
clinics), pharmacies, and other entities providing, dispensing, or delivering
reproductive and related healthcare services.
(b) To address the potential threat to patient privacy caused by the
transfer and sale of sensitive health-related data and by digital surveillance
related to reproductive healthcare services, and to protect people seeking
reproductive health services from fraudulent schemes or deceptive
practices:
(i) The Chair of the Federal Trade Commission (FTC) is encouraged to
consider actions, as appropriate and consistent with applicable law
(including the Federal Trade Commission Act, 15 U.S.C. 41 et seq.), to
protect consumers’ privacy when seeking information about and provision
of reproductive healthcare services.
(ii) The Secretary of Health and Human Services shall consider actions,
including providing guidance under the Health Insurance Portability and
Accountability Act, Public Law 104-191, 110 Stat. 1936 (1996) as amended
by Public Law 111-5, 123 Stat. 115 (2009), and any other statutes as
appropriate, to strengthen the protection of sensitive information related
to reproductive healthcare services and bolster patient-provider
confidentiality.
(iii) The Secretary of Health and Human Services shall, in consultation
with the Attorney General, consider actions to educate consumers on how
best to protect their health privacy and limit the collection and sharing of
their sensitive health-related information.
(iv) The Secretary of Health and Human Services shall, in consultation
with the Attorney General and the Chair of the FTC, consider options to
address deceptive or fraudulent practices related to reproductive
34. P a g e | 34
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
healthcare services, including online, and to protect access to accurate
information.
Sec. 5. Coordinating Implementation Efforts.
(a) The Secretary of Health and Human Services and the Director of the
Gender Policy Council shall establish and co-chair an Interagency Task
Force on Reproductive Healthcare Access (Task Force).
Additional members shall include the Attorney General and the heads of
other agencies as determined by the Secretary of Health and Human
Services and the Director of the Gender Policy Council.
The Task Force shall work to identify and coordinate activities to protect
and strengthen access to essential reproductive healthcare services.
In addition, the Task Force shall coordinate Federal interagency
policymaking, program development, and outreach efforts to address
barriers that individuals and entities may face in seeking and providing
reproductive healthcare services.
The Department of Health and Human Services shall provide funding and
administrative support as may be necessary for the performance and
functions of the Task Force.
(b) The Attorney General shall provide technical assistance, as
appropriate and consistent with applicable law, concerning Federal
constitutional protections to States seeking to afford legal protection to
out-of-State patients and providers who offer legal reproductive
healthcare.
Sec. 6. General Provisions.
(a) Nothing in this order shall be construed to impair or otherwise affect:
(i) the authority granted by law to an executive department or agency, or
the head thereof; or
(ii) the functions of the Director of the Office of Management and Budget
relating to budgetary, administrative, or legislative proposals.
(b) This order shall be implemented consistent with applicable law and
subject to the availability of appropriations.
(c) This order is not intended to, and does not, create any right or benefit,
substantive or procedural, enforceable at law or in equity by any party
35. P a g e | 35
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
against the United States, its departments, agencies, or entities, its officers,
employees, or agents, or any other person.
JOSEPH R. BIDEN JR.
THE WHITE HOUSE,
July 8, 2022.
36. P a g e | 36
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 8
Botnet Disrupted in International Cyber Operation
The U.S. Department of Justice, together with law enforcement partners in
Germany, the Netherlands and the United Kingdom, have dismantled the
infrastructure of a Russian botnet known as RSOCKS which hacked
millions of computers and other electronic devices around the world.
A botnet is a group of hacked internet-connected devices that are
controlled as a group without the owner’s knowledge and typically used for
malicious purposes. Every device that is connected to the internet is
assigned an Internet Protocol (IP) address.
According to a search warrant affidavit, unsealed today in the Southern
District of California, and the operators’ own claims, the RSOCKS botnet,
operated by Russian cybercriminals, comprised millions of hacked devices
worldwide.
The RSOCKS botnet initially targeted Internet of Things (IoT) devices. IoT
devices include a broad range of devices—including industrial control
systems, time clocks, routers, audio/video streaming devices, and smart
garage door openers, which are connected to, and can communicate over,
the internet, and therefore, are assigned IP addresses.
The RSOCKS botnet expanded into compromising additional types of
devices, including Android devices and conventional computers.
“The RSOCKS botnet compromised millions of devices throughout the
world,” said U.S. Attorney Randy Grossman. “Cyber criminals will not
escape justice regardless of where they operate. Working with public and
private partners around the globe, we will relentlessly pursue them while
using all the tools at our disposal to disrupt their threats and prosecute
those responsible.” Grossman thanked the prosecution team, the FBI and
the Department of Justice Criminal Division’s Computer Crimes and
Intellectual Property Section for their excellent work on this case.
“This operation disrupted a highly sophisticated Russia-based cybercrime
organization that conducted cyber intrusions in the United States and
abroad,” said FBI Special Agent in Charge Stacey Moy. “Our fight against
cybercriminal platforms is a critical component in ensuring cybersecurity
and safety in the United States. The actions we are announcing today are a
testament to the FBI’s ongoing commitment to pursuing foreign threat
actors in collaboration with our international and private sector partners.”
37. P a g e | 37
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
A legitimate proxy service provides IP addresses to its clients for a fee.
Typically, the proxy service provides access to IP addresses that it leases
from internet service providers (ISPs). Rather than offer proxies that
RSOCKS had leased, the RSOCKS botnet offered its clients access to IP
addresses assigned to devices that had been hacked.
The owners of these devices did not give the RSOCKS operator(s) authority
to access their devices in order to use their IP addresses and route internet
traffic.
A cybercriminal who wanted to utilize the RSOCKS platform could use a
web browser to navigate to a web-based “storefront” (i.e., a public web site
that allows users to purchase access to the botnet), which allowed the
customer to pay to rent access to a pool of proxies for a specified daily,
weekly, or monthly time period.
The cost for access to a pool of RSOCKS proxies ranged from $30 per day
for access to 2,000 proxies to $200 per day for access to 90,000 proxies.
Once purchased, the customer could download a list of IP addresses and
ports associated with one or more of the botnet’s backend servers. The
customer could then route malicious internet traffic through the
compromised victim devices to mask or hide the true source of the traffic.
It is believed that the users of this type of proxy service were conducting
large scale attacks against authentication services, also known as credential
stuffing, and anonymizing themselves when accessing compromised social
media accounts, or sending malicious email, such as phishing messages.
As alleged in the unsealed warrant, FBI investigators used undercover
purchases to obtain access to the RSOCKS botnet in order to identify its
backend infrastructure and its victims.
The initial undercover purchase in early 2017 identified approximately
325,000 compromised victim devices throughout the world with numerous
devices located within San Diego County.
Through analysis of the victim devices, investigators determined that the
RSOCKS botnet compromised the victim device by conducting brute force
attacks.
The RSOCKS backend servers maintained a persistent connection to the
compromised device. Several large public and private entities have been
victims of the RSOCKS botnet, including a university, a hotel, a television
studio, and an electronics manufacturer, as well as home businesses and
individuals. At three of the victim locations, with consent, investigators
38. P a g e | 38
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
replaced the compromised devices with government-controlled computers
(i.e., honeypots), and all three were subsequently compromised by
RSOCKS. The FBI identified at least six victims in San Diego.
This case was investigated by the FBI and is being prosecuted by Assistant
U.S. Attorney Jonathan I. Shapiro of the Southern District of California
and Ryan K.J. Dickey, Senior Counsel for the Department of Justice
Criminal Division’s Computer Crimes and Intellectual Property Section.
The Department of Justice extends its appreciation to the authorities of
Germany, the Netherlands, and the United Kingdom, the Justice
Department’s Office of International Affairs and private sector
cybersecurity company Black Echo, LLC for their assistance provided
throughout the investigation.
In September 2020, FBI Director Christopher Wray announced the FBI’s
new strategy for countering cyber threats. The strategy focuses on
imposing risk and consequences on cyber adversaries through the FBI’s
unique authorities, world-class capabilities, and enduring partnerships.
Victims are encouraged to report the incident online with the Internet
Crime Complaint Center (IC3) www.ic3.gov
To read more: https://www.justice.gov/usao-sdca/pr/russian-botnet-
disrupted-international-cyber-operation
39. P a g e | 39
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 9
FBI Las Vegas Federal Fact Friday:
Social Media Money Flipping Scam
The FBI Las Vegas Field Office wants to educate the public about a scam
taking place using social media platforms and banking apps to solicit large
sums of cash from victims.
Money Flipping
The FBI has alerted social media companies of a series of legitimate
accounts being hijacked by scammers advertising unrealistic money
flipping opportunities.
These scammers claim they will exponentially increase a victim’s funds
once provided via Cash App. These scammers will often have legitimate-
looking profiles displaying strangers with large sums of cash resulting from
their participation in the fraudulent investment.
How It is Implemented
Scammers contact the victim directly via private messenger, often using
accounts stolen from the victim’s friends.
The scammers will offer returns larger than the victim’s investment at no
interest and no risk.
If the victim sends money, communications are either ceased or scammers
will send fake Cash App screenshots indicating the victim’s money has
already increased.
They then request more money with the promise of more returns that the
victim will never see.
If the victim sent money or not, the scammers often suggest money is
pending in the victim's Cash App account but requires replacing the email
address connected to the victim’s social media account with one provided
by the scammers.
40. P a g e | 40
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Once done, the scammers reset the password and take control of the
account. Once they have control, the cycle continues, now against the
victim’s followers.
Means Of Defense
Use dual-factor authentication (DFA) when available. Though many find
this inconvenient, having DFA prevents accounts from being hijacked
simply by email reset. This helps prevent many forms of account hijacking
and can also alert users of hijack attempts.
Do not change your account information based on outside requests. There
is no legitimate reason to change your account information to that of
someone else’s. Cash App is not locked by social media settings and anyone
that attempts to convince you otherwise is likely attempting to gain access
to your information. Be cautious.
Do not click on links and verify who you’re conversing with. If you are
having an unusual conversation with someone on social media and they
attempt to solicit money or account information, question this and give
them a phone call.
Talk to your friends live, ask questions, be skeptical, and do not click on
links as they may be directing you to a malicious webpage.
Online, anyone can be anyone else. Trust, but verify. If the money transfer
application has a security pin feature that requires PIN entry before
authorizing a transfer, use it!
41. P a g e | 41
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 10
NIST Releases Draft IR 8409
Measuring the Common Vulnerability Scoring System Base Score
Equation
NIST is seeking public comments on NIST IR 8409 ipd (initial public
draft), Measuring the Common Vulnerability Scoring System Base Score
Equation.
Calculating the severity of information technology vulnerabilities is
important for prioritizing vulnerability remediation and helping to
understand the risk of a vulnerability.
The Common Vulnerability Scoring System (CVSS) is a widely used
approach to evaluating properties that lead to a successful attack and the
effects of a successful exploitation.
CVSS is managed under the auspices of the Forum of Incident Response
and Security Teams (FIRST) and is maintained by the CVSS Special
Interest Group (SIG).
Unfortunately, ground truth upon which to base the CVSS measurements
has not been available. Thus, CVSS SIG incident response experts maintain
the equations by leveraging CVSS SIG human expert opinion.
This work evaluates the accuracy of the CVSS “base score” equations and
shows that they represent the CVSS maintainers' expert opinion to the
extent described by these measurements.
NIST requests feedback on the approach, the significance of the results,
and any CVSS measurements that should have been conducted but were
not included within the initial scope of this work.
Finally, NIST requests comments on sources of data that could provide
ground truth for these types of measurements.
The public comment review period for this draft is open through July 29,
2022. See the publication details for instructions on how to submit
comments.
42. P a g e | 42
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
To read more:
https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8409.ipd.pdf
43. P a g e | 43
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 11
Voices from DARPA Podcast Episode 57
Unmasking Misinformation & Manipulation
In this 20-minute episode of the Voices from DARPA podcast, we discuss
DARPA’s Influence Campaign Awareness and Sensemaking (INCAS)
program.
Adversaries exploit misinformation and true information through
compelling narratives propagated on social media and online content.
INCAS seeks new tools to help analysts quickly identify geopolitical
influence campaigns amidst today’s noisy information environment and
find better ways to determine the impacts of such propaganda.
We talk with leaders of teams working on aspects of the INCAS program –
including identifying narratives using lessons from the entertainment
industry and exploring how different people react to the same messages –
in addition to INCAS Program Manager Brian Kettler.
As Kettler says: “Propaganda is not new, but the speed and scale of it is
new. The information ecosystem is rapidly evolving. Our adversaries are
getting better all the time.”
You may visit: https://youtu.be/g9aoZiP48Fc
https://itunes.apple.com/us/podcast/voices-from-darpa/id1163190520
44. P a g e | 44
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 12
FINMA revises capital requirements for banks
The Swiss Financial Market Supervisory Authority FINMA is adjusting its
implementing regulations in the area of capital requirements for banks.
Switzerland is thereby adopting the last improvements to banking
regulation foreseen by the international Basel III standards following the
last financial crisis. FINMA will conduct a consultation until 25 October
2022.
The international Basel III banking standards include rules on eligible
capital, on the amount of capital required to absorb losses, on risk
diversification, liquidity and disclosure.
Legislative and regulatory authorities have introduced the Basel III
package of reforms developed in response to the last financial crisis into
Swiss law gradually since 2013.
The introduction of the so-called final Basel III standards marks the end of
this process.
The final Basel III standards change the rules for calculating capital
requirements, particularly for credit and market risks as well as for
operational risks.
Besides increasing the risk sensitivity of the capital requirements, the new
rules seek to improve the comparability of the capital requirements and
key indicators based on these.
For example, the degrees of freedom for models approaches subject to
approval, which banks use to calculate their capital requirements for credit
and market risks, have been reduced.
The requirements for operational risks must now be calculated using a
single standardised approach.
In the past, two standardised approaches and one models approach were
available for this. In addition, a so-called output floor will ensure that from
2028 the risk-based capital requirements for banks with models
approaches are not below 72.5% of the requirements calculated using
standardised approaches.
45. P a g e | 45
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
To introduce the final Basel III standards, the Federal Council is adjusting
its Capital Adequacy Ordinance and FINMA is adjusting its associated
implementing regulations in the form of five new FINMA ordinances. At
the same time, FINMA is repealing five of six relevant FINMA circulars.
The Federal Department of Finance is putting the Federal Council
ordinance out for consultation until 25 October 2022 (cf. Federal
Department of Finance press release).
At the same time, FINMA is conducting the consultation on its ordinances.
The Federal Council’s Capital Adequacy Ordinance and the associated
FINMA ordinances are scheduled to enter into force on 1 July 2024.
To read more: https://www.finma.ch/en/news/2022/07/20220704-mm-
anhoerung-basel/
46. P a g e | 46
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 13
Next Generation of Intelligence Analysts Present Research on
Foreign Social Media Campaigns
Partnerships are vital to the National Security Agency (NSA), and an
academic relationship forged with Mercyhurt University last year is already
paying dividends for both parties.
NSA established an Educational Partnership Agreement (EPA) with
Mercyhurst University in August of 2021, just one of a multitude of
partnership efforts between the agency and academia.
The EPA between NSA and universities/non-profit organizations sets the
foundation to support education efforts for students in science, technology,
engineering, and mathematics (STEM), as well as in language and other
skills.
Following the establishment of the EPA, seniors from Mercyhurst
University’s Intelligence Studies program have been working with
Academic Engagement’s Intelligence Analyst Focused Area Liaison
(IAFAL) program to conduct research and complete their capstone project
on foreign social media campaigns designed to influence U.S. audiences.
“I was honored to mentor and work with the students and am impressed by
the research they achieved in three months,” said Joe Reinhard, the first
IAFAL for Mercyhurst University.
Following the students’ capstone presentation, Angie Painter, NSA’s higher
education advocate in Academic Engagement, partnered with
representatives from NSA’s Cybersecurity Collaboration Center (CCC) and
National Cryptologic Museum to facilitate a tour where the students
learned about NSA’s mission, the history of signals intelligence in the 20th
century, and unclassified cyber work being done by the CCC.
You may visit: https://www.nsa.gov/About/Cybersecurity-Collaboration-
Center/
47. P a g e | 47
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
While touring the CCC, the students learned how NSA partners with
various cybersecurity entities and how they work together to detect cyber
threats in software and hardware.
“The IAFAL program within the Academic Engagement partnership with
Mercyhurst University represents the future of NSA’s hiring initiative for
the next generation of intelligence analysts,” said Pamela Jock, then-chief
of Academic Engagement.
“NSA’s ability to engage with academic partners is vital to its success, and
the intelligence analysts produced by Mercyhurst University are critical to
the next generation of NSA experts,” she added.
NSA maintains various academic partnerships to develop the talent and
tools needed to meet future national security challenges. These
partnerships help cultivate the next generation of experts in science,
technology, engineering, math, language and analysis to help broaden the
pool of skilled cybersecurity professionals who can protect the nation from
cyberattacks. Visit NSA.gov/Academics to learn more about NSA’s
academic partnership efforts.
48. P a g e | 48
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Number 14
Helping users stay safe: Blocking internet macros by default in
Office (and recent developments)
For years Microsoft Office has shipped powerful automation capabilities
called active content, the most common kind are macros. While we
provided a notification bar to warn users about these macros, users could
still decide to enable the macros by clicking a button.
Bad actors send macros in Office files to end users who unknowingly
enable them, malicious payloads are delivered, and the impact can be
severe including malware, compromised identity, data loss, and remote
access.
Changing Default Behavior
We’re introducing a default change for five Office apps that run macros:
VBA macros obtained from the internet will now be blocked by
default.
For macros in files obtained from the internet, users will no longer be able
to enable content with a click of a button. A message bar will appear for
users notifying them with a button to learn more.
The default is more secure and is expected to keep more users safe
including home users and information workers in managed organizations.
This change only affects Office on devices running Windows and only
affects the following applications: Access, Excel, PowerPoint, Visio, and
Word. The change will begin rolling out in Version 2203, starting with
Current Channel (Preview) in early April 2022. Later, the change will be
49. P a g e | 49
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
available in the other update channels, such as Current Channel, Monthly
Enterprise Channel, and Semi-Annual Enterprise Channel.
At a future date to be determined, we also plan to make this change to
Office LTSC, Office 2021, Office 2019, Office 2016, and Office 2013.
To read more: https://techcommunity.microsoft.com/t5/microsoft-365-
blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/bc-
p/3566717/highlight/true#M4281
50. P a g e | 50
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
Cyber Risk GmbH
Cyber Risk GmbH has been established in Horgen, Switzerland, by George
Lekatis, a well-known expert in risk management and compliance.
Our Training Programs include:
1. Information Security Awareness Training. You may visit:
https://www.cyber-risk-
gmbh.com/1_Information_Security_Awareness_Training.html
2. Social Engineering, Awareness and Defense. You may visit:
https://www.cyber-risk-
gmbh.com/2_Social_Engineering_Awareness_Defence.html
3. Practical Social Engineering. Defense and Protection of Sensitive
Information. You may visit:
https://www.cyber-risk-gmbh.com/3_Practical_Social_Engineering.html
4. Insider Threats Awareness Training. You may visit:
https://www.cyber-risk-
gmbh.com/4_Insider_Threats_Awareness_Training.html
5. The target is the bank. From hacking to cybercrime to cyberespionage.
You may visit:
https://www.cyber-risk-gmbh.com/5_The_Target_Is_The_Bank.html
6. Cybersecurity training for managers and employees working in the
hospitality industry. You may visit:
https://www.cyber-risk-
gmbh.com/6_Cybersecurity_Training_Hospitality_Industry.html
7. Cybersecurity training for managers and employees working in the
commercial and private aviation industry. You may visit:
https://www.cyber-risk-
gmbh.com/7_Cybersecurity_Training_Aviation_Industry.html
8. Cybersecurity training for managers and employees working in the
healthcare industry. You may visit:
https://www.cyber-risk-
gmbh.com/8_Cybersecurity_Training_Healthcare_Industry.html
9. The General Data Protection Regulation (GDPR) for EU and non-EU
based companies. You may visit:
https://www.cyber-risk-gmbh.com/9_GDPR.html
51. P a g e | 51
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
10. The General Data Protection Regulation (GDPR) for the Board of
Directors and the CEO of EU and non-EU based companies. You may visit:
https://www.cyber-risk-gmbh.com/10_GDPR_Board.html
Our websites include:
a. Sectors and Industries.
1. https://www.cyber-risk-gmbh.com
2. https://www.social-engineering-training.ch
3. https://www.healthcare-cybersecurity.ch
4. https://www.airline-cybersecurity.ch
5. https://www.railway-cybersecurity.com
6. https://www.maritime-cybersecurity.com
7. https://www.transport-cybersecurity.com
8. https://www.transport-cybersecurity-toolkit.com
9. https://www.hotel-cybersecurity.ch
10. https://www.sanctions-risk.com
b. Understanding cybersecurity.
1. https://www.disinformation.ch
2. https://www.cyber-espionage.ch
3. https://www.travel-security.ch
4. https://www.synthetic-identity-fraud.com
5. https://www.steganography.ch
6. https://www.cyberbiosecurity.ch
c. Understanding cybersecurity in the European Union.
52. P a g e | 52
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
1. https://www.nis-2-directive.com
2. https://www.european-cyber-resilience-act.com
3. https://www.digital-operational-resilience-act.com
4. https://www.european-cyber-defence-policy.com
5. https://www.strategic-compass-european-union.com
6. https://www.european-chips-act.com
You may contact:
George Lekatis
General Manager, Cyber Risk GmbH
Dammstrasse 16, 8810 Horgen
Phone: +41 79 505 89 60
Email: george.lekatis@cyber-risk-gmbh.com
Web: www.cyber-risk-gmbh.com
Disclaimer
Despite the great care taken to prepare this newsletter, we cannot
guarantee that all information is current or accurate. If errors are brought
to our attention, we will try to correct them, and we will publish the correct
information to the LinkedIn and Facebook pages of Cyber Risk GmbH.
Readers will make their own determination of how suitable the
information is for their usage and intent. Cyber Risk GmbH expressly
disclaims all warranties, either expressed or implied, including any implied
warranty of fitness for a particular purpose, and neither assumes nor
authorizes any other person to assume for it any liability in connection
with the information or training programs provided.
Cyber Risk GmbH and its employees will not be liable for any loss or
damages of any nature, either direct or indirect, arising from use of the
information provided on this newsletter, or our web sites.
We are not responsible for opinions and information posted by others. The
inclusion of links to other web sites does not necessarily imply a
recommendation or endorsement of the views expressed within them.
Links to other web sites are presented as a convenience to users. Cyber
Risk GmbH does not accept any responsibility for the content, accuracy,
reliability, or currency found on external web sites.
53. P a g e | 53
Cyber Risk GmbH, CHE-244.099.341, Dammstrasse 16, 8810 Horgen, Switzerland - www.cyber-risk-gmbh.com
This information:
- is of a general nature only and is not intended to address the specific
circumstances of any particular individual or entity;
- should not be relied on in the particular context of enforcement or
similar regulatory action;
- is not necessarily comprehensive, complete, or up to date;
- is sometimes linked to external sites over which the association has
no control and for which the association assumes no responsibility;
- is not professional or legal advice (if you need specific advice, you
should always consult a suitably qualified professional);
- is in no way constitutive of interpretative;
- does not prejudge the position that the relevant authorities might
decide to take on the same matters if developments, including Court
rulings, were to lead it to revise some of the views expressed here;
- does not prejudge the interpretation that the Courts might place on
the matters at issue.
Please note that it cannot be guaranteed that these information and
documents exactly reproduce officially adopted texts. It is our goal to
minimize disruption caused by technical errors. However, some data or
information may have been created or structured in files or formats that
are not error-free and we cannot guarantee that our service will not be
interrupted or otherwise affected by such problems.
Readers that are interested in a specific topic covered in the newsletter,
must download the official papers, must find more information, and must
ask for legal and technical advice, before making any business decisions.