A beautiful hike to Conejo Mountain Peak on January 11, 2020.
VENTURA, Calif.- The Ventura County P-20 Council hosted the first-ever Ventura County Education Summit to strengthen existing ties, and establish new ones, between educators and businesses at the Ventura County Office of Education (VCOE) Conference and Educational ServicesCenter building, Nov. 26. Vance Brahosky, Deputy Technical Director,Naval Surface Warfare Center, Port Hueneme Division, was among four business sector representatives, including Haas Automation, Corwin Press and The Trade Desk, who participated on a special panel to discuss strides taken to bridge the gap between education and business.
“We don’t have as strong of service as we require if we’re not reaching out to the community in events like this,” said Brahosky. “We will not miss opportunities to do that.”
Naval Surface Warfare Center, Port Hueneme Division (NSWC PHD) hosted representatives from California State University, Channel Islands (CSUCI) Feb. 28 to discuss collaboration opportunities, utilizing the Educational Partnership Agreement originally established in 2014.
The local university is set to launch its Mechatronics Engineering program in fall 2018 with acceptance of 24 students. Not shy about its intentions, NSWC PHD wants to be on the receiving end for hiring come graduation time in the year 2020.
“In advance of that graduation,” said Vance Brahosky, NSWC PHD deputy technical director, “there are opportunities for us to work with the university through internships, rotations, and engagement with faculty so that through this partnership, we can access some of your best and brightest before they get pulled away to everyone else out there searching through the thin layer of engineering talent available to the U.S. industry.
”Mechatronics is a quickly-growing area of engineering that includes aspects of control theory, computer science, electronics, and mechanics―an area of expertise conducive to NSWC PHD.
The purpose of the educational partnership is to help augment engineering education for CSUCI students by providing a mechanism by which students can benefit from the command’s expertise, unique facilities and equipment related to their academic discipline.
“Community engagement, working with the industry and intentionally working with you, the Navy, is what we are all about,” said Michael Soltys, CSUCI Computer Science program chair. The meeting served as the start of many areas where the university and station will collaborate over the coming years, introducing and integrating naval knowledge wherever applicable.
Part of NSWC PHD’s mission is to nurture and develop its future workforce through Science, Technology, Engineering, and Mathematics programs.
Currently, the command holds two Educational Partnership Agreements with Southern Californian universities, ensuring its legacy of outstanding fleet support to the world’s greatest Navy.
The 23-year-old has been accused of involvement with Kronos – a piece of malware used to steal banking logins from victims’ computers.
Mr Hutchins, from Ilfracombe in Devon, came to prominence after he stalled the WannaCry cyber-attack which hit the NHS in May.
The FBI arrested him on Wednesday.
TORONTO, July 24, 2017 /PRNewswire/ – SQI Diagnostics (TSX-V: SQD; OTCQX: SQIDF), today announced a technology development partnership and licensing agreement with the McMaster University Department of Engineering to develop chip technology for use in multi-array disease testing.
SQI is a Toronto-based life sciences and diagnostics company that develops and commercializes proprietary technologies and products for advanced multiplexed diagnostics. SQI’s existing proprietary technology enables global pharmaceutical and diagnostic testing companies to perform highly complex multiplex tests much faster, more accurately and at a lower cost.
Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.
No one should be letting their guard down now that the WannaCry ransomware attacks have been relatively contained. Experts intimately involved with analyzing the malware and worldwide attacks urge quite the opposite, warning today that there’s nothing stopping attackers from using the available NSA exploits to drop more destructive malware.
The key is to patch vulnerable Windows machines while there is a downtime, ensure offline backups are secure and available, and that antimalware protection is running and current.
Kaspersky Lab researcher Juan Andres Guerrero-Saade and Comae Technologies’ Matt Suiche said today during a webinar, below, that the EternalBlue exploit targeting a SMBv1 flaw could be fitted with payloads ranging from banking Trojans to wiper malware that destroys a computer’s hard disk.
“Absolutely,” Guerrero-Saade said when asked if this could have been a wiper attack rather than ransomware. “We’re talking ring0 access (via the DoublePulsar rootkitinstalled by the EternalBlue exploit). It would have just come down to a matter of implementation at that point.”
Accelerating the researchers’ anxiety about what could be next was yesterday’s ShadowBrokers announcement that it would begin in June a monthly dump of new exploits—including Windows 10 attacks—and stolen data. The ShadowBrokers’ leak in April of EternalBlue and other Windows attacks handed attackers not only the exploits but also documentation that lowered any barrier to entry for using these attacks.
“This is really worrying because we’ve seen the impact of what those files out in the wild can do,” Suiche said.
The attacks also exposed the shortcomings associated with patching, despite experts for more than a decade stressing the importance of keeping operating systems, browsers and third-party software up to date. MS17-010, the patch that addressed the SMB vulnerabilities leaked by the ShadowBrokers in April, has been available since March. Microsoft rated the security bulletin as critical and experts cautioned that this patch was to be prioritized, and that SMB port 445 on Windows machines should not be exposed to the internet. Yet, Rapid7 today said its scans have found more than 1 million internet-connected devices exposing SMB over 445 with more than 800,000 of those devices running Windows. Rapid7 said it’s likely that a large percentage of that number includes vulnerable versions of Windows with SMBv1 enabled.
“Beyond the prevalence of what these exploits might be, but it really has been a test on the industry and defenders as well,” Guerrero-Saade said. “What we saw here was not the super secret zero-day situation you can’t save yourself from. It was a test of how well we’re implementing the solutions and recommendations that have been out there a very long time that everybody touts every single day. We were asked to put our money where our mouth is with this WannaCry infection.”
The biggest mitigating factor in slowing down the WannaCry outbreak was the discovery of a so-called killswitch that was likely an evasion technique by the malware to check whether it was running in a sandbox. The malware called out to a hard-coded URL, and if it responded, the malware would not execute. The speculation is that getting a response back from the killswitch domain indicated the malware might be executing instead in a sandbox.
Researcher Marcus Hutchins of the MalwareTech blog registered the domain coded into last Friday’s version of WannaCry while Suiche registered a second and third killswitch domain found in subsequent variants, shutting down most infections in the wild.
Guerrero-Saade said his concern is that the next version likely won’t have a killswitch, and could contain a more dangerous and costly payload.
“We have essentially bought time with the killswitches. That’s something where we got incredibly lucky that was even involved in the development of the malware,” Guerrero-Saade said.
They also touched on the shared code between an early WannaCry version found in February and a sample from the Lazarus APT from February 2015. Lazarus is the North Korean group alleged to be behind the Sony hack, which featured wiper malware and damaging data leaks, as well as the SWIFT attacks against banks in Bangladesh, Poland and Mexico. The attacks against financial organizations, experts said during the Kaspersky Lab Security Analyst Summit, were performed by an internal Lazarus splinter group called Bluenoroff in an attempt to help fund the APT’s other activities.
Google’s Neel Mehta found the same code in both samples, which was confirmed by Kaspersky Lab and Suiche later. Guerrero-Saade, who worked on the Lazarus research and on separate research on APTs and their use of false flags, said today that this was not an attribution claim that Lazarus was behind WannaCry, but instead a clustering claim.
“What we’re talking about is what cluster of activity this fits into, what threat actor fits the bill for this,” he said. The linkage between the SWIFT attacks and Lazarus, made by BAE Systems researchers, was based off similar code re-use of a wiper function in a Lazarus attack and the Bangladeshi attack. “The amount of proof grew over times and we laid to rest the concerns about whether the SWIFT attackers are actually part of the Lazarus group.
“Having only had WannaCry for five days, I think it’s important to understand that this is only a lead, and not a simple lead,” Guerrero-Saade said. “It’s not necessarily easy to just replicate a very specific function of code from a very obscure piece of malware from two years ago that you only put into version 1.0 and then removed. That’s not a false flag, that’s too subtle. No one would have noticed it if not for Neel Mehta doing fantastic work.
“I understand that while it’s important to have some healthy skepticism, in this particular case, I think we’re just catching a bit of code re-use. The claims aren’t necessarily bigger than they are, but they aren’t quite as hard to stomach when you look at the code itself.”