Archive for the ‘NSA’ Category

Morning Digest | 17 Opposition parties to field a candidate for Presidential poll; ED summons Rahul again tomorrow, and more – The Hindu

17 Opposition parties to field a candidate for Presidential poll

Kick-starting the consultations on putting up a joint candidate for the Presidential election, 17 Opposition parties attended a meeting hosted by West Bengal Chief Minister and Trinamool Congress president Mamata Banerjee in New Delhi on Wednesday. At the end of the 90-minute meeting, the parties came up with a statement expressing their intent to field a common candidate, but no name was finalised.

ED summons Rahul again on June 17

As former Congress President Rahul Gandhi went in for questioning by the Enforcement Directorate (ED) in a money laundering case linked to the National Heraldnewspaper for the third consecutive day on Wednesday, there were tense moments at the All India Congress Committee (AICC) headquarters as Delhi police personnel barged into its premises and dragged out workers, including a former Lok Sabha member. Mr. Gandhi has been summoned again on Friday for further questioning.

Ajit Doval attends meeting hosted by China

National Security Advisor (NSA) Ajit Doval attended a virtualBRICSmeeting hosted by Chinese NSA Yang Jiechi on Wednesday, aimed at strengthening political and security cooperation within the five-nation grouping of Brazil, Russia, India, China and South Africa. An official statement said multilateralism and global governance, new threats and challenges to national security, and governance in new domains were on the agenda for discussions.

Presidential polls | Rajnath speaks to Pawar, Mamata, Kharge

Defence Minister Rajnath Singh and Bharatiya Janata Party (BJP) president J.P. Nadda on Wednesday began theconsultation process, on behalf of the NDA, for the upcoming polls for electing thenew President of India, by dialling key Opposition leaders, NDA allies and neutral parties such as the Biju Janata Dal (BJD).

Three-year Bachelors degree programme for Agnipath recruits

A day after the Cabinet approved the Agnipath scheme for temporary recruitment to the armed forces, the Ministry of Education on Wednesday said it will launch a three-year bachelors degree programme that will give credits to serving defence personnel who avail the scheme.

Presidential polls | 11 nominations filed on day 1

Eleven people filed their nominations on Wednesday for the Presidential election to be held on July 18, according to Rajya Sabha sources.

Plea in Supreme Court seeks stringent population control law

A Mathura resident has asked the Supreme Court to direct the government to ascertain the feasibility of enacting a stringent population control law. Devkinandan Thakur Ji, the petitioner, said such a law would secure the fundamental rights of citizens, including the right to peaceful sleep along with clean air, water, food, health and shelter. Mr. Thakur said the injury caused by population explosion for women especially was extremely large.

Daughter of Himachal judge held in murder case

Kalyani Singh was under the scanner of the agency for long as it had emerged during the probe that a woman was accompanying Sidhus killer.

U.S. Federal Reserve attacks inflation with its largest rate hike since 1994

The move announced by the U.S. Federal Reserve will raise its benchmark short-term rate to a range of 1.5% to 1.75%.

JharKhand govt. seeks explanation from Ranchi SSP over putting up posters of violence accused

A day afterJharkhand police put up posters carrying photographsof those allegedly involved in the recentviolent protests in Ranchi, the States Home Secretary Rajiv Arun Ekka on Wednesday evening sought an explanation from the SSP over the unlawful act.

BJP expels Rajasthan MLA for cross-voting in Rajya Sabha elections

The Bharatiya Janata Party on Wednesday expelled its Rajasthan MLA Shobharani Kushwah for cross-voting in favour of a Congress candidate in the elections to four Rajya Sabha seats from the State held recently.

Myanmar not part of ASEAN meet

The Foreign Minister of Myanmar is unlikely to be part of the 24 thASEAN-India Ministerial here on Thursday, an official source indicated.Myanmars representation at the meeting has been in focus as India has been under pressure to avoid inclusion of Myanmar in the high-level meeting.

Prithvi-II missile successfully test-fired during night time

India on Wednesday successfully test-fired its indigenously developed, nuclear-capable Prithvi-II missile during night time as part of a user training trial from a test range off the Odisha coast. The Defence Research and Development Organisation (DRDO) said: Prithvi-2 missile test-fired successfully and the test met all parameters.

Biden announces another $1 billion military aid to Ukraine

Joe Biden said on Wednesday the U.S. will send another $1 billion in military aid to Ukraine, the largest single tranche of weapons and equipment since the war began. The aid will include anti-ship missile launchers, howitzers and more rounds for the High Mobility Artillery Rocket Systems - all key weapons systems that Ukrainian leaders have urgently requested.

K.L. Rahul to miss England test, Hardik Pandya in line for captaincy during Ireland T20Is

Senior opener K.L. Rahul is all set to miss the fifth Test against England in Birmingham next month as he is unlikely to recover from a groin injury that forced him out of the ongoing T20I series against South Africa.

See the article here:
Morning Digest | 17 Opposition parties to field a candidate for Presidential poll; ED summons Rahul again tomorrow, and more - The Hindu

On Indias wheat export ban, US NSA said this…. – WION

Even as the food crisis looms large due to the Russian-Ukraine war coupled with climate change, United States National Security Advisor Jake Sullivan said that food security would be the topic of discussion in the third edition of the Quad Summit in Tokyo.

Sullivan was responding to a question if President Joe Biden will have a talk with Prime Minister Narendra Modi to reverse Indias decision to ban wheat exports.

Food security will be the topic of conversation at the Quad, Sullivan said on Sunday.

Ukraine and Russia account for 29 per cent of global wheat and 62 per cent of sunflower oil exports. The invasion has exacerbated food price inflation in emerging markets and developing economies and has impacted some of the poorest and most vulnerable countries.

Global food prices are almost 30 per cent higher than the same time last year, according to the UN.

India was forced to halt wheat exports after a brutal heatwave destroyed the crops, causing inflation and shortage in the country.

Watch |Indian PM Narendra Modi's Japan visit: 40 hours for 23 engagements

However, the Indian government had said that it would consider helping the nations that are in need.

Apart from the wheat export ban, the Quad summit will also likely discuss the Russian-Ukraine war where Indias stand has put it at odds with its allies.

Even though India has not outrightly condemned Russia, it had always sought for peaceful resolution of the conflict.

When Sullivan was asked if Biden wouldtalkwith Modi on this issue, he said, Well, they already had the opportunity to engage on that and the president had an extended discussion with PM Modi when they did a virtual Quad summit in March. They also got to speak about it when they had a short video bilateral 2+2 and when Indian ministers came to Washington.

So, it won't be a new conversation but a continuation of the conversation they have already had on how we see the picture in Ukraine and impacts of Russia's brutal invasion of Ukraine, apart from wider sets of concerns in the world including food security concerns. So, they will talk all of that through, will leave the specific, they had private and constructive exchanges. This will be similarly constructive and straightforward.

Also read |WION @ Quad: Updates from Japan | Quad leaders to meet in Tokyo

When asked if President Biden would also raise human rights issues with PM Modi, the US NSA said, President Biden has been clear from the beginning in this administration that we will speak out when we see any form of departure or deviation from basic principles, fundamental freedoms, human rights, values of democratic institutions and rule of law.

Also read |WION reports from Tokyo: Quad leaders to meet under shadow of Ukraine war, China threat

That is true for a range of countries, and we dont single India out. We have found a way to pursue practical cooperation with countries who are democratic and non-democratic while at the same time being clear and consistent where our values lie.

WATCH WION LIVE HERE

The rest is here:
On Indias wheat export ban, US NSA said this.... - WION

NSA Swears It Won’t Allow Backdoors in New Encryption Standards

Photo: SAUL LOEB / AFP (Getty Images)

The U.S. has been working on new encryption standards meant to withstand the powers of quantum computing, an emergent technology that will supposedly involve machines capable of high-octane mathematical calculations that can crack current-day encryption algorithms without breaking a sweat.

Bloomberg reports that the National Institute of Technical Standards, or NIST, has been holding competitions to help develop these new standards. The goal is to develop better, more hack-resistant public-key cryptography, which will power secure communications for email and other everyday online applications that millions of Americans rely on.

The National Security Agency has also been helping out with the development of these new encryption standards, though its not totally clear how. Dont worry though! The NSA swears that the new protocols are so secure that even its own band of keyboard warriors cant hack them. And the NSA would never put a backdoor in an encryption standard, right?

There are no backdoors, Rob Joyce, the NSAs director of cybersecurity told the news outlet. Those candidate algorithms that NIST is running the competitions on all appear strong, secure, and what we need for quantum resistance, Joyce said. Weve worked against all of them to make sure they are solid. The agency declined to comment further.

This sounds good, though it seems important to mention that the NSA does not have... shall we say, an amazing track record when it comes to backdoors. Dont forget that...

G/O Media may get a commission

Save $70

Apple AirPods Max

Experience Next-Level SoundSpatial audio with dynamic head tracking provides theater-like sound that surrounds you

So, sure...no backdoors. Alright!

Read the original post:
NSA Swears It Won't Allow Backdoors in New Encryption Standards

5G NSA vs. SA: How does each deployment mode differ?

Prior to its release, 5G had been long touted as a major upgrade to cellular networking technology. With 5G no longer in its infancy, U.S. mobile network operators, or MNOs, have started to distribute 5G across the nation.

MNOs have two main options to choose from when deploying 5G: non-standalone (NSA) and standalone (SA).

NSA dominated as the top choice for initial 5G deployments among MNOs, thanks to existing cellular infrastructure. But, as SA 5G deployments take off, it's important to understand the distinctions between the two. Both approaches are valid ways of constructing a 5G network, but the chosen deployment mode determines how efficiently the 5G network operates.

Both NSA and SA use the 5G New Radio (5G NR) interface, enabling them to deliver features and capabilities based on the standards defined by the 3rd Generation Partnership Project (3GPP). 5G NR offers myriad use cases, but one of its most essential features is it provides a path from 4G LTE to 5G.

When it comes to NSA 5G, the clue is in the name: It's 5G that can't stand on its own in terms of infrastructure. NSA is a 5G radio access network (RAN) that operates on a legacy 4G LTE core -- known as Evolved Packet Core (EPC) -- and manages control plane functions. NSA includes both a 4G and 5G base station, but the 4G base station takes precedence. Because the NR control plane anchors to the EPC, radio frequency signals forward to the primary 4G base station.

NSA 5G, also known as Release 15 by 3GPP, is considered the first stage of 5G. Initial 5G deployments used NSA because MNOs could use their current infrastructure to build a 5G network. Carriers with 4G LTE networks could implement a 5G RAN on top of their existing architectures. NSA 5G can serve as a steppingstone for carriers unprepared to make a hefty investment when transitioning from legacy 4G LTE to 5G networks.

The drawback of NSA 5G, however, is it can't deliver certain capabilities that a pure, unfettered SA 5G network can. For example, NSA doesn't enable the low latency that is one of the biggest draws to 5G. Another disadvantage of NSA is it requires a higher level of energy to power 5G networks with 4G infrastructure. 5G NR is more energy-efficient than LTE, IEEE reported, but using two different forms of cellular technology massively increases power consumption in a network.

NSA 5G also shouldn't be confused with dynamic spectrum sharing (DSS), another method of deploying 5G with 4G technology. While NSA creates a 5G network with 4G infrastructure using dual connectivity, DSS permits 4G LTE and 5G NR to coexist in the same frequency band. 5G networks have a variety of spectrum bands available for use, and DSS distributes spectrum between bands based on user demands.

SA 5G networks include both a 5G RAN and a cloud-native 5G core, something NSA networks lack and substitute with a 4G core. SA networks can perform essential 5G functions, such as reducing latency, improving network performance and centrally controlling network management functions, because of their 5G cores.

SA requires MNOs to configure a completely new architecture and learn how to manage it. As carriers waited for SA technology to mature, most opted to simply reconfigure their 4G networks to support 5G, as it was cheaper and more convenient.

New providers without established 4G core networks couldn't follow that strategy, though. Because they couldn't rely on a 4G core, they needed to build their 5G infrastructure from scratch. SA is now looking to take the crown among MNOs, as carriers start to deploy it to take advantage of the improvements it offers over NSA.

The biggest disadvantage of SA is it's costly to implement and time-consuming for network professionals to learn the new 5G core infrastructure. Regardless, MNOs are making the shift to SA because NSA can serve as a step toward 5G networking, but it isn't considered true 5G due to its reliance on 4G LTE.

Ultimately, the biggest difference between NSA and SA is how each mode provides 5G. NSA uses a 5G RAN, as well as a 4G LTE core, while SA is an end-to-end 5G network with both a 5G RAN and NR core. Their methods of deployment determine how each mode supports the 3GPP-defined NR specifications.

5G NR specifications include the following:

All three features support an array of industries and services, including emerging sectors, such as IoT. However, SA 5G is the only deployment mode that supports all three specifications. NSA 5G can only enable enhanced mobile broadband because it has a 4G core that can extend to support the specification. SA can enable all three features because it has a more powerful and more flexible 5G core.

According to an October 2021 Exfo and Heavy Reading study, 88% of MNOs based in North America and Europe have planned to deploy SA 5G within the next year. Around 49% plan to deploy it in 2022, while another 39% are planning to deploy it by 2023. Despite the simplicity and inexpensive costs of deploying NSA, carriers are making the move to SA 5G to reap the most beneficial and anticipated capabilities of the technology.

Visit link:
5G NSA vs. SA: How does each deployment mode differ?

FBI and NSA say: Stop doing these 10 things that let the hackers in – ZDNet

Cyber attackers regularly exploit unpatched software vulnerabilities, but they "routinely" target security misconfigurations for initial access, so the US Cybersecurity and Infrastructure Security Agency (CISA) and its peers have created a to-do list for defenders in today's heightened threat environment.

CISA, the FBI and National Security Agency (NSA), as well as cybersecurity authorities from Canada, New Zealand, the Netherlands, and the UK, have compiled a list of the main weak security controls, poor configurations, and poor security practices that defenders should implement to thwart initial access. It also contains the authorities' collective recommended mitigations.

"Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim's system," CISA says.

SEE: Just in time? Bosses are finally waking up to the cybersecurity threa

The list of actions includes all obvious candidates, such as enabling multi-factor authentication (MFA) on key systems, such as virtual private networks (VPNs), but which are prone to misconfigurations when implemented in complex IT environments.

For example, last year Russian hackers combined a default policy shared by multiple MFA solutions and a Windows printer privilege of escalation flaw to disable MFA for active domain accounts and then establish remote desktop protocol (RDP) connections to Windows domain controllers. This complexity can also be seen in the choice of, deployment and use of VPNs, whose adoption escalated after the pandemic struck.

Recent research by Palo Alto Networks found that 99% of cloud services utilize excessive permissions, against the well-known principle of least privilege to limit opportunities for attackers to breach a system.

The security controls outlined in CISA's list serve as a useful checklist for organizations, many of which deployed remote-working IT infrastructure hastily due to the pandemic, and amid today's heightened geopolitical tensions due to Russia's invasion of Ukraine. It also follows the EU joining the US-Five Eyes in jointly blaming the Russian military on this year's cyberattack against Viasat's European satellite broadband users.

As noted in the joint alert, attackers commonly exploit public-facing applications, external remote services, and use phishing to obtain valid credentials and exploit trusted relationships and valid accounts.

The joint alert recommends MFA is enforced for everyone, especially since RDP is commonly used to deploy ransomware. "Do not exclude any user, particularly administrators, from an MFA requirement," CISA notes.

Incorrectly applied privileges or permissions and errors in access control lists can prevent the enforcement of access control rules and could give unauthorized users or system processes access to objects.

Of course, make sure software is up to date. But also don't use vendor-supplied default configurations or default usernames and passwords. These might be 'user friendly' and help the vendor deliver faster troubleshooting, but they're often publicly available 'secrets'. The NSAstrongly urges admins to remove vendor-supplied defaults in its network infrastructure security guidance.

"Network devices are also often pre-configured with default administrator usernames and passwords to simplify setup," CISA notes. "These default credentials are not secure they may be physically labeled on the device or even readily available on the internet. Leaving these credentials unchanged creates opportunities for malicious activity, including gaining unauthorized access to information and installing malicious software."

SEE: What is ransomware? Everything you need to know about one of the biggest menaces on the web

CISA notes that remote services, such as VPNs, lack sufficient controls to prevent unauthorized access. Defenders should add access control mechanisms like MFA to reduce risks. Also, put the VPN behind a firewall, and use IDS and IPS sensors to detect suspicious network activity.

Other key problems include: strong password policies are not implemented; open ports and internet-exposed services that can be scanned via the internet by attackers; failure to detect or block phishing using Microsoft Word and Excel documents booby-trapped with malicious macros; and poor endpoint detection and response.

CISA's recommendations include control access measures, implanting credential hardening, establishing centralized log management, using antivirus, employing detection tools and searching for vulnerabilities, maintaining configuration management programs, and implementing patch management.

CISA also recommends adopting a zero-trust security model, but this is likely a long-term goal. US federal agencies have until 2024 to make significant headway on thisaim.

The full list of security 'don'ts' includes:

Read the original here:
FBI and NSA say: Stop doing these 10 things that let the hackers in - ZDNet