Make a blog

Joseph Stgeorge

5 months ago

Online Security: Japanese government plans cyber attack institute

Online Security: Japanese government plans cyber attack institute

The government of Japan will create an institute to train employees to counter cyber attacks. The institute, which will be operational early next year, will focus on preventing cyber attacks on electrical systems and other infrastructure.

 

The training institute, which will operate as part of Japan’s Information Technology Promotion Agency (IPA), is the first center for training in Japan to focus on preventing cyber attacks. A government source said that the primary aims will be preventing a large-scale blackout during the Tokyo Olympics and Paralympics in 2020, and stopping leaks of sensitive power plant designs.

 

The source also stated that there is potential for a joint exercise in cyber awareness between the Japanese group and foreign cybersecurity engineers in the future.

 

The counter cyber attack training institute will take 100 employees of electrical power and related firms and train them for a full year in Tokyo, using former hackers and cyber security experts as instructors. Funds will be allocated through an extra budget that is currently being compiled.

 

Cyber security is a growing concern in Japan, where over 12 billion cyber attacks were reported in 2014 by the National Institute of Information Technology. The Japanese national police force reported that instances of cyber crime investigated by the police rose 40% from 2014-2015. In February of this year, a study at Cylance SPEAR identified a hacking group that was targeting Japanese infrastructure. While the group was involved mainly in spying activities and had yet to launch a disruptive or destructive attack, the report warned that the activity was likely to escalate.

 

The need for a comprehensive cybersecurity training program focused on electrical infrastructure was highlighted after the December 2015 power outage in Ukraine, which left 230,000 citizens without power or heat. That attack, the first time a confirmed hack brought down a power grid, demonstrated the vulnerability of electrical stations to a malicious cyber attack. While employees were able to bring the systems back online in a few hours, the power station control centers were reportedly not fully operational for months after the attack.

 

In June of 2015, Japan’s pension agency was illegally accessed, and the personal data of over 1 million users was leaked. Then, in January of this year, Japan’s Hokkaido University suffered a breach that resulted in the leak of personal data for 110,000 of its students. An unsecured server in the career placement office was believed to be the source of the hack.

6 months ago

Oakmere Road: Business Email Compromise – Top Phishing Attacks of 2016

Oakmere Road: Business Email Compromise – Top Phishing Attacks of 2016

In this series of blog posts we examine the most common forms of phishing attacks and appropriate countermeasures to protect both individuals and organizations – in this post we explore Business Email Compromise and the potential fall-out for executives.

 

Business Email Compromise

 

At the start of 2016, the FBI warned that it had seen a 270% increase in CEO scams, also known as Business Email Compromise (BEC) scams.

 

With these scams, savvy cyber criminals are taking the time to harvest personal information and learn the processes within a company. Once armed with this information, they target carefully selected employees with a spear phishing email designed to get access to confidential business information or transfer money into an unknown account.

 

Companies that have recently fallen victim to this kind of criminal fraud include:

 

- Ubiquiti Networks – the finance department was targeted by a fraudulent request from an outside entity that resulted in $46.7 million being transferred to an overseas account held by external third parties after an employee was impersonated.

- Mattel – a finance executive wired more than $3 million to the Bank of Wenzhou after the ‘new CEO’ requested a vendor payment. According to reports, Mattel quickly realized that it had been victim of a fraudulent request and worked with Chinese authorities to get the money back.

- FACC – the Austrian aircraft parts maker, whose customers included Airbus, Boeing and Rolls-Royce, reported that they had fired their chief executive after cyber criminals stole €50 million ($55.7 million) in an email scam.

 

Agari research found that more than 85% of spear phishing attacks are enabled by legitimate cloud services, and the majority do not contain a malicious link or attachment, which make them a lot harder to detect.

 

BEC Countermeasures

 

A multi-pronged approach is required to counter these types of targeted attacks:

1. Strengthen Internal Processes – To counter the threat of this type of attack, organizations must introduce policies that ensure that no one person or single email can authorize transactions. Instead, there needs to be a mixture of communication channels verifying any request for confidential or financial information.

2. Multi-Layered Approach – There is not a single solution available that can solve the breadth of the email security problem. What’s needed is multiple controls – a cocktail of complementary solutions that provides a multi-layered approach to cyber security where prevention, early detection, attack containment, and recovery measures are considered collectively.

3. Establish Per-message Authenticity – Organizations need a solution that considers sophisticated data science and email security intelligence in order to reinstill trust into the email ecosystem and establish the ‘true’ identity of an email’s sender.

 

Download Agari’s executive brief on the Top Phishing Attacks of 2016 to learn more about best practices to stopping phishing attacks.

 

You can also check out the other posts in the Top Phishing Scams series:

 

- Ransomware

- Data Breach of Employee Information

- Consumer Email Fraud

- Hacktivism

6 months ago

Scholarship scams target college students by Oakmere Road

Scholarship scams target college students by Oakmere Road

“We don’t know how widespread this is,” FTC spokesman Frank Dorman said.

 

Some scammers, according to the FTC, guarantee the students will get their fees refunded if they don’t receive a scholarship, but then attach conditions that make it impossible to collect a refund.

 

Others tell students they’ve been selected as finalists for awards and demand an upfront fee, or request bank account information on the false premise of confirming their eligibility.

 

“Don’t pay,” King advised. “Legitimate scholarships do not require a fee. Stay away from any types of fees when looking for scholarships.”

 

Legitimate scholarships, she said, also don’t require recipients to provide personal banking or credit card information.

 

Conducting some online research into the background of a scholarship or consulting company can also help students spot fraudulent or deceptive offers, she said.

 

Signs that a scholarship offer may be a scam include the presence of application fees, no proof of past winners, no phone number listed, a request for personal financial information and winning a scholarship you didn’t apply for, King said.

 

There are also companies that claim they have programs that can increase a student’s eligibility for certain scholarships or grants.

 

Some legitimate companies provide students with lists of scholarships or run students’ profiles through national scholarship databases to find potential scholarships for which they’re eligible. But legitimate companies won’t guarantee scholarships or grants, according to the FTC.

 

King recommends that students and parents can save money by doing the legwork themselves.

 

“Avoid companies that state they will do the work for you,” King said. “Scholarships are work. No one else can do it for you. Try to avoid any company that states it will do the work for you.”

7 months ago

Oakmere Road: Forex Hoster Review - Is ForexHoster VPS Scam? Does It Work?

Oakmere Road: Forex Hoster Review - Is ForexHoster VPS Scam? Does It Work?

Is the Forex Hoster VPS a scam? This is a service that allows users to upload their own Forex scripts, indicators and especially Expert Advisors that they want to run 24/7. FX Hoster hosts the back end that users have access to in order to upload these files.

 

Forex Hoster is a Forex Vps MetaTrader & Expert Advisor Hosting for Forex Traders. This gives you the ability to view, manage and trade in real-time through your broker, and host live or demo Expert Advisors. Forex Hoster servers are part of a larger grid, that uses various and accurate management systems to make sure that each client has access to the Internet, and is up and running as needed. Free expert advice is assigned to you once you sign up for an account.

 

Advantages of Hosting Forex Expert Advisors on a Virtual Private Server like Forex Hoster

 

Since the FX Hoster is 100% Unix based and does not use Windows technology, it is immune to the spyware, malware and viruses that will infect Microsoft environment systems. This independence of Microsoft systems by the software means that I am assured that my trading activities will have no chance of being negatively sabotaged by these viruses and malware.

 

Generally, when I use a Forex trading robot, I want to ensure that my robot can run as smoothly as possible and eliminate the chances of interrupting it, and you should do this too if you are using Forex Expert Advisors.

 

The Importance Of Connectivity

 

The reality is that many of the newer Expert Advisors such as PipZu and Forex Detector are making use of trend adapting technology. This means that they really do need a 24 hour connection to the markets so that they can properly analyse the trends and trade at the right times.

 

The fact is, switching your computer off, or, worse, having it crash on you, could leave you with stuck open positions or inadequate analysis - costing you money. Forex Hoster removes this risk.

 

Complete Domain / IP Management

 

Forex Hoster does not depend on any co-location or hosting company. Therefore its connector is capable of changing locations dynamically to follow the FX Hoster to where it is located at.

 

What Types of OS Can Forex Hoster Support?

 

It has multi operating system supports that works with Windows, Linux and Mac operating systems and is able to host Forex trading platforms like MetaTrader. I am using this service today as it is the best solution for me to run my Expert Advisor by keeping my MT4 platform running consistently.

 

Final Overview of the Forex Hoster VPS Service

 

With all the safety and powerful features that FX Hoster has provided me with, I must say that the membership fee for joining has been well worth the money, and I highly recommend Forex robot users to try it.

7 months ago

International Financial Securities Regulatory Commission: Legal framework / Document repository

International Financial Securities Regulatory Commission: Legal framework / Document repository

Legal framework

In this section you will find the general outline of the legal framework of company reporting.

 

Legal acts: Other

 

Status       Name

Proposal      Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU) No 258/2014 establishing a Union Programme to support specific activities in the field of financial reporting and auditing for the period of 2014-20 (COM/2016/202)

 

In force        Regulation (EU) No 258/2014 of the European Parliament and of the Council of 3 April 2014 establishing a Union programme to support specific activities in the field of financial reporting and auditing for the period of 2014-20 and repealing Decision No 716/2009/EC (258/2014/EU)

 

Repealed     Decision No 716/2009/EC of the European Parliament and of the Council of 16 September 2009 establishing a Community programme to support specific activities in the field of financial services, financial reporting and auditing (716/2009/EC)

 

In force        Commission Recommendation of 11 October 2007 on the electronic network of officially appointed mechanisms for the central storage of regulated information referred to in Directive 2004/109/EC of the European Parliament and of the Council (notified under document number C(2007) 4607) (2007/657/EC)

 

In force        Commission Directive 2007/14/EC of 8 March 2007 laying down detailed rules for the implementation of certain provisions of Directive 2004/109/EC on the harmonisation of transparency requirements in relation to information about issuers whose securities are admitted to trading on a regulated market (2007/14/EC)

 

In force        Commission Recommendation of 6 May 2003 concerning the definition of micro, small and medium-sized enterprises (Text with EEA relevance) (notified under document number C(2003) 1422) (2003/361/EC)

 

In force        Commission Recommendation of 30 May 2001 on the recognition, measurement and disclosure of environmental issues in the annual accounts and annual reports of companies (notified under document number C(2001) 1495) (2001/453/EC)

 

The International Financial Securities Regulatory Commission was established to promote investor confidence in the securities and capital markets by providing more structure and government oversight.

7 months ago

Regulation on the application of International Financial Reporting Standards (the “IAS Regulation”)

Regulation on the application of International Financial Reporting Standards (the “IAS Regulation”)

International Financial Securities Regulatory Commission Regulation on the application of International Financial Reporting Standards

The objective of adopting International Financial Reporting Standards (IFRS) issued by the International Accounting Standards Board (IASB) is to standardise companies’ financial reporting so that:

 

- financial statements are more transparent and comparable;

- the EU capital market and the single market can operate efficiently.

 

To achieve this objective, Regulation (EC) No 1606/2002 was adopted (the “IAS Regulation” or Regulation on the application of International Financial Reporting Standards). The scope of the IAS Regulation is as follows:

 

- Basic rule – IFRS shall be applied to the consolidated financial statements of EU companies whose securities are traded on a regulated EU market.

- Discretionary application – EU countries can opt to extend the use of IFRS to annual financial statements and non-listed companies as well.

 

A dedicated endorsement process was established together with new consultative and advisory organisations (ARC and EFRAG).

 

IFRSs are adopted by the EU in the form of regulations, which are published in the Official Journal of the European Union. Regulations are directly applicable in all Member States.

 

The International Financial Securities Regulatory Commission was established to promote investor confidence in the securities and capital markets by providing more structure and government oversight.

1 year ago

Meir Ezra - An Interesting Article

Everyone is looking for happiness. But most people make the mistake of thinking their happiness comes from other sources.

 

"I would be really happy if someone would give me a new house."

 

"If my husband would come home on time, I'd be happy."

 

"As soon as the weather warms up, I'll be happy."

 

Fortunately, as we have covered in several TipsForSuccess articles, you can make yourself happy. Here is a very interesting fact about happiness:

 

"The clue to happiness is being interested in life." -- L. Ron Hubbard

 

For example, why does a sunny day make you happy? Maybe because you become interested in the outdoors? Because you can participate in interesting activities?

 

Do you feel happy when you're around your spouse or a friend? Are you also interested in what he or she has to say? Perhaps you do interesting things with this person?

 

What makes you happy about a new house? Is it interesting to be there and to live there?

 

If you look at things that make you happy, you will also find something that gets you interested in life.

 

Exercises for Increasing Your Interest

 

1. Look around your desk and find five interesting items. Take a minute to enjoy each of them.

 

2. Think about your spouse and family. Write down three or more things about your spouse and family that you find interesting.

 

3. Think about your job. Write down three things that are interesting about your work.

 

4. What were three interesting things you did yesterday?

 

5. What are three interesting things you will do today?

 

6. What are your three most interesting problems? Write them down. What is interesting about them?

 

Answer any of these questions until you feel happy.

 

Go enjoy them!