U.S. Cybersecurity Policy Shift

The Trump administration has reduced its focus on Russian cyber threats, now prioritizing concerns over China and Iran. This change has raised alarms among cybersecurity experts, who warn it may leave the U.S. more vulnerable to Russian hacking activities.

theguardian.com

ByBit Hack Attributed to North Korea

The FBI has identified North Korea as the culprit behind the $1.5 billion hack of cryptocurrency exchange ByBit. The attack is believed to have been orchestrated by North Korea's Lazarus Group, highlighting the growing sophistication of state-sponsored cybercrime.

reuters.com

UK's Demand for Encrypted Data Raises Privacy Concerns

The U.S. Director of National Intelligence has accused the UK of violating U.S. privacy rights by demanding access to encrypted Apple data. This demand has sparked debates about data privacy and international agreements on data access.

The Times

Healthcare Sector Faces New Cybersecurity Regulations

In response to a surge in cyberattacks, U.S. lawmakers are proposing stricter cybersecurity regulations for healthcare providers. The proposed measures include enhanced incident-response plans and stricter adherence to HIPAA standards, such as multifactor authentication and regular audits.

The Wall Street Journal

Data Breach at Major IVF Provider

Genea, a leading IVF provider, has confirmed a significant data breach affecting patient management systems. Compromised data includes personal and medical information, though financial details appear unaffected. The company is collaborating with authorities to investigate and address the breach.

News.com.au

Rise in Business Email Compromises

Scammers are increasingly targeting businesses, with AI-generated emails leading to sophisticated schemes that have cost companies an estimated $2.9 billion in 2023. These attacks often involve fake email threads and websites, deceiving employees into divulging sensitive information.

The Australian

AI Safety Policies Under Scrutiny

Recent policy shifts in the U.S. and U.K. are framing AI safety primarily as a security issue, potentially sidelining ethical considerations like bias and content accuracy. Both governments declined to sign an international AI declaration prioritizing ethics, raising concerns among experts.

axios.com

Collaboration Between Hackers and Hacktivists

There's an increasing trend of collaboration between state-backed hackers and hacktivists, posing heightened risks to critical infrastructures such as utilities and food manufacturers. This alliance escalates cyber threats, with 70% of last year's vulnerabilities deep within industrial control systems networks

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a

This advisory from the United States National Security Agency (NSA), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the Communications Security Establishment’s Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), and the United Kingdom National Cyber Security Centre (NCSC-UK) (hereafter referred to as the “authoring agencies”) provides an overview of hunting guidance and associated best practices to detect this activity.

One of the actor’s primary tactics, techniques, and procedures (TTPs) is living off the land, which uses built-in network administration tools to perform their objectives. This TTP allows the actor to evade detection by blending in with normal Windows system and network activities, avoid endpoint detection and response (EDR) products that would alert on the introduction of third-party applications to the host, and limit the amount of activity that is captured in default logging configurations. Some of the built-in tools this actor uses are: wmic, ntdsutil, netsh, and PowerShell. The advisory provides examples of the actor’s commands along with detection signatures to aid network defenders in hunting for this activity. Many of the behavioral indicators included can also be legitimate system administration commands that appear in benign activity. Care should be taken not to assume that findings are malicious without further investigation or other indications of compromise.

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a

Nearly $1.49 billion in cryptocurrency losses have been registered to date in 2024, mainly due to hacking incidents, a new report from web3 bug bounty platform Immunefi shows.

The total year-to-date losses have dropped compared to last year, when they surpassed $1.75 billion during the period, and were mainly driven by losses of over $359 million in May and of more than $282 million in July.

https://www.securityweek.com/hackers-stole-1-49-billion-in-cryptocurrency-to-date-in-2024/

“…case we’ve worked where you have an attacker that’s extremely far away and essentially broke into other organizations in the US in physical proximity to the intended target, then pivoted over Wi-Fi to get into the target network across the street,”

https://www.kyivpost.com/post/43199

Update, Nov. 27, 2024: This story, originally published Nov. 26 now includes additional information regarding the Matrix campaign’s initial access routes.

Your home router could be running slow as it has become part of the Matrix, according to a newly published report by Assaf Morag, the director of Aqua Nautilus threat intelligence at Aqua Security. Here’s what you need to know about this new and widespread cyber attack.

https://www.forbes.com/sites/daveywinder/2024/11/27/is-your-router-in-the-matrix-35-million-devices-under-blue-pill-attack/

We are so very grateful to announce our new partnership with Netgate and pFSense.

We look forward to working with Netgate to supply you with the best firewalls with an amazingly low cost.

This partnership aligns with our core beliefs and values, that everyone is entitled to being protected on the internet, while using OpenSource for constant improvements and the un-bloated cost and reliability of Netgate hardware.

Here’s a snippet of 1 page of 124 “alerts” from IDS/IPS running on a pFSense Firewall.

As you can see, the illusion you are safe hiding behind a Modem and Brand Name Router is blown away. Below are active Attacks from the internet, BEHIND a router and modem, otherwise known as your “safe” network. Note PortScans, and other malicious attacks creeping right into your home without you knowing!

Truth:

A Router IS NOT a Firewall!

A Modem IS NOT a Firewall!

The US government agencies say that China-linked threat actors have hacked into telecom providers to steal call records and data and to spy on individuals.

“Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications”” the alert reads.

https://www.securityweek.com/cisa-fbi-confirm-china-hacked-telecoms-providers-for-spying/

Based on mobile phone texts, calls, etc no longer bineg “private”, CST recommends a highly respected messaging app called Signal. It is 100% free (a 501c3 nonprofit) organization aimed and founded in privacy. You can use this messaging app to text and make phone calls with industry strength cryptography, an no trackers.

https://signal.org

“State-of-the-art end-to-end encryption (powered by the open source Signal Protocol) keeps your conversations secure. We can't read your messages or listen to your calls, and no one else can either. Privacy isn’t an optional mode — it’s just the way that Signal works. Every message, every call, every time”

Free VPNs and the Privacy Tradeoff

While free VPNs might seem like an attractive option, they often have serious downsides when it comes to privacy. Here's why using them could put your PII at risk:

• Tracking and Monetizing Your Data: Many free VPNs make money by collecting and selling your data to third parties, including your browsing history, personal information, and even device data. This undermines the core reason for using a VPN—to protect your privacy.

  • Advertising and analytics: Free VPN providers often use your data to serve targeted ads or for marketing purposes.

• Limited Transparency: Free VPN services may not have the resources to maintain robust privacy practices. They may not be transparent about what they log or who has access to your data.

  • Some free VPNs have been caught logging detailed user activity or even selling bandwidth from their users to create a peer-to-peer network.

• Weak Encryption and Security: Some free VPNs may compromise your data’s security by offering weaker encryption or running outdated software. This can leave your personal information exposed to hackers, especially if they lack the infrastructure to protect your traffic.

• Potential for Malware: Some free VPN apps have been found to include malicious software or adware that can steal your data or track your activity.

In addition to pFsense having Enterprise level firewall protection, it also provides many other helpful features for which people pay monthly fees - for example a VPN service. This is actually included in PFSense (a VPN Server) and you no longer have to pay someone to host your VPN connection. Keep in mind that all VPN traffic is decrypted at the endpoint. Thus, it’s important that you trust the company that you are paying this service for, as they have all of your logins and passwords. And if you’re using a “free” VPN service - well, it’s not really free. Look at it this way: If you're providing all of your logins to banks, email, investments, etc., then you’re “paying” them in the form of your personal data, which they sell for money…so it’s not REALLY “free” for you because your giving all of your information away. Whereas, when you use the PFSense VPN, it is your VPN. Therefore - most importantly - you are maintaining security, privacy, and control of your own data. 

COMPARING CST WITH THE TOP 3 FIREWALL COMPANIES

the FIREWALL SOFTWARE IS 100% FREE.

the FIREWALL LICENSING IS 100% FREE

You ask, so what’s the catch? CST provides installation services for this free OpenSource Firewall software. This is a one time labor fee, compared to multiple $1000’s per Year or even Month! See below.

The cost of firewalls from major vendors can vary widely depending on factors like deployment size, features, licensing models, and support options. Here’s a breakdown of typical cost structures for some of the leading firewall companies.

 1. Palo Alto Networks

   - Firewall Models: 

     - PA-220 (for small businesses): Starts around $300–$500 (one-time hardware cost).

     - PA-820/PA-3220 (mid-range): Around $2,000–$7,000.

     - PA-5260/PA-7000 (enterprise-level): $20,000 and up (with higher-end models reaching $50,000+).

   - Subscription Costs:

     - Threat Prevention, URL Filtering, and WildFire (cloud-based malware prevention): Around $500–$1,500 per year per appliance.

     - GlobalProtect VPN: ~$3,000–$10,000 annually (depending on users).

     - Panorama (centralized management): Can cost $2,000–$5,000+ annually.

   - Total Cost of Ownership (TCO): $5,000–$100,000+ per year, depending on the deployment scale.

 2. Fortinet

   - Firewall Models:

     - FortiGate 60F (entry-level for SMB): Around $400–$600 (one-time hardware cost).

     - FortiGate 200E/300E (mid-range): Around $2,000–$7,000.

     - FortiGate 6000E/7000E (enterprise-grade): Prices start around $20,000 and can exceed $50,000 depending on the configuration.

   - Subscription Costs:

     - FortiGuard Security Services (includes antivirus, IPS, web filtering, etc.): ~$500–$3,000+ per year.

     - FortiAnalyzer (log management): Around $1,000–$4,000+ annually.

     - FortiManager (centralized management): Can range from $1,500–$10,000 annually, depending on scale.

   - Total Cost of Ownership (TCO): $1,500–$50,000+ annually.

 3. Cisco

   - Firewall Models:

     - Cisco ASA 5506-X (for small to medium businesses): Around $300–$500 (one-time hardware cost).

     - Cisco Firepower 1010 (mid-range): Around $500–$1,500.

     - Firepower 4100/9300 Series (high-performance, enterprise-grade): $10,000–$50,000+.

   - Subscription Costs:

     - Cisco Threat Defense Services (includes malware defense, URL filtering, and AMP): Starts at $500–$5,000+ per year.

     - Cisco Umbrella (cloud security service): $2,000–$20,000+ annually, depending on users.

     - Firepower Management Center: Starts at $1,000–$5,000 annually.

   - Total Cost of Ownership (TCO): $1,500–$50,000+ annually, depending on scale.