source: cnet.com

 

Is it an automobile or a plane? With the AeroMobil flying car, there's really no need to decide.

Shown off at the Paris Air Show, this ambitious aircraft is capable of driving on normal roads in car mode at speeds of up to about 100 mph (160 kph). Its huge foldout wings and rear propeller allow it to take to the skies too, soaring for up to about 465 miles (750km) on a tank of fuel.

 

AeroMobil expects the car/plane to cost somewhere around the $1.6 million mark (1.26 million pounds) when it goes on sale in 2020.

It's built from a variety of composite materials, including carbon fiber, to help keep the overall weight down. Even so, it's quite a chunky chap and will manage a leisurely 0-60mph time of around 10 seconds. 

The AeroMobil has a wingspan of about 26 feet (8 meters), but the wings fold backward into the body when the vehicle is on the road. The propeller folds inside the fuselage too -- great news for pedestrians who don't wish to be sliced up as you drive past.

If $1.6 million seems a bit much for aerial transport, then you could cast your eye instead over the SureFly by Workhorse. Also displayed at this week's Paris Air Show, this personal helicopter uses eight rotors to maintain stable flight and will cost about $200,000.

 

CHECK OUT THE CAR HERE:   12 Inside the ambitious AeroMobil flying car

  source: threatpost.com

The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys.

“We need to conduct defenses in a way that kills an adversary’s ROI,” Ziring said. “I want to get it down to the point where a threat actor says, ‘I better choose carefully where I throw this malware first, because I’m not going to get a third or fourth try.’ Today they don’t have that concern.”

In order to decimate a cybercriminal’s ROI on developing tools and attack playbooks, Ziring is calling on public agencies, companies and the security community to radically change the way they respond to cyberattacks.

In a keynote address Thursday at the Borderless Cyber conference, he said the cybersecurity community needs to work cooperatively to collectively respond to attacks in the same spirit they share threat intelligence. He argues, doing so will deprive cyber threat actors of the ability to use tools and tradecraft multiple times and starve criminals financially.

“The future of cyber defense is having a shared response or coordinated response,” Ziring said. “We need to break out of today’s enterprise mentality of every person for themselves.”

The type of framework Ziring describes doesn’t exist today, but two standards come close. Those are STIX (Structured Threat Information Expression) and TAXII (Trusted Automated eXchange of Indicator Information) which both deal with sharing data ahead of an attack. Neither address a key component that Ziring is calling for which is a public-private framework that creates a type of autoimmune system. If one node on the network is attacked, all other connected nodes are warned within seconds to defend against a similar attack.

“There is no technological reason why this couldn’t work. There are only practical obstacles like the need for interoperable standards that will enable us to do this in today’s heterogeneous environments. And that’s the bit we are solving right now with STIX and OpenC2,” he said.

Still early in development, OpenC2 is a language that would enable the coordination and execution of command and control of defense components between domains and within a domain.

Universal support for that type of framework will take a major shift in industry mindsets. As one conference attendee noted, today breach data is a carefully guarded secret for many companies. Ninety-five percent of the dozens of breaches the attendee said he helped mitigate over the past year were kept private for fear it might hurt share prices and the companies’ reputation.

Ziring said the industry does not need new regulations to mandate breach transparency. The upside to information sharing is the carrot that he hopes will lure companies, sectors and communities to be part of the sharing framework. He notes there are already several critical infrastructure sectors that are required to report breaches to the DHS.

“It would be better if we didn’t have to create more regulation. We’ll have to take a wait and see approach for now,” he said.

 

  source: defenseone.com

Jordan’s spies set the standard for the boots-on-the-ground intelligence sharing that is crucial to U.S. counterterrorism efforts.

U.S. cooperation with Middle Eastern intelligence services made a brief appearance in the headlines last month, thanks to President Donald Trump’s loose-lipped revelations to Russian officials in the Oval Office, and his subsequent statements (“I never mentioned the word ‘Israel”) during a Middle East trip. Though early reporting indicated that Israel provided the intelligence in question, a former CIA case officer and multiple Jordanian officials familiar with IS operations later said the source was more likely Jordanian.     

The episode underlines the strategic import of U.S. foreign intelligence liaison relationships in the Middle East, and Jordan specifically. While allies, such Israel and Saudi Arabia, lead in the military and technological surveillance fronts of the war on terror, Amman is America’s foremost partner in human intelligence, or HUMINT, operations. 

Jordan’s intel directorate has long been described as the model foreign intelligence liaison service. “The ultimate example of this type of relationship is that between the Jordanian General Intelligence Directorate (GID) and the CIA,” Charles Faddis, a former CIA operations officer and head of the WMD terrorism unit, wrote in 2011. “In many ways, this relationship has become the template against which all others are measured.”

An early example of CIA-GID cooperation against terror groups was the 1990s effort to uncover and foil several planned attacks on Jordanian sites frequented by Westerners, such as the SASRadisson Hotel, and on U.S. soil, such as the LAX airport – a string of events that became known as the Millennium Plots. In late 1999, Jordanian intelligence intercepted correspondence between Abu Zubaydah, a known ally of Osama Bin Laden, and Khadr Abu Hoshar. When Abu Zubaydah said, “The time for training is over,” the GID arrested 16 members of the Millennium Plot cell, including Raed Hijazi, architect of the LAX bombing plot. These arrests also led to the extradition from Pakistan of Khalil Deek, designer of the Encyclopedia of Jihad.    

   source: wired.com

The clocks read zero when the lights went out.

It was a Saturday night last December, and Oleksii Yasinsky was sitting on the couch with his wife and teenage son in the living room of their Kiev apartment. The 40-year-old Ukrainian cybersecurity researcher and his family were an hour into Oliver Stone’s film Snowden when their building abruptly lost power.

“The hackers don’t want us to finish the movie,” Yasinsky’s wife joked. She was referring to an event that had occurred a year earlier, a cyberattack that had cut electricity to nearly a quarter-million Ukrainians two days before Christmas in 2015. Yasinsky, a chief forensic analyst at a Kiev digital security firm, didn’t laugh. He looked over at a portable clock on his desk: The time was 00:00. Precisely midnight.

Yasinsky’s television was plugged into a surge protector with a battery backup, so only the flicker of images onscreen lit the room now. The power strip started beeping plaintively. Yasinsky got up and switched it off to save its charge, leaving the room suddenly silent.

 

He went to the kitchen, pulled out a handful of candles and lit them. Then he stepped to the kitchen window. The thin, sandy-blond engineer looked out on a view of the city as he’d never seen it before: The entire skyline around his apartment building was dark. Only the gray glow of distant lights reflected off the clouded sky, outlining blackened hulks of modern condos and Soviet high-rises.

Noting the precise time and the date, almost exactly a year since the December 2015 grid attack, Yasinsky felt sure that this was no normal blackout. He thought of the cold outside—close to zero degrees Fahrenheit—the slowly sinking temperatures in thousands of homes, and the countdown until dead water pumps led to frozen pipes.

That’s when another paranoid thought began to work its way through his mind: For the past 14 months, Yasinsky had found himself at the center of an enveloping crisis. A growing roster of Ukrainian companies and government agencies had come to him to analyze a plague of cyberattacks that were hitting them in rapid, remorseless succession. A single group of hackers seemed to be behind all of it. Now he couldn’t suppress the sense that those same phantoms, whose fingerprints he had traced for more than a year, had reached back, out through the internet’s ether, into his home.

 

The Cyber-Cassandras said this would happen. For decades they warned that hackers would soon make the leap beyond purely digital mayhem and start to cause real, physical damage to the world. In 2009, when the NSA’s Stuxnet malware silently accelerated a few hundred Iranian nuclear centrifuges until they destroyed themselves, it seemed to offer a preview of this new era. “This has a whiff of August 1945,” Michael Hayden, former director of the NSA and the CIA, said in a speech. “Somebody just used a new weapon, and this weapon will not be put back in the box.”