Saturday, October 26, 2013

Ah the joys of social engineering... This is slower than computerized schemes, but still $3,000 per hour beats minimum wage.
Thieves impersonate Western Union workers, steal money
Western Union is one of the easiest ways to get money and for some crooks one of the easiest ways to steal it.
… Police say the suspects called the store and pretended to work for Western Union and at that point got them to perform a test.
"They call the store ask to speak to the customer service rep that's working the counter where Western Union is and tell them to run a test...and the test is actually sending money instead of running a test," said Charlotte-Mecklenburg Police Fraud Investigator Kevin Jones.
The con artists managed to steal more than 3 thousand dollars from the store; it involved 3 separate transactions and took about 50 minutes.
… Police say it’s the first time they have seen this kind of scam in Charlotte, they are worried it may spread and want employees to be careful.
"Make sure you're following store protocols if you think something is not right check with your store manager call Western Union yourself," said Jones who thinks the suspects may be from out of the country.
“It could be Nigeria, it could be Canadians, it could be the U.K. it could be someone here in the United States.”
Woody works in a mom and pop type store he says this type of scam could be devastating.

Also thought to involve social engineering, well phishing... Would have required quick work after the funds had been transferred.
eSecurity Planet just made aware of a breach disclosed earlier this week:
Posted by the Michigan State University Police on October 20:
On Friday, October 18, two employees reported receiving email confirmation of a change in their direct-deposit designation. Police say that valid credentials (MSU NetID and password) were used by a perpetrator to modify the employees’ banking information on the EBS HR/Payroll (SAP) system. It is believed that the perpetrator gained access to the credentials through a sophisticated “phishing” attack.
There is no indication of a system-wide security breach or exposure of other employee data. As a precaution, the EBS systems were taken offline late Friday afternoon; it is anticipated that the systems will be back online Monday morning at 7:00am.

In some restrictive areas, this is going to be a real concern. Will downloading a template become illegal (or grounds for a visit by the local gun cops?) Can I print a 1/10th scale model of Gatling gun without worrying about black helicopters at 3AM?
Suspected 3D-printed gun found in Manchester gang raid, say police
Police have seized components for what could be the UK's first ever 3D-printed gun in what they called a "really significant discovery".
Greater Manchester police said they believed the parts represented the next generation of firearms, which could be created by gangs in the privacy of their homes and smuggled with ease because they could avoid X-ray detection.
The gun parts were discovered, along with a 3D printer, when officers executed warrants in the Baguley area of the city on Thursday.
Officers found what were thought to be a plastic magazine and trigger which could be fitted together to make a viable gun. They said the haul also included a quantity of gunpowder.
The raid was part of Challenger, the largest ever multi-agency operation to target organised crime in Manchester.
There have been suggestions on some websites that the parts were not gun components but printer parts – a spool holder and a drive block. Police said they were still concerned about the finding because they suspected the parts may have other uses.
A police spokesperson said: "We are aware of this suggestion, and it would be easier if it was cut and dried as to what these items are. But when you take it as a whole, including the discovery of gunpowder, it is disturbing."
A man has been arrested on suspicion of making gunpowder [Not a 3D printer item Bob] and remains in custody for questioning.

Hello. We're your elected representatives. We don't need no stinking intelligence!
Mike Masnick writes:
We already knew that Rep. Jim Sensenbrenner was getting ready to release a major new anti-NSA spying bill called the USA Freedom Act, and Derek Khanna has just revealed many of the details of the bill, scheduled to be introduced in both houses of Congress this coming Tuesday. It will be backed by Sensenbrenner in the House and Pat Leahy in the Senate, and will have plenty of co-sponsors (already about 50 have signed up) including some who had initially voted against the Amash Amendment back in July. In other words, this bill has a very high likelihood of actually passing, though I imagine that the intelligence community, and potentially the White House, will push back on it. For Congress, gathering up a veto-proof majority may be a more difficult task.
The bill appears to do a number of good things, focusing on limiting the NSA’s ability to do dragnet collections, rather than specific and targeted data collection, while also significantly increasing transparency of the activities of the NSA as well as the FISA court when it comes to rulings that interpret the law.
Read more about what the bill includes on TechDirt.

If my mission was to gather intelligence, any time I spent defending my tools and techniques is essentially a waste of my time.
James Ball reports:
The UK intelligence agency GCHQ has repeatedly warned it fears a “damaging public debate” on the scale of its activities because it could lead to legal challenges against its mass-surveillance programmes, classified internal documents reveal.
Memos contained in the cache disclosed by the US whistleblower Edward Snowden detail the agency’s long fight against making intercept evidence admissible as evidence in criminal trials – a policy supported by all three major political parties, but ultimately defeated by the UK’s intelligence community.
Read more on The Guardian.

I'm sure it sounded good when Marketing pitched it...
Tori Floyd reports:
A new feature for LinkedIn users has been unveiled, but it’s drawing more questions over privacy rather than praise for ingenuity.
LinkedIn announced Intro on October 23, a service that shows your LinkedIn profile on emails sent through your iPhone Mail application. In the blog post about the new tool, the company explains that users will be able to see at a glance who an unknown email sender is with a brief bio and link to their LinkedIn account, right in the email client.
But security experts have expressed concern over the new feature, as it requires all of your email to be filtered through LinkedIn’s computers.
Read more on Yahoo!

Yeah, this Snowden thing is a real pain in the butt. Fortunately, everyone who never considered how intelligence was gathered before Snowden will soon forget Snowden and go back to their “Professional” Wrestling shows.
Mark Clayton reports:
A public backlash against reported US surveillance activities in France, Germany, and Italy could lead to tough new laws that put American technology companies in the tough spot of being forced to defy either US authorities or the European Union.
Read more on CSMonitor.

Ends the high speed chase, records the bad guy's illegal driving, lets as many cops as desired zero in on the car once it stops? I like it. Now we need something for runners!
Police firing GPS tracking 'bullets' at cars during chases
… Police in Iowa and Florida, however, seem to have taken the counsel of Q from the "Bond" movies.
Instead of constantly hurtling after potential madmen, they have found an entirely new method of tracking their cars.
It's called Starchase. Essentially, it's a cannon that fires "bullets" that are sticky GPS devices.
CBS 12 offered an example in real life of how it's done.

Perhaps some lawyers will learn technology after all... This may also be a way to “push” research in almost real time.
140 Characters or Less: An Experiment in Legal Research, Patrick M. Ellis - Michigan State University College of Law - October 1, 2013
In 1995, Robert Ambrogi, former columnist for Legal Technology News, wrote about the Internet’s potential to revolutionize the accessibility and delivery of legal information. Almost 20 years later, Ambrogi now describes his initial optimism as a “pipe dream.” Perhaps one of the greatest problems facing the legal industry today is the sheer inaccessibility of legal information. Not only does this inaccessibility prevent millions of Americans from obtaining reliable legal information, but it also prevents many attorneys from adequately providing legal services to their clients. Whether locked behind government paywalls or corporate cash registers, legal information is simply not efficiently and affordably attainable through traditional means. There may, however, be an answer. Although the legal industry appears to just be warming up to social media for marketing purposes, social media platforms, like Twitter, may have the untapped potential to help solve the accessibility problem. This Note attempts to prove that assertion by showing an iteration of social media’s potential alternative use, as an effective and free information sharing mechanism for legal professionals and the communities and clients they serve. Generally speaking, law review editors and other academicians demand that authors support every claim with a citation, or, at the very least, require extensive research to support claims or theses. This Note seeks to fulfill this requirement, with a variation on conventional legal scholarship. Almost all of the sources in this Note were obtained via Twitter. Thus, this somewhat experimental piece should demonstrate social media’s potential as an emerging and legitimate source of legal information. By perceiving and using social media as something more than a marketing tool, lawyers, law schools, and, most importantly, clients, may be able to tap into a more diverse and more accessible well of information. This redistribution of information accessibility may not only solve some of the problems facing the legal industry, but also has the capability to improve society at large.”

I knew we should have moved faster, now the cable guys are horning in...
DirecTV, Time Warner consider Aereo-like service, report says
TV providers DirecTV, Time Warner Cable, and Charter Communications are thinking about capturing free broadcast signals and streaming TV shows over the Internet to get around paying networks, Bloomberg reported Friday.
The new approach would mimic Aereo, an online TV provider at the center of a huge legal battle with the nation's top broadcast networks (including CBS, CNET's parent company). Aereo uses tiny antennas to allow consumers to stream live and local broadcasts over the Internet and store shows in the cloud.
Aereo has been fairly successful in the courtroom so far. If it wins in the end, it could mean TV providers can use the same practice to avoid paying retransmission fees, unnamed sources told Bloomberg. One source goes so far to say that Time Warner Cable, which has been at odds with CBS over fees, has considered buying Aereo.

Think of it as an anti-phishing tool.
– Automatically highlights North American telephone numbers on websites, showing the location (city and state) when you hover over the phone number, based on the area code and exchange. To find out where the phone number is located, you just hover the mouse over the phone number, and it will start a lookup of the location of the phone number.

The education game gets more complex. 107 schools.
Get More Learning Options As 13 New Institutions Join Coursera
… Coursera makes up a large part of the online learning universe. The numbers seem to suggest that it is leading the pack. To add to their ranks, 13 new institutions have signed up to bring the number of international institutions using its platform to deliver online courses to 107. Coursera also reached the milestone of 5 million students enrolled and now offers them more than 500 courses to choose from.
… To commemorate this triple achievement, Coursera released an infographic on its blog which gives you a bird’s eye view of the educational offerings on the website.

No comments: