Thursday, December 19, 2013

No doubt this will solve all our questions and answer all our problems! (Of course, “concrete policy” in New Jersey brings visions of concrete overshoes to mind...)
Thomas Earnest writes on JustSecurity:
This afternoon, the White House released the Report and Recommendations of the President’s Review Group on Intelligence and Communications Technologies. We also have a copy of the report’s executive summary that includes forty-six concrete policy recommendations for reforming the U.S. surveillance programs, including NSA reform. Entitled Liberty and Security in a Changing World, the report itself is long, clocking in at over 300 pages, so it may take time to digest the review group’s recommendations; however, I’m sure we will have have further commentary here on Just Security once we have read the recently released report.
More to follow….

Hackers Steal Credit Card Data From Up to 40 Million Target Customers
Cybercriminals have hit retail store Target with a massive data breach that may have affected 40 million of customers' credit and debit cards accounts.
The breach started around Black Friday, the busiest shopping day of the year in America, and has reportedly affected roughly 40,000 card devices at registers in Target locations around the country.
… In its press release acknowledging the breach, Target said "40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013."
… The cybercriminals have apparently compromised the software controlling point-of-sale systems, perhaps through a phishing attack or inserting malware with the help of an insider, according to The New York Times. That would have allowed them to intercept the numbers, expiration date, and perhaps even PINs of the cards being swiped at the register.
If that were the case — the details are still murky at this point — the criminals could create counterfeit credit and debit cards to steal money from Target customer's bank accounts, and even use them at ATMs.
Online shoppers, however, were not affected, according to multiple reports.

Definitely need to follow this one.
Sources: Target Investigating Data Breach
Nationwide retail giant Target is investigating a data breach potentially involving millions of customer credit and debit card records, multiple reliable sources tell KrebsOnSecurity. The sources said the breach appears to have begun on or around Black Friday 2013 — by far the busiest shopping day the year.
According to sources at two different top 10 credit card issuers, the breach extends to nearly all Target locations nationwide, and involves the theft of data stored on the magnetic stripe of cards used at the stores.
… The type of data stolen — also known as “track data” — allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe.
… It’s not clear how many cards thieves may have stolen in the breach. But the sources I spoke with from two major card issuers said they have so far been notified by one of the credit card associations regarding more than one million cards total from both issuers that were thought to have been compromised in the breach. A third source at a data breach investigation firm said it appears that “when all is said and done, this one will put its mark up there with some of the largest retail breaches to date.”

At last, Italy came to their senses...
Peter writes:
An eight-year legal saga has now come to an end. Yesterday, in Rome, the Italian Supreme Court (Cassazione) acquitted me, as well as two other Googlers, for violating Italian privacy law in a case that stemmed from a user-generated video.
Read more on his blog.

For my Unix students.
– is a site which explains various Linux commands and what they do. If you install Linux, you have a lot to learn if you want to dive into all the various commands, and this site is a handy reference point that should be bookmarked. Below the search engine is a big list of Linux commands that you might be interested in. Just click on them for an explanation.

For all my students
Make Sure Your Dream Company Can Find You
It used to be that if you wanted to work for a certain company, you went in for an informational interview or waited for a job opening and submitted your resume. These days, you may be better off liking the company on Facebook or joining their Google+ page. That’s because smart companies are no longer waiting for the right candidates to apply. They’re actively seeking them out on social media.
Managers acquiring talent have been using social media to research job applicants for several years now, but they’ve begun to source and engage potential job candidates from social networks as well. Given that over 1 billion people are connected to a social networking site, this is a clever move.
Here are three social media tools forward-looking companies are using to find you.
People Analytics
Mobile Recruiting Apps

No comments: