The
downside of looking for live on the Internet? The Bad guys are
looking for loot.
Sextortion
Schemes Using Mobile Malware in Asia: Trend Micro
Cybercriminals
in Asia are taking advantage of smartphones and mobile malware to
rake in significant profits through sextortion schemes, a report from
Trend Micro has found.
In
sextortion cases, a victim is lured into performing explicit acts
that are secretly recorded and then blackmailed with the video. In
a new report, researchers at Trend Micro detailed how these
sextortion gangs are operating. In one case, police in Japan
arrested two men suspected of being part of a gang that stole at
least Ɏ3.5 million (US$29,204.88) from 22 victims between December
2013 and January 2014.
Might
be fun to see if this is related to population (if so, why is India
not number one) or
China
Named Top Originator of Attack Traffic in Q4 2014: Akamai
A
new report from Akamai Technologies names China as the top source of
attack traffic on the Web.
In
its 'Fourth
Quarter, 2014 State of the Internet Report', Akamai cited China
as the originator of 41 percent of observed attack traffic.
According to the report, during the fourth quarter of last year
Akamai observed
attack traffic originating from 199 unique countries and regions.
Out of the 199, China was the clear leader of the pack, accounting
for more than triple the amount originating from the U.S.
…
"The
overall concentration of observed
attack traffic decreased in the fourth quarter, with the top 10
countries/regions originating 75% of observed attacks, down from 84%
and 82% in the second and third quarters, respectively,"
according to the report. [Everyone
is getting into the act. Bob]
For
my Computer Security students. Remember, it's your job to fix each
of these! (Assuming you work 50 weeks each year, you need to fix
roughly 62 vulnerabilities every day.)
Over
15,000 Vulnerabilities Detected in 2014: Secunia
IT
security solutions provider Secunia today published its annual
vulnerability review. The report provides facts and details on the
security flaws uncovered in 2014.
According
to the security firm, a total of 15,435 vulnerabilities were
identified in 2014 in 3,870 applications from 500 vendors. This
represents an 18 percent increase compared to the previous year, and
a 55 percent increase over five years.
The
complete Secunia
Vulnerability Review 2015 is available online.
Knowing
is not as effective as nagging? Good News/Bad News: Here is a good
way to get educate users about privacy and the discontinue the App.
Sounds like a business opportunity I should run by may students.
Byron
Spice writes:
Many smartphone users know that free apps sometimes share private
information with third parties, but few, if any, are aware of how
frequently this occurs. An experiment at Carnegie Mellon University
shows that when people learn exactly how many times these apps share
that information they rapidly act to limit further sharing.
In one phase of a study that evaluated the benefits of app permission
managers – software that gives people control over what sensitive
information their apps can access – 23 smartphone users received a
daily message, or “privacy nudge,” telling them how many times
information such as location, contact lists or phone call logs had
been shared.
Some nudges were alarming. One notable example: “Your location has
been shared 5,398 times with Facebook, Groupon, GO Launcher EX and
seven other apps in the last 14 days.”
In interviews, the research subjects repeatedly said the frequency of
access to their personal information caught them by surprise.
… “The vast majority of people have no clue about what’s
going on,” said Norman
Sadeh, a professor in the School of Computer Science’s
Institute for
Software Research. Most smartphone users, in fact, have no way
of obtaining this data about app behavior. But the study shows that
when they do, they tend to act rapidly to change their privacy
settings.
… An app permission manager allows smartphone users to decide
which apps have access to personal information and sensitive
functionality. The study used a permission manager for Android 4.3
called AppOps.
… When the participants were given access to AppOps, they
collectively reviewed their app permissions 51 times and restricted
272 permissions on 76 distinct apps. Only one participant failed to
review permissions.
But once the participants had set their preferences over the first
few days, they stopped making changes. When they began getting the
privacy nudges, however, they went back to their privacy settings and
further restricted many of them.
… Sadeh said when people download an Android app, they are told
what information the app is permitted to access, but few pay much
attention, and fewer understand the implications of those
permissions.
“The fact that users respond to privacy nudges indicate that they
really care about privacy, but were just unaware of how much
information was being collected about them,” Sadeh said.
The AppOps software was
discontinued on later versions of Android. While iPhones
do have a privacy
manager, it does not tell users how often their information is
used or for what purpose and does not nudge users to regularly review
their settings.
SOURCE:
Carnegie Mellon University News
All
employees are trustworthy up until the moment they're not.
Dune
Lawrence reports:
Whether you call Edward Snowden a traitor or a whistle-blower, he
earned one label about which there’s no debate: insider threat.
Guarding against such risks
is an expanding niche in the security industry, with at
least 20 companies marketing software tools for tracking and
analyzing employee behavior. “The bad guys helped us,” says Idan
Tendler, the founder and chief executive officer of Fortscale
Security in San Francisco. “It started with Snowden, and people
said, ‘Wow, if that happened in the NSA, it could happen to us.’ ”
[…]
Companies are also realizing that tracking insiders may improve their
odds of catching outside hackers.
Read
more on BloombergBusiness.
Interesting,
but will it change their practices going forward?
Elizabeth
Warmerdam reports:
The FBI can no longer withhold thousands of pages of surveillance
files of Muslim communities by claiming the “law enforcement”
exemption of the Freedom of Information Act, a federal judge ruled
Monday.
U.S. District Judge Richard Seeborg found that the exemption “is
not the appropriate umbrella under which to shield these documents
from public view.”
The American Civil Liberties Union, the Asian Law Caucus and the San
Francisco Bay Guardian in 2010 requested records concerning the FBI’s
investigation and surveillance of Muslim communities in Northern
California.
Read
more on Courthouse
News.
[From
the article:
Although
the FBI submitted a lengthy declaration describing how the type of
documents it withheld advance law enforcement interests, it did not
sufficiently "establish a rational nexus between the enforcement
of a federal law and the documents for which it claims Exemption 7
applies," Seeborg wrote in a 7-page ruling.
…
"The FBI's refrain at oral argument that many of the withheld
documents do not relate to
particular investigations, and thus cannot be linked to
any particular provision of law, only serves to emphasize the point
that Exemption 7 is not the appropriate umbrella under which to
shield these documents from public view," Seeborg wrote.
The
concern, Dear Feds, is that the pass was not free.
Federal
regulators are pushing back against suggestions that they gave Google
a free pass under antitrust law, potentially out of deference to the
Obama administration.
After
stories in the Wall Street Journal showing that Federal Trade
Commission (FTC) staff urged the agency to take action against the
Web giant — which it ultimately did not — and detailing Google’s
close ties to the White House, members of the FTC are pushing back.
My
students may not know it yet, but they need social media.
How
To Kickstart Your New Social Media Accounts
…
Before we start, I just need to point something out. Obviously
there are numerous social media sites out there — too many to
count. So to make things easy, in this article, I am just going to
go with Twitter. However, the principles below apply to any
social media site. Twitter not your gig? Then take the
advice below and apply it/adapt it to that site.
Why
would this be funny? It is exactly the techno-babble Economists
speak!
No comments:
Post a Comment