One
way to raise oil prices? Or, is this what happened in Turkey?
New
Attack Campaign Targets Energy Industry in Middle East
Researchers
at Symantec have observed a sophisticated, multi-stage attack
campaign focused on energy companies in the Middle East.
First
observed between January and February, the attack
campaign was spotted using a new piece of malware dubbed
'Laziok', which Symantec has classified as a reconnaissance tool
and an information stealer. The attacks are focused on the
petroleum, gas and helium industries, with by far the largest
percentage of victims (25 percent) being located in the United Arab
Emirates. Saudi Arabia, Pakistan and Kuwait account for 10 percent
apiece of the Laziok infections detected by Symantec. Five percent
of the infections occurred in the United States.
This
has been true so far, but then the breaches have impacted customers
not the core operations. (The exception was Sony and even their
stock price increased!)
Elena
Kvochko and Rajiv Pant review the impact of some of the major
breaches, noting what we’ve all noted – that breaches generally
don’t have a huge economic impact on stock prices. Here’s a
snippet from their article:
This mismatch between the stock price and the medium and long-term
impact on companies’ profitability should be addressed through
better data. Shareholders
still don’t have good metrics, tools, and approaches to measure the
impact of cyber attacks on businesses and translate that into a
dollar value. In most cases, at the time a security
breach is disclosed, it is almost impossible for shareholders to
assess its full implications. Shareholders should look beyond
short-term effects and examine the impact on other factors, such as
overall security plans, profitability, cash flow, cost of capital,
legal fees associated with the breach, and potential changes in
management.
Read
more on Harvard
Business Review.
Perhaps
they need more hand-holding?
Enterprise
Security Pros Embracing Threat Intelligence, But Question
Reliability: Survey
Awareness
of the role threat intelligence can play in improving cyber security
may be growing, but some still remain unsold on its effectiveness, a
new study has shown.
In
a new report from the Ponemon Institute commissioned by Webroot,
80 percent of the IT professionals surveyed that had experienced a
breach during the past two years said they
felt threat intelligence would have helped prevent or minimize
the consequences of the attack. The stat is telling, as 40 percent
of the 693 people participating in the survey said their organization
had been breached during that period.
…
Larry
Ponemon, chairman of the Ponemon Institute, said one of the main
misconceptions organizations have
about threat intelligence is that technology alone is sufficient
for having actionable and reliable information. Those companies
underestimate the need for hiring experts
to manage the process of using the intel, he said.
Is
all of their evidence collection so poorly documented?
Cyrus
Farivar reports:
Last fall,
a judge in Charlotte, North Carolina unsealed a multi-case set of 529
court documents that detail the use of a stingray, or cell-site
simulator, by local police. After that, the Mecklenburg
County District Attorney’s office set out to review the
applications and determine which records needed to be shared with
defense attorneys.
The DA’s office released a statement
Friday saying its review is complete, and the county’s top
prosecutorial authority found that “only two cases” involved the
use of stingrays “for investigative purposes,” meaning defense
attorneys should be notified.
However, the report is not that simple.
Read
more on Ars Technica:
http://arstechnica.com/tech-policy/2015/03/charlotte-da-review-in-40-cases-cops-dont-even-know-if-they-used-stingrays/
Which
part of “Duh!” didn't you understand?
Facebook
tracks all users in breach of EU law
theguardian,
Samuel Gibbs: “Facebook
tracks the web browsing of everyone who visits a page on its site
even if the user does not
have an account or has explicitly opted out of tracking in the EU,
extensive research commissioned by the Belgian data protection agency
has revealed. The report, from researchers at the Centre of
Interdisciplinary Law and ICT (ICRI) and the Computer Security and
Industrial Cryptography department (Cosic) at the University of
Leuven, and the media, information and telecommunication department
(Smit) at Vrije Universiteit Brussels, was commissioned after an
original draft report revealed Facebook’s
privacy policy breaches European law. The researchers now claim
that Facebook
tracks computers of users without their consent, whether they are
logged in to Facebook or not, and even if they are not registered
users of the site or explicitly
opt out in Europe. Facebook tracks users in order to target
advertising. The issue revolves around Facebook’s use of its
social plugins such as the “Like” button, which has been placed
on more than 13m sites including health and government sites.
Facebook places tracking cookies on users’ computers if they visit
any page on the facebook.com domain, including fan pages or other
pages that do not require a Facebook account to visit.”
You
can download the latest version of the report here.
You
can download Annex 1 “Facebook tracking through social plug-ins”
here
[From
the report:
Facebook
combines data from an increasingly wide variety of sources (e.g.,
Instagram, Whatsapp and data
brokers). By combining information from these sources,
Facebook gains a deeper and more detailed profile of its users.
Facebook only offers an opt-out system for its users in relation to
profiling for third-party advertising purposes.
Should
be interesting.
From
the Office of the Privacy Commissioner for Personal Data, Hong Kong:
The
Office of the Privacy Commissioner for Personal Data (“PCPD”)
published today a Guidance on CCTV Surveillance and Use of Drones
(the “Guidance”).
…
“While the privacy implications of surveillance tools such as CCTV
are fairly well understood, drones when fitted with cameras could add
a new dimension to these privacy concerns by virtue of their unique
attributes. These include their mobility as well as ability to stay
in the air for a considerable period of time, gather information from
vantage points and over a broad territory.
…
The privacy guidelines for the use of CCTV apply equally to the use
of drones. However, to address the drones’ special attributes such
as mobility, small size and difficulty to identify the operator,
innovative measure to safeguard privacy are called for. Specific
illustrations of this approach are provided in the Guidance.
Please
read the Guidance at
www.pcpd.org.hk/english/resources_centre/publications/files/GN_CCTV_Drones_e.pdf
(Related)
In this country, we (or is it only democrats from New Jersey) don't
even understand what “commercial” means.
Rep.
Bonnie Watson Coleman (D-N.J.) has introduced a bill requiring the
Department of Homeland Security to research the risks posed by small
to medium-sized commercial drones.
Watson
Coleman cited the January incident
at the White House when a drone landed on the grounds around 3 a.m.
There
is no “Best App for all users?”
How
Facebook Controls the Future of Messaging
Facebook,
which thoroughly dominates the current era of the online social
networking industry, is setting itself up nicely for the next. Many
see messaging apps as the future of social: Lightweight, real-time,
personal conversations that can become rich environments for media
sharing, entertainment, and even commerce. Facebook is in a
particularly luxurious position here.
It
now owns the two largest messaging services in the world: No. 1,
WhatsApp, which last said it had 700
million monthly active users, and was acquired by Facebook for
more
than $20 billion. And no. 2, its homegrown Facebook Messenger,
which now has 600 million monthly active users.
What’s
interesting is how the apps are starting to diverge: Two similar
concepts with increasingly different feature sets, philosophies, and
strengths.
Now
this is how you fool April.
Apple
Starts a Religion, Microsoft Cancels Windows 10, & More… [Tech
News Digest]
For
my Javascript students.
Microsoft
upgrades JavaScript, Visual Studio development tools
…
Version 4.0 also focuses on interoperability. "We believe you
should use WinJS and your favorite JS frameworks together, whatever
they may be," the blog post says. "The AngularJS-WinJS
wrapper we now provide allows you to use WinJS seamlessly in your
Angular projects."
WinJS
4.0 Preview is
downloadable at the TryWinJS website, and the full release is due
later this year.
In
the IDE realm, Microsoft's
Visual Studio 2015 tool set, due this summer, will highlight
three principal offerings intended to meet specific needs for
developers. Visual Studio 2015 Enterprise with MSDN is geared to
teams building high-scale applications and services and unites the
Premium and Ultimate versions of the tool set. It also offers
advanced testing and devops. Next on the roster is Visual Studio
Professional with MSDN, a collection of tools and services for
individual developers or small teams to build professional-grade
applications. Rounding out the rollout is Visual Studio Community,
offering free access to tools for non-enterprise and open source
development.
This
could be an interesting forum debate for my Business Intelligence
class. Could also be fun in my Statistics class.
What
to Do When People Draw Different Conclusions From the Same Data
“In
God we trust; all others must bring data.” William Edwards
Deming
…
What if data analysis were crowdsourced, with multiple analysts
working on the same problem and with the same data? Sure, the result
might be a range of answers, rather than just one. But it would also
mean more confidence that the results weren’t being influenced by
any single analyst’s biases.
…
And a paper
released earlier this year gives an indication of how it might work.
The
researchers recruited 61 analysts (mostly academics) and asked them
to assess whether soccer referees were more likely to give red cards
to players with darker skin tones. The analysts split up into 29
teams, and were given a dataset
that included numerous variables about both players and referees.
Each
team devised their method for answering the question, and then shared
that approach – but not any results – with the group. The result
was a heated debate
over which methods were defensible, and which were not. If you’re
looking for a correlation between skin tone and red cards received,
does it make sense to control for the position the player plays?
What about the country their team is located in, or how many yellow
cards they’ve received?
(Related)
Or is it?
Once
You Align the Analytical Stars, What’s Next?
…
For organizations to gain business value from analytics, managers
must turn the analytical results into action — the organization
must be able to consume analytical results, not just produce them.
Consuming analytical results is a growing problem for organizations.
Organizations that build the expertise to produce stellar analytical
results, also create a
sizable gap between their ability to produce these results and
their ability to consume them.
This
analytics gap can be narrowed from two directions: by producing
analytical results that are easier to consume, or by improving
capabilities to consume them.
For
my students who research (yes, ALL of you!)
Open
Government Guide
Reporters
Committee for Freedom of the Press: “The
Open Government Guide is a complete compendium of
information on every state’s open records and open meetings laws.
Each state’s section is arranged according to a standard outline,
making it easy to compare laws in various states. If you’re a new
user of this guide, be sure to read the Introductory Note and User’s
Guide.”
(Related)
My librarians will love this.
Libraries
and Librarians in the Internet Age
Libraries
in the Internet Age is the title of the latest video produced by
Common Craft. The video provides a clear overview of how libraries
and the importance of librarians has changed over time. The video
echoes a point that I made in a webinar today and that I have heard
many librarians say to students, "Google is not the only search
engine." Librarians can help students access databases that
they otherwise wouldn't be able to use which in turn takes them to
information they wouldn't otherwise find. … You can also click
here to watch it.
Libraries
in the Internet Age could be a great video to show to students at
the beginning of the school year or just before they embark on a new
research project. The video might help students realize that there
is a lot more to their school libraries than meets their eyes.
Will
my students find this adequate? Stay tuned!
Microsoft
Corporation (MSFT) Counters Chromebooks With Cheap Notebooks
Microsoft
Corporation is gearing up to compete against Google Inc.’s
Chromebooks with the launch of two inexpensive notebook computers,
before the end of the year. A Taipei
research firm reports that the Window-based PCs will be ready for
shipping by mid-year, specifically targeting the education sector as
well as other wider consumer market.
…
This model is to go on sale for $179.
Why
would I ever sell my SciFi collection? But then, a place for you to
sell is a place for me to buy!
The
Best Ways to Sell Books Online
…
Here on MakeUseOf, we’ve made you aware of the various ways you
can buy
books cheaply online, but just how do you go about selling them?
How do you get a quick sale, and is it possible to get a rare or
unusual book to sell for the right price?
Interesting
“How To,” even if it is limited to the Apple platforms. I'm sure
we could find Apps for any platform
How
To Write and Publish Your First iBook Using iBooks Author
No comments:
Post a Comment