Even people you would expect to be somewhat
knowledgeable about Computer Security surprise (and disappoint) you.
Jeremy Kirk reports:
Hacking Team has warned that a devastating data breach it suffered will allow its spying tools to be used by criminals and terrorists.
The Milan-based security company, which develops surveillance tools for mostly government clients, saw more than 400GB of internal data released on Sunday, including emails, clients lists, financial information and source code.
“Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so,” wrote Hacking Team spokesman Eric Rabe in a news release on Wednesday. “We believe this is an extremely dangerous situation.”
Read more on PC
Advisor. See also The
Register.
So… maybe they should have secured their
intellectual property and files better? And if they didn’t know
that 400GB had been exfiltrated, is it possible that their files had
already been raided by state actors for other governments who have
been using their technology? What will a real forensic investigation
reveal?
[From
the PC Advisor article:
Almost all of the company's clients have suspended
use of RCS now, he wrote.
[From
the Register article:
"Hacking Team's investigation has determined
that sufficient code was released to permit anyone to deploy the
software against any target of their choice.
"Before the attack, Hacking Team could
control who had access to the technology which was sold exclusively
to governments and government agencies. Now, because of the work of
criminals, that ability to control who uses the technology has been
lost.
It's not a cyber attack. It's not a cyber attack.
It's not a cyber attack.
Glitch
perfect
THE timing was poor. At 11:32am on July 8th, at a
time when market turmoil in China and fiscal turmoil in Greece were
already causing concerns, trading was halted on the New York Stock
Exchange (NYSE), once the epicentre of America’s financial markets,
on which almost all other trading hinged.
For a moment, the stoppage seemed like grounds for
panic. It did not help that a mysterious computer glitch had caused
United, one of America’s biggest airlines, to ground all its
flights shortly beforehand. The excitable speculated that a
coordinated cyber-attack was under way. The president was being
briefed, the White House solemnly declared. Happily, it soon became
clear that the problem was an internal failure, not an external
assault. United’s troubles were unrelated, it turned out. At
3:10pm trading resumed.
(Related)
New York
Stock Exchange Blames Shutdown on 'Configuration Issue' as Dow Falls
The
Dow Jones Industrial Average took a triple digit hit today after
trading on the New
York Stock Exchange (NYSE) was halted for three
and a half hours.
Exchange officials blamed the shutdown on a
"configuration issue" with their systems, according to a
statement, and not a "cyber breach," according to a NYSE
tweet. The configuration issue pertained to how the exchange's
systems interact with one another, a source said.
At the end of trading in New York at 4 p.m., the
index closed down 261 points or 1.5 percent to 17,515, while the S&P
500 fell 34 points, about 1.7 percent. The tech-heavy Nasdaq was
down 1.8 percent.
(Related) It's merely a coincidence. It's
merely a coincidence. It's merely a coincidence.
International hacking group Anonymous wished Wall
Street ill the night before the New York Stock Exchange temporarily
suspended trading on all securities.
The activist group tweeted late Tuesday:
Wonder if tomorrow is
going to be bad for Wall Street.... we can only hope.
… The message could also be seen as an
allusion to economic unrest in China and Greece, which has
contributed to global market turmoil in recent days. U.S. stocks saw
modest losses in the early hours of trading Wednesday.
No redundancy? How strange.
Malfunctioning
pump shuts down Indian Point reactor
A malfunctioning water pump forced the shutdown of
Indian Point's Unit 3 nuclear reactor on Wednesday.
Control room operators shut down the reactor
around 2:30 p.m. after they found that one of the unit's condensate
pumps automatically stopped while the unit was operating at full
power, causing the steam generator's water levels to fluctuate,
according to Entergy, which runs the power plant in Buchanan.
Another clear indication that someone is cooking
the books. According to the 2014 Wiretap Report, only 3 federal and
22 state wiretaps encountered encryption in all of 2014. So are they
lying to congress or are they lying to us?
Andy Greenberg reports:
The debate over encryption and backdoors for law enforcement has long had a surplus of opinions and a deficit of data. On Wednesday, however, New York district attorney Cyrus Vance offered one actual number into the mix: The Manhattan DA’s office has encountered 74 iPhones whose full-disk encryption stymied a law enforcement investigation.
Read more on Wired.
Speaking of Crypto... What group of idiots does
Comey think he can convince? Perhaps the same people who think we
should pass a law making Pi exactly 3?
Mike Masnick has a recap of yesterday’s Senate
hearings on encryption. The hearings offered no surprises in terms
of FBI Director James Comey’s claims and arguments. You can read
his write-up on TechDirt.
Meanwhile, over on EFF, Jeremy Gillula and Nadia
Kayyali write:
Despite all of the evidence to the contrary, FBI Director Comey wants you to know that he doesn’t want another crypto war. As he said today in hearings before the Senate Judiciary Committee and Senate Select Committee on Intelligence (SSCI), he just wants a discussion. Of course, it’s hard to have a discussion when you’re not listening to anyone else. And in this case, Comey and those who support weakening encryption simply aren’t listening to the experts telling them that backdoors or golden keys just won’t keep us safe.
Read more on EFF.
Be careful what you wish for...
http://www.cnbc.com/id/102817366?__source=google|editorspicks|&par=google&google_editors_picks=true
Stolen
financial info worse than leaked nude pics: Survey
A MasterCard survey released Thursday found that
55 percent of people would rather have nude pictures of them leaked
online than have their financial information stolen.
The research also found that more people would
rather have their email accounts hacked—or even have their homes
robbed.
[The
Infographic:
http://newsroom.mastercard.com/wp-content/uploads/2015/07/MC_EmotionofSafetyandSecurityInfographic_v4-014.jpg
I never have to worry about finding articles for
my IT Governance class.
JPMorgan
Chase will pay $136 million to settle charges
that it used illegal tactics to pursue delinquent credit card
borrowers, the Consumer
Financial Protection Bureau announced on
Wednesday.
The bureau said the bank had illegally relied on
robo-signing — signing mass quantities of documents without
verifying the data in those accounts — and provided inaccurate
information to third-party debt collectors when it sold the accounts.
The bureau also said that Chase filed misleading lawsuits using
inaccurate information to obtain debt collection judgments on
accounts that had been paid off, were discharged in bankruptcy or
otherwise were uncollectable.
(Related) Now if we can only agree on the
amount...
JPMorgan to
Pay $166 Million Over Debt-Collection Abuses
(Related) Perhaps the papers could use some
professional accountants too.
Chase
settles many debt collection abuse cases -- but not California's
JPMorgan Chase & Co. will pay more than $200
million to settle allegations that it sold faulty credit
card debts to third-party collectors, including accounts with legally
flawed judgments and inaccurate and paid-off balances and debts owed
by borrowers who had died.
...and no one noticed?
Time Warner
Cable Forced To Pay $230k For Robocalling Woman 153 Times
… there's a big difference between receiving
the odd call once in a while to receiving it all the time,
such as what Araceli King had to deal with. In less than a year,
Time
Warner Cable called her a total of 153 times, all automated, and
all meant for someone else. Making matters worse, King had a
7-minute discussion with a customer service rep about the mix-up and
still continued to receive such calls.
TWC
believed that it had done no wrong, because it "thought"
that it was contacting Perez. A US District Judge saw
things differently, and jacked the damages to $1,500 per call,
resulting in King soon to receive a nice check totaling $229,500.
The judge, Alvin Hellerstein, said that "a
responsible business" would have tried harder [A
well managed company would never fail like this. Bob] to
find the actual person it was seeking. It's hard to dispute that.
Economics according to Mao? Find someone
appropriate to blame.
Losing $1
Billion Each Minute, China Blames the Wrong Group
Rumor-spreading short sellers and foreign
investors with a hidden agenda.
If you believe China’s state-run media, those
are some of the key culprits for a stock-market rout that erased $3.2
trillion of value in three weeks -- or almost $1 billion for each
minute of trading on mainland exchanges. The underlying message,
that market manipulation is fueling the selloff, was reinforced by
securities regulators last week as they pledged to crack down on
“vicious” short selling.
How not to enter the US market. Getting it wrong
by the numbers.
Why Chinese
e-commerce giant Alibaba stumbled with its U.S. shopping site
I'll mention this to my students.
What’s
Bing Rewards, How It Works, And What’s New?
… Microsoft is confident that you’ll like
Bing as long as you give it an honest try. That’s where the Bing
Rewards Program comes into play.
The premise of Bing Rewards is that you can earn
credits for searching with Bing. These credits accumulate on your
account and can be redeemed for rewards
Something I need to explore.
Realtime
Board Offers Collaborative Brainstorming Tools on Your Laptop and
Tablet
Realtime
Board is a platform for hosting online, collaborative
brainstorming sessions. I've been using it off and on since it
launched a few years ago. Recently, Realtime Board shifted to using
HTML5 which means that it now works equally well on your laptop and
on your iPad or Android tablet.
Realtime
Board provides a blank canvas on which you can type, draw, and
post pictures. You can connect elements on your boards through a
simple linking tool. The boards that you create on Realtime Board
can be shared publicly or privately. To help you communicate with
your collaborators Realtime Board has a chat function built into
every board.
Realtime Board's switch to using HTML5 makes it a
good platform for hosting online collaborative brainstorming sessions
in classrooms that have BYOD programs or any classroom that has a mix
of tablets, Chromebooks, and laptops.
Realtime Board grants teachers and students access
to all premium features for free. In order to get the premium
features for free you do need to complete
the form here.
An App for hyping a movie? Sure, there's an App
for that! (Digest Item #1)
This IS the
App You’re Looking For
Disney and Lucasfilm have teamed up to release a
new Star Wars app on
Android and on
iOS. The free app has more than enough to keep
Star Wars fans entertained in the run-up to the release
of Star
Wars: The Force Awakens on December 18, 2015. A date which
has its own countdown timer built right into the app.
There is breaking news from across the Star
Wars universe, fun facts from the series, a weather feature
linking real-life conditions to those on Star Wars planets,
videos, GIFs, selfies, and a sound board. Best of all are the
augmented reality elements, which let you use your phone like a
lightsaber and add virtual stormtroopers to your homescreen.
People who don’t like Star Wars should
obviously avoid the official
Star Wars app like the plague. Meanwhile, the rest of
us right-thinking, well-adjusted individuals can live out our
fantasies of being Luke Skywalker or Han Solo. Geeks rule.
Wally again illustrates how my (clearly not
brainwashed) students view the world!
No comments:
Post a Comment