For my Computer Security students. Faster is
better, but take time to confirm your sources.
Fraudulent
Stock Tweets Result In Civil and Criminal Charges For Scottish Man
A Scottish man is facing
civil and criminal
charges for allegedly tweeting multiple false statements about two
companies that caused significant drops in the stock prices of those
companies and even triggered a trading halt in one of the companies.
James Alan Craig, 62, is a Scottish resident who is accused of
creating two Twitter accounts that closely resembled two well-known
established securities research firms in an effort to profit from an
anticipated downward movement in the stock prices when the tweets
became publicized. In parallel actions announced today, both the
Securities and Exchange Commission and the Department of Justice
announced civil and criminal charges, respectively, against Craig.
Ironically,
Craig’s attempt to profit from the false tweets ultimately netted
him less than $100.
The incompetence continues. Significantly
overstating the scope of a breach is almost as bad as understating.
You might frighten customers, board members, or stockholders into
overreacting.
TalkTalk
hack 'affected 157,000 customers'
TalkTalk has given more details of the
cyber-attack on its website, saying nearly 157,000 of its customers'
personal details were accessed.
More than 15,600 bank account numbers and sort
codes were stolen, the company said.
… Since news of the cyber-attack emerged,
TalkTalk shares have lost
about a third of their value.
The firm said 4% of TalkTalk customers have
sensitive data at risk. It confirmed that scale of the attack was
"much more limited than initially suspected".
Also for my Computer Security students. You need
to keep a snapshot of your digital environment for a long, long time.
Two breaches seemed small and innocuous
at the time, but weren’t. A timely reminder why entities should
notify even when they think risk is low.
Thomas Fox-Brewster reports:
In 2009 and 2010 two separate attacks hit widely-used online gambling payments processors Moneybookers and Neteller. Though they initially appeared innocuous, it now seems both attacks saw millions of users’ private data – addresses, emails, telephone numbers, birth dates and, in the case of Neteller, answers to password hints – fall into criminal hands. The details are only now being made public by Optimal Payments, the London-based owner of both Moneybookers (now Skrill) and Neteller, after disclosure from FORBES. The company is now reinvestigating the hacks and the possibility of further breaches.
Read more on Forbes.
“We're gonna do this, even if we don't exactly
know what all this stuff means.”
Brian Fung reports:
In the first such case against a U.S. cable company, federal regulators are slapping Cox Communications with a $595,000 fine after Cox allowed hackers from Lizard Squad to penetrate its systems and steal private customer information.
By posing as an IT administrator and tricking a couple of Cox employees into giving up their login credentials, a hacker known as “EvilJordie” broke into Cox’s databases and gained access to customer names, addresses, password recovery information and even “partial” Social Security numbers and driver’s license numbers, according to the Federal Communications Commission. They also got hold of some customers’ telephone records.
Read more on Washington
Post.
(Related)
The Federal Communications Commission (FCC) will
take on the issue of online privacy in the “next several months,”
Chairman Tom Wheeler said during an interview with Charlie Rose this
week.
He said the agency’s action would address the
privacy practices of Internet service providers and how they are
protecting the information of their customers.
“In
other words, do I know what information is being collected?” he
said. “Do I have a voice in whether or not that is going to be
used one way or another? And those are two very important baseline
rights that individuals ought to have.”
At another point he said, “I’ve told the
Congress and others you will see us in the next several months
addressing the question of privacy.”
[Charlie
Rose interview: http://www.charlierose.com/watch/60643448
Is this likely? Wouldn't we need a much faster
way to approve warrants? Is “watching for accidents at rush hour”
surveillance?
A House bill introduced on Thursday would require
federal law enforcement officials to get a warrant if they want to
conduct aerial surveillance inside the country.
It would also forbid them from identifying people
who are inadvertently captured by aerial surveillance.
“Gosh, we never thought of that!” Is there no
generic statement in their acceptable use policy? “Thou shalt not
do non-medical things with thy personal devices?”
Amy Corderoy reports:
Brieana Rose (not her real name) could not have been more vulnerable. Unconscious on an operating table, having gynaecological surgery to see whether she had cancer.
She could never have known that one of the people charged with looking after her would instead take advantage of her, violating her trust by taking a photo of her genitalia and showing the photo to others.
The experience has not only taken a financial and emotional toll, but it has revealed a huge gap in medical and privacy law in NSW.
[…]
The nurse left the hospital and was hired by another, and currently has nothing on her publicly available record to indicate what she did. Brieana was also unable to legally force her to provide her phone for forensic analysis – because that would be a violation of the nurse’s privacy – and the hospital had no control over their former employee.
This is a disgusting situation, and yes, the laws
in NSW need to change. Not only does the nurse need to be
disciplined by her licensing board, but the patient should have the
right to sue for the privacy violation and emotional distress caused.
Read more about what happened on Sydney
Morning Herald.
[From
the article:
Ms McLay said another complication was that the
nurse took the image on a private phone, so it was not covered by
laws governing medical records. [That's
a pretty glaring hole in the law. Bob]
If nothing else, it might skew public perceptions
– “government says there is a lot of crime, but there's nothing
on the internet!”
Sofia Fontanals and Samara Schaar write:
On 15th October 2015 the Spanish Supreme Court handed down its first ruling[1] on the so-called digital “right to be forgotten” in which it states that harmful information affecting individuals without public relevance should not be accessible to Internet search engines when the news has lost relevance over time.
The background of the case
The decision of the Court is based on the following facts: in the 1980s two people were involved in drug-trafficking and consumption. After being arrested, they were finally convicted for drug smuggling and imprisoned. A few years ago, after having served their sentence imposed for these facts and having remade their personal, family and professional life, they found out that by typing their names in the major Internet search engines (particularly, Google and Yahoo!), the news that once was published in a newspaper (El PaĆs) now appeared among the first search results, because such newspaper had digitized their library.
Read more on Datonomy.eu.
(Related) “Forget all that bad stuff! Loan me
lotsa money.”
AJC reports:
…According to a report by the Financial Times, some of the top credit rating companies are now using people’s social media accounts to assess their ability to repay debt. So if you want to be able to qualify for a loan and borrow money, this is just another reason to avoid saying certain things on Facebook.
“If
you look at how many times a person says ‘wasted’ in their
profile, it has some value in predicting whether they’re going to
repay their debt,” Will Lansing, chief executive at credit rating
company FICO, told
the FT. “It’s not much, but it’s more than zero.”
Read more on AJC.
Negotiating treaties like it's the 1890s?
TPP Trade
Agreement Slammed For Eroding Online Rights
…
The full
text of the Trans Pacific-Partnership (TPP) international trade
agreement — some eight years in the negotiating — was published
online earlier today (in a version marked “subject to legal
review”), after agreement was reached between the 12 countries
early last month, which include the U.S., Australia, Canada, Japan
and New Zealand.
The text still needs to be ratified in the
individual countries before the treaty becomes binding.
“The E-Commerce
chapter has serious implications for online privacy,” said
Peter Maybarduk, of non-profit consumer rights organization, Public
Citizen, in a statement on TPP. “The text reveals that
policies protecting personal data when it crosses borders could be
subject to challenge as a violation of the TPP.”
Public Citizen says the agreement puts a
requirement on countries to allow
unregulated cross-border transfer of Internet users’ data
and prohibits governments from requiring companies host data on local
servers — with what it says is no express protection for privacy
and data protection policies to be exempted from the rules.
Eventually, everyone will move to a single fiber
optic cable (owned by the city?) that delivers TV, phone, Internet
and any other digital signals (like burglar alarms)
Time Warner
Cable takes baby step toward more affordable pay-TV service
… The head of the company announced last week
that Time Warner will test an online service that gets rid of the
cable box and could pave the way for introduction of smaller, more
affordable programming packages.
… The no-box test is expected to begin next
week in New York, a Time Warner spokesman told me. People with a Roku
streaming-video device will be able to access Time Warner's
programming via an app similar to Netflix's or Hulu's.
Can we live without email? An interesting
article.
The
Post-Email Organization
How social media can help employees perform
better.
I have graduate students
who still make these mistakes! I'll link to this article in each of
my classes.
Your
Microsoft Word Skills Suck
Dilbert illustrates the
usefulness of non-textual communications.
No comments:
Post a Comment