Is this what infected Hilton and Starwood PoS
terminals?
Sophisticated
PoS Malware "ModPOS" Targets US Retailers
The
malware, dubbed “ModPOS”
due of its modular architecture, uses modules that are packed kernel
drivers, which makes them more difficult to detect by security
products. The modules identified by iSIGHT Partners so far include
one for logging keystrokes, one for uploading stolen data and
downloading additional components, and one for collecting card data.
… The
“POS Scraper” module is designed to collect payment card track
data from memory. Researchers believe the attackers target specific
PoS software processes, such as “credit.exe.”
“This
[process] is unique to POS vendors that use this executable as a part
of their software. iSIGHT Partners is confident that the actors
customize the malware based on the targeted environment,” the
security firm noted in its report
on ModPOS.
… According
to Trustwave’s
2015 Global Security Report, 40
percent of the data breaches reported in 2014 were PoS-related,
such systems being targeted by 70 individual variants of malware. A
large majority of PoS breaches occurred due to a combination of
remote access and weak passwords.
Was it the plane or Putin ordering in missiles?
Either way, this is what you have to expect when even teenagers can
“join the fight.”
Waqas writes:
Turkish hackers just took down the official website of Russian Central Bank amid tension near Syrian-Turkey border.
A group of Turkish hacktivist going with the handle of Turk Hack Team has conducted a powerful DDoS attack on the official website of Russian Central Bank earlier today forcing it to go offline for over 10 minutes.
While talking to HackRead, the Black-Spy attacker from THT explained that the reason for targeting the Russian bank was to send a message to Russia.
“DON’T EVER TRY TO VIOLATE OUR AIRSPACE AGAIN, WE ARE TURKS AND WE DON’T BACK DOWN.”
Read more on HackRead.
Not sure I like this one. I'll have to think
about it for a bit.
New
Technology, New Information Privacy: Social-Value-Oriented
Information Privacy Theory
by Sabrina
I. Pacifici on Nov 25, 2015
Chang, Chen-Hung, New Technology, New Information
Privacy: Social-Value-Oriented Information Privacy Theory (September
30, 2015). Available for download at SSRN:
http://ssrn.com/abstract=2694576
“Today’s innovative technologies offer
remarkable advantages in our daily lives, but they also give rise to
concerns that these technological advancements will adversely impact
individuals’ privacy. The traditional notions of information
privacy were based on personal control over data about oneself, an
antiqued notion in a time where pervasive surveillance has rendered
it nearly impossible for individuals to protect information privacy
on their own. Key privacy concerns arise because it is nearly
impossible to be left out of the intertwined digital and Internet
world. Those who choose not to use the Internet, smartphones, tablet
computers, electronic mail and online social network platforms,
nevertheless remain trapped in the inescapable digital net, with
others able to track their personal data. This essay includes
suggestions for reconstructing traditional privacy theories. The
traditional notice-and-choice principle has failed to protect the
information privacy. Privacy
should be determined by both individuals’ subjective feelings and
objective social norms. The
government has a constitutional obligation to protect the right to
privacy by constructing basic information privacy protection
principles. Furthermore, this essay proposes an approach
to constructing a social-value-oriented information privacy theory.
Among others, in determining the context of privacy, if no social
precedents are available, the particular social activity’s
consequences, purposes, and values may first be identified, and then
these results may be used to trace back to the starting point and
consider how to regulate social activities.” [Huh? Bob]
Have I mentioned that I love Google? All of my
(so far unpublished) studies prove Google is a giant in the areas of
privacy protection, consumer rights and PAC donations.
Google’s
insidious shadow lobbying: How the Internet giant is bankrolling
friendly academics—and skirting federal investigations
In June 2011, Google had a problem. The Federal
Trade Commission (FTC) had opened
multiple investigations into whether the tech giant illegally
favored its own shopping and travel sites in search engine queries;
restricted advertisers from running ads on competing sites; and
copied rival search engines’ results.
To fight this threat, Google turned to a key
third-party validator: academia, and in particular one university
with a long history as an advocate for corporate interests.
From the beginning of the FTC investigation
through the end of 2013, Google gave George Mason University’s Law
and Economics Center (LEC) $762,000 in donations, confirmed by
cancelled checks obtained in a public records request. In exchange,
the LEC issued numerous studies supporting Google’s position that
they committed no legal violations, and hosted conferences on the
same issues where Google representatives suggested speakers and
invitees.
Is this how the FTC works? Make a deal then stand
by as it is ignored?
Albertsons
buys back stores feds forced it to sell
Less than a year after federal regulators forced
Albertsons Co. to sell off more than a 146 grocery stores as part of
a $9.2 billion merger with Safeway, the grocery chain has started
buying them back for pennies on the dollar.
And, in some cases, for only $1.
A federal bankruptcy judge on Tuesday approved
Albertsons' purchase of 33 stores, including three in Arizona, from
Haggen Holdings LLC, a Pacific Northwest grocery chain that failed
spectacularly months after it took over Albertsons stores in five
states.
The buyback appears to erode a Federal Trade
Commission order that required Albertsons and Safeway to divest 168
total stores to prevent the new company from having a monopoly in
dozens of markets.
… Haggen sold 55 stores at a bankruptcy
auction this month for about $47 million, court records show.
Albertsons paid $14.3 million for the 33 stores.
Albertsons’ bid price for nearly half of the stores was $1 each,
according to a story in The Wall Street Journal. It also
assumed liabilities as part of the purchase price.
Worth reading. Tells me something I never would
have suspected! For my App developing students.
How a
Food-Ordering App Broke into a Crowded Market
It’s not easy to find companies that genuinely
do things differently. But for the founders of the
takeout-ordering app Eat24, doing things differently is what
allowed them to build up their company into an attractive acquisition
target – they recently completed a
$134 million deal with Yelp.
… It’s true that the founders weren’t
technical experts, they had no previous startup experience, and
GrubHub already had impressive marketshare. But Eat24 managed to
bootstrap their app anyway. Here’s how.
1. Go after “undesirable” customers.
2. Go after “undesirable” media.
Oddly enough, Eat24’s biggest break came when they left
Google and Facebook as marketing platforms after advertising rates
rose. Eat24 instead turned to … porn
websites. The marketing expense was 90%
cheaper than on Google, Facebook, and Twitter – after
all, lots of companies don’t want to advertise on porn sites –
but the exposure was 200%
higher.
Moreover, return customers were four times higher. And
they were also reaching new customers — nine out of 10 visitors to
Eat24 from the sites were new, and conversion rates blew Facebook
away. As Nadav told an Israeli newspaper, “we just let the numbers
talk.”
Of course, this makes sense: the audience on porn
sites is young, male, more inclined to order food online.
Clearly the Brits do things differently.
Barclays
fined for lax crime checks in 'deal of century'
Britain's financial watchdog has fined Barclays (BARC.L) 72 million
pounds ($109 million) for cutting corners in checking wealthy
customers involved in a huge transaction described by one senior
manager as potentially the "deal of the century."
Barclays arranged the
1.9 billion pound transaction in 2011 and 2012 for a number of rich
clients deemed by the regulator to be politically exposed persons
(PEPs), or people holding prominent positions that could be open to
financial abuse.
That should require a
bank to conduct more detailed checks on them, but Barclays failed to
do so and in fact cut corners with its compliance procedures,
Britain's Financial Conduct Authority (FCA) said in a damning report
on Thursday.
"Barclays did not
follow its standard procedures, preferring instead to take on the
clients as quickly as possible and thereby generated 52.3 million
pounds in revenue," the FCA said.
Barclays, which
received a 30 percent
discount on the fine for settling at an early stage in the
investigation, said the FCA made no finding that the bank facilitated
any financial crime in relation to the transaction or the clients on
whose behalf it was executed.
… Just over 52
million pounds of the penalty on the bank comprised disgorgement,
meaning clawing back the profit Barclays made on the transaction.
That is the largest disgorgement penalty ever imposed by the FCA.
… FCA said Barclays
kept details of the clients and transaction off its computer system,
and had agreed that if their names were ever revealed it would have
had to pay them 37.7 million pounds.
"Barclays
restricted the number of its staff who were involved in the business
relationship and sought to address the financial crime risks that
were associated with it in an ad hoc way," the FCA said in a
37-page notice on the bank's failings.
… The bank also
failed to establish adequately the purpose and nature of the deal and
did not sufficiently corroborate the clients’ stated source of
wealth and source of funds for the transaction, the FCA said.
Real lawyers don't get caught!
AAP reports:
A law student has been charged with hacking the University of Queensland‘s computer system to cheat his way to better marks.
The student allegedly used a staff ID card to break into a staff area and logged on to the private system to upgrade the marks on his papers ahead of graduation, according to News Corp.
Read more on Brisbane
Times.
For years we lock ourselves out of this. Probably
not a good thing.
Why Cuba
Stands Tall in Health Care Metrics
Despite the decades long U.S. trade embargo,
Cuba’s health care system has thrived, building a record on major
health care metrics that is comparable with not only other countries
in the same per capita income bracket, but also with the U.S. Cuba
has also made remarkable advances in biotechnology, especially in
pediatric vaccines.
… One vaccine developed in Cuba, called
CimaVax, promises to be a cheap, safe, effective and easy to
administer treatment for lung cancer, according to a recent
Knowledge@Wharton
report. The vaccine has been developed by the
Havana-based Center for Molecular Immunology, and is now being tested
for the U.S. market by the Roswell Park Cancer Institute of Buffalo,
N.Y.
Perspective. We must look like a country of
techies, but what percentage can program their toys?
Smartphone,
computer or tablet? 36% of Americans own all three
by Sabrina
I. Pacifici on Nov 25, 2015
“A new
Pew Research Center analysis finds that 66% of Americans own at least
two digital devices – smartphone, desktop or laptop computer,
or tablet – and 36% own all three. Fueled in part by the rapid
adoption of smartphones and tablets, the share of American adults
who own a smartphone, computer and a tablet has doubled
since 2012. At that time, only 15% of U.S. adults owned all three
devices. The age group most likely to own multiple devices is 30- to
49-year-olds, half of whom report owning all three, according to our
2015 survey data. People who are more affluent and those with more
formal education also are more likely to own multiple devices.
Whites are a bit more likely than blacks to have all three gadgets,
while men and women are equally likely to do so…”
Now do the same with textbooks!
Raspberry
Pi Zero: The $5 computer has arrived
The Raspberry Pi Foundation has hit rock bottom.
After years of working to lower the cost of hobbyist and educational
computing, founder Eben Upton says it can go no further: at just $5
its
latest creation is as cheap is it can make a computer.
The $5 Raspberry Pi Zero follows on from the
wildly successful Raspberry Pi A, B and 2 computers, which cost $20
to $35.
But despite the staggeringly low price, it still
has many of the same features, and runs about 40 percent faster than
the Raspberry Pi 1.
No comments:
Post a Comment