Wednesday, December 23, 2015

Hard to tell how good this guy was. He could have tried to Phish thousands of “celebrities” and only managed to get to 130. (Apparently it is mandatory for celebrities to have sex tapes.)
Feds arrest hacker for stealing scripts, celeb identities and sex tapes
The Department of Homeland Security has arrested and charged (PDF) a man from the Bahamas for stealing unreleased movie/TV scripts along with celebrities' files and sensitive information. According to The New York Times, the 23-year-old hacker named Alonzo Knowles contacted a radio host in an effort to sell his loot, which included the scripts for six episodes of a hit drama currently being filmed. When the unnamed host got in touch with Homeland Security, the agency cooked up a sting operation and had him put Knowles in touch with an undercover investigator posing as a buyer.
… The accused allegedly tried to sell the agent 15 scripts and the social security numbers of two athletes and a movie actress for $80,000. He also showed the agent a sex tape, saying that it's merely a "sample of things [he] can get" -- he had "more stuff along these lines and can get more" if the buyer was interested.
… He reportedly admitted to the undercover agent that when it was too difficult to hack a particular celebrity, he would look at pictures online to see who his friends are and then hack them instead. He'd also send fake automated text messages telling recipients that their accounts had been hacked, and some people actually replied with their passwords. Other times, he'd send a virus to celebrities' computers to infiltrate their systems.

Is government really able to run anything?
Inslee: Error releases up to 3,200 inmates early
For three years, state Department of Corrections staff knew a software-coding error was miscalculating prison sentences and allowing inmates to be released early. On Tuesday, Gov. Jay Inslee gave the damning tally: up to 3,200 prisoners set free too soon since 2002.
The problem stemmed from “good time” credits applied to certain prison sentences, and was discovered, according to the Corrections Department, only after a victim’s family alerted officials in 2012 that they might be planning to release an offender too early. Once the broader problem was discovered, a scheduled software fix got caught up in repeated IT delays, yet to be explained.
“That this problem was allowed to continue to exist for 13 years is deeply disappointing,” Inslee said. “It is totally unacceptable, and frankly it is maddening.”
… The governor ordered the DOC to halt all releases of prisoners whose sentences could have been affected until a hand calculation is done to ensure offenders are being released on the correct date. [Why not three years ago? Bob]

For my Canadian students, eh?
Howard Solomon reports:
Of all the publicly-disclosed data or privacy breaches in this country in 2015, one topped them all by a wide margin: Ashley Madison.
With over 30 million records exposed from the dating site, a $578 million class action suit filed against parent Avid Life Media, the CEO resigning after his emails were published, the attack is easily one of the largest reported in Canadian history.
But it’s easy for infosec pros to sit back and think, ‘Thank Gawd my company isn’t such a big fat target.’ Instead, they should remember all of the smaller breaches that happened this year as a lesson that corporations and government departments aren’t the only targets. Here’s just three of them:
Read more on IT World Canada, where Solomon actually mentions a number of incidents, including a few you may not have heard about.

Economics and debasing a virtual currency?
Rand – National Security Implications of Virtual Currency
by Sabrina I. Pacifici on Dec 22, 2015
Joshua Baron, Angela O’Mahony, David Manheim, Cynthia Dion-Schwarz: “This report examines the feasibility for non-state actors, including terrorist and insurgent groups, to increase their political and/or economic power by deploying a virtual currency (VC) for use in regular economic transactions. A VC, such as Bitcoin, is a digital representation of value that can be transferred, stored, or traded electronically and that is neither issued by a central bank or public authority, nor necessarily attached to a fiat currency (dollars, euros, etc.), but is accepted by people as a means of payment. We addressed the following research questions from both the technological and political-economic perspectives: (1) Why would a non-state actor deploy a VC? That is, what political and/or economic utility is there to gain? How might this non-state actor go about such a deployment? What challenges would it have to overcome? (2) How might a government or organization successfully technologically disrupt a VC deployment by a non-state actor, and what degree of cyber sophistication would be required? (3) What additional capabilities become possible when the technologies underlying the development and implementation of VCs are used for purposes broader than currency? This report should be of interest to policymakers interested in technology, counterterrorism, and intelligence and law enforcement issues, as well as for VC and cybersecurity researchers.”

To steal a line from Jaws, “We're gonna need a bigger jail!” (This guy makes me look anorexic.) But wait! The fun is not over yet!
Kim Dotcom Eligible to Be Extradited to U.S., New Zealand Court Rules
Internet entrepreneur Kim Dotcom and three co-defendants are eligible to be extradited to the U.S. to face charges including criminal copyright infringement, money laundering and conspiracy to commit racketeering, a New Zealand court ruled on Wednesday.
… His New Zealand-based lawyer Ron Mansfield told The Wall Street Journal that Mr. Dotcom is positive he can succeed in the higher courts in New Zealand. “We’ve just got through the starter’s gates, we haven’t lost the race. We remain pretty confident.”

Interesting, it is. This Infographic, you should see.
Wait, The Force Awakens Made How Much?

Free is good!
Free eBook Today Only: ‘Preserving Your Privacy in Windows 10
This free eBook is available today (12/23) only! Don’t miss out!

No comments: