Friday, July 01, 2016
A cyber incident is affecting compute systems in Larimer County.
The county’s computer systems have had limited function since the incident on Wednesday.
County officials say they’re working with security providers to find the cause and get the restores services. County data is secure and protected. The duration of this event is unknown.
Read more on 9News.
[From the article:
For a detailed list of impacts to individual departments and offices, visit: http://www.larimer.org/service-impact.cfm. Larimer County will also provide service impacts via its social network sites on Facebook and Twitter.
For my Computer Security students.
They're Just Like Us: Oculus CEO Hacked Thanks to Terrible Password
… The person behind the attack claimed that he or she found one of Iribe's old passwords listed within the big dump of MySpace user name and password combinations that hit last month. The attacker also claimed that he or she could have accessed Iribe's email account had he not protected that with two-factor authentication—though it's unclear whether the attacker meant Iribe's personal account or his Oculus account, one scenario likely a lot more catastrophic than the other.
My Computer Security students just got a lot more valuable.
A pen test a day keeps hackers away
Besides the fact that there is no other way to really test your network, The PCI Security Standards Council finally released version 3. 2 and it now states, “To ensure resilience, service providers are now required to perform penetration testing on segmentation controls at least every six months," according to a new sub-requirement 188.8.131.52. The PCI SSC also added a testing procedure 11.3.4 to ensure that penetration testing is performed by a qualified internal or external third party.
So the once a year PEN test is gone and rightly so, some PEN testers like ShoreBreak Security offer continuous PEN testing. Shore Break CEO Mark Wolfgang says "PEN testing once a year is like mowing your lawn once a year, it does not keep up with reality."
Joe Cadillic has two new blog posts that you will want to check out.
The Indianapolis Metropolitan Police Department (IMPD) is using a ‘Social Disorder Index’ (SDI) to determine the level of social disorder a location presents to its surrounding community. SDI can map areas as small as 250 feet by 250 feet.
According to the IndyStar, police used SDI to target areas and arrest people with a propensity for violence.
…Police are secretly using PBS television stations to spy on Americans
DHS is using Public Broadcasting Service (PBS) television stations to send videos and messages to law enforcement across the country.
“Once the hardware [IP encapsulator] is set up at the television station to enable this capability, data recipients will need a datacast receiver connected to their computer in order to receive the information being broadcast from the PBS station. Datacasting’s software allows the owners of the video and other data to target individual users or groups of receivers to receive the video, files and notifications being transmitted.”
Alex Schiffer reports:
When Sports Authority Inc. said “everything must go,” it meant everything – including its customers’ personal information.
The Colorado sporting goods retailer, which filed for Chapter 11 bankruptcy protection in March, auctioned this week its intellectual property, including the Sports Authority name, its e-commerce site and about 114 million customers’ files and 25 million email addresses. Dick’s Sporting Goods won with a $15-million bid.
Read more on Los Angeles Times.
Why were they allowed to auction off consumers’ information, you wonder, remembering what happened with RadioShack? There’s an answer. Schiffer explains:
Businesses have the legal right to sell consumer information as long as their privacy policies make it clear that data can be transferred or sold if the company is acquired or goes under.
This could be a really bad idea. Think terrorist incident…
Apple patents technology to block your phone camera
… The technology could stop people from making illegal recordings at concert venues, in cinemas or theaters.
The patent described how an infrared signal could be fired in places where video recording is prohibited. The phone would detect the signal and either alter what's shown on the screen or shut down its video features completely.
For my Data Management students.
Brazil Judge Freezes Facebook Funds in Cocaine Smuggling Case
A court in Brazil on Thursday blocked 19.5 million reais ($6.07 million) in Facebook funds after the U.S-based social networking company’s WhatsApp messaging service failed to turn over messages sought in a drugs case, the G1 news service said.
Brazil’s federal police said WhatsApp has defied repeated orders to turn over messages sent and received by suspected members of an international cocaine smuggling ring that has been under investigation since January.
… At the time of that blockage, Facebook said WhatsApp does not store client messages and could not read them if they did because they are encrypted.
Caesar’s wife and Hillary’s husband?
Bill Clinton & Loretta Lynch meeting: 'Incredibly bad judgment'
… Both should have instantly realized that their private meeting might create public suspicion that something improper must have occurred. After all Donald Trump has been tossing corruption accusations at Hillary Clinton with the frequency of firings on "The Apprentice."
Not being able to see white could make it hard to sell Teslas in snowy Colorado.
Tesla's Autonomous Driving Fatal Accident Needs To Be Kept In Context
… The company posted on its website on Thursday that the NHTSA (National Highway Transportation Safety Administration) decided to open a preliminary investigation and Tesla provided background information on what occurred.
From the post it appears that the accident was a combination of unfortunate circumstances and timing. “The vehicle was on a divided highway with Autopilot engaged when a tractor trailer drove across the highway perpendicular to the Model S. Neither Autopilot nor the driver noticed the white side of the tractor trailer against a brightly lit sky, so the brake was not applied. The high ride height of the trailer combined with its positioning across the road and the extremely rare circumstances of the impact caused the Model S to pass under the trailer, with the bottom of the trailer impacting the windshield of the Model S.”