Sunday, July 31, 2016

This says, “We get attacked too, but we’re better at Cyber defense than the US.” 
Russia Claims Cyber Attack Plan Uncovered
The Russian secret service on Saturday said it uncovered a planned cyber attack against some two dozen government and military organisations.
In a statement, the feared FSB said it had detected malware "intended for use to spy online on some 20 institutions in Russia".
The organizations in question were government, scientific and military institutions, the FSB said.
"The circumstances appear to indicate... a planned attack, designed by professionals," it added.
   According to the FSB, the virus was sent as an attachment in an email, allowing the sender to intercept data traffic, listen in on phone calls, take screenshots, switch on microphones and cameras and log keystrokes.
The statement came as US Democrats said Saturday they had been targeted by yet another cyber attack.

Is Facebook really getting better?  They think so.
Facebook's privacy chief insists Facebook is 'a privacy-enhancing platform'
   Facebook was battered with criticism about its privacy practices—including a settlement with the Federal Trade Commission over charges that Facebook “deceived consumers by telling them they could keep their information on Facebook private and then repeatedly allowing to be made public,” which resulted in the company agreeing to undergo two decades of regular privacy audits.
That's why Zuckerberg brought in Erin Egan.  Previously a partner at Covington & Burling, where she co-chaired the law firm's Global Privacy and Data Security practice group, Egan's job was to build Facebook a privacy program from scratch—and that's precisely what she's done.
   Facebook's record has improved dramatically as the company has realized that, for many users, being able to meaningfully manage their privacy is a way to set the social network apart.

If this sounds familiar, it’s because it is. 
5 Takeaways From Cisco's Big Cybersecurity Report
Companies are still using outdated technology leaving them prone to cyber attacks, security researchers are losing their confidence, and hackers are making millions of dollars through so-called ransomware attacks.
These are some of the findings detailed in Cisco’s annual report on the state of cybersecurity based on research the company obtained from customers, outside security analysts, and its networking devices connected to the Internet.
Here’s five interesting takeaways from the big report:
1. Hackers love ransomware
2. Adobe Flash is still bad for cybersecurity
3. Hackers are setting up shop in abandoned WordPress websites
4. Companies with old, outdated technology are at risk of attacks
5. Security teams are losing their confidence

Perspective.  Interesting slide from the talk, too. 
America uses stealthy submarines to hack other countries’ systems
   In fact, subs represent an important component of America's cyber strategy.  They act defensively to protect themselves and the country from digital attack, but — more interestingly — they also have a role to play in carrying out cyberattacks, according to two U.S. Navy officials at a recent Washington conference.
"There is a — an offensive capability that we are, that we prize very highly," said Rear Adm. Michael Jabaley, the U.S. Navy's program executive officer for submarines.  "And this is where I really can't talk about much, but suffice to say we have submarines out there on the front lines that are very involved, at the highest technical level, doing exactly the kind of things that you would want them to do."
   But even this doesn't compare to what the Navy wants to be able to do next: turn its submarines into motherships for underwater drones that can maneuver themselves even closer to shore and conduct jamming or hacking operations while allowing the sub to work at a distance.

Why didn’t I think of this?  Also lists a lot of articles on failures of security. 
   Mudge and his wife, Sarah, a former NSA mathematician, have developed a first-of-its-kind method for testing and scoring the security of software — a method inspired partly by Underwriters Laboratories, that century-old entity responsible for the familiar circled UL seal that tells you your toaster and hair dryer have been tested for safety and won’t burst into flames.
Called the Cyber Independent Testing Lab, the Zatkos’ operation won’t tell you if your software is literally incendiary, but it will give you a way to comparison-shop browsers, applications, and antivirus products according to how hardened they are against attack.  It may also push software makers to improve their code to avoid a low score and remain competitive.
“There are applications out there that really do demonstrate good [security] hygiene … and the vast majority are somewhere else on the continuum from moderate to atrocious,” Peiter Zatko says.  “But the nice thing is that now you can actually see where the software package lives on that continuum.”
Joshua Corman, founder of I Am the Cavalry, a group aimed at improving the security of software in critical devices like cars and medical devices, and head of the Cyber Statecraft Initiative for the Atlantic Council, says the public is in sore need of data that can help people assess the security of software products.

Perspective.  A very “hands on” business, lifted by online sales – which it delivers. 
UPS Profits Rise on E-Commerce Growth
Revenue increased 3.8% to $14.63 billion for the second quarter, while profit rose to $1.27 billion.  UPS forecast its e-commerce business will grow faster than expected through the end of the year, as U.S. consumers continue to show strength.

For the paranoid or the easily annoyed?  
Google Search now helps you set up email notifications for when you’re mentioned on the web
Now when you Google yourself, so long as you’re logged in to Google and you’ve allowed Google to save your web and app activity, Google will show you a new widget at the bottom of the first page of search results that will help you easily set up a new Google Alert for new references of your name.
This is a reasonable move for Google to make. Google Alerts have been around since 2003.  These days if you want to find out what’s online about you, you Google yourself, you don’t set up a Google Alert.  But the thing is even though they’re not the hot new thing, Google Alerts work well. You can adjust settings like email frequency, source types, languages, regions, whether to only send the best results, and the email address to send alerts to.  So Google Alerts provide the back end for this new tool.

No comments: