India investigating French submarine company data leak
India is investigating a massive data leak from French
shipbuilder DCNS that affects a major submarine contract for its navy, defence
officials say.
The leak of more than 22,000 pages exposes secrets about
the combat capabilities of Scorpene-class vessels.
It is not clear who first obtained the confidential
documents, which were made public by the Australian media.
… The Scorpene
submarines are small-to-intermediate
size vessels currently in use in Malaysia and Chile. Brazil is due to deploy the submarine type in
2018.
A roving band of ATM hackers?
The hackers made off with at least 12 million baht
($346,000) by inserting cards installed with malware into multiple cash
machines run by Thailand's state-run Government Savings Bank (GSB) in late
July.
The theft came shortly after Taiwan announced that a group
of foreigners had managed to steal $2.5 million from cash machines using a
similar method.
A Latvian, a Romanian and a Moldovan were arrested over
the Taiwan heist but a number of suspects -- including five Russians -- managed
to flee abroad.
… Police said at
least 21 ATMs were hacked, some of them spitting out up to a million baht at a
time. They said the bank had not immediately noticed the theft.
Those behind the heist stood for long periods at the cash
machines, usually late at night, prompting police to ask Thais to watch out for
strange behaviour by foreigners at cash machines.
Another cost of a breach.
Even though no fine is mentioned.
Ashley Madison parent broke Canada, Australia privacy laws
The parent company of infidelity dating website Ashley
Madison was responsible for numerous violations of privacy laws at the time of
a massive release of customer data in a cyber attack last year, privacy
watchdogs in Canada and Australia said on Tuesday.
The two countries launched
an investigation after the 2015 breach of Avid Life Media Inc's computer
network, when hackers exposed the personal details of millions who signed up
for the site with the slogan "Life is short. Have an affair."
… The
company is also the target of a U.S. Federal Trade Commission investigation,
Avid Life Media executives told Reuters in July. [nL1N19R1MA]
For my Computer Security students. (Registration required)
2016 Cyber Weapons Report
What tools do attackers use? The 2016 Cyber Weapons Report seeks to address
this question by analyzing attack behaviors in real-world environments. This report focuses on the anomalous activity
that occur after the initial intrusion, including command and control,
reconnaissance, lateral movement and data exfiltration. That activity is then traced back
automatically to the originating process, using a technology called Network to
Process Association. This results in a
first-of-its-kind quantitative view of attack tools.
(Ditto) This surprises me.
I don’t think we’ve ever seen this level of abandonment. For example, I don’t think Target saw even a
1% loss of customers. Has there been a
change in public perception or is the survey flawed?
19% of shoppers would abandon a retailer that’s been hacked
The 2016 KPMG Consumer Loss Barometer report surveyed 448 consumers
in the U.S. and found that 19% would abandon a retailer entirely over a hack. Another 33% said that fears their personal
information would be exposed would keep them from shopping at the breached
retailer for more than three months.
The study also looked at 100 cybersecurity executives and
found that 55% said they haven't spent money on cybersecurity in the past year and
42% said their company didn't have a leader in charge of information security. [Now that I
believe! Bob]
Just in time for my Computer Security class lecture on
Privacy!
The Independent – full list of 98 different datapoints that
Facebook stores about people
by Sabrina
I. Pacifici on Aug 23, 2016
For the Ethical Hacking class toolkit. We have 3D printers; we can make those
Mission Impossible masks!
Researchers Bypass Modern Face Authentication Systems
Earlier this month, researchers Yi Xu, True Price,
Jan-Michael Frahm, and Fabian Monrose presented their findings at the USENIX
Security Symposium in Austin, Texas, and have published the research in a paper (PDF) entitled Virtual U: Defeating Face Liveness Detection by Building Virtual Models
from Your Public Photos.
The novel approach to fooling face authentication systems
relies on creating realistic, textured, 3D facial models based on pictures that
the target user has shared on social media. [To be
secure, be antisocial! Bob]
Panopticon, Baltimore style? Will this be coming to every major city? I bet the police would love it! (And there is really no need for this to be
secret.) This would be better done by
drones.
Secret Cameras Record Baltimore’s Every Move From Above
… Since the
beginning of the year, the Baltimore Police Department had been using the plane
to investigate all sorts of crimes, from property thefts to shootings. The Cessna sometimes flew above the city for
as many as 10 hours a day, and the public had no idea it was there.
A company called Persistent Surveillance Systems, based in Dayton, Ohio,
provided the service to the police, and the funding came from a private donor. No public disclosure of the program had ever
been made.
Another technology that requires a warrant. Will all new technologies eventually need a
warrant?
Abraham J. Rein of Post & Schell PC writes:
In July, for the first time, a federal judge suppressed evidence in a
criminal case from a device which, by mimicking a cell tower, can be used to
geolocate a cellphone with surprising precision. The device is a cell-site
simulator, often referred to as a “stingray.” Versions of the stingray have
been used by federal law enforcement since at least the 1990s, and controversy
has swirled around the device since a government-imposed veil of secrecy began
to lift earlier this decade. Where does the recent federal decision fit in this
history, and what might its impact be? Let’s begin with the case.Read more on http://www.postschell.com./ The PDF: The PDF
Probably still a para-legal tool. Lawyers may dabble in discovery, but they do
strategy, not the hard, boring, repetitive stuff.
Logikcull raises $10M to let lawyers analyze documents at the
speed of a thousand interns
… eDiscovery may
mean a team of associates combing through hundreds of pages of email
correspondence on a screen, instead of printing it all out like lawyers used to
do. A win for the environment yes, but
still very, very time consuming and not really taking advantage of technology.
But Logikcull
is a software company trying to change this, and just closed $10M in Series A
funding from OpenView
Ventures and Storm
Ventures to help.
… Lawyers can
bulk-upload all the messy information they need to examine (even if it’s an
entire hard drive of different types of files) and Logikcull will organize all
the different file types into one searchable database.
… Essentially, the
platform can be used for any task that requires you to organize and search a
crazy amount of documents.
The company charges per user, and a small law firm
can expect to pay $15k-$30k per year. Expensive
yes, but not if the alternative is paying hundreds of extra hours in legal fees
at $600 per hour.
If you fail to stockpile food and your Internet goes out,
will you starve?
Stockpile Food in Case of Attack, Germany Tells Citizens
Germany on Wednesday urged its population to
stockpile food and water in case of terrorist or cyber attacks, as it adopted
its first civil defense strategy since the end of the Cold War.
… It also
encourages the people to stockpile sufficient food for 10 days, and water to
last five.
Would you call this an “intermediate currency?” If so, I predict it is doomed. (Disintermediation, you know) Another indication that my students need to
understand this technology.
UBS leads team of banks working on blockchain settlement
system
Swiss bank UBS (UBSG.S)
is leading a team of four of the world's biggest banks developing a system to
enable financial markets to make payments and settle transactions quickly using
blockchain technology.
UBS has developed a
"Utility Settlement Coin" (USC), which is a digital cash equivalent
of each of the major currencies backed by central banks, such as the dollar or
euro, rather than a decentralized new digital currency such as bitcoin.
Once upon a time, all you had to do was make change.
Shopify launches its POS app and card reader in the UK
Shopify is launching its retail hardware and point-of-sale
app for merchants in the UK. The reader
supports tap, chip and swipe payments, letting retailers accept both
contactless and traditional card-based payments, and the free app works in
tandem with the reader device on either iPhone or iPad.
My students might find this handy, those who can find the
library that is.
LibGuides Community
by Sabrina
I. Pacifici on Aug 23, 2016
“Search for LibGuides content and librarian authors, and
find great examples of guides from our worldwide user community.”
494,916 published guides 113,876 librarians 5,184 institutions 74 countries
494,916 published guides 113,876 librarians 5,184 institutions 74 countries
No comments:
Post a Comment