Monday, August 01, 2016

Hacking for fun and profit? 
Tuoi Tre News reports:
Two Vietnamese commercial banks have taken measures to protect customers who have used their cards in transactions with Vietnam Airlines, in the wake of a breach concerning more than 400,000 membership credentials of the national flag carrier.
An alleged group of Chinese hackers compromised the Vietnam Airlines system on Friday, stealing information from some 410,000 VIP member accounts of the carrier’s Lotusmiles program.
The data, including names, birthdays and addresses of the members, were later made available for download by the hackers, raising further security issues for those affected.
Read more on Tuoi Tre News.

If they were really good, they would not have been detected.
North Korea Hacked Into Emails of Seoul Officials: Report
Seoul prosecutors on Monday accused North Korea of hacking into the email accounts of dozens of South Korean government officials this year, the latest in the series of suspected cyber attacks by Pyongyang.
   "The passwords of 56 accounts were stolen," the statement said.
The hackers set up 27 phishing sites in January posing as popular portals like Google and South Korea's Naver, as well as government and university websites, to steal the passwords.
The prosecutors said the malicious codes used in the latest attack were the same as the ones used by North Korea in previous attacks on the South.  [Suggesting they were following a script?  Bob]
   The latest cyber attack comes just days after South Korean police said the North stole the personal data of over 10 million customers at South Korean online shopping mall Interpark.
Interpark was unaware about the attack until July 11, when it was blackmailed with threats to publicise the leaked data unless the company paid three billion won (US$2.7 million).
The National Police Agency said the North's main spy agency -- the Reconnaissance General Bureau -- had organised the hack in a bid to earn hard currency.

A security company to watch?
Cybersecurity startup PhishMe raises $42.5 million to help employees spot phishing attacks
PhishMe, a cybersecurity startup that helps companies thwart phishing attacks among other targeted malware, has closed a $42.5 million series C round led by existing investor Paladin Capital Group, with participation from Bessemer Venture Partners.
Founded in 2011, Virginia-based PhishMe provides the tools to engage employees across an organization so that they can recognize malicious phishing emails.  Part of this involves conditioning them into being able to spot rogue emails, but it also lets them easily report questionable emails to the appropriate security teams internally.
   Cybersecurity has emerged as one of the hottest categories for investment in recent times — just yesterday, SafeBreach raised $15 million to test companies’ cybersecurity from a hacker’s perspective.  And in the past couple of months, other notable cybersecurity investments include Bay Dynamics raising $23 million for its risk analytics platform, Post-Quantum nabbing $8 million, Darktrace securing $65 million, SecurityScorecard closing a $20 million round, and Cylance attracting $100 million for its A.I.-driven security platform.
So what makes PhishMe stand out for its new investor?
“Despite the growing number of security vendors in the market, we quickly realized the huge potential behind PhishMe’s business proposition,” explained Alex Ferrara, partner at Bessemer Venture Capital.  “The most damaging cyber-attacks almost always involve phishing or spear phishing attempts and that is why empowering the human element or employees to detect these phishing campaigns has become a top priority for modern enterprises.”

Because Microsoft won’t hand over emails stored in Ireland? 
On July 15, the Obama administration unveiled proposed legislation designed to improve the process by which law enforcement agents access digital evidence across borders.  (David Kris has a superb summary of the legislation here.)  This is something that the two of us have long urged, and we were both pleased to see the administration’s ultimate—and extremely thoughtful—proposal.  (Indeed, the proposal reflects many of the human rights and privacy protections that we proposed several months ago.)
In this post, we seek to clarify what the legislation does and why it is necessary—for our economy, our security, and perhaps most of all, our privacy.

Attention Ethical Hacking students!  You can’t use Watson to help with your final exam!  Can you?  (This was the Best Use of Watson?) 
How a Dev Got Watson to Play Pokémon GO For Him
Nintendo's Pokémon GO has already overtaken Candy Crush Saga to become one of the most-used apps.  One of the main draws of the game for many people is that it gets players off their couches and out into the real world in search of Pokémon, and this post by Lynne Slowey on IBM’s Internet of Things blog highlights an impressive use of the Watson API to help players find these virtual creatures.
   When approaching a Pokéstop, the Watson API takes screenshots of the app in the background at regular intervals.  The screenshots are sent to the Watson Visual Recognition API for analysis, with a trained classifier able to tell if there are any Pokémon nearby from those screen shots, with the location broadcast to nearby players.
Hsu’s project ended up winning Best Use of Watson challenge at the AT&T Shape Tech Expo Hackathon in San Francisco.  While it certainly fits with the collaborative gameplay ideal that encourages people to work together and help each other find Pokémon, it also raises the potential for some innovative ways to monetize the game, such as advertising, subscriptions, or to draw players to a physical business location.

The Didi-Uber deal seems more an agreement not to compete than a buyout or merger. 
Did Apple just grab a slice of Uber?
A lot of people will be talking about news this morning that Didi is to buy Uber China in a deal valued at around $35 billion, a deal that puts Apple firmly in the ride-sharing market.
What’s setting speculation free is Apple’s recent billion-dollar investment in Didi and its widely reported Apple Car plans.
   What that means is that for the cost of its billion-dollar Didi investment, Apple now has a stake in Uber and relationships with ride hailing services worldwide.
That’s a pretty useful position to be in when the company appears to be heavily invested in Apple Car.

It’s not Pokémon, but it might be some day.
Chinese consortium agrees to $4.4 billion deal for Caesars online games
   Caesars Entertainment’s main operating unit, Caesars Entertainment Operating Co Inc, is currently involved in an $18 billion bankruptcy and is seeking creditor approval for a restructuring plan.  The transaction between CAC and the Caesars Entertainment parent is part of a complex web of deals that have come under scrutiny by CEOC’s creditors.
Chinese companies are eager to expand beyond their home country, which boasts the world’s largest online gaming market.  In June, Tencent Holdings, China’s biggest gaming group, agreed to buy a majority stake in “Clash of Clans” mobile game maker Supercell from SoftBank Group in an $8.6 billion deal.
Caesars’ online games business, known as Playtika, makes its games such as Bingo Blitz and Slotomania available on Apple’s App Store. Playatika will continue to operate independently with its own management team and its headquarters remaining in Herzliya, Israel, following the deal, the companies said.
Playtika players use virtual currency that cannot be exchanged for real money, although players can spend money by buying items in the games.  Caesars’ World Series of Poker and real-money online gaming businesses are not part of the deal, according to the companies.

GSK and Google parent forge $715 million bioelectronic medicines firm
   Galvani will develop miniaturized, implantable devices that can modify electrical nerve signals. The aim is to modulate irregular or altered impulses that occur in many illnesses.
GSK believes chronic conditions such as diabetes, arthritis and asthma could be treated using these tiny devices, which consist of a electronic collar that wraps around nerves.
   GSK first unveiled its ambitions in bioelectronics in a paper in the journal Nature three years ago and believes it is ahead of Big Pharma rivals in developing medicines that use electrical impulses rather than traditional chemicals or proteins.
The tie-up shows the growing convergence of healthcare and technology.  Verily already has several other medical projects in the works, including the development of a smart contact lens in partnership with the Swiss drugmaker Novartis that has an embedded glucose sensor to help monitor diabetes.

I think that I shall never see
A poem lovely as a synthetic tree.  Doesn’t work does it? 
The ultimate “Green” technology? 
Artificial Leaf That Produces Fuel From CO2 And Sunlight
   “The new solar cell is not photovoltaic — it’s photosynthetic,” Amin Salehi-Khojin, assistant professor of mechanical and industrial engineering at UIC, said. Salehi-Khojin, who is also the senior author of a related study published in the Science journal, added: “Instead of producing energy in an unsustainable one-way route from fossil fuels to greenhouse gas, we can now reverse the process and recycle atmospheric carbon into fuel using sunlight.
The new solar cells can remove carbon dioxide, or CO2, from the atmosphere — like trees do — and farms that use such cells as artificial leaves “could produce energy-dense fuel efficiently,” according to the UIC website.  The fuel produced by the cells is “synthesis gas, a mixture of hydrogen gas and carbon monoxide,” which “can be burned directly, or converted into diesel or other hydrocarbon fuels.”

As a blogger…
Fair Use issues for journalists, researchers, bloggers
by Sabrina I. Pacifici on Jul 31, 2016
When Does ‘Fair Use’ Become Unfair? Copyright law allows journalists to quote just enough — but not too much. Who draws the line? / By Paul Raeburn
“In the United States, copyright protection for authors and other creators comes with the explicit understanding that others have “the right to use copyrighted material without permissions or payment under some circumstances — especially when the cultural or social benefits or the use are predominant.”  That seems straightforward enough.  But it has puzzled and worried journalists for decades…Peter Jaszi and Pat Aufderheide at American University have written a “Set of Principles in Fair Use For Journalism,” which covers most of the questions likely to come up in a newsroom or at a freelancer’s desk…”

No comments: