120,000 Bitcoin Stolen in Bitfinex Breach
Hong Kong-based Bitfinex, one of the world’s largest digital currency
exchanges, suspended deposits and withdrawals on Tuesday after discovering a
security breach that resulted in a large amount of Bitcoin getting stolen. The incident led to a significant drop in the
value of Bitcoin.
Bitfinex launched an investigation and reported the breach
to law enforcement. The investigation so
far revealed that 119,756 Bitcoin have been stolen from customers’ wallets. The exchange platform believes other
currencies are not impacted.
The stolen Bitcoin units were worth roughly $72 million
before the breach was discovered, but the value of the cryptocurrency dropped
by more than 20 percent following the incident.
… No information
has been provided on how the security breach occurred. Bitfinex uses the
services of BitGo, which specializes in Bitcoin and blockchain security, but
BitGo says there is no
evidence of a breach on its own servers.
Bitfinex representative Zane Tackett explained on Reddit that the platform uses several security mechanisms,
but the attackers somehow managed to bypass them. The company also has limits in place to
prevent hackers from draining wallets, but those limits were circumvented as well.
Targeting phone numbers because they can’t read the
text?
Telegram explains what really happened from its ‘massive’
hacker attack
Telegram today responded to reports
that it was the victim of a “massive hacker attack” that originated in Iran. The messaging app company said that while 15
million accounts were implicated, the hack was not as severe as one might think
and only publicly available data was collected.
… Cyber researchers
shared
with Reuters that Iranian
hackers were able to access more than a dozen accounts on Telegram and
ultimately identify phone numbers of 15 million users in the country. It’s been claimed that Rocket Kitten was
behind the attack, carrying out “a common pattern of spearphishing campaigns
reflecting the interests and activities of the Iranian security apparatus.”
In response to the news, Telegram clarified that while
publicly available data was collected from among 15 million users, individual
accounts were not directly accessed. “Such mass checks are no longer possible since
we introduced some limitations into our API this year,” the company explained
in a blog post. That said, the company
did acknowledge that since its
app is based around phone contacts, anyone could “potentially” check to see if
a particular phone number is registered in the system — something
Telegram said was possible with WhatsApp, Facebook Messenger, and other similar
apps.
Too common. Why
spend money securing something you are trying to sell?
200 Million Yahoo Accounts Allegedly Held Ransom For 3
Bitcoins, Roughly $1,800 US
Surprise, surprise, Yahoo has been hacked AGAIN.
This time, 200 million Yahoo accounts
are supposedly being shopped around for 3 bitcoins, or roughly $1,800 USD.
A hacker known as Peace has listed the alleged credentials
of Yahoo users on The Real Deal marketplace. He had been trading the data privately, but
decided to go public on the dark web. Peace is also supposedly responsible for
selling recent dumps of MySpace
and LinkedIn accounts.
For my Computer Security students.
How to Know If Someone Has Hacked Your Social Media
Gmail has long had a feature that allows you to see if
your account is logged in at several locations. The feature also allows you to securely log those
locations out if you detect any suspicious activity.
If you want to protect your social media presence, there
are similar methods to make sure no one is accessing your Facebook or Twitter
accounts.
(Ditto)
The Ultimate Ransomware Website You Should Know About
Being hit by any kind of malware is nasty, but ransomware
packs an extra-tough punch because it locks you out of your own data. We’ve shown ways to protect yourself from ransomware, and it’s important
to stay vigilant in the fight against these terrible attacks.
Now, there’s a site that everyone should visit to learn
about ransomware, and it’s called NoMoreRansom.org. Sponsored by Kaspersky and Intel Security, the
site aims to be a resource for anyone to learn about ransomware, as well as to
help people affected by the infection get their stuff back if possible.
Something to amuse my Ethical Hacking students, but not
really much of a threat, yet.
The Jeep Hackers Are Back to Prove Car Hacking Can Get Much
Worse
Finding tools for Big Brother?
New initiative from Privacy International tracks the global
surveillance industry
by Sabrina
I. Pacifici on Aug 2, 2016
“A new initiative launched today by Privacy International
aims to track the growth and scale of the global surveillance industry, a
shadowy sector consisting of companies selling a wide range of electronic
surveillance technology to government agencies across the world. Made available today is the world’s largest
publicly available educational resource of data and documents on surveillance,
the Surveillance Industry Index (SII), which is based
on data collected by journalists, activists, and researchers across the world
and is the product of months of collaboration between Transparency Toolkit and
Privacy International. Accompanying the
index is a landmark report charting the
industry’s development and its current reach. The SII, which is completely searchable,
features over 1500 brochures and data on over 520 surveillance companies as
well as over 600 reported individual exports of specific surveillance
technologies taken from open source records, including investigative and
technical reports, as well as government export licensing data. The resource will help the public, activists,
journalists and policy makers better understand the modern surveillance
industry and technologies.”
Unfortunately, terrorist can easily schedule attacks just
before the “emergency” expires, to keep any country in crisis mode.
… France’s
parliament on July 22 did not simply extend the state of emergency that
President Francois Hollande declared in the wake of the horrific Paris attacks last
November. Propelled by the despicable
Bastille Day attack a week earlier in Nice,
lawmakers significantly expanded emergency powers of police search, seizure and
detention. They also used the emergency
powers act to slip more than a dozen new draconian counterterrorism provisions
into French criminal law. In contrast to
the emergency measures, which lapse in six months, these changes to France’s
criminal codes are permanent.
Interesting. I
wonder if I could use this technique here in the US?
Why ‘Missed Call’ Marketing Has Taken Hold in India
… In India,
however, recent census data shows that 75% of the population earns less than
Rs. 5,000 ($75) a month. So how many
people can afford their monthly mobile bill?
Surprisingly, the number is very high. There are two reasons for this. Handset prices are plummeting.
… The second
reason is that a missed call (miskol in the Philippines; beep in Africa;
memancing in Indonesia; and flashcall in Pakistan) costs nothing. Drivers and maids call their employers and
disconnect. The employer calls back,
thus effectively transferring charges.
… “Missed call
marketing (MCM) is the simple concept of engaging via a free call,” says Anurag
Banerjee, chief growth officer of Ozonetel Systems, a provider of cloud
communication services that enables businesses to run missed call campaigns on
its platform. A consumer calls a number
and hangs up and receives a call back or an SMS sharing the cricket score or
whatever. Most missed call activation
campaigns are simple one-or-two-step processes.
… Want to hear
Prime Minister Narendra Modi’s latest Mann ki Baat (Words from the
heart) speech? Give a missed call. One million people did so after a new phone
number was released.
… The Employees
Provident Fund Organization has started a missed-call service for its 35
million contributing members which enables them to track their account balance.
… “It needs a
smaller infrastructure set-up to receive missed calls and, therefore, it offers
huge capacity to receive user requests,” he says. “Then, using outbound dialing lines, a return
call can be made as and when capacity for calling back is available. Toll-free numbers also allow users to access
information at zero cost. When a user
calls toll-free, he gets connected to the brand using inbound dialing lines. If a large number of callers is expected to
access the number, the company has to put in more infrastructure for receiving
calls. Also, at peak load, users get a
busy signal.
This can’t be correct, can it? We don’t negotiate with terrorist and we don’t
pay ransoms. Doing so would make travel
to any country short on hard currency a much greater risk. Are we that dumb?
Report: U.S. sent $400M cash to Iran as American detainees
freed
… The Obama
administration strongly denied paying any ransom to Iran, Brennan says, but
according to details first reported by the Wall Street Journal, currency worth
$400 million was flown into Tehran on a cargo plane around the same time that
the Americans were released.
The plane was loaded with cash: Euros, Swiss Francs and
other currencies, since any transaction with Iran in dollars is illegal under
United States law.
Senior U.S. officials, Brennan reports, claimed the timing
was coincidental: President Obama had planned to pay Tehran nearly 2 billion
dollars to settle an outstanding legal dispute from before the 1979 Islamic
Revolution.
"With the nuclear deal done, prisoners released, the
time was right to resolve this dispute as well," Obama said.
But the administration never consulted congress, according
to Republican Congressman Ed Royce, who accused the White House of paying
ransom to a state sponsor of terrorism, and as details of the cash became
public Tuesday, there were instant reverberations on the campaign trail.
Too cool! I’ll remember
this next time I teach statistics.
Credit Suisse is using cheesecake to forecast sales at
Nordstrom
When Nordstrom stopped reporting monthly same-store sales,
a very important number for investors, an alternative had to be found.
The answer was cheesecake, or The
Cheesecake Factory to be exact.
The Cheesecake Factory still reports monthly same-store
sales in its quarterly report, often a few weeks ahead of Nordstrom.
"As we have generally considered Nordstrom's customer
to be similar to The Cheesecake Factory's (CAKE) customer, we took a deeper
look at just how profound the overlap actually is," Michael Exstein, a
Credit Suisse analyst, said in a note to clients.
"We found from our analysis that the historical
[comparable same-store] sales are in fact very closely correlated, as the
companies' store locations are for the most part in very close proximity to one
another."
… It seems
ridiculous, but it actually seems to work.
A regression analysis comparing historical same-store
sales data between the companies shows an R-value of 0.93 — the closer to 1,
the closer the two match each other. When
comparing total sales, the R-value drops slightly to 0.89. (Those values were calculated by Credit Suisse
based on historical data through 2013, and just because they were related in
the past doesn't mean they will continue to be.)
Better than Notepad++?
11 Sublime Text Tips for Productivity and a Faster Workflow
If you’re a programmer, you’re either more
comfortable using a text editor or a full-blown IDE, and your choice
will likely depend on the programming languages you use. But if you go the text editor route, Sublime
Text is the king.
No comments:
Post a Comment