Friday, October 21, 2016
So simple, even a caveman could do it? So easy to avoid, why can’t a politician do it?
Lorenzo Franceschi-Bicchierai reports:
On March 19 of this year, Hillary Clinton’s campaign chairman John Podesta received an alarming email that appeared to come from Google.
The email, however, didn’t come from the internet giant. It was actually an attempt to hack into his personal account. In fact, the message came from a group of hackers that security researchers, as well as the US government, believe are spies working for the Russian government. At the time, however, Podesta didn’t know any of this, and he clicked on the malicious link contained in the email, giving hackers access to his account.
Read more on Motherboard.
“We don’t know what happened but we’re ‘improving security.’” Sounds like they had waited on some security measures they knew they should have implemented. Typical.
Weebly Breach Affects Over 43 Million Users
Hackers have managed to steal information associated with more than 43 million accounts belonging to customers of Weebly, a San Francisco-based web hosting service that provides a drag-and-drop website builder.
According to LeakedSource, the attackers stole 43,430,316 accounts after breaching the company’s systems in February. The compromised information includes usernames, email addresses, IPs and password hashes.
Weebly has been in touch with LeakedSource and confirmed that the exposed information is genuine. The company has notified affected users and reset their passwords. On its website, Weebly claims to have more than 40 million users, which indicates that the breach has affected a large majority, if not all, of its customers.
Weebly is still trying to determine the cause of the breach, but the company says it has already started improving network security.
Update. On Wednesday I posted they had lost a mere 600,000. Funny how these breaches seem always to grow worse.
Millions of Indian debit cards 'compromised' in security breach
A number of major Indian banks are taking safety measures amid fears that the security of more than 3.2 million debit cards has been compromised.
Some of the affected banks have been asking their customers to change security codes. They are also blocking and replacing debit cards.
The breach is thought to have been caused by malware on an ATM network.
Some customers are complaining that large sums of money have been taken from their accounts.
Indian banks have issued nearly 700 million debit cards.
… But while the government has been trying to sell cards as a risk free method of payment compared to using physical money, not many are convinced that banks are taking enough cyber security measures. [Exactly what my students told me. Bob]
Hackers learn. Do businesses?
Twitter and Much of The Internet Suffered a Meltdown on Friday
… Twitter users reported getting a DNS error message. But the DNS snafu was much bigger than Twitter. On its status page, Amazon Web Services said it was looking into “elevated errors resolving DNS host names used to access some AWS services” in its massive U.S. east region operating out of data centers in Northern Virginia.
… Popular tech site Hacker News reported many other sites were affected including Etsy, Spotify, Github, Soundcloud, Dyn, and Heroku were also affected.
Blockchain is the new “big thing.”
Visa Taps Blockchain for Cross-Border Payment Plan
Visa Inc. is putting a bitcoin-style network to work as it aims to take on a new market, the large and complex cross-border payments made between businesses.
The new offering, Visa B2B Connect, will use technology developed in partnership with Chain Inc., a tech startup in which Visa is an investor. Chain is one of a handful of firms aiming to use the same type of network that records moves of cryptocurrency bitcoin, known generally as a blockchain, for other assets such as stocks and payments.
… Visa and Chain’s system represents a new effort to challenge the Swift messaging network as the dominant method for moving large sums of money across borders between banks on behalf of businesses. Swift has been the subject of recent high-profile hacks and is under intensive regulatory scrutiny.
(Related) Something my students can play with.
R3's Corda Blockchain Platform Goes Open-Source
Blockchain is variously described as the future of computing or a hype bubble that has already burst, depending on which author you read. In the Fiancial Times (FT), 14 October, 2016, Oliver Bussmann wrote, "As the former group chief information officer of UBS, where we championed blockchain early on, and as an adviser to banks and fintech companies today, I am cautious. My experience tells me it may be a while before we see large-scale adoption in the financial industry." This is not the hope of R3, a finance technology firm that includes a consortium of more than 70 of the world's leading financial institutions.
This week R3 announced that its Corda platform source code will be released as open-source to the Hyperledger project -- a Linux Foundation Collaborative Project seeking to advance blockchain technology.
The new politics? Support you candidate by writing a bot?
A third of pro-Trump tweets are generated by bots
University researchers who track political activity on Twitter have found that traffic on pro-Trump hashtags was twice as high as pro-Clinton hashtags during the first presidential debate.
But the team of academics, led by Oxford University professor Philip Howard, also found that 33% of pro-Trump traffic was driven by bots and highly automated accounts, compared to 22% for Clinton.