Sunday, November 06, 2016

Something new?  Whenever there is no clear indication of how the hack occurs, you must consider that this is a test of something new.  Did they hack into the bank directly or is it a hack into individual users?  Stay tuned!
ITV News reports:
Tesco Bank has blocked some customers’ cards after fraudsters seemingly targeted the banks customers.
Thousands of accounts were reportedly affected, with many people taking to social media to alert the bank to suspicious activity.
One man tweeted his available balance had dropped by £700 without him making a transaction while another said the disruption had left her “unable to feed my kids in school tomorrow”.
Read more on ITV News.
In their coverage, BBC reports that “less than 10,000” of the bank’s customers are affected and that they had all been sent alerts to notify them.  So far, none of the news outlets reporting on this have indicated how the fraud occurred.

Is Russia this subtle?  Possibly.  Is the FBI’s explanation credible?  If the Tweets were limited to the Hillary files as this article suggests, no.  "Never attribute to malice that which can be adequately explained by stupidity, but don't rule out malice." "Heinlein's Razor"
An odd thing occurred on the FBI’s Record Vault Twitter account on October 31st, drawing conspiracy theorists out of the woodwork.  After months of being almost dormant, the bot-powered account started firing out tweets related to various Clinton scandals.  Now, the FBI has launched an internal review to determine how its procedures went wrong.
Specifically, the Twitter bot managed to choose this week as the perfect time to remind people about a 15-year-old investigation into the Clinton Foundation and to post the FBI’s file on Hillary Clinton.  The first document is the most problematic.  It relates to an investigation into the Clinton Foundation and Marc Rich, who was controversially pardoned by President Bill Clinton in his final days of office.
   The FBI says that the timing of the tweets is purely coincidental.  In response to request for comment, an agency spokesman explained to Ars Technica that:
The problem was traced back to the software that handles automated Twitter posts within the FBI Vault site’s content management system.  The documents linked in the Twitter posts that were already queued for posting dated back several months.  When the software was updated, the backlog was suddenly, automatically, cleared in a spew of tweets.

Meet the Activist Who Smelled Something Fishy With the FBI's Anti-Clinton Records Dump, and Got Internal Watchdogs Investigating
   Amid a flurry of ho-hum releases (including the Bureau's own ethics handbook) over the next two days, two stood out: a nothing-burger on Fred Trump, the father of the Republican presidential nominee; and heavily redacted documents from a 15-year-old closed investigation into President Bill Clinton’s pardon of financier Marc Rich, and the William J. Clinton Foundation.

Why is everything automatically connected to the elections?  Makes a more dramatic story?  Russia is probing everywhere.  Does anyone expect it to stop after the elections? 
Russia's Fancy Bear Attacks Microsoft, Adobe as Election Nears
Microsoft earlier this week said it had fallen victim to "Strontium," its code name for the Russian hacking group also known as "Fancy Bear," which has been linked to recent attacks on Democratic Party systems.
The group launched a spear phishing attack that targeted vulnerabilities in both the Windows operating system and Adobe Flash, according to Terry Myerson, executive vice president of Microsoft's Windows and Devices Group.
The attack, first identified by Google's Threat Analysis Group, involved two zero-day vulnerabilities in Flash and the down level Windows kernel, he explained.  It used the Flash exploit to gain control over browsers, elevate privileges to escape the browser sandbox and install a backdoor to gain access to a user's computer.

Is this based on the political divide or has social media just pointed out that your “friend” is a complete idiot
Donald Trump and Hillary Clinton supporters are unfriending each other on Facebook

The very definition of a strategy of cheating is that you must cheat wherever and whenever you can.
CARB Finds New Audi Defeat Device, German Paper Digs Up Smoking Gun Document
Engineers at the California regulator CARB found another, previously unreported defeat device, German tabloid Bild am Sonntag [paywall] reports.  The paper also found a document that is bound to affect the career of Volkswagen Group powertrain chief Axel Eiser. For Volkswagen, the find comes at an inopportune moment.  The company wants to cut a deal with the U.S. Department of Justice, and it recently reported progress in the negotiations.  The new affair “clouds the prospects” for a deal, the paper says.  The scandal also puts Audi in the cross-hairs of European tax collectors, who usually are less understanding than the EU’s paper tiger automotive regulators.

Boy, do I have a project for my geeks!
Christmas shopping will begin sooner than anyone wants it to and there is no better gift to get your DIY dad than a Big Mouth Billy Bass hooked up to Amazon’s personal assistant, Alexa—especially if you hate your father.
Brian Kane is a developer and artist who specializes in humorous projects.  For his latest work, he’s modded up the venerable novelty item and instead of hearing Alexa’s calming voice coming from an innocuous glowing hockey puck, you get to look at a reanimated piece of plastic taxidermy mouth the weather report.
Kane hasn’t given a tutorial on how he approached the Bass/Assistant horror hybrid but Amazon does have an API available that allows users to embed the tech in third party devices.

Why great ideas seldom make it into production?

No comments: