It ain’t over until…. well, no body-shaming here, but Target
is not out of the woods on litigation from their massive 2013 breach.
Law360 is reporting:
The Eighth Circuit decided Wednesday to send back
to lower court the $10 million deal that let Target Corp. out of multidistrict
litigation over its notorious 2013 data breach, after two men raised concerns
about inadequate class representation and compensation.
You’ll need a subscription to read
the article, but if I find other coverage, I’ll add it here.
What do the Dutch know? Are we missing something or is this just
paranoia?
Dutch to Count Election Votes by Hand to Thwart Hackers
Dutch authorities will count by hand all the votes cast in
next month's general elections, ditching "vulnerable" computer software
to thwart any cyber hacking bid, a top minister said Wednesday.
"I cannot rule out that state actors may try to
benefit from influencing political decisions and public opinion in The
Netherlands," Interior Minister Ronald Plasterk said in a letter to
parliament.
Should I teach my Computer Security students how to
monitor these sites?
You’ve probably heard of Alpha Bay and some other dark web
marketplaces. But have you ever heard
about Kick Ass Marketplace or The Stock Insiders? Mohit Kumar reports that there are dark web
marketplaces where one can buy and sell stolen insider data.
According to a new report from
the US-based risk security firm RedOwl and Israeli threat intelligence firm
IntSights, staff at corporations are selling company’s internal secrets for
cash to hackers on one of the most famous dark web markets Kick Ass
Marketplace (Onion
URL).
Besides selling their company’s
secret information, researchers also found evidence of rogue staff, in some
cases, even working with hackers to infect their company networks with malware.
Read more on The
Hacker News and then think some more about your protection against insider
threats.
An amusing debate for my Computer Security students?
A dumpster diver in Harlingen, Texas hit pay dirt:
“Social Security numbers,
birthdays, home addresses, home telephone numbers, you name it,” he said.
Channel 5 News tracked the documents back to Harlingen Texas Motors,
which closed last year. But
wait…. it’s probably not what you’re guessing. Read on:
We spoke to the owner of the
business. He said the files were held in
a storage unit.
“They told me I had a new credit
card and the chip changed on it so they didn’t run it. So they sold it out or foreclosed on it or
whatever they call it. So somebody
purchased it on Saturday and they threw my files away,” Andre Cano, the owner
of Harlingen Texas Motors, said.
Read more on KRGV.
So, assuming for now that the owner is telling the truth, who’s
responsible for or accountable for the incident?
Try to learn from the failures of others – it’s much less
painful.
GitLab Learns Hard Lessons After Production Data Accidentally
Gets Nuked
… What happened here is that an IT manager working a late
night accidentally deleted the wrong folder, and by the time the mistake was
recognized, only a few gigabytes of data was able to be saved (of a few
hundred). Following this accident, the
company took to Twitter
to announce that the server was being taken offline, and then followed-up not
long after with an admission of what happened.
This kind of transparency is great to see, and we hope
GitLab's admittance inspires future companies to not waste time in coming
forward. Unfortunately for GitLab, even
though it took precautions to backup its data, multiple restore methods failed.
Imagine being the person having to deal
with this reality - it's painful.
When all was said and done, it appears that the company
didn't end up losing much data at all (if any - it's hard to tell), and as
such, the service has been put back online. Throughout the entire restore process, the
company left nothing to the imagination, going as far as sending a new tweet
out after the restore process went up a few more percentage points.
While GitLab was able to recover, it ultimately got very lucky. But this is another lesson to learn not only
about the importance of keeping backups, but making sure those backups work.
If you over-promise, be sure not to under-lawyer.
New York Attorney General Sues Charter Over Dismal Internet
Speeds, Defrauding Customers
New York Attorney General Eric Schneiderman’s office is
suing Charter-owned Spectrum
(previously Time Warner
Cable) for knowingly failing to live up to its promise of ‘blazing fast’
and ‘super reliable’ service.
Schneiderman
conducted a statewide study in 2015 to measure broadband speeds after
receiving thousands of complaints from Time Warner Cable customers. The study discovered that at least 640,000
customers who signed up for high-speed internet received much slower speeds. It was also unveiled that customers were often
unable to access Facebook, Netflix, YouTube and gaming platforms
that had been promised to them. The
lawsuit seeks full restitution for affected customers.
We knew all of this, right?
New powers of FBI made public to shine light on threats to
civil liberties
by Sabrina
I. Pacifici on Feb 1, 2017
The
Intercept: “In the wake of President Donald Trump’s inauguration, the FBI assumes an importance and
influence it has not wielded since J. Edgar Hoover’s death in 1972. That is what makes today’s batch of stories
from The Intercept, The FBI’s Secret Rules, based on a trove of
long-sought confidential FBI documents, so critical: It shines a bright light on
the vast powers of this law enforcement agency, particularly when it comes
to its ability to monitor dissent and carry out a domestic war
on terror, at the beginning of an era highly likely to be marked
by vociferous protest and reactionary state repression. In order to understand how the FBI makes
decisions about matters such as infiltrating religious or political
organizations, civil liberties advocates have sued the government for access to
crucial FBI manuals — but thanks to a federal judiciary highly subservient to
government interests, those attempts have been largely unsuccessful. Because their disclosure is squarely in the
public interest, The Intercept is publishing this series of reports along with
annotated versions of the documents we obtained…”
For my Data Management students.
Powering-up Digital Transformation in Industrial Sectors
Why is it that when Forrester polled global enterprises,
83% of energy respondents and 74% of respondents in manufacturing put digital
transformation at the top of their business priorities? It’s because business and IT decision makers
in both sectors see digital transformation as the path to growth and
innovation.
… Traditionally,
the operational technology (OT) components controlling the physical processes
at the core of these organizations have been completely separate from their IT
counterparts that handle the flow of business information. But as OT assets increasingly collect data
that’s critical in today’s decision making processes, IT and OT are converging. Companies need access to all available data to
monitor changes occurring in their business environment, to optimize their
customer experiences and operations, and to capture new market opportunities. Here are just three ways in which energy
companies and manufacturers can use this data to their advantage.
1. Predictive Maintenance.
2. Production Optimization.
3. Innovation.
(Related). Another
job opportunity for my Data Managers?
Legal industry embracing trend to employ technology assisted
document review
by Sabrina
I. Pacifici on Jan 31, 2017
Via Quartz – “Academically trained attorneys are
increasingly being replaced by technology to analyze evidence and assess it for
relevance in investigations, lawsuits, compliance efforts, and more. Forty percent of more than 100 in-house
attorneys in major American corporations told the industry publication Corporate Counsel, in a survey
published on Jan. 23, that they rely on technology assisted review (TAR). Technology assisted review (TAR) is a term
that covers many different aspects of machine reading, including analytics, predictive coding, and more. Predictive coding uses patterns of human
responses to “train machines to read” and decide if documents are relevant to a
legal matter, ostensibly as attorneys would. So, rather than having many lawyers read a
million documents, a few review a percentage of the possible evidence and
predictive coding technology uses those answers to guide a computer review of
the rest. This eliminates the need for
all but a few lawyers to review evidence and assess it, then train machines,
rather than lawyers with training eyeballing all the documents….”
A tool our techies swear by…
Despite its ubiquity, many people still don’t have a basic
grasp on how to use the internet properly. Often, these folks ask their friends for help
with basic questions that could easily be answered with a Google search.
Longtime site Let Me Google That For You (LMGTFY) has just received an
update, and it’s worth keeping in mind for those times when someone asks you to
search the internet for them.
To keep up with Google’s many changes, LMGTFY has added a
big number of new features. It now
supports Bing, Yahoo, AOL, Ask, and DuckDuckGo search
engines if you want to send someone to a service
other than Google. For Google
searches, you can choose to search images, videos, news, and other categories
in addition to a normal web search.
Finally, you’ll notice a new Include internet
Explainer check box below the search bar. If you enable this, the link includes a little
explanation about how search engines let you search the web for whatever you
need. The service also works better on
mobile now, and changing the language
directs the link to the proper international version of Google.
… Need to send
your friends more guides to the internet? Show them how to use
Twitter without screwing up.
A tool for the age of ‘fake news?’
… The problem
arises when a site is so driven by its bias that it begins to misrepresent
reality, such as by distorting the opposition’s viewpoint or producing
fake news and conspiracy theories. This is what you want to avoid, and that’s where Media Bias Fact Check
comes in.
… You can read
about their
methodology if you’re skeptical. If
you don’t see a particular site being tracked, you can submit a
source. If there’s a particular
claim or article that doesn’t seem credible or true, you can submit
a fact check request.
No comments:
Post a Comment