The 2017 W-2
Phishing Victims List continues to grow, and I’m not posting most of them
as individual reports, but one news story involving Monarch Beverage Company
in Indianapolis deserves special mention because as CBS
reports:
While investigating this
incident, the company discovered the same thing happened in April 2016. A scammer posing as the CEO asked for the 2015
forms on April 4, 2016. Those forms were
provided by the employee.
So yes, I went back to the 2016
W-2 Phishing Victims list and added the company to that list, too, bringing
the 2016 list to 146 entries. The 2017 list
stands at 30 entries as of the time of this posting, but given that this is
only the beginning of February, that number will undoubtedly grow.
(Related). Whatever
process was in place to detect data moving out of secure areas was clearly a
failure. Why? If he was allowed to take data out, was there
a check to ensure he brought it back?
Did anyone care?
NSA contractor indicted over mammoth theft of classified data
A former National Security
Agency contractor was indicted on Wednesday by a federal grand jury on charges
he willfully retained national defense information, in what U.S. officials have
said may have been the largest heist of classified government information in history.
The indictment alleges that
Harold Thomas Martin, 52, spent up to
20 years stealing highly sensitive government material from the U.S.
intelligence community related to national defense, collecting a trove of
secrets he hoarded at his home in Glen Burnie, Maryland.
(Related). A very
simple way to take information like customer details.
From Multnomah County, Oregon:
January 20, 2017
On August 24, 2012, a Health Department employee began automatically forwarding all emails
received in the employee’s county email account to a personal Google email
account not maintained by the county. Some of these emails included protected health
information (PHI) subject to the Health Insurance Portability and
Accountability Act (HIPAA) were forwarded.
Multnomah County personnel discovered the incident on Nov. 22, 2016 during
a random audit.
[ … ]
The incident was reported to HHS as impacting 1,700
patients.
A benchmark for my Ethical hacking students?
Two-thirds of Enterprises Usually Breached by White Hat
Hackers
Analysis of 128 penetration tests conducted in the fourth
quarter of 2016 shows that approximately two-thirds of tested companies were
successfully breached. This is despite
the limited time -- in 89% of cases, less than two weeks -- available to the
pentesters compared to the effectively unlimited time available to blackhat
attackers.
… The report highlights the value of protecting credentials. "The number one method of obtaining
account access," it states, "starts with very simple password
guessing
I’m still not convinced that this is just due to poor IT
management.
United Airlines Experiences Another Technology Glitch
United Continental Holdings Inc.
said it suffered its second technology glitch in just over two weeks on
Wednesday, resulting in delays to about 500 flights, or about 10% of its daily
schedule.
The Chicago-based airline said that early Wednesday
morning it began experiencing slowness with the system that creates flight
plans.
A major Privacy initiative.
Millions of apps could soon be purged from Google Play Store
Over the last 24 hours, Google has been sending notices to
developers worldwide stating its intention to “limit visibility” or
remove apps from the Play Store that violate the company’s User
Data policy. For most devs, the
violation seems to be a simple one: lack of a privacy policy.
A major anti-Privacy initiative?
Biometric ticketing is one of
several innovations identified by the Rail Delivery Group (RDG) in its digital
blueprint for Britain’s railway.
The blueprint, which has been
published on the same day as the RDG annual conference, suggests that Bluetooth
and biometric ticketing could eventually replace the magnetic strip tickets
that have been around since the 1980s.
RDG pointed to the development of
a mobile app that uses Bluetooth to automatically open ticket barrier gates. This technology is being trialled by Chiltern
Railways between Oxford Parkway and London Marylebone this year.
A further development of
ticketing technology could see biometric systems, which use fingerprints
and eye scanning, implemented.
Read more on Global
Rail News.
“Could see?” What
if passengers don’t want to have to give up their biometric data just to take a
train? And what security and privacy
would be in place? For how long would
data be stored? With whom could it be
shared?
Look, if people want to speed up processing and are happy
using their fingerprints or iris scans to do so, let them – after they’re fully
informed of the potential consequences down the tracks. But just imposing this makes the rail system
part of a national surveillance system, which is a horrible idea.
Perspective. They
have more drivers than cars?
Uber Taps Zipcar to Put More Drivers on the Road
Uber Technologies Inc. is turning to rental-car firm
Zipcar in its relentless drive to hook more drivers up to its ride-hailing
network.
In Uber’s deal with Zipcar, a unit of Avis Budget Group Inc., drivers in Boston can rent vehicles for
$12 an hour, on top of a $7 monthly rental fee, roughly in line with what
Zipcar offers cars for in the city. Based on a search of Zipcar’s website on
Wednesday, vehicles ranged from $6 per hour to as much as $13 per hour,
depending on vehicle type.
At the special rental rates, it could be tricky for Uber
drivers to bring in much of a profit. Rates
vary, but Uber drivers say they can make $15 to $20 an hour when there is
strong demand. That doesn’t include
expenses that Uber passes to drivers, such as fuel, tolls and insurance, though
Zipcar’s membership covers those.
Modifying Apps for countries with users in countries with limited
infrastructure? South Korea?
Facebook Lite hits 200M users as low-bandwidth world revenue
skyrockets
Facebook’s stripped-down but speedy Lite app is growing
fast and adding countries so it can keep connecting people and building the
company’s business in the low-bandwidth world where revenue increased 52% this year.
Facebook Lite launched in June 2015, it rocketed to 100
million monthly users by March 2016, and now it’s doubled in size to 200 million users, Mark Zuckerberg says. And that’s just in a limited set of countries
which today expands to include Israel, Italy, United Arab Emirates, and South
Korea.
… Facebook Lite is
partly why the social giant has managed to boost its business in the Rest Of
World region. Average revenue per user is up 28% this year from $1.10 to
$1.41. And that pushed its Rest Of World
revenue up 52% this year to $839 million per quarter.
… But rather than
wait for the developing world’s network infrastructure to increase bandwidth,
Facebook shrunk its app into a Lite version.
For my Forensics students.
… The art of war
necessitates the importance of knowing who your ‘attacker’ is. Being able to trace an IP address to a PC is a
direct way to remove the cloak of anonymity from a computer communicating with
your own.
Tools for my starving students?
Remember, there are always security
issues with public WiFi, which can leave you susceptible
to hackers. Karl teaches you how
to protect your personal information while enjoying free WiFi
connectivity. It’s also worth keeping in
mind that you get what you pay for – so, in many instances, free WiFi can be
slow and frustrating.
If you don’t already use an RSS reader, this might be
worth a look.
Flipboard 4.0 completely redesigned for a more personalized
experience
Flipboard, one of the most popular news
aggregator apps on the market, has received a major update that brings a
whole new design along with a few interesting features to the table. The biggest change is the introduction of the
“Smart Magazine”, which changes the way you organize stories and topics you’re
interested in.
In an official blog post, Flipboard gave us an example of
how the new feature works. When you open
up the app, simply swipe left to add your passion. If you pick a broad topic like photography,
you can then dig a little deeper and choose what kind of photography you are
most interested in (for example: street photography). After you have made your selection, simply
press “Done” and Flipboard will automatically create a Smart Magazine just for
you with stories relating to the topic you have chosen.
You can also create and build your own Custom Magazines by
adding content from any source, person, or publication you want to follow.
The next time someone tells me they don’t like
Trump/Congress/’that law’/etc. I’ll give them this.
Obtain contact info for your senators, representatives (state
and federal) via text message
Via Mary Rumsey – “If your senators and reps (State &
Federal) aren’t saved in your phone yet, text your zip code to 520-200-2223 (no
subject line, just your zip in the message).
You’ll get a text back with everyone’s contact info.”
No comments:
Post a Comment