Wednesday, March 15, 2017
Strange that they didn’t target President Trump. Or have they been doing that for months?
'Turkey backers' target Amnesty, BBC and other major Twitter accounts
Twitter accounts, including Amnesty International, Unicef USA and BBC North America, have been hacked by attackers claiming to back Turkey's government.
The hackers tweeted in Turkish including the words "Nazi Germany, Nazi Holland", and posted the Turkish flag.
… Twitter says it has located and removed the source of the hacking attack.
A company spokesperson is quoted as saying that the source had been tracked to a third party app whose permissions had been removed.
The spokesperson provided no further details.
… The hackers also targeted business publisher Forbes, government agencies and celebrities.
A rare example of someone who got it right! Ransomware as an irritant, not a catastrophe.
Scott Liles reports:
A cyber attack on the server of the Mountain Home Water Department led to the city refusing to pay a ransom and wiping the machine, Water Department Director Alma Clark said.
The server was re-installed from a backup created the night before and no information was lost or stolen, Baxter County Computer Services owner Mark Thomas told The Baxter Bulletin.
Read more on The Baxter Bulletin.
If Justice could find these guys (relatively) quickly, how poor was Yahoo security to never even notice they had been hacked?
The Justice Department Is Ready to Unveil Charges Over the Massive Hack Attacks on Yahoo
U.S. Justice Department officials are expected to announce indictments on Wednesday against suspects in at least one of a series of hacking attacks on Yahoo Inc, according to a source briefed on the matter.
The accused men live in Russia and Canada, the source said, with the Canadian far more likely to face arrest. Russia has no extradition treaty with the United States.
It could not immediately be learned whether the accused are suspected in the hacking of data about 1 billion Yahoo users, or a separate hack of 500 million email accounts.
For my Computer Security students. (and a mere $600)
Online cybersecurity course targets business professionals
… MIT is launching a new online course for business professionals titled, Cybersecurity: Technology, Application and Policy.
… The six-week course offers a holistic, comprehensive view of key technologies, techniques and systems. The goal, said Shrobe, is for participants to walk away with a broad understanding of hardware, software, cryptography, and policy to make better, safer long-term security decisions.
For my Ethical Hacking students.
Sound waves could be used to hack into critical sensors in a broad array of technologies including smartphones, automobiles, medical devices and the Internet of Things, University of Michigan research shows.
The new work calls into question the longstanding computer science tenet that software can automatically trust hardware sensors, which feed autonomous systems with fundamental data they need to make decisions.
The inertial sensors involved in this research are known as capacitive MEMS accelerometers. They measure the rate of change in an object's speed in three dimensions.
It turns out they can be tricked. Led by Kevin Fu, U-M associate professor of computer science and engineering, the team used precisely tuned acoustic tones to deceive 15 different models of accelerometers into registering movement that never occurred. The approach served as a backdoor into the devices—enabling the researchers to control other aspects of the system.
Similar to a Russian App I blogged about last year only this one is ‘fake news!’
Cara McGoogan reports:
A facial recognition app that can identify strangers from a photograph has been created by a British entrepreneur.
Facezam can identify people by matching a photo of them with their Facebook profile. All users have to do is take a picture of someone on the street and run it through the app, which will tell them who it thinks the person in the photo is.
“Facezam could be the end of our anonymous societies,” said Jack Kenyon, founder of Facezam. “Users will be able to identify anyone within a matter of seconds, which means privacy will no longer exist in public society.”
Read more on The Telegraph.
[The Russian App: https://www.theguardian.com/technology/2016/may/17/findface-face-recognition-app-end-public-anonymity-vkontakte
An interesting problem when reviewing photos.
Facebook—in hate crime clash with MPs—claims it’s “fixed” abuse review tool
Facebook has claimed that it tweaked its community standards review system that allows users to report abusive, offensive, and illegal images and posts in light of a BBC investigation that highlighted the ease with which obscene material could be found on the site.
In a clash with MPs, the company's UK policy director Simon Milner told the home affairs committee chair Yvette Cooper that the images reported by the BBC were "rather innocent" but added that comments below the pictures were "horrible."
Facebook's community standards team—made up of thousands of people based in Dublin, Texas, California, and Hyderabad—didn't scrutinise, in detail, reports made via the company's review tool because, Milner said, it was the comments rather than the image that was abhorrent. It meant the system failed to flag up the abusive content.
Will we ever allow ‘global warrants?’
Apple, Amazon, and Microsoft are helping Google fight an order to hand over foreign emails
Apple, Microsoft, Amazon, and Cisco have filed an amicus brief in support of Google, after a Pennsylvania court ruled that the company had to hand over emails stored overseas in response to an FBI warrant.
Was this a test or did someone panic? Either way, I wanted to make a note of it.
Small drone 'shot with Patriot missile'
A Patriot missile - usually priced at about $3m (£2.5m) - was used to shoot down a small quadcopter drone, according to a US general.
The strike was made by a US ally, Gen David Perkins told a military symposium.
"That quadcopter that cost 200 bucks from Amazon.com did not stand a chance against a Patriot," he said.
… "In fact, if I'm the enemy, I'm thinking, 'Hey, I'm just gonna get on eBay and buy as many of these $300 quadcopters as I can and expend all the Patriot missiles out there'."
What to do if there’s not an App for that?
Thunkable - Design and Publish Your Own Apps
Thunkable is a free platform for designing, testing, and publishing your own Android apps (support for iOS apps is coming soon). Through Thunkable you can create your apps even if you don't know how to write code. That is possible because Thunkable uses a drag-and-drop design framework. That framework, based on the MIT App Inventor, shows you jigsaw-like pieces that have commands labeled on them. Your job is to put the pieces together to make your apps work.
Thunkable offers detailed written tutorials and video tutorials.
Think of it as a software toolkit in your pocket.
Portable apps, as opposed to traditional software, don’t require installation onto a computer. Their entire data set sits nicely in one folder, and terminate completely once closed. Whether you prefer using them for a clean machine or like to carry around a flash drive with loads of programs, portable apps are pretty awesome.