Tuesday, July 25, 2017
I didn’t realize how big this was.
One in Ten U.S. Organizations Hit by WannaCry: Study
WannaCry stormed the world in mid-May by leveraging a previously patched exploit called EternalBlue, which hacker group Shadow Brokers allegedly stole from the NSA-linked Equation Group. The ransomware mostly infected Windows 7 computers that hadn’t been patched in due time, and also revealed the destructive impact of a global outbreak. NotPetya confirmed the risk in late June.
According to a survey (PDF) from software lifecycle automation solutions provider 1E, 86% of the organizations in the U.S. had to “divert significant resources” to safeguard themselves during the WannaCry attack. Only 14% of the respondents revealed their organization was prepared for such an attack.
The study also shows that 86% of organizations don’t apply patches immediately after they are released, thus leaving endpoints and entire networks exposed to such attacks. While 14% of respondents said they apply patches immediately, 36% apply them within one week after release, and 27% need up to a month for that, while 23% don’t apply patches within a month after release.
It’s the same with vampires. You are only at risk when you invite them in.
iRobot wants to sell Roomba-generated maps of your home
iRobot, creator of the Roomba, plans to sell the data the house-cleaning robot collects when it maps your house. Potential buyers include smart home device manufacturers, such as Amazon, Apple and Google.
iRobot's business strategy hinges on regular updates [Because furniture moves, not walls. Bob] and understanding the floor plan of your home, according to Reuters.
… Roombas have been mapping homes since 2015 using a camera and sensors or visual localisation and cloud-connected app control. The Roomba uses these maps to avoid toppling over lamps and ramming into your furniture. It was with Amazon's Alexa voice assistant in March.
Ubiquitous surveillance. Is it possible to go unnoticed and unrecorded?
Google snaps every search your phone makes – yes, even that one
Google’s latest update keeps a screenshot for later. Much like how Google Maps remembers everywhere you’ve ever been so you can find your car, Google (the search engine app) keeps a snapshot history of what you’ve searched for in Google Search. This search history does not make a significant impact on your smartphone’s data storage space as it’s all stored with Google on Google’s servers.
Did anyone check? Were there any managers involved?
Is this why United, TSA clashed on Twitter over comic books on planes?
Passengers flying with United Airlines UAL, out of San Diego — site of the popular Comic-Con event this weekend — were greeted by a message telling them to remove books from their checked luggage. United then responded on Twitter to a post with a picture of the message saying the requirement was set by the Transportation Security Administration.
Subsequently, the TSA sent out its own tweet noting that there are no restrictions on checking books, which a spokesperson confirmed to MarketWatch.
Fodder for conspiracy theories.
National Archives Begins Online Release of JFK Assassination Records
[At 8am on July 24, 2017] the National Archives released a group of documents (the first of several expected releases), along with 17 audio files, previously withheld in accordance with the JFK Assassination Records Collection Act of 1992. The materials released today are available online only. Access to the original paper records will occur at a future date. Download the files online: https://www.archives.gov/research/jfk/2017-release. Highlights of this release include 17 audio files of interviews of Yuri Nosenko, a KGB officer who defected to the United States in January 1964. Nosenko claimed to have been the officer in charge of the KGB file on Lee Harvey Oswald during Oswald’s time in the Soviet Union. The interviews were conducted in January, February, and July of 1964. This set of 3,810 documents is the first to be processed for release, and includes FBI and CIA records—441 documents previously withheld in full and 3,369 documents previously released with portions redacted. In some cases, only the previously redacted pages of documents will be released. The previously released portions of the file can be requested and viewed in person at the National Archives at College Park (these records are not online). The re-review of these documents was undertaken in accordance with the John F. Kennedy Assassination Records Collection Act of 1992, which states: “Each assassination record shall be publicly disclosed in full, and available in the Collection no later than the date that is 25 years after the date of enactment of this Act, unless the President certifies, as required by this Act, that continued postponement is made necessary” by specific identifiable harm. The act mandated that all assassination-related material be housed in a single collection in the National Archives and defined five categories of information that could be withheld from release. The act also established the Assassination Records Review Board to weigh agency decisions to postpone the release of records. The National Archives established the John F. Kennedy Assassination Records Collection in November 1992, and it consists of approximately five million pages of records. The vast majority of the collection (88 percent) has been open in full and released to the public since the late 1990s. The records at issue are documents previously identified as assassination records but withheld in part or in full. Federal agencies have been re-reviewing their previously withheld records for release, and will appeal to the President if they determine that records require further postponement. Online resources:
For the toolkit.