Thursday, October 05, 2017
Brian Krebs reported this Sept 26.
Fast Food Chain Sonic Confirms Card Breach
Sonic Drive-In, a fast food restaurant chain with more than 3,500 locations across the United States, confirmed on Wednesday that cybercriminals may have stolen customers’ credit and debit card information using a piece of malware.
The company has provided only little information about the incident, but says it’s working with law enforcement and third-party forensics firms to investigate the breach. Sonic said it delayed notifying customers of the intrusion at the request of law enforcement.
… While it’s unclear which locations were hit by the malware attack and how many customers are impacted, security blogger Brian Krebs last week learned of a cybercrime marketplace selling a batch of 5 million cards, at least some of which appear to come from Sonic’s systems.
The cards were put up for sale on September 18, but IBM researchers said the first batch appeared on a different cybercrime service that checks card validity for fraudsters on September 15, which suggested that the attackers had been collecting card data on an ongoing basis.
… The list of major restaurant chains that informed customers of a payment card breach in the past year includes Wendy’s, Cicis, Arby’s, Chipotle, Shoney’s, and Noodles & Company.
Ready or not, here it comes.
Pew Report – Automation in Everyday Life
by Sabrina I. Pacifici on Oct 4, 2017
Americans express more worry than enthusiasm about coming developments in automation – from driverless vehicles to a world in which machines perform many jobs currently done by humans
“Advances in robotics and artificial intelligence have the potential to automate a wide range of human activities and to dramatically reshape the way that Americans live and work in the coming decades. A Pew Research Center survey of 4,135 U.S. adults conducted May 1-15, 2017, finds that many Americans anticipate significant impacts from various automation technologies in the course of their lifetimes – from the widespread adoption of autonomous vehicles to the replacement of entire job categories with robot workers. Although they expect certain positive outcomes from these developments, their attitudes more frequently reflect worry and concern over the implications of these technologies for society as a whole. To gauge the opinions of everyday Americans on this complex and far-reaching topic, the survey presented respondents with four different scenarios relating to automation technologies. Collectively, these scenarios speak to many of the hopes and concerns embedded in the broader debate over automation and its impact on society. The scenarios included: the development of autonomous vehicles that can operate without the aid of a human driver; a future in which robots and computers can perform many of the jobs currently done by human workers; the possibility of fully autonomous robot caregivers for older adults; and the possibility that a computer program could evaluate and select job candidates with no human involvement.”
An artificial intelligence research company owned by Google-parent Alphabet is launching a new division to examine the ethical impacts of AI.
DeepMind's new research unit, "Ethics & Society," will push to "help technologists put ethics into practice" with the goal of helping “society anticipate and direct the impact of AI so that it works for the benefit of all.”
Perspective. Pure politics? Anything that upsets the US is worth supporting?
North Korea Gets Second Web Connection Via Russian Firm
A state-owned Russian company has opened up a second internet connection for North Korea which could strengthen Pyongyang's cyber capabilities and undermine US efforts to isolate the regime, security experts said.
The activation of the new line from TransTeleCom was first detected Sunday by analysts at Dyn Research, which monitors global internet connectivity
… The additional line gives Pyongyang "significantly more resilience against attacks on their network infrastructure," said Bryce Boland, the chief technology officer in the Asia-Pacific for cybersecurity firm FireEye.
The Washington Post reported earlier that the US Cyber Command had carried out attacks against hackers in North Korea aimed at cutting off their access to the Internet.
… with only one internet provider to rely on, the regime has often found itself vulnerable to external cyberattacks against its own network infrastructure.
North Korea suffered several internet connection failures – some which lasted for hours – shortly after the Sony attack, which many suspected to be a US retaliation.
Top web browsers 2017: Microsoft takes another thrashing
… Microsoft forced Windows users to upgrade to the latest version of Internet Explorer supported by their version of Windows — which meant IE11 for most users — or run Edge on Windows 10.
Rather than nudging customers to upgrade IE or adopt Edge, the mandate prompted millions to abandon Microsoft's browsers and choose alternatives, for the most part Google's Chrome. The decision, which Microsoft described in mid-2014 as necessary for security reasons as well as to ensure compatibility with services like Office 365, turned out to be among the company's most disastrous. Since the upgrade order went into effect in January 2016, IE has shed nearly two-thirds of its user share, tumbling from 48.6% to last month's 19.3%.