Another case of “We never noticed...”
Twitter
Warns 336 Million Users to Change Their Passwords After Leaving Them
Vulnerable to Hackers
Twitter warned its users on Thursday to change
their passwords after it discovered that it had mistakenly stored
them internally prior to fortifying them through a security
technique, leaving the passwords vulnerable to hackers.
… The company also disclosed the password flaw
in a regulatory filing
on Thursday, indicating that the bug was serious enough to warrant
more formal disclosure than a corporate blog post. Twitter has about
336 million users, according to its latest letter
to shareholders.
… Agrawal said that Twitter discovered
the error without the help of outside security researchers,
removed the passwords from the internal log, and is “implementing
plans” to prevent future errors.
It’s unclear when Twitter found out about the
problem or how long the passwords were left unsecured.
… Ironically, Twitter’s password mishap was
announced on the corporate holiday known as World Password Day,
created by Intel
security researchers and celebrated on the first Thursday in May as a
way to promote good password
and cyber security hygiene.
Yet another tool for frightening
informing my Computer Security students.
Improving my outline for Computer Security.
Includes sample test questions.
Amazon
Introduces AWS Security Specialty Certification Exam
Security
professionals looking to demonstrate and validate their knowledge of
how to secure the Amazon Web Services (AWS) platform can now do so by
taking the new AWS Certified Security – Specialty exam.
Intended
for individuals who hold either an Associate or Cloud Practitioner
certification, the
security exam
covers
a broad range of areas, including incident response, logging and
monitoring, infrastructure security, identity and access management,
and data protection.
Individuals
interested in taking the exam should have at least five years of IT
security experience designing and implementing security solutions,
Amazon says. At least two years of hands-on experience securing AWS
workloads is also recommended.
This is a first for me. Will the FBI now try to
ban drones, or perhaps ask for a backdoor so they can override them?
(There is a bill in Congress…)
An FBI hostage rescue team ran into some
unexpected obstacles while conducting a raid last winter when a
criminal gang unleashed a swarm of drones to disrupt the operation
and obscure the view of agents conducting the mission from an
elevated observation post.
According
to Defense One, the incident—which took place outside of an
undisclosed major US city—was recounted by Joe Mazel, the head of
the FBI’s Operational Technology Law unit, at the AUVSI
Xponential conference in Denver, Colorado. It’s just the
latest example of criminals leveraging drones and other technology to
fluster law enforcement.
… Defense
One reported the chief of the operational tech unit for the FBI
said the suspects carried the drones in backpacks in
anticipation of law enforcement’s arrival. Once the FBI
showed up, the criminals unleashed the drones and buzzed the agents
attempting to conduct the raid.
In addition to obstructing the view of the hostage
rescue team members, the criminals also used camera-equipped drones
to track the location of agents on the ground. The drones provided a
live video feed of the action from overhead, which members
of the gang were able to watch in real time on YouTube.
“They had people fly their own drones up and put
the footage to YouTube so that the guys who had cellular access could
go to the YouTube site and pull down the video,” Mazel told the
conference.
… Police
have warned in recent years that drones have been used to surveil
buildings and homes being targeted by robbers. Smugglers have
started to utilize the technology to move
contraband across borders. Criminals have even found ways to
weaponize
drones with explosives and other harmful materials.
Of course, law enforcement isn’t exactly
innocent on this front either, as they have their own questionable
intentions for the technology. Local and federal agencies have been
all too happy to try to push for drones that can be used to do
everything from intercepting
cell phone signals to spying
on citizens without a warrant to killing
people.
Lawmakers will have an opportunity to help curb
some of the criminal activity committed with drones in an upcoming
Federal
Aviation Administration reauthorization bill. A current version
of the legislation would make it illegal to weaponize consumer drones
and would require drone pilots operating the devices outside of their
line of sight to remotely identify themselves so law enforcement can
connect the device to a person. Those rules will only work if the
FAA actually enforces them, and the agency
has been pretty bad at that so far.
(Related)
Criminals
used a swarm of drones to surveil and disrupt an FBI hostage
operation
… Defense One
notes there is some recourse in battling criminal use of drones.
Drone jamming equipment has been deployed by the US military in Syria
and Iraq, though those techniques would likely not be appropriate for
use in cities given the risk of interference with mobile phone and
airplane signals. There are legal options, like requiring drones to
broadcast their operator’s identity, or to make “weaponized”
consumer drones illegal. There are also anti-drone
guns that jam all possible radio frequencies a drone can use to
communicate with the operator, forcing it to land or return home.
They remain illegal under FCC
laws, though.
Not an Amazon killer, but definitely an Amazon
worrier.
Now It
Looks Like Walmart Has Defeated Amazon in the War to Buy Flipkart
It’s increasingly looking like Walmart
and its partners will beat Amazon
to take over Flipkart, the Indian e-commerce giant.
Bloomberg
reported Friday that Flipkart’s board has approved the sale of a
roughly 75% stake to the Walmart group, which also includes Google
parent Alphabet. The report states that Japan’s SoftBank will also
sell the group its stake, which is in excess of 20%. The deal would
value Flipkart at around $20 billion.
… A Flipkart takeover would be a
huge coup for Walmart international business chief, Judith
McKenna, who took the role a few months ago. While the U.S. giant’s
international locations have been relatively underperforming compared
to those at home—hence Walmart selling
off its Asda chain in the U.K., for example—Flipkart offers the
leading online retail experience in a market of 1.3 billion people.
If the Walmart deal goes through, it’s likely
to step up price competition in India, where Amazon CEO
Jeff Bezos last month claimed
his e-commerce platform was the fastest-growing.
Keeping an eye on the
big guys. Because they can or because they must?
Is Facebook
secretly building an internet satellite? Signs point to yes
Facebook may be secretly working on its own
satellite broadband service.
The possible move comes just a few months after
SpaceX
launched its first two prototype satellites for an internet
constellation it hopes may one day be over 11,000 strong.
A partially redacted
FCC application obtained by IEEE Spectrum outlines a plan for an
experimental satellite from a mysterious company called PointView
Tech LLC, which IEEE
goes on to connect to Facebook.
The application describes a plan to launch a
satellite named Athena that would test the use of high-frequency
millimeter wave radio signals, the same
technology many in the cellular industry are using to build
next-generation 5G networks with more speed and capacity.
How Microsoft learns about you?
Microsoft
expands ad business beyond Bing search results with help from
LinkedIn data and AI
Microsoft, which has quietly built a $6.9
billion/year advertising business through its Bing search engine,
will attempt to expand its reach with a new advertising network that
extends the Bing Ads platform beyond search results to other
Microsoft properties such as MSN, Outlook.com, and the Microsoft Edge
browser.
The new Microsoft
Audience Network, announced this morning, will use artificial
intelligence and data from Microsoft services including Bing, MSN,
Outlook, Skype and LinkedIn to help advertisers target native ads to
specific audiences based on what their online activities say about
them.
… “The core of how we will understand these
audiences will still come from our Bing data and our browse data, but
this is our first foray into what can we do with an understanding of
where someone works, on top of websites that they visit and the
explicit search query that they input through Bing or through any one
of our partner sites,” said Rob Wilk, a Microsoft vice president
who leads the company’s North American Search ad sales business, in
an interview this week.
No comments:
Post a Comment