Maybe if this warning had come a bit earlier…
North
Korea-linked Hackers Target Academic Institutions
A threat group possibly originating from North
Korea has been targeting academic institutions since at least May of
this year, NetScout’s security researchers reveal.
… The actors behind the attack, however,
displayed poor OPSEC, which allowed the researchers to find open web
browsers in Korean, English-to-Korean translators, and keyboards
switched to Korean.
… Remote Desktop Protocol (RDP) was also used
to ensure continuous access. However, because there is no evidence
of data theft, the motivation behind the attacks is largely
uncertain.
(Related)
Laura Krantz reports:
Hackers stole more than $800,000 from Cape Cod Community College last week when they infiltrated the school’s bank accounts, the school notified its employees Friday.
Several computers in the school’s Nickerson Administration Building were hacked by a phishing scheme that used malware to obtain access to the school’s accounts, according to an e-mail from the school president, John Cox, sent Friday afternoon to school faculty and staff.
Read more on Boston
Globe.
[From
the article:
The college has replaced
all infected hard drives, [Not a normal procedure, were they unable
to remove (delete) the malware? Bob] according to the
president’s e-mail. It will conduct more cybersecurity training
for faculty, staff, and students. Stone, the school spokesman, said
the college plans to invest in more sophisticated software to prevent
attacks in the future.
I’m guessing that it was either create a
procedure like this or Marriott would have to replace them all.
Identity
stolen because of the Marriott breach? Come and claim your new
passport
… The company on Friday confirmed to The
Register that customers who fall victim to fraud as
a result of forged passports will be eligible to claim a
replacement passport at Marriott's expense.
"As it relates to passports and potential
fraud, we are setting up a process to work with our guests who
believe that they have experienced fraud as a result of their
passports being involved in this incident," a spokesperson told
El Reg.
"If,
through that process, we
determine that fraud has taken place, then the company
will reimburse guests for the costs associated with getting a new
passport."
For my lectures on cryptography…
Five years ago, the NSA published
23 years of its internal magazine, Cryptolog. There were lots
of redactions, of course.
What's new is a nice user interface for the
issues, noting highlights and levels of redaction.
A million here, a million there, pretty soon we’re
talking real money! Do you suppose this is coming out of someone’s
bonus?
Alex Hern reports:
Facebook has been fined €10m (£8.9m) by Italian authorities for misleading users over its data practices.
The two fines issued by Italy’s competition watchdog are some of the largest levied against the social media company for data misuse, dwarfing the £500,000 fine levied by the British Information Commissioner’s Office in September – the maximum that body is able to issue.
The Italian regulator found that Facebook had breached articles 21, 22, 24 and 25 of the country’s consumer code …..
Read more on The
Guardian.
Privacy as the Chinese see it.
Barbara Li and Bohua Yao report:
On November 30, 2018 the Cyber Security Protection Bureau, under the auspices of the PRC Ministry of Public Security (the “MPS”), issued a draft Guideline for Internet Personal Information Security Protection (the “Guideline”) along with a request for public comments.
Even though, upon reaching final form and taking effect, the Guideline will not be a mandatory regulation, it nonetheless has a key implementing role in relation to the PRC Cyber Security Law (the “CSL”) and the Administrative Measures for the Multi-Level Protection of Information Security (the “Multi-Level Protection Measures”) in respect of protecting information systems and personal information in China.
Read more on Norton Rose Fulbright Data
Protection Report.
Are we ready for this future?
Amazon, AI
and Medical Records: Do the Benefits Outweigh the Risks?
Last month, Amazon unveiled
a service based on AI and machine-learning technology that could comb
through patient medical records and extract valuable insights. It
was seen as a game changer that could alleviate the administrative
burden of doctors, introduce new treatments, empower patients and
potentially lower health care costs. But it also carries risks to
patient data privacy that calls for appropriate regulation, according
to Wharton and other experts.
No comments:
Post a Comment