Hacking wholesale. Weaponized hacking?
A
MYSTERIOUS HACKER GROUP IS ON A SUPPLY CHAIN HIJACKING SPREE
A
software
supply chain attack represents
one of the most insidious forms of hacking. By breaking into a
developer's network and hiding malicious code within apps and
software updates that users trust, supply chain hijackers can smuggle
their malware onto hundreds of thousands—or millions—of computers
in a single operation, without the slightest sign of foul play. Now,
what appears to be a single group of hackers has managed that trick
repeatedly, going on a devastating supply chain spree—and becoming
more advanced and stealthy as they go.
Over
the last three years, supply chain attacks that exploited the
software distribution channels of at least seven different companies
have now all been tied to a single group of likely Chinese-speaking
hackers.
… The
technique disturbs security researchers not only because it
demonstrates Barium's ability to disrupt computers on a vast scale,
but also because it exploits vulnerabilities in the most
basic trust model governing
the code users run on their machines.
(Related)
Preparing to weaponize?
Zack
Whittaker reports:
A denial-of-service attack launched against an energy company providing power in several western U.S. states was enough to report “interruptions of electrical system operations” to the government’s energy authority.
The “cyber event” lasted almost 10 hours on March 5, according to an electric emergency and disturbance report filed with the Department of Energy by the affected company.
Read
more on TechCrunch.
Meanwhile,
in India, energy has also been under attack. The
Hans Indireports:
Khairatabad: The official website of Telangana State Power Distribution Corporation Limited (TSSPDCL) was hacked on Thursday. The electricity officials lodged a complaint in this regard with Central Crime Station – Cybercrime police. Cybercrime Additional DCP Raghuveer said that an FIR was registered under sections 65 and 66, based on the complaint received from CGM of Electricity IT department. The hackers after deleting the data from the official website demanded Rs 35 crore to give back the data, the electricity officials said.
Background.
FBI
Annual Internet Crime Report: $2.7 Billion in Losses Headlined by
Non-Payment Scams, Business Email Compromise
The
FBI’s Internet Crime Report, which provides data on the agency’s
complaints and cases for the previous year, has been released. This
annual report is prepared by the bureau’s Internet Crime Complaint
Center (IC3), and is always a worthwhile read as it helps to identify
trending patterns in cybersecurity. This year’s report reveals
that the IC3 received nearly 352,000 complaints in 2018, with the
most common type being a non-payment or non-delivery scam. However,
the most financially damaging scams in 2018 were business email
compromise, confidence fraud and investment scams.
[Get
the report here:
https://www.ic3.gov/media/annualreport/2018_IC3Report.pdf
I
did not realize this was in their scope.
TSA
Lacks Cybersecurity Expertise to Manage Pipeline Security Program:
Report
The
TSA is responsible for the federal oversight of the physical security
and cybersecurity of the more than 2.7 million miles of pipeline that
transport and distribute natural gas, oil, and other hazardous
products throughout the United States.
… “Further,
TSA does not have a strategic workforce plan to help ensure it
identifies the skills and competencies—such as the required level
of cybersecurity expertise—necessary to carry out its pipeline
security responsibilities,” the report reveals.
Apparently,
Amazon doesn’t have it yet!
This is not a freebie but if you want to get
started learning about privacy law, Privacy Law Fundamentals will be
a great investment in your knowledge.
The authors are Daniel J. Solove, John Marshall
Harlan Research Professor of Law at George Washington University Law
School, and
Paul M. Schwartz, Professor of Law. U.C. Berkeley
School of Law, and Director of the Berkeley Center for Law &
Technology
In
addition to the print format, the book is also available in
electronic
format.
Gosh,
only 50 years behind the times.
NIST
Seeking Input on AI Technical Standards by May 31, 2019
On
May 1, 2019, the National Institute of Standards and Technology
(NIST) announced a Request
for Information (RFI)
in the Federal Register regarding ongoing efforts to develop
technical standards for artificial intelligence (AI) technologies and
the identification
of priority areas for federal involvement
in AI standards-related activities. Responses to the RFI are due
by May 31, 2019.
I
wonder how many in the legislature use Alexa?
Alexa,
don’t store this recording: California bill targets smart home
speakers
A
bill making its way through the California Legislature would prohibit
makers of smart home speakers from saving or storing recordings
without users’ explicit consent.
The
Anti-Eavesdropping Act, which cleared its first committee Wednesday,
would also ban smart speaker device manufacturers from sharing with
third parties recordings of verbal commands or requests heard by the
devices.
… Google
said it is monitoring AB 1395.
“We
believe that the combination of strong and balanced regulations, with
products that are designed with privacy in mind, will help provide
individuals with confidence that they’re in control of their
personal information,” a Google spokeswoman said.
Cunningham,
who introduced the bill in January, did so as part of a state
lawmakers’ “Your Data, Your Way” package of legislation, which
aims to complement the California Consumer Privacy Act, which was
signed
into law last year and
takes effect next year.
(Related)
What
Amazon knows about you
Depending on
how much you shop, watch and read with Amazon, the e-commerce
behemoth may know more about you than any other company on earth.
I wonder if
there is a search engine for DUMB?
I’m tired of saying,
“That
senator is
dumber than a bag of hammers.”
The
Measure Of Things – search engine for finding comparative or
relative measurements of physical quantities
“Wondering
how big, small, tall, long, fast, heavy, or old something is? The
Measure of Things is
a tool to help you understand physical quantities in terms of things
you (or your audience) are already familiar with. Need
a metaphor to emphasize a written measurement?
Try including a comparison to the size of a whale, or the height of
the Empire State Building, or the speed of a bullet train. Need to
understand how big a metric or English unit really is? Try comparing
them to real, tangible objects that you see everyday. Here are a few
examples:
Through adopting these measures, we can reduce our total on-hand inventory by 230 units and save approximately 12,000 cubic feet of space in the warehouse, which will free up about 200 linear feet of shelf space.
A colony of brown bats can eat more than 3,360 fl oz of insects in a single evening.
The winning horse stood ran at 0.099 miles per second.
These phrases
are all ok, but they’re a little hard to understand — especially
when they contain less intuitive measurements like miles per second.
Try this instead:
Through adopting these measures, we can reduce our total on-hand inventory by 230 units and save approximately 12,000 cubic feet of space in the warehouse — enough to empty 31 concrete trucks, which will free up about 200 linear feet of shelf space — that’s enough space to fit the wingspan of a Boeing 747
In a single night, a colony of brown bats can eat enough insects to fill up a bath tub three-fifths of the way.
In the final straightaway, the winning horse galloped along at speeds one-and-a-half times that of Usain Bolt …”
Too horrible
to contemplate?
THE
COMEDIAN IS IN THE MACHINE. AI IS NOW LEARNING PUNS
A
pun
generator might
not sound like serious work for an artificial intelligence
researcher—more the sort of thing knocked out over the weekend to
delight the labmates come Monday. But for He He, who designed just
that during her postdoc at Stanford, it’s an entry point to a
devilish problem in machine learning. He’s aim is to build AI
that’s natural and fun to talk to—bots that don’t just read us
the news or tell us the weather, but can crack jokes or compose a
poem, even tell a compelling story. But getting there, she says,
runs up against the limits of how AI typically learns.
Architecture. Not just a flag on the map, but
photos of the food.
Google
Maps now highlights photos of restaurants' most popular dishes
No comments:
Post a Comment