Not giving me those warm,
fuzzy feelings.
Accused
Capital One hacker had as much as 30 terabytes of stolen data, feds
say
Investigators
probing the Capital One data breach say they have between 20 and 30
terabytes of data in their possession as they prepare for trial
against the alleged hacker, Paige Thompson, according to court
documents obtained by CyberScoop.
…
“[B]asically, each line is one
credit card applicant and information about that person,” Assistant
U.S. Attorney Andrew Friedman told a federal court during a detention
hearing Oct. 4. “Some of it is coded
information that means nothing to us,
like what particular offer they received; some of it … is the names
and dates of birth and the last four digits of Social Security
numbers and things like that. … It’s
hard to know exactly what this is.” [Here’s
a hint: Ask Capital One! Bob]
Will
the government help if an organization’s risk increases
substantially? I’m guessing, no.
Reassessing
U.S. Cyber Operations against Iran and the Use of Force
It’s
becoming clear that, as the New York Times’ Julian E. Barnes puts
it,
United States cyber operations against Iran are taking place in what
is “an undeclared cyberconflict, one carefully calibrated to remain
in the gray zone between war and peace.” But has
the United States, with a cyber operation against Iran in June and
another in late September, already crossed the line that
international law draws around “uses of force”?
What may that mean for any future confrontations?
Is
this a joke? What makes them think a thief would care? Or even hear
about the injunction?
Commerce
Commission obtains court order to protect 'sensitive' information
from stolen computer
Commerce
Commission obtains court order to protect 'sensitive' information
from stolen computer
… In
a statement released today, the commission said the injunction is
made against “unknown persons who may at any stage possess
information on or taken from the equipment”.
The
injunction prohibits any person from dealing with the stolen
information in any way, including copying, communicating or
publishing it.
… The
orders mean that anyone who fails to comply will be held in contempt
of court.
Always
a good base to start from.
NIST
SP 1800-23, Energy Sector Asset Management: Securing Industrial
Control Systems
… the
NCCoE released a draft practice guide NIST Special Publication
1800-23, Energy
Sector Asset Management. This
practice guide explores methods for managing, monitoring and
baselining assets and includes information to help identify threats
to these OT assets.
No
doubt there will be a ‘secret’ command that causes your self
driving car to leave your garage and return to the dealer. Call it
the “auto-repo” command. Should be fun to hack!
IntSights
Reveals Automotive Cybersecurity Points of Exposure in New Research
Report
IntSights,
the threat intelligence company focused on enabling enterprises to
Defend Forward™,
announced today the release of the firm's new report, Under
the Hood: Cybercriminals Exploit Automotive Industry's Software
Features.
The report identifies the inherent cybersecurity risk and
vulnerabilities manufacturers face as the industry matures through a
radical transformation towards connectivity.
This
raises two questions. If the information does not match, which will
be believed? Will anyone trust the Census Bureau again?
Census
Bureau asks states for driver’s license records to produce
citizenship data
WHYY
–
“The Census Bureau is asking states to voluntarily share driver’s
license records as part of the Trump administration’s efforts to
produce detailed data about the U.S. citizenship status of every
person living in the country. According to a
statement the bureau released Tuesday,
the requests are in response to an executive order President Trump
issued in July after courts blocked his administration from adding a
citizenship question to 2020 census forms…” [h/t Pete
Weiss]
Note – if you are not aware, all states have sent notifications to
residents requiring that they provide – by February 2020, in person
at DMV, their respective PII – including original Social Security
Card, Birth Certificate, Passport and utility bills, or risk
cancellation of drivers license.
- Example – Having a REAL ID compliant driver’s license or ID card will be necessary to board commercial aircraft or gain access to federal facilities. To be considered REAL ID compliant, you must have the required documents on file with the Maryland Department of Transportation Motor Vehicle Administration (MDOT MVA)…
Architecture.
IT-as-a-business
is dead. Long live BusOps
Thanks
to digital transformation, technology is embedded in every business
process and practice your company relies on.
To
succeed in the digital age, IT projects must be redefined to deliver
business change instead of just information technology deliverables.
But beneath this lies a more fundamental shift: IT operations should
be just as embedded in business operations as IT applications should
be embedded in achieving business change.
In
many organizations, IT is run as if it were a separate business – a
service provider for its internal customers. Unfortunately, doing so
creates dysfunction for both the applications and operations sides of
the IT house.
… For
most people in management, success increases their visibility, which
can lead to promotion, accolades, and better pay. The only time IT
operations is visible is when something goes wrong.
All
good metrics are numerical representations of qualitative goals. So,
the IT operations metric that best reflects its goals is a measure of
its invisibility. This “invisibility index” should be a
composite metric that encompasses application availability and
performance, the number of calls to the help desk – fewer calls
means more invisibility – and some measure that reflects how often
IT operations performance is a bottleneck in other areas’ business
processes and practices.
One
way to look at AI.
The
AI-Enabled Future
… One
way of looking into the future that AI might bring is through
Cognilytica’s four-part
AI enabled vision of the future.
In that vision, there are four main aspects in which AI will impact
our future lives: the way we work, the way we live, the way we
experience the world and our interactions with each other, and the
relationship we have with data.
Traditionalists
will have a fit, but it teaches us something about AI.
AI
created by Dodo analyzed 300,000 recipes to create a pizza
transcending individual tastes
“Open
Source” pizza was an
experiment aimed at proving the hypothesis that tastes, though
considered entirely subjective, could be quantified
and that AI could be trained to find uncommon ingredient combinations
that would taste well together for most people.
The
“Open Source” pizza recipe includes ten ingredients both
traditionally used in pizza’s (tomato sauce, chicken, cherry
tomatoes, broccoli, and mozzarella) and very uncommon ones (melon,
pear, tuna, mint, and muesli).
To train
AI, Dodo used the dataset of over 300,000 recipes along with the
results of “Flavor network and the principles of food pairing”
study
published
in
The Nature in 2011. The study found that Western cuisines showed a
tendency to use ingredient pairs that shared many flavor compounds.
There
are some places robots were never meant to go!
Medtronic
launches the first artificial intelligence system for colonoscopy
No comments:
Post a Comment