A couple of things to
consider. Anyone – military units or teenage hackers – can
attack you at any time. Successful military penetrations could be
compromised by amateurs tripping alarms and bringing attention to the
holes exploited.
Ilan Gattegno reports:
A
pro-Syrian hacking group breached Israeli and American websites and
released the personal information of over 165,000 Israelis.
The
biggest breach, part of an organized cyberattack on numerous websites
over the past few days, was in a website that offered web hosting
services. The breached site provided all information on its users,
including names, phone numbers, email addresses, home addresses and
passwords.
More
than 40,000 of the compromised records were reviewed and verified as
real by Internet security firm Maglan. Some of those whose
information was released, however, told Israel Hayom that the
passwords leaked were not up to date and had been
changed a long time ago. [Suggests this hack was done a long time
ago? Bob]
Read more on Israel
Hayom.
[From
the article:
Maglan's
cyber intelligence systems intercepted dozens of encrypted
communiques between the hackers.
According to Maglan CEO Shai Blitzblau, the
messages intercepted included attack details and methods, some of
which he said were quite advanced.
[Were they decrypted or is this speculation? Bob]
Someone changed
(inserted malware into) their programs and no one noticed for six
months?
Outdoor Network LLC in
Hollywood, Florida is notifying customers who engaged in credit card
transactions between December 2012 and July 2013 that their
personal information may have been exfiltrated
[Sounds better than “Stolen?” Bob] to unauthorized
third parties.
In a letter dated
September 11, Martin Polo, the firm’s CEO, writes that they
recently learned of a breach affecting their boats.net and
partzilla.com web sites. Malware was reportedly inserted into the
sites’ shopping carts.
The malware may have
collected customers’ names, addresses, credit card numbers, card
expiration dates and card security codes (CVV or CVC code).
The firm hired
ConsumerInfo.com, Inc., ”to provide certain notification and call
center related services.” ConsumerInfo.com provides free credit
reports and credit monitoring services.
The notice
to consumers, a copy of which was posted on the California Attorney
General’s web site, does not provide any information as to what
steps ODN is taking to prevent a recurrence of a similar breach.
Nor does it indicate whether they are aware of any reports that the
customer data may have been misused or how they discovered the
breach.
This might be a good
time to remind you that you see all these nifty-looking seals on a
web site and still have your data stolen:
(Related) If there are
several claims that you have been breached, what can you do? I doubt
“We don't think so” or “Trust us” will work. Perhaps an
immediate third-party security audit?
Resorthoppa
and A2B Transfers have insisted their websites are
secure following complaints posted online from customers claiming to
have been victims of fraud.
The
customer claimed their credit cards were used to make fraudulent
transactions after booking with the sister transfer companies.
Clients
writing on internet forums said hundreds of pounds worth of
unauthorised payments, mostly to mobile phone companies, had been
made in the months after they booked a transfer.
Read more on Travel
Weekly.
We’ll have to wait
and see what their investigation reveals. For now, they could be
right that there might be some other explanation for the reports of
fraud.
For my Ethical Hackers.
See what you have to look forward to...
In
its 2013 Data Breach Investigations Report, Verizon said that it had
analysed more than 47,000 reported security incidents last year and
found 621 “confirmed data disclosures” where at least 44 million
records had been “compromised”. More than half of the 621 data
disclosures involved hacking, it said.
“52%
of breaches affecting all organisations involved hacking,” the
report said. “That figure changes to 72% of small
organizations and 40% of large organisations.”
Read more on
Out-Law.com.
You can access the full DBIR here
(pdf).
Business models for my
head-bobbing students.
Locker,
Library, Stream: The 5 Big Digital Music Models of 2013
Apple’s long-awaited
streaming music service was announced today. Called
iTunes Radio, it’s a familiar model: Choose an artist, album or
genre and it plays an unending stream of related music. You can tell
it that you like one song in particular or that you never want to
hear a certain song again. It promises exclusive access to new
releases, and it’ll be available on desktops, iPhones and iPads.
It is, in short,
Pandora for iTunes.
… So, on the
occasion of Apple’s iTunes Radio, it’s worth taking a moment to
taxonomize the models which have sprouted up around digital tunes:
The Store
Now, the classic model for online music distribution. You search
for the song on iTunes or Amazon; you hit the “buy” button; and
some amount of money near $1.00 is transferred from your bank account
to Apple’s coffers. In return, you get an MP3 of the song
forever -- and, since
2009, that song has come without any restrictions on its use.
The Locker
For some yearly fee, Apple (or, again, Amazon) will store all the
music you own on its servers. It is one of the more recent
entrants to the field and relatively simple to understand: All the
music you have already purchased, just online.
The Stream
The prototypical example here is Pandora. You tell a company a song
or artist or genre you like, and its algorithm selects music you also
might like. Notice the severe restrictions on use (you can’t
make a movie and use Pandora music as your soundtrack!) and the lack
of choice (the service limits you from playing too many
songs from the same artist or album!). Often, these services are
ad-supported, although, last month, Rdio tacked
this feature onto its subscription service.
The Library
A service maintains a large library of recorded music on its
servers, and you can listen to whatever you want from that library
however much you want. (If you want fifteen straight hours of
Genesis, you can play fifteen straight hours of Genesis!) The two
big Library companies are Spotify, which is owned by
Facebook and which allows free users to listen to music intermixed
with ads; and Rdio, which has no ads but is only available to paid
subscribers. Though it gives the user more choice, The
Library shares many economics with The Stream:
there are restrictions on what you do with the music (you still can’t
set it to a montage!), and its
payments for the musicians tend to be pretty paltry.
The YouTube
The website, owned by Google and ostensibly for sharing video, is
without peer in the world of music services. According
to a 2012 Nielsen study, “nearly two-thirds” of American
teenagers listen to music on the site, “more than any other any
other medium.” And it’s not hard to see why: With its ubiquity,
large library, recommendation engine, and cost (free!), it combines
some of the most attractive aspects of The Library,
The Stream, and The Locker. And,
thanks to pre-roll and display ads, listening to music on the service
also supports musicians and record labels, though at Library-like
levels.
For my Data Mining and
Data Analysis students. Looks like more jobs for everyone! Free
download with registration ($46 printed and delivered)
Frontiers
in Massive Data Analysis
“Data mining of
massive data sets is transforming the way we think about
crisis response, marketing, entertainment, cybersecurity and national
intelligence. Collections of documents, images, videos, and networks
are being thought of not merely as bit strings to be stored, indexed,
and retrieved, but as potential sources of discovery and
knowledge, requiring sophisticated analysis techniques that go
far beyond classical indexing and keyword counting, aiming to find
relational and semantic interpretations of the phenomena underlying
the data. Frontiers
in Massive Data Analysis examines the
frontier of analyzing massive amounts of data, whether in a static
database or streaming through a system. Data at that
scale–terabytes and petabytes–is increasingly common in
science (e.g., particle physics, remote sensing, genomics), Internet
commerce, business analytics, national security, communications, and
elsewhere. The tools that work to infer knowledge from data at
smaller scales do not necessarily work, or work well, at such massive
scale. New tools, skills, and approaches are necessary, and this
report identifies many of them, plus promising research directions to
explore. Frontiers
in Massive Data Analysis discusses pitfalls
in trying to infer knowledge from massive data, and it characterizes
seven major classes of computation that are common in the analysis of
massive data. Overall, this report illustrates the
cross-disciplinary knowledge–from computer science, statistics,
machine learning, and application disciplines–that must be brought
to bear to make useful inferences from massive data.”
For my Ethical Hackers'
toolkit
3
Ways To Remove EXIF MetaData From Photos (And Why You Might Want To)
For all my students:
Learn how I fry the smartphones that are watching TV in my
classrooms.
How
I Watch TV On My Smartphone
The tide is turning
against the traditional TV model of schedules and weekly serials.
You can now easily watch television on your smartphone thanks to a
handful of apps and a data connection – this is how I do it.
(Related) I will also
cause your drone to fly out the window!
8
Cool Smartphone-Controlled Toys You Secretly Desire!
Good on them!
Microsoft
offers free versions of Office 365 to nonprofits
… Microsoft
announced Tuesday that it will be giving nonprofits Office 365
licenses to use in their workplace -- free of charge. Any
organization that qualifies can get the cloud-based service, which
comes with Office applications, e-mail, calendar, HD video
conferencing, and more.
… If organizations
want to upgrade from the cloud-only version of the service to desktop
versions, they will be charged a reduced monthly rate of $4.50 per
organization from the usual $20.
No comments:
Post a Comment