Details
from the hackers, still nothing from Sony. This is beginning to
smell.
Hackers
demanded monetary compensation from Sony before cyber attack
An
email sent to Sony Pictures chiefs Michael Lynton and Amy Pascal has
emerged in which monetary compensation was demanded days before the
studio was crippled in a cyber attack.
"We've
got great damage by Sony Pictures," writes "God'sApstls"
in the message that was sent Nov. 21, with the subject line: "Notice
to Sony Pictures Entertainment Inc."
"The
compensation for it, monetary compensation we want," it
continues. "Pay the damage, or Sony Pictures will be bombarded
as a whole. You know us very well. We never wait long. You'd
better behave wisely."
…
Mashable was first to publish
the email, which was reportedly found
in new documents released by hackers on Monday.
A
guide for my Ethical Hackers?
Chris
Halsne reports:
A just-released
audit finds that Colorado state computer systems are vulnerable
to a cyber attack.
The report mirrors the results of a year-long
FOX31 Denver investigation.
We found gaping holes in security, some of which exposed the Social
Security and bank account numbers of state employees and contractors.
Monday, the State Auditor`s Office blamed the Governor`s
Office of Information Technology for creating an, “environment ripe
for breach by an external attacker or internal employee.”
Read
more on Fox.
For
my Data Governance class.
From
the press release:
Despite
a growing number of data breaches occurring under the glare of the
public spotlight, 71
percent of employees in a new survey report that they have access to
data they should not see, and more than half say that this
access is frequent or very frequent.
As
attention shifts from sophisticated external attacks to the role that
internal vulnerability and negligence often play, a new survey
commissioned by Varonis
Systems, Inc. and conducted by the Ponemon
Institute suggests that most
organizations are having difficulty balancing the need for improved
security with employee productivity demands. Employees
with needlessly excessive data access privileges represent a growing
risk for organizations due to both accidental and conscious exposure
of sensitive or critical data.
The
survey report, “Corporate
Data: A Protected Asset or a Ticking Time Bomb?” is derived
from interviews conducted in October 2014 with 2,276 employees in the
United States, United Kingdom, France, and Germany.
…
Both IT practitioners and end users are witnessing a lack of control
over employee access and use of company data, and the two groups
generally concur that their
organizations would overlook security risks before they would
sacrifice productivity. Only 22 percent of employees
surveyed believe their organizations as a whole place a very high
priority on the protection of company data, and less than half of
employees believe their organizations strictly enforce security
policies related to use of and access to company data. Further, the
proliferation of business data is already negatively impacting
productivity — making it harder for employees to find data they
truly need and should be able to access, and to share appropriate
data with customers, vendors and business partners.
…
For a full copy of the study, go to
http://www.varonis.com/research/why-are-data-breaches-happening.
PDF
Attachment Available:
http://www.varonis.com/research/why-are-data-breaches-happening/ponemon-infographic.pdf
Tools
for my Ethical Hackers. Remember he first tool of Hacking: a good
lawyer!
Spider
a Website with Wget – 20 Practical Examples
How
do I download an entire website for offline viewing? How do I save
all the MP3s from a website to a folder on my computer? How do I
download files that are behind a login page? How do I build a
mini-version of Google?
Wget
is a free command line program – available for Mac,
Windows and Linux
(included) – that can help you accomplish all this and more. What
makes it different from most download managers is that wget can
follow the HTML links on a web page and recursively download the
files. It is the same
tool that a US soldier had used to download tons of secret
documents from the army’s Intranet that were later published on the
Wikileaks website.
…
It will help if you can read through the wget
manual
…
Wget can be used for
downloading content from sites that are behind a login screen
or ones that check for the HTTP referer and the User Agent strings of
the bot to prevent screen scraping.
“Wow!
Where can I get one of dese devices that will rat me out to da
cops!”
Data
from wearable devices could soon land you in jail
…
In what's thought to be a
first-of-its-kind civil lawsuit, a personal injury lawyer
in Canada used data from a Fitbit wristband in an insurance fraud
case to support his client's claims.
Previously,
insurance civil suits relied on physician examinations and not
historical data collected from a wearable.
…
Muller's client voluntarily shared several months of Fitbit data
with Vivametrica so it could be compared with data from other Fitbit
users. His client, a former personal trainer, had been in an
accident that affected her ability to work; the data was used to back
up her claim.
…
Wearables are a
perfect fit for litigation, according to Neda Shakoori, an
attorney who leads an eDiscovery initiative with the law firm of
McManis Faulkner.
Wearables
not only track physical activity, but they can transmit geolocation
information, and more sophisticated wearables, like Google Glass, can
also take photos and videos and perform web searches.
I'll
bet that exactly how they said it.
…
"Without the ability to test outdoors in the United States
soon, we will have no choice but to divert even more of our [drone]
research and development resources abroad," said Amazon’s vice
president of global public policy Paul Misener in a letter to the FAA
seen
by the Wall Street Journal. "I fear the FAA may be
questioning the fundamental benefits of keeping [drone] technology
innovation in the United States," said Misener.
How
many people (voters?) need to 'sign' a petition for anyone in
government to notice? I would think supplying individual politicians
with lots of detail about petitioners would be a minimal requirement.
…
Change.org founder and CEO Ben Rattray argues that one of the most
basic ironies of the internet is how it has so far failed to open up
what is supposed to be the most participatory process of all.
“You’ve
democratized all these industries, but you haven’t democratized
democracy,” Rattray says.
Timely.
I'm giving a short presentation at the next faculty meeting on how I
find articles for this blog.
Pew
Study: Americans Thankful to Internet for Making Them Better Informed
A
survey report by Pew Research Center reveals that most Americans are
thankful to the Internet for helping them learn new things, having
them stay better informed on topics that are important to them,
and increasing their capacity for sharing creations and ideas with
others.
The
positive views regarding the Internet show that Americans enjoy
having massive amounts of information readily available to them, as
opposed to being overwhelmed.
…
The
results of the survey shows
that 87 percent of respondents improved how they are able to learn
new things, with 53 percent saying that the improvement has been by
"a lot." This is more evident for the respondents that are
below 50 years old, live in households with higher incomes, and have
higher levels of educational attainment.
No comments:
Post a Comment