Thursday, January 29, 2015

How important is your data? Would you notice that it was unreadable in less than 6 months? Would your database accept records without an edit? (e.g. a zipcode of “pZ3&g”?)
Cybercriminals Encrypt Website Databases in “RansomWeb” Attacks
researchers at High-Tech Bridge have spotted a new type of attack that threatens businesses.
The technique, dubbed “RansomWeb,” targets sensitive information stored in website databases. These attacks require a lot of patience, but they can be highly profitable for cybercriminals.
The attackers first compromise the targeted company’s Web application. Then, they modify server scripts so that data is encrypted on-the-fly before it’s inserted into the database. This encryption process happens over a long period of time to avoid raising any suspicion. Once the data is encrypted, victims are sent a ransom demand.
In one operation observed by researchers, the attackers encrypted the database of a financial company over a six-month period. During this time, even the backups were overwritten with encrypted entries, making it difficult to recover the data.


Think of it as an intelligence service that is actually doing its job. All you need to stop this is an accurate prediction of the data you will not need.
Canada taps Internet cables to track downloads
Canada’s top surveillance agency has been tapping into Internet cables to collect vast troves of upload and download data from popular file-sharing websites, The Intercept and CBC News reported.
The program, known as Levitation, indiscriminately sucks up and analyzes the records of up to 15 million downloads each day. The surveillance spans North America, Europe, the Middle East and North Africa.


After all, If he's got nothing to hide, why would this bother him (I'm not sure congress get's sarcasm. Or anything else) I will send the Congressman an email asking if I can have the surveillance details for our “Big Data” class.
Mike Masnick writes:
Rep. Jared Polis has a bit of a history of making hilarious, but incredibly on point, sarcastic and satirical suggestions in response to government officials saying something stupid. Last year, he asked the Treasury Department to ban dollar bills after Senator Joe Manchin asked the Treasury Department to ban Bitcoin. Polis, of course, took the same arguments Manchin used against Bitcoin and highlighted how dollar bills had the same characteristics.
His latest move is in response to Senator Marco Rubio’s ridiculous and clueless call for greater levels of mass surveillance of Americans. Rubio calls for new laws to force tech companies to help the government spy on everyone and also a permanent extension of the controversial Section 215 of the Patriot Act, the part of the law that was twisted by the DOJ and the NSA to pretend it means they can demand every phone record on every American because they might be able to sniff through it all and find something interesting.
Read more on TechDirt.


A business opportunity for my Ethical Hackers. If manufacturers will create “no fly” zones (based on GPS) as part of their operating software, replace the operating software (or delete the restrictions or remove the GPS antenna).
Drone maker will block DC flights after White House crash
The manufacturer of a drone that crashed on the White house grounds this week will introduce technology to block its machines from flying around downtown Washington, it said on Wednesday.
… Under the new mandatory software update, the drones will not be able to take off from or fly into a zone that extends 15.5 miles out from downtown Washington in all directions.
… Current FAA regulations make it illegal to fly a drone in Washington, even recreationally. [Not sure that is true Bob]
DJI has already programmed its machines to prevent them from flying into the airspace above many of the nation’s airports, which it imposes by keeping tabs on their GPS data.


Trust us, we'll protect your personal information. Except when we share it.” Includes a look at the UK, Australia and the US as well.
From the Office of the Information and Privacy Commissioner (OIPC) of Alberta:
In recognition of Data Privacy Day, the Office of the Information and Privacy Commissioner (OIPC) has released independent research it had commissioned to provide a privacy perspective on multi-stakeholder government information sharing projects.
The paper entitled Government Information Sharing: Is Data Going Out of the Silos, Into the Mines? provides an overview of government information sharing projects across Canada and internationally, potential frameworks for analysis, citizen expectations, and an examination of actions taken to protect privacy.
As the authors stated, this paper scratches the surface on the number of multi-stakeholder, citizen-centred government information sharing projects occurring but provides a critical look at the variety of projects undertaken, the concept of big data, the transparency or lack thereof involved in projects, and citizen reactions to different projects.
The paper concludes with an analysis of the risk involved in information sharing projects and proposals, including but not limited to legal authority, security management, organizational commitment to privacy, and public relations and communications.
The paper is available on the OIPC website at:


Darn! I was going to fly my “football inflation measurement” App.
Super Bowl is a 'no drone zone'
The Federal Aviation Administration (FAA) issued a warning Wednesday to remind fans of both football and unmanned aircraft that the Super Bowl is “strictly a ‘no drone zone.'” It is illegal to fly unauthorized aircraft, such as a drone, over or near any NFL games, not just Sunday’s championship game, according to the FAA. The same restriction also applies Major League Baseball games, several Nascar events and any college sporting event taking place in a stadium that seats at least 30,000 fans.


Okay, so I can't read a calendar. At least I found this reading list... I should remind myself to check next January.
It’s Data Privacy Day 2015, and Dave Piscitello (@SecuritySkeptic) compiled his reading list, which he has kindly shared with this site:


Perspective. Extrapolating existing trends.
What Will Social Media Look Like in 2015?
At the start of the New Year, many small business marketers think about what the social media landscape may look like as they strive to reach their business goals. It seems that each passing year brings more competition as social media platforms shift in popularity and networks continue to change the rules for marketers.
In this ever-shifting environment, we look at some of the social media marketing trends that small business owners can expect in 2015.


Big Data requires a Big Index?
Open Database Of The Corporate World
OpenCorporates aims to do a straightforward (though big) thing: have a URL for every company in the world. We’ve grown from 3 territories and a few million companies to over 75 jurisdictions and 55 million companies, and are working with the open data community to add more each week. How can we get hold of the data? We have a new API service, as well as our highly popular Google Refine reconciliation service (see documentation), and this allows access to the information as JSON or XML. If you need data in bulk, either for academic research work, for another cool open data project, or commercially, drop us an email at info@opencorporates.com. Under what licence is the data published? In collecting this information, and matching up to other data, OpenCorporates has acquired database rights, but we strongly believe this information should be freely reusable, and so make it available (to the extent that we have the rights) under the share-alike attribution Open Database Licence. For details, please see our licence page.”


Who would you pay $5 to hear?
Louis CK Releases Comedy Special Online
Controversial comedian Louis CK has released another comedy special online, cutting out the middleman and delivering his jokes directly to his fans. Louis CK: Live At The Comedy Store, CK’s first nightclub special, is available to stream online in 1080p or as a DRM-free download, and is priced at just $5.


Interesting. Trading on their name and their ability to replicate a “Best Practices” infrastructure.
Amazon's New WorkMail Targets Business Users
On Jan. 28, Amazon announced its latest business product, a cloud-based email and calendaring service called WorkMail that one analyst said could be the first of many follow-on offerings.
… Amazon will charge a monthly subscription fee of $4 per inbox, similar to what Microsoft and Google charge. The new Amazon service includes 50G of storage per user.
… Company officials said the advantage is companies won't have to invest in their own email servers and management software as that will also be handled by Amazon—which, among other things, will encrypt emails to help ensure their security.


Because: Hype!
Facebook Launches Super Bowl Experience
Facebook has launched the Super Bowl Experience just in time for Super Bowl XLIX on Sunday (Feb. 1). The Super Bowl Experience on Facebook, located at facebook.com/superbowl, focuses the whole Facebook experience on the Super Bowl before, during, and after the game.
The Super Bowl Experience features posts about the game between the Seattle Seahawks and the New England Patriots, real-time reactions to events on the pitch, play-by-play updates, and media content from news outlets covering the game. All of which saves you from ever leaving Facebook. Which is the idea.


An amusing look at how much fun it must be to spend big money. Infographic
Understanding Why Google Spends Billions on Acquisitions

No comments: