The electronic equivalent of marked cards?
Poker
players targeted by card-watching malware
The sneaky malware has been found lurking in
software designed to help poker fans play better, said the security
firm that found it.
… The malware targets players of the
Pokerstars and Full Tilt Poker sites, said Robert Lipovsky, a
security researcher at Eset, in
a blogpost.
When it infects a machine, the software monitors
the PC's activity and springs to life when a victim has logged in to
either one of the two poker sites. It then starts taking screenshots
of their activity and the cards they are dealt. Screenshots are then
sent to the attacker.
The images show the hand the player has been dealt
as well as their player ID. This, said Eset, allows the attacker to
search the sites for that player and join their game. Using
information about a victim's hand gives the attacker a significant
advantage.
"We are unsure whether the perpetrator plays
the games manually or in some automated way," wrote Mr Lipovsky.
The insurance perspective.
A Guide to
Cyber Risk
by Sabrina
I. Pacifici on Sep 17, 2015
“Cyber risk is now a major threat to clients’
businesses. Companies increasingly face new exposures including
first-and third-party damage, business interruption (BI) and
regulatory consequences. A
Guide to Cyber Risk examines global trends and developments in
cyber, while also identifying the emerging risks that will
significantly impact the industry in the near future.
> Download the full report here
> Download the Executive Summary here
> Download the cyber risk exposure infographic here
> Download the Executive Summary here
> Download the cyber risk exposure infographic here
Never
doubt the doggedness of football fans. They will
force you to answer.
Daniel Chang reports:
More than two months after the chief executive of Jackson Health System promised an “aggressive internal investigation” into the unauthorized release of the medical chart for New York Giants pass rusher Jason Pierre-Paul — a possible violation of federal privacy laws — hospital officials have yet to explain how the breach occurred, who was responsible for the leak or what they are doing to prevent such incidents in the future.
Read more on Miami
Herald.
I doubt
any country is more interested in spying now than say 50 years ago.
It's just that there are many tools to automate the process and many
hackers who notice those tools and make the information public.
A new report from F-Secure has found evidence that
the Russian government is behind the widespread Duke malware strain,
orchestrating a seven-year campaign that has targeted Chechnya, NATO
and possibly as far as the State Department and White House. Titled
The
Dukes: Seven Years of Russian Cyberespionage, the report
details the results of research dating back to 2008, connecting the
dots between more than a dozen different incidents. The team behind
the Duke malware waged their campaign with nine different variants,
each tailored to specific systems and situations. The variants have
been the subject of a number of security
reports over the years, but this is the most definitive evidence
yet that the Russian government has been sponsoring the attacks.
For my Computer
Security students.
Cultivate a
Talent Pipeline While Bridging the Cybersecurity Resource Gap
… A
new labor market report
by Burning Glass, Job Market Intelligence: Cybersecurity Jobs, 2015,
finds that job postings for cybersecurity openings have grown three
times as fast as openings for IT jobs overall and take longer to
fill. The professional services, finance, and manufacturing/defense
sectors have the greatest number of openings. Finding qualified
candidates for positions that require a security clearance or a
combination of IT security skills and industry knowledge, for example
in finance or healthcare, takes even longer.
A clear indication that even TSA recognizes that
they are security theater. “Because it is better to look secure
than to feel secure.”
Jenna McLaughlin reports:
In a spectacular failure of a “back door” designed to give law enforcement exclusive access to private places, hackers have made the “master keys” for Transportation Security Administration-recognized luggage locks available to anyone with a 3D printer.
The TSA-recognized luggage locks were a much-vaunted solution to a post-9/11 conundrum: how to let people lock their luggage, on the one hand, but let the TSA inspect it without resorting to bolt cutters, on the other.
When the locks were first introduced in 2003, TSA official Ken Lauterstein described them as part of the agency’s efforts to develop “practical solutions that contribute toward our goal of providing world-class security and world-class customer service.”
Now that they’ve been hacked, however, TSA says it doesn’t really care one way or another.
Read more on The
Intercept.
[From
the article:
“The reported ability to create keys for
TSA-approved suitcase locks from a digital image does not create a
threat to aviation security,” wrote TSA spokesperson Mike England
in an email to The Intercept.
“These consumer products are ‘peace of mind’
devices, not part of TSA’s aviation security regime,” England
wrote.
Is Japan walling itself off like the EU in a world
where everything is global?
Joe Jones of Squire Patton Boggs writes:
The Japanese Diet passed amendments to the Personal Information Protection Act on September 3, 2015, which will become effective within the next two years. While further details will be revealed in upcoming implementing regulations, several major changes, which are summarized below, are clear from the text of the statute. Companies doing business in Japan should take a close look at their privacy policies and personal data procedures in preparation for these changes.
More leeway to disclose anonymous data
“Anonymized” personal data – stripped of personal identifiers such as names and dates of birth – may now be transferred to third parties, including companies who would use the data for marketing purposes, without the subject’s consent. The disclosure must still be reported to the “Personal Information Protection Committee” (discussed further below), and must also be publicly announced. This is one of the few “pro-business” changes in the amendment, and will allow companies to use and sell “big data” about their customers, which was previously a gray area in Japanese data privacy law.
Read more on Lexology.
Perspective.
Google Is 2
Billion Lines of Code—And It’s All in One Place
… Google’s Rachel
Potvin … estimates that the software needed to run all of
Google’s Internet services—from Google Search to Gmail to Google
Maps—spans some 2 billion lines of code. By comparison,
Microsoft’s Windows operating system—one of the most complex
software tools ever built for a single computer, a project under
development since the 1980s—is likely in
the realm of 50 million lines.
Perspective.
Pinterest
Crosses User Milestone of 100 Million
Pinterest said on Wednesday that it had surpassed
100 million monthly active members, in a milestone for the digital
scrapbooking start-up, which has faced scrutiny over whether the size
of its user base and business growth can justify its huge valuation.
This article has a most unbelievable chart.
Ed-Tech
Might Make Things Worse... So Now What?
The OECD released a “first-of-its-kind” report
earlier this week on computers and education, eliciting – as all of
its PISA-related reports tend to do – precisely the responses you’d
suspect: a lot of “schools are doing it wrong.”
I need to survey my students. What do they
prefer?
Cut the
Cord With 4 VoIP Phone Plans That Are Cheaper Than Skype
An easy way to extend our website creation class?
DWNLD, The
Easy-Bake Oven For Apps, Picks Up $12M In Series A
The DWNLD App Maker gives users the ability to
finely customize their apps with various colors, layouts, fonts, etc.
so that each DWNLD-created app has its own unique look and feel.
Of course, DWNLD
has a paid product that gives users analytics on their app
performance, ways to generate revenue through in-app purchases,
advertising and paid downloads, as well as the ability to send more
(or unlimited) push notifications, with prices starting at $15/month.
But
DWNLD also offers a free tier that gives the Average Joe
the ability to publish their own app, complete with social media
integrations, blog content, etc.
… If you want to learn more about DWNLD, head
over to the website right
here.
No comments:
Post a Comment