For my Ethical Hacking students. It is much
easier to hack a technology when you know exactly how it works. And
remember, this is “strategic hacking.” Each step has a goal of
enabling more hacks, not just owning one system.
Months before its
technology became the centerpiece of Samsung’s new mobile payment
system, LoopPay, a small Massachusetts subsidiary of the South Korean
electronics giant, was the target of a sophisticated attack by a
group of government-affiliated Chinese hackers.
As early as March, the hackers — alternatively
known as the Codoso Group or Sunshock Group by those who track them —
had breached the computer network of LoopPay, a start-up in
Burlington, Mass., that was acquired by Samsung in February for more
than $250 million, according to several people briefed on the
still-unfolding investigation, as well as Samsung and LoopPay
executives.
LoopPay executives said the Codoso hackers
appeared to have been after the company’s technology, known as
magnetic secure transmission, or MST, which is a key part of the
Samsung Pay mobile payment wallet that made its public debut in the
United States last week.
… LoopPay
did not learn of the breach until late August, when an
organization came across LoopPay’s data while tracking the Codoso
Group in a separate investigation.
… two people briefed on the investigation, as
well as security experts who have been tracking the Codoso hackers as
they have targeted hundreds of victims around the world, said it
would be premature to say what the hackers did and did not accomplish
since they were discovered in August.
To start, the
hackers were inside LoopPay’s network for five months before they
were discovered. And the Codoso Group is known for
maintaining a hidden foothold in its victims’ systems. Security
experts say the group’s modus operandi is to plant hidden back
doors across victims’ systems so that they continue to infiltrate
their networks long after the initial breach.
...because the “victims” were “asking for
it?” Sound familiar?
David Wells reports:
A cyber criminal hijacked computers to spy on people having sex through their webcams, the National Crime Agency (NCA) has said.
Stefan Rigo, 33, used malware called Blackshades to give him control over strangers’ cameras and spent five to 12 hours a day watching what they were doing in front of their computers.
The NCA said he was addicted to monitoring his victims, some of whom he knew and some who were complete strangers.
Rigo was given a 40-week suspended prison sentence, placed on the Sex Offenders Register for seven years and ordered to do 200 hours of unpaid work by magistrates in Leeds after he admitted voyeurism at a previous hearing, the agency confirmed.
Read more on Western
Morning News.
And he didn’t get any prison time…. why?!
“Because it's more important to have the
information than to protect the information.” Makes the government
sound like a Silicon Valley start-up.
The Obama administration is moving ahead with
controversial new rules that require doctors to switch to electronic
health records or face fees, resisting
calls from both parties to delay implementation.
Federal health officials said the final rules
released Tuesday will make “significant changes" in the
"meaningful use" electronic health records program, such as
lowering the number of
standards each provider must meet and allowing providers to apply for
hardship exemptions.
… It’s an attempt to move away from a
paper-based system that depends on a doctor’s handwriting and paper
copies of files – and one that could
become a major part of Obama’s health legacy.
Groups like the American Academy of Family
Physicians have said many of its providers’ issues with electronic
health records are the result of the technology itself.
“We believe this is the fault of the vendors and
their lack of accountability while reaping huge profits from the
HITECH act,” the group’s president, Dr. Robert Wergin, wrote in a
statement hours before the rules were announced.
“Vendors, not providers, must be held fiscally
accountable for not yet achieving an appropriate level of
interoperability.”
Local. I was a bit concerned that the “I can
hack an airplane” claim was a bid for attention. Perhaps they saw
this coming even back then.
Sorry to hear of this.
Katy Stech reports:
A Colorado cybersecurity firm whose founder said he hacked into more than a dozen airline flights by plugging his laptop into a passenger jet’s entertainment system has filed for bankruptcy.
One World Labs Inc., founded by Chris Roberts in 2009, filed for bankruptcy protection on Friday, saying it faces roughly $720,000 in debt.
Company officials are negotiating a deal to sell the Denver-based intelligence firm, which says it has “access to the world’s largest index of dark content to protect corporations, governments and nonprofit organizations,” enabling clients to search the database for stolen data. The firm took in $3 million in revenue last year, according to documents filed in U.S. Bankruptcy Court in Denver.
Read more on WSJ.
Perspective. Not bad for a company started in a
dorm room.
Dell Is in
Talks With EMC Over Possible Merger
Dell Inc. and private-equity firm Silver Lake are
in advanced talks to buy EMC
Corp. according to people familiar with the matter, a deal that would
rank as the biggest
technology-industry takeover ever and remove questions
about EMC that have hung over the data-storage giant for more than a
year.
There's a market for all that hippie stuff?
Interesting. I wonder if my students would be
interested in research?
Our mission at YC is to enable as much innovation
as we can. Mostly this means funding startups. But startups aren’t
ideal for some kinds of innovation—for example, work that requires
a very long time horizon, seeks to answer very open-ended questions,
or develops technology that shouldn’t be owned by any one company.
We think research institutions can be better than
they are today. So we’re starting a new research lab, which we’re
calling YC Research, to work on some of
these areas.
… YCR is a non-profit. Any IP developed will
be made available freely to everyone.
… Because of the openness, the researchers
will be able to freely collaborate with people in other institutions.
Perspective. Maybe peoples in O-re-gone are just
not too smart? Or is everyone getting dumber?
THE Oregon
Shakespeare
Festival has decided that Shakespeare’s language is too difficult
for today’s audiences to understand. It recently announced that
over the next three years, it will commission 36 playwrights to
translate all of Shakespeare’s plays into modern English.
No comments:
Post a Comment