Looks like another third party breach. Was the
vendor held to CVS standards? (If so, all of CVS is vulnerable)
CVSPhoto.com
goes dark in wake of breach: Should CVS customers worry?
CVS recently shut down its online photo services
after discovering that a potential data breach may have compromised
customer credit card information.
The drugstore chain did not say how many customers
may have been affected, but said the breach was limited to
transactions made through CVSPhoto.com; those
who have made transactions in-store and through CVS’s main site,
CVS.com, are safe.
… We are working
closely with the vendor and our financial partners and will share
updates as we know more.
“No evidence” translates to “We don't bother
keeping logs” You would think that someone would “invent”
better language for these press releases. Words that don't make your
organization look totally incompetent,
UCLA Health announced today it was a victim of a
criminal cyber attack. While the attackers accessed parts of the
computer network that contain personal and medical information, UCLA
Health has no evidence at this time [Are
they expecting a miracle at some future time? Bob] that
the cyber attacker actually accessed or acquired any individual’s
personal or medical information.
UCLA Health estimates that data on as many as 4.5
million individuals potentially may have been involved in the attack,
believed to be the work of
criminal hackers. UCLA Health is working with
investigators from the Federal Bureau of Investigation, and has hired
private computer forensic experts to
further secure information on network servers. [Because
our current security sucks, Bob]
… We
have taken significant steps to further protect data and
strengthen our network against another cyber attack.” [Our
security sucks significantly! Bob]
… UCLA Health detected
suspicious activity in its network in October 2014, and
began an investigation with assistance from the FBI. At that time,
it did not appear that the attackers had gained access to the parts
of the network that contain personal and medical information. As
part of that ongoing investigation, on May 5, 2015, UCLA Health
determined that the attackers had accessed parts of the UCLA Health
network that contain personal information such as names, addresses,
dates of birth, Social Security numbers, medical record numbers,
Medicare or health plan ID numbers and some medical information.
Based on the continuing investigation, it
appears that the attackers may have had access to these parts of the
network as early as September 2014. We continue to
investigate this matter.
This too is infrastructure.
FCC
Cracking Down on 911 Service Failures
For three hours last August, almost all T-Mobile
US Inc. ’s
about 50 million customers couldn’t reach 911.
The nationwide outage, disclosed on Friday, was at
least the third major outage by a variety of telecom operators of the
911 call system in three years, raising
concerns among federal regulators that the country’s emergency
response system is becoming more vulnerable.
… In the past any outage was localized. Now it
can affect millions of people in multiple states, whether they use
cellphones or landlines.
Regulators slapped T-Mobile with a record $17.5
million fine for the malfunction that debilitated the part of
carrier’s network that handles emergency calls.
Not real clear what this means. If DHS is
scanning everything that comes into government sites (“incoming”)
“amped up” can't mean increasing the volume of scans. So how do
you scan more intensely? Broaden your “patterns?” Expand your
definition of “malicious?” Then, if some bad actor invents a new
way to hack into government systems, we will delete all the evidence
because it did not appear to be a threat?
There’s A
Plan to Immediately Purge Some Governmentwide Network Surveillance
Data
After a series of stinging government hacks, the
Department of Homeland Security said scans
of incoming Internet traffic from the public would be amped up.
It has been unclear how this monitoring might affect the privacy of
citizens and employees.
Now, a little-noticed National Archives and
Records Administration assessment offers some insight: Any
surveillance data collected that does not trigger alarms will be
erased pronto, according to a pending records disposal plan.
DHS’ National Cybersecurity Protection System,
better known as EINSTEIN, collects
streams of traffic containing, among other things, emails and
Web-surfing habits, to flag patterns indicative of known malicious
attacks.
Should be a great source of redactions.
On Thursday, a federal district court in New York
issued its latest ruling
in the ACLU’s long-running Freedom of Information Act (FOIA)
litigation seeking the legal and factual bases of the 2011 drone
strike that killed three Americans in Yemen. The 160-page opinion
addresses hundreds of records withheld by the Justice Department’s
Office of Legal Counsel (OLC), CIA, and Defense Department. The
opinion itself is heavily redacted, a product of well over
a month of classification review by the government, and a testament
to the overbroad secrecy which has pervaded this litigation.
In 2013, the same court deferred
to the government’s refusal to confirm or deny whether it possessed
documents responsive to the ACLU’s FOIA request. But the Second
Circuit conclusively
rejected this argument, forcing the government to release a
redacted version of a 41-page July
2010 OLC Memo, and ordering the agencies to submit indexes
enumerating and describing the other withheld documents.
We remember privacy!
UK
surveillance report affirms privacy concerns
by Sabrina
I. Pacifici on Jul 17, 2015
The
Guardian: “Privacy campaigners have secured
significant concessions in a key report into surveillance
by the British security agencies published on Tuesday. The 132-page
report, A
Democratic Licence To Operate, which Nick Clegg commissioned last
year in
the wake of revelations by the US whistleblower Edward Snowden,
acknowledges the importance
of privacy concerns. “Privacy is an essential
prerequisite to the exercise of individual freedom, and its erosion
weakens the constitutional foundations on which democracy and good
governance have traditionally been based in this country,” the
report says. It says that there are “inadequacies in both law and
oversight that have helped create a credibility gap that has
undermined public confidence”. The report proposes that the
intelligence services retain the power to collect bulk communications
data on the private lives of British citizens, but it also now
concedes that privacy must be a consideration throughout the process.
The report, written for the Royal United Services Institute (RUSI)
by a panel that includes three former heads of UK intelligence
agencies, also calls for an overhaul of existing legislation.”
Where
have all the Spammers gone, long time passing
Where
have all the Spammers gone, long time ago?
Where
have all the Spammers gone?
Gone
to Social Networks everyone.
Oh,
when will they ever learn?
Oh,
when will they ever learn?
Email Spam
Rates Dip Below 50 Percent
… According to the
latest Symantec Intelligence Report, the last time the security
firm recorded a similarly low spam rate was in September 2003.
Years ago, you couldn't be a “good parent”
without a copy of Dr Spock's “Baby and Child Care ” Now you need
a global network?
Parents and
Social Media
Social media networks have become vital channels
for Americans’ daily interactions. Users rely on these platforms
to keep in touch with family and friends, gather information and
share what is important to them. This report explores how parents –
75% of whom use social media – turn to social media for
parenting-related information and social support.
71% of all parents on
social media try to respond if they know the answer to a question
posed by someone in their online network.
Perspective. Some companies are worth more split
apart. eg. Standard Oil
What’s
Left of eBay After Shedding More Than Half of its Business
E-commerce giant eBay (EBAY)
completed its PayPal spinoff on Friday, a plan that was announced in
September of last year, after months of urging from activist investor
Carl Icahn. Starting Monday, PayPal (PYPL)
will be a separate publicly-traded company.
PayPal will be the bigger company post-split with
analysts estimating that it will be valued at roughly $45 billion.
eBay is expected to have a market cap of at least $30 billion.
… Now that the companies have split, here is
what’s left of the eBay business:
eBay Marketplaces: This is the division that
people associate with eBay.
eBay Classifieds: A competitor of Craigslist
StubHub: A platform for buying and selling tickets
to concerts and events
(Related) Some do fine as they are.
Google
market value surges $65 billion
Google Inc's shares surged over 16 per cent on
Friday, adding about $65 billion to its market value, as strong
growth in mobile ad revenue allayed concerns its YouTube business
could be hurt by Facebook Inc's push into video.
The surge in the stock, which sent the Nasdaq
composite index to a record high, came a day after Google reported
better-than-expected
revenue and profit for the first time in six quarters.
Google's Class A (with voting rights) shares
surged 16.26
per cent to end at an all-time high of $699.62, a day after
reporting strong ad revenue growth. It was Google's largest one-day
percentage gain since April 2008.
(Related) And some just need a kind word.
Shares of Etsy, the e-commerce Web site for
handmade and vintage items, jumped 31 percent on Friday — thanks to
a positive brief mention by Google the day before.
I know a few innovative students...
Microsoft's
new Office contest wants students to showcase their creativity
… The Microsoft
PC Accessories team is hosting a contest where students write
about how they use technology to be creative. Students will submit a
Word document written with no more than 300 words to
writenow@microsoft.com.
Contestants must also provide their name, the school name of where
they attend, and an email address. The full
rules for the contest are located here.
(Related) And this for people who don't have
facility with words.
Taco Bell is helping lead the charge to add a
taco. Several publications have suggested
their own additions. And more than 15,000 supporters of the
redheaded community are campaigning
for representation on Change.org.
Now, Jeremy Burge, emoji afficianado and founder
of a website called Emojipedia,
has created a social media campaign called World
Emoji Day, which he set for July 17 based on the calendar shown
on iPhones. (Because of differences
in how services and operating systems interpret code, the
calendar reads July 15 on Twitter or no date at all on Android.)
… Emojipedia keeps track of the additions,
including the most
recent wave that added 41 characters, including a unicorn and a
“nerd face.” [No,
it does not
look like me! Bob]
Clever, clever.
Joel
Schneider, CEO of Bud+Breakfast Opens 3rd Location
July 16th marks the official launch of
Bud+Breakfast’s San Ayre, Colorado
location. San Ayre represents Bud+Breakfast’s third location and
they have now doubled in capacity. The first continental, cannabis
friendly, breakfast took place this morning and happy hour kicks off
at 4:20 every day. Bud+Breakfast
is the premier cannabis-friendly lodging and hospitality company in
the United States.
My Saturday sillies!
Hack
Education Weekly News
… ConnectHome:
a new Obama Administration initiative to expand access to broadband
to low-income families in order to address the “homework gap.”
… Students Matter, an advocacy group that sued
California over its teacher tenure laws, is now suing
13 school districts in the state for not using test scores in teacher
evaluations.
… The University of Michigan is going
Nike with “a deal valued at $169 million that begins Aug. 1,
2016 and runs through 2027, with a school option to extend it to
2031. Nike will supply uniforms, footwear, apparel and equipment for
all 31 varsity athletic teams. The financial terms total $122.3
million guaranteed, with Michigan receiving $12 million cash up front
(due Thursday), $56.8 million in equipment and apparel and $53.5
million total in cash, paid annually.” [Better
than Grants! Do you think they would sponsor our Math club? Bob]
… Software that UK schools are using to
monitor students’ Internet use has a
major security flaw: “a flaw in the company’s encryption
protocols which could allow almost anyone to gain full access to
computers running the Impero software, run software such as spyware
on the systems, or access files and records stored on them.”
… According to a study from the Rennie Center
for Education Research and Policy (as
reported in The Atlantic), “dual-enrollment programs, where
students take classes simultaneously in high school and at a local
college, have proven especially successful at getting less-affluent
and first-generation students into college – and through it.”
For our Business Communications students?
How to Get
More Likes and Shares on Facebook, According to Researchers
For all my students.
Free
Microsoft Word Resume Templates to Help You Land Your Dream Job
For the research toolkit.
Limit Your
Google Search to Official US State Web Sites
by Sabrina
I. Pacifici on Jul 16, 2015
Via ResearchBuzz
who created this very useful app – “So I made a list of the fifty
states, with these three domain types for each state, and dumped it
into a custom Google search engine that’s available at
http://www.google.com/cse/home?cx=017167864583314760984:iecnygefhky.
Put in any keywords you want and your search results will be
restricted to official state Web sites on.”
Set this next to our Windows 10 demo machine.
A Guide to
the Windows 10 Start Menu
Dilbert perfectly illustrates our fascination with
technology toys.