Vietnam's Tien Phong Bank Victim of SWIFT-based Attack
Hanoi-based Tien Phong Bank (TPBank) released a statement late on Sunday
saying that it had interrupted the attempted theft of approximately $1.1
million via fraudulent SWIFT messages. It would appear that the statement was in
response to inquiries from Reuters, following clues in BAE System's Cyber Heist
Attribution report
published late last week.
BAE Systems said that it knew of a second attempted SWIFT
fraud on a commercial bank in Vietnam using techniques similar to those used in
the successful theft of $81 million from the Bangladesh Central Bank. BAE Systems conjectured that it was the same
gang behind both attacks.
… According to
Reuters, TPBank recognized suspicious SWIFT messages attempting to transfer
$1.1 million and was able to prevent any loss by immediately contacting all
involved parties.
… What isn't yet
clear is whether TPBank discovered the attack
independently or was warned by either BAE Systems or SWIFT. The published timings, however, suggest it was
independent. Its own attack was towards the end of 2015, while the attack
on the Bangladesh central bank and its disclosure happened in February 2016.
Apparently not much security to get past. I wonder if this was the weakest link, or
merely the most obvious?
Ukranian Hacker Admits Stealing PR Newswire Press Releases
A Ukranian hacker pleaded guilty to stealing
unpublished news releases that helped a criminal network make $30 million by
trading on nonpublic information about corporate earnings.
… Prosecutors said
that from February 2010 to November 2014, the hackers broke into computer
networks at the three companies and stole draft releases that they shared with
others who made stock trades in advance of the public dissemination of the
corporate earnings. The hackers periodically moved among servers at the three companies as
they were discovered and lost access to the releases.
Curious?
The Intercept announces greater access to Snowden archive
by Sabrina I. Pacifici on May 16, 2016
Via The Intercept: The Intercept Is
Broadening Access to the Snowden Archive. Here’s Why – “Today,
The Intercept is announcing two innovations in how we report on and
publish these materials. Both measures
are designed to ensure that reporting on the archive continues in as
expeditious and informative a manner as possible, in accordance with the
agreements we entered into with our source about how these materials would be
disclosed, a framework that he, and we, have publicly described on numerous occasions.
“SIDtoday is the internal newsletter for the
NSA’s most important division, the Signals Intelligence Directorate. After editorial review, The Intercept
is releasing nine years’ worth of newsletters in batches, starting with 2003. The agency’s spies explain a surprising amount
about what they were doing, how they were doing it, and why.”
Never in the history of the world have males entering
puberty ever found the female of the species interesting enough to snap
pictures of… Sure, that’s why the most
popular site in the world is named “go ogle”
Maybe it’s just selective attention, but it seems that
there are more reports coming out of students
taking problematic pictures of other students in public spaces of schools. In today’s news, Ryan Smith reports on a
situation in Des Moines, Iowa:
Polk County authorities are
investigating a scandalous blog featuring the backsides of multiple girls at Saydel High School.
School officials alerted the
girls Thursday that their pictures showed up on a Tumblr page.
The school’s response does not sound as supportive of the
victims as the students and their parents might hope:
Most of the pics show close ups
of girls’ backsides in yoga pants. Some
victims contacted KCCI upset that school officials had responded by criticizing
their choice in clothing.
“Instead of putting blame where
it should be, which is this little boy being a pervert, they are shaming little
girls into thinking it’s their fault for wearing yoga pants,” said Dhabolt.
The district does not agree with the characterization of
their response as unsupportive.
Read more on KCCI.
Do you think the district should handle this in-house as a
student disciplinary issue, or do you think law enforcement should be involved?
I vote for the former approach
(in-house).
Somehow the “security by design” team missed this?
Graham Cluley reports:
A mix-up involving two databases
allowed some users of a popular smart doorbell to view live footage from
complete strangers’ front porches.
Earlier this month, Android
Central began receiving reports from
some Ring Doorbell Pro users that they could view video feeds that were not
attached to their houses.
Read more on GrahamCluley.com.
Is “refusing to decrypt” a crime? Is he doing it at the advice of his
lawyer? Should lawyers advise anyone in
similar circumstances to comply with a decrypt order?
David Kravets reports:
US federal prosecutors urged a
federal appeals court late Monday to keep a child-porn suspect behind
bars—where he already has been for seven months—until he unlocks two hard
drives that the government claims contain kid smut.
The suspect, a Philadelphia
police sergeant relieved of his duties, has refused to unlock two hard drives
and has been in jail ever since a judge’s order seven months ago—and after
being found in contempt of court. The defendant can remain locked up until a
judge lifts the contempt order.
[….]
The suspect has not been charged with any child-porn related crimes,
yet he is imprisoned in Philadelphia’s Federal Detention Center for refusing to
decrypt two drives encrypted with Apple’s FileVault software in a case that
highlights the federal government’s war on encryption. A federal magistrate has ordered him
imprisoned “until such time that he fully
complies” with the decryption order. The man’s attorney, Federal Public Defender
Keith Donoghue, is demanding that the appeals court immediately release his
client from prison because he is being “held
without charges.” (PDF)
Read more on Ars
Technica.
What would happen if China did not understand the
technology or just didn’t like it? Would
we ever see these “executives” again?
China Quietly Targets U.S. Tech Companies in Security Reviews
Chinese authorities are quietly scrutinizing technology
products sold in China by Apple and other big foreign companies, focusing on
whether they pose potential security threats to the country and its consumers
and opening up a new front in an already tense relationship with Washington
over digital security.
Apple and other companies in recent months have been
subjected to reviews that target encryption and the data storage of tech
products, said people briefed on the reviews who spoke on the condition
of anonymity. In the reviews, Chinese
officials require executives or employees of the foreign tech companies to
answer questions about the products in person, according to these people.
Now who would expect privacy at a bus stop. (Me, for one)
Jackie Ward reports:
Hidden microphones that are
part of a clandestine government surveillance program that has been
operating around the Bay Area has been exposed.
Imagine standing at a bus stop,
talking to your friend and having your conversation recorded without you
knowing. It happens all the time, and the FBI doesn’t even need a warrant to do it.
Federal agents are planting
microphones to secretly record conversations.
Jeff Harp, a KPIX 5 security
analyst and former FBI special agent said, “They put microphones under rocks,
they put microphones in trees, they plant microphones in equipment. I mean, there’s microphones that are planted
in places that people don’t think about, because that’s the intent!”
FBI agents hid microphones inside
light fixtures and at a bus stop outside the Oakland Courthouse without a
warrant to record conversations, between March 2010 and January 2011.
Federal authorities are trying to
prove real estate investors in San Mateo and Alameda counties are guilty of bid
rigging and fraud and used these
recordings as evidence.
This is what I told my Computer Security class when we
talked about encryption.
Bjorn Carey of Stanford University writes:
Most people might not give telephone metadata – the
numbers you dial, the length of your calls – a second thought. Some
government officials probably view it as similarly trivial, which is why this
information can be obtained without a warrant.
But a new analysis by
Stanford computer scientists shows that it is possible to identify a person’s
private information – such as health details – from metadata alone. Additionally, following metadata “hops” from
one person’s communications can involve thousands of other people.
… The findings,
reported today in the Proceedings of the National Academy of Sciences,
provide the first empirical data on the privacy properties of telephone
metadata.
… One of the
government’s justifications for allowing law enforcement and national security
agencies to access metadata without warrants is the underlying belief that it’s
not sensitive information. This work
shows that assumption is not true.
… The study, “Evaluating the privacy properties of telephone
metadata”
Perspective.
Firefox’s market share is bigger than all Microsoft’s
browsers combined
Firefox now has more desktop users than both Microsoft’s
web browsers combined—but it’s a rivalry that is increasingly irrelevant as
Google Chrome has almost twice the share of Firefox and Microsoft together.
The latest figures from Statcounter show that Microsoft
Edge and Internet Explorer combined had a 15.5 percent share of worldwide
desktop browser usage in April, a decline from 15.8 percent in March.
… Firefox’s
share was just ahead of Microsoft’s, at 15.6 percent—but only by virtue of
having declined more slowly, from 15.7 percent in March.
Chrome’s share just keeps on climbing, to 60.5 percent in
April from 60.1 percent in March.
The only thing wrong with what politicians say is that
they insist on saying it out loud.
Dust-up in West Virginia about Economic Justice
Politicians have a knack for making some of the
dumbest statements. Hillary Clinton not only made one, but chose the worst
place to utter it.
Saying, “...we’re going to put a lot of coal miners and
coal companies out of business…” in a state that mines 10% of the nation’s
output of the fossil fuel seems comparable to some of Donald Trump’s many
foot-in-mouthisms.
The statement was taken out of context – Clinton did
indicate her administration would help prepare coal miners for different
careers – but specific solutions were neither offered nor alluded to beyond
unspecified retraining.
This technology is ready.
Is the insurance industry, law enforcement, etc. ready?
The Man Who Built Google’s First Self-Driving Car Is Now a
Trucker
… The nation’s
highways are slowly filling up with intelligent trucks. Silicon Valley start-up
Peloton has carried out tens of thousands of miles of tests of its efficient
platooning technologies in Texas and Utah, while Daimler has been conducting
trials of semi-autonomous trucks in Nevada.
Otto, which came
out of stealth today, is less interested in brand new trucks than in the
estimated 4.3m big rigs already on American roads. Otto has already bought and retro-fitted three
Volvo cabs with lidar, radar and cameras, and driven a handful of fully
autonomous miles — without even a safety driver — on the highways of Nevada.
(Related) See
cartoon number three for one more potential issue with self-driving cars.
Another “Sin Tax,” like the revenue from casinos and
lottery. I have no doubt most states
will follow the money.
Study Shows that States are Losing Billions by Not Legalizing
Marijuana
A new study says federal and state governments are missing
out on 28 billion dollars by not legalizing marijuana.
The study comes from the “Tax Foundation,” an independent
think tank.
Experts say most of that revenue would be from tax on pot.
Critics worry legalizing marijuana could lead to more drug
abuse and addiction.
But experts at the Tax Foundation say people who abuse
marijuana do so regardless of whether or not it's legal.
Tools when I need them.
Great Tools for Creating Screencasts - A PDF Handout
This could be valuable.
I’ll never miss the deadline to apply for tickets to the Great American
Beer Festival again!
5 Awesome Event Calendars to Always Know What’s Coming Up
… A few
event-tracking calendars will keep you updated about what’s happening across
various topics. For example, knowing
when the next episode is out can help you avoid Game of Thrones spoilers.
A new toy for my geeky friends.
Pint-Sized Raspberry Pi Zero Gains FPC Camera Connector,
Keeps $5 Price
Oh, I want one! We
could probably get plenty of funding to create a generalized version that could
be taught to teach.
What happened when a professor built a chatbot to be his
teaching assistant
To help with his class this spring, a Georgia Tech
professor hired Jill Watson, a teaching assistant unlike any other in the
world. Throughout the semester, she answered questions online for
students, relieving the professor’s overworked teaching staff.
But, in fact, Jill Watson was an artificial intelligence
bot.
Ashok Goel, a computer science professor, did not reveal
Watson’s true identity to students until after they’d turned in their
final exams.
… Now Goel is forming a business to bring the chatbot to the
wider world of education. While he
doesn’t foresee the chatbot replacing teaching assistants or professors, he
expects the chatbot’s question-answering abilities to be an invaluable asset
for massive online open courses, where students often drop out and generally
don’t receive the chance to engage with a human instructor. With more human-like interaction, Goel expects
online learning could become more appealing to students and lead to better
educational outcomes.
… As Goel looked for a technology that
could help, he settled on IBM Watson, which he had used for several other
projects. Watson, an artificial
intelligence system, was designed to answer questions, so it seemed like a
strong fit.
To train the system to answer questions correctly, Goel
fed it forum posts from the class’s previous semesters. This gave Jill an extensive background in
common questions and how they should be answered.
… The system is
only allowed to answer questions if it calculates that it is 97 percent or more
confident in its answer. Goel found that
was the threshold at which he could guarantee the system was accurate.
An App for my niece, “The Guitar Goddess”
Apple's new Music Memos app is instant gratification for musicians,
backing band included
… This simple app
is a new type of voice-memo recorder, built around capturing musical ideas,
giving them a slight polish, and sending the best ones on to a more powerful
music tool, such as Apple's own GarageBand or Logic Pro. It's completely free, and should be available on the App Store later today.
… It's what happens next that makes Music
Memos stand out from a standard memo-recording app. If you recorded some acoustic guitar or piano,
Music Memos analyses the audio input and attempts to chop your song demo into
bars, in the appropriate time signature, and then adds chord labels.
Cut, fold, glue, watch.
What could be easier?
YouTube for iOS Now Supports Google Cardboard
YouTube
for iOS has been updated today with Google Cardboard support, allowing for
all videos to be watched in VR mode on iPhone. The functionality was previously limited to
the YouTube app on Android smartphones since November 2015.
I have got to try this with my students!
No comments:
Post a Comment