Mobile carrier Three breached after huge customer database is
broken into to steal phones
British telecoms company Three has suffered a security
breach affecting a database containing information on 6 million customers.
The
incident, first reported by The Telegraph, involved people logging into a
customer database, upgrading customers' phones, then stealing the new handsets
and reselling them.
At least eight
handsets were stolen that way, though the exact number of customers
affected is unclear.
While the number of customers affected appears to be low
(judging by the number of handsets stolen), the suspects had access to a vast
database of up to 6 million customers — two-thirds of Three's
9 million customer base.
Nothing truly egregious here, I just miss talking about
Kim Dotcom. Hard to believe he’s being
quiet.
Zack Whittaker reports:
A hacker group claims to have
obtained source code and admin accounts for the file-sharing site Mega.nz,
formerly owned by internet entrepreneur Kim Dotcom.
The hacker group, known as the
Amn3s1a Team, told me by email that they had also obtained internal documents
from the company’s servers, by exploiting an escalation of privilege
vulnerability.
In total, there were seven email
addresses that are said to be associated with administrative Mega accounts,
thought to be the highest-level of access at the service.
Read more on ZDNet.
Say it ain’t so! Have
businesses in the US fallen so far that they have a strategy of fraud? What is trust worth? See the Volkswagen article, below.
Office Depot Accused Of Pushing Bogus Malware Removal
Services On Customers To Meet Sales Quotas
When services are provided for free, it's important to
evaluate whether or not there's a major caveat that comes along with it. According to an investigation by CBS News, the free "PC
Health" checkup provided by Office Depot carries a big
one: you could be encouraged to shell out money to fix a nonexistent problem.
If this sounds like a shady mechanic or cars salesman,
it's essentially the same thing. Office Depot is accused of telling customers
that there are serious issues on their PCs, such as installed malware, even when that's not
the case, and can charge them upwards of $180 for the privilege of
"removing" it.
This is why competitors are springing up!
SWIFT has not seen its last 'bank robbery'
… “The SWIFT board
of directors needs to arrive at the consensus that they must make changes to the
messaging system and its security,” says Kellermann. The financial institutions that use and
support the SWIFT system will have to spend more money to add the needed
security.
The amount of additional spending should not be crippling
for the participating banks. In the
finance sector, the typical security budget is 8 percent of the overall budget, confirms Kellermann. “They need
to spend more like 10 percent,” he says.
Part of the challenge in acquiring the added budget is
that CISOs are still reporting to the CIOs and don’t have a separate budget; that’s a governance issue across the
financial sector, explains Kellermann.
Loading up for next Quarter’s Computer Security class…
Tim Johnson reports:
The worldwide scourge of
cybercrime afflicted 689 million people in the past year, or more than twice
the population of the United States, a California anti-virus software maker
reported Wednesday.
Yet those hit by cybercrime often
remain complacent, even sharing their passwords with friends, says a survey from Norton by Symantec, the security
software maker.
Read more on McClatchyDC.
Another (Internet of) Thing not to be trusted?
How Light Bulbs Watch You Buy Groceries
… If shoppers
grant the store’s app access to their smartphone’s front-facing lens, the phone
can watch for the lights and use the pulses to pinpoint its location.
… Location
information is one of the most valuable types of data a retailer can gather
from its customers, says Joseph Turow, a professor of communications at the
University of Pennsylvania. (I interviewed Turow about
the future of retail surveillance last month.) If a retailer knows where you spent most of
your time inside of a store, it can follow up with discounts for a product you
looked at but didn’t buy—either after you’ve left the store, to encourage a
return trip, or even right as you’re lingering in the aisle, to nudge you to
buy it now. In the U.S., Target and Walmart are rumored to
use lighting technology to locate smartphone-toting shoppers, but aren’t
forthcoming about their plans.
It's easier than breaking the iPhone encryption…
iPhone Call Logs Easy Pickings on iCloud, Says Russian
Security Firm
Russian digital forensics firm ElcomSoft on Thursday
reported that Apple automatically uploads iPhone call logs to iCloud remote
servers, and that users have
no official way to disable this feature other than to completely switch off the
iCloud drive.
The data uploaded could include a list of all calls made
and received on an iOS device, as well as phone numbers, dates and times, and
duration, the firm said.
(Related) …so, perhaps the Russians could provide the data
Apple doesn’t want to?
New York DA vs Apple encryption: 'We need new federal law to
unlock 400 seized iPhones'
In a report released on Thursday at the launch of the Manhattan
DA's new cyberlab, Vance revealed there are now over 400 locked iPhones sitting
with New York County that could be used to investigate serious crimes if only Apple would or rather could help.
The full report can be found here.
Something for my geeks to elaborate on?
Fake news on Facebook is a real problem. These college
students came up with a fix in 36 hours.
… when De, an
international second-year master’s student at the University of Massachusetts
at Amherst, attended a hackathon at Princeton University this week with a
simple prompt to develop a technology project in 36 hours, she suggested to her
three teammates that they try to build an algorithm that authenticates what is
real and what is fake on Facebook.
And they were able to do it.
… They’ve called
it FiB.
Since the students developed it in only a day and a half
(and have classes and schoolwork to worry about), they’ve released it as
an “open-source project,” asking
anyone with development experience to help them improve it. The plugin is available for download to the
public, but the demand was so great that their limited operation couldn’t
handle it.
Should I believe that lying about emissions supported
23,000 jobs? Of course not. But not getting fined when you get caught
probably did.
Volkswagen to Cut 23,000 German Jobs as It Tries to Lift
Profits
… As it seeks to
recover from an
emissions cheating scandal, Volkswagen is trying to reduce the cost of
manufacturing cars that carry the VW badge, many of which are made in Germany
by a work force that effectively controls the company and has resisted job
cuts. The plan would lead to savings of
$3.9 billion a year, Volkswagen said on Friday.
My students tell me the same thing.
Cadillac president: Self-driving cars ‘spell the demise of
the traditional car industry’
Detroit grew rich and fat on the one-person, one-car ethos
of the American Dream. But new
technologies for driving won’t just change how we get from A to B — they’ll
also change how we pay for transportation.
(Related) Even the
little things change.
Volvo launches concierge app for on-demand refuelling, car
washing and more
Volvo has
announced the rollout of a new concierge service for its owners, which will
make everyday chores such as topping up with fuel an on demand, smartphone
activated service.
… Tap on a
service, and an authorised technician gets a one-time-use digital key to access
and start the car, so you don’t need to meet up and hand the keys over.
Once servicing is complete, the car can be delivered right
back to the spot you left it, delivered straight to you, or parked somewhere
else entirely, and the digital key locks the car before expiring.
“Imagine parking your car in the morning at work and when
you head home your car has been serviced, cleaned and refuelled. These are the kind of services we of want to
deliver to our customers”, explains Bjorn Annwall, Volvo’s Senior Vice
President of consumer experience.
(Related)
Pew study: One-quarter of Americans part of 'gig economy'
Approximately one-quarter of Americans have taken part in
the “gig economy” in the past year, according to a study released by Pew on Thursday.
(Related to that Related article)
Of course, President Obama did not favor (huge campaign
contributor) Google, any more than President Trump will un-friend (huge contributor
to the other side) Google. That would be
wrong.
Trump looks poised to overturn Obama policies that
favored Google
… Google had close
ties with outgoing Democratic President Barack Obama’s administration, and its
employees donated much more to defeated Democratic presidential candidate
Hillary Clinton than to the Republican Trump.
Not all “free” data should be shared freely. Another example of geo-fencing.
S Korea blocks Google export of map data
South Korea today rejected Google's request to export
government-supplied data for its global mapping service, arguing it would make
the country more vulnerable to attack by North Korea.
…
Google argues that the South Korean law is outdated and unfairly restricts the company from
providing a full range of mapping services, such as driving directions, public
transit information and satellite maps.
The US tech giant backed up its
complaint by claiming it could offer a wider range of services for isolated
North Korea -- including driving directions from the capital Pyongyang to the
country's main Yongbyon nuclear complex, and locations of the North's notorious
labour camps.
An interesting claim.
Musk Says Tesla’s Solar Shingles Will Cost Less Than a Dumb
Roof
… “So the basic
proposition will be: Would you like a roof that looks better than a normal
roof, lasts twice as long, costs less and—by the way—generates electricity?”
Musk said. “Why would you get anything
else?”
Rather than give them gifts, I give them lists of the gifts
someone else should buy them.
Damning with faint praise?
Python is one of the most polarizing
languages in the programming world. You
either love it or you hate it, and you might even swing from one end to the
other like a pendulum. But regardless,
Python is a language that’s hard to be ambivalent about.
Google added this to my Blog creation page. Since I do not add “other cookies” I’m
relying on Google to provide notice.
To see the notice if you’re outside of the EU, view your
blog and change the country code, for example blogspot.fr or blogspot.co.uk.
So, this blog would be found at : http://centennial-man.blogspot.co.uk/
No comments:
Post a Comment