Trump expected to put agency heads in charge of cyber
security for their organizations
U.S. President Donald Trump on Tuesday postponed signing
an executive order that is expected to require the heads of government agencies
to play a more direct role in reviewing and managing risks to networks under
their control.
Trump, at a White House event with top officials to
discuss his order, said his initiative would “hold my Cabinet secretaries and agency heads accountable, totally
accountable, for the cyber security of their organizations.”
Why hackers succeed.
Think a global population of hackers looking at whatever catches their
fancy. Compare that to an infinite number
of monkeys pounding on typewriters.
Graham Cluley writes:
A security researcher has
described how he uncovered a severe security hole in dozens of different
Netgear routers, meaning that “hundreds of thousands, if not over a million”
devices could be at risk of having their admin passwords stolen by hackers.
Simon Kenin, a researcher at
Trustwave, has explained how sheer laziness on a
cold and rainy winter night stopped him from getting out of bed and going
downstairs to reboot his router.
Instead, he stayed under the
covers and investigated whether he could find a way to hack into the device’s
web admin panel, having forgotten the access password.
Shockingly, Kenin discovered that
all he had to do was send a simple web request to the router’s management
software to retrieve its admin password, using two security flaws previously disclosed on other Netgear routers back in 2014.
Read more on We
Live Security.
For my Computer Security students.
The State of Malware: 1 Billion Samples Under the Microscope
… Anti-virus firm
Malwarebytes examined almost 1 billion malware instances from June to November
2016. Data was drawn from nearly 100 million Windows and Android devices in
more than 200 countries, together with additional data from its own honeypots.
The ensuing report (PDF)
looked at six threat categories: ransomware, ad fraud malware, Android malware,
botnets, banking trojans, and adware.
The two standout malware categories are ransomware and ad
fraud. Malwarebytes suggests this indicates a growing trend among
cybercriminals -- the desire to realize monetary return as quickly and easily
as possible.
A Privacy perspective on the (potentially) new court?
FourthAmendment.com points us to two articles about how
Supreme Court nominee Gorsuch might impact privacy:
I hope liberals don’t just oppose Gorsuch just because
Trump nominated him. Remember that
conservatives can be very good friends when it comes to privacy. Then again, if they’re anti-abortion, this
might be a serious problem. So start
reading up, folks, and let’s see what opinions he’s written about privacy
issues of concern to you.
This is what my Data Management students will face.
The Flood of Data From IoT Is Powering New Opportunities —
for Some
… Recently,
Stephanie Jernigan, David Kiron, and I researched the effect that IoT is having
on organizations. A combination of
interview and survey responses from 1,480 managers resulted in a summary report
of this research, “Data
Sharing and Analytics Drive Success With IoT”.
The cost of investigation is a ‘loss.’ Will that transfer to individuals whose
accounts have been breached?
Carol Mongtgomery of Butler Snow LLP writes:
The Eleventh Circuit ruled last
week in a wrongful discharge turned Computer Fraud and Abuse Act (“CFAA”) case,
spinning the employee’s case against his employer on its head. The facts of Brown Jordan International, Inc. v. Carmicle stemmed
from the employment of Christopher Carmicle by Brown Jordan, a furniture
manufacturer. Carmicle was an executive
at Brown Jordan, but his relationship with the company deteriorated with the
hiring of a new CEO, Gene Moriarty. Moriarty
had doubts about Carmicle based on excessive entertainment expenses, and
Carmicle, in turn, had doubts about Moriarty’s trust in him.
In the year prior to Carmicle’s
termination, Brown Jordan switched to a new email service. This switch (and the corresponding provision
of a generic password—Password1—to all employees) was what Carmicle used to
investigate his suspicions of Moriarty and others. Over the course of several months, Carmicle
repeatedly hacked into the accounts of Brown Jordan employees, including his
superiors, and took hundreds of screenshots on his personal iPad.
Read more on JDSupra.
[From the
article:
Applying a plain language approach, and noting that “loss”
is defined in the disjunctive, the Eleventh Circuit held that there can be two
types of loss. While the first type
requires an interruption of service, the second type does not. Brown Jordan’s use of the consultants to
investigate the unauthorized access after the fact is sufficient to constitute
“loss” under CFAA.
Isn’t this just a ‘minimum wage’ taken to an extreme?
Indians Are Freaking Out Over Plans To Change The US
Visa System
India’s biggest technology companies lost more than $7
billion in market value in a single hour of trading Tuesday, after news
reports of proposals in the US to restrict the availability of skilled worker
visas for foreigners.
… On January 24,
Democratic Congresswoman Zoe Lofgren, whose district encompasses much of
Silicon Valley, introduced a new
bill that sought to reform the H-1B program. Her proposal — which is unlikely to be passed
by a Republican-led Congress — would more
than double the minimum annual wage for H-1B visa holders, from $60,000 to
$130,000.
Works for me!
Google Wins ‘Right to Be Forgotten’ Case in Japan
The
country’s top court says scrubbing search results could be seen as a
restriction on speech
All I have to say is, ‘Guard your pet pigs!’
Americans Are Eating So Much Bacon That Reserves Are at a
50-Year Low
The Trump cartoons are priceless.
The Enduring Humor of New Yorker Cartoons
In the wake of the November
election, election-related New Yorker cartoons (Clinton–
and Trump-specific)
have kept
people laughing and spreading the humor via social media.
Dilbert continues to explain how ‘automated lawyering’
will work.
No comments:
Post a Comment