Maria Nikolova reports:
More than a month has passed
since Japanese provider of payment processing services GMO Payment Gateway Inc confirmed
that personal data leakage that had affected the websites of two of its clients
– the Tokyo Metropolitan Government and the Japan Housing Finance Agency.
[…]
At the end of last week, GMO
Payment Gateway updated the numbers for the data leaked, referring to “doubling of information”.
Read more on FinanceFeeds.
[From the
article:
According to the initial assessments, the number of “units of information” leaked through the
Tokyo Metropolitan Government website was 676,290, including 614,629 email
addresses, as well as 61,661 credit card numbers and credit card expiration
dates. The number of “units” of credit
card information reportedly leaked from the Japan Housing Finance Agency was
43,540, including credit card numbers, credit card expiration dates, security
codes, credit card payment registration dates, addresses, email addresses,
names, phone numbers, as well as dates of birth and payment joining dates. The revised data lowers the numbers nearly two
times.
Another oft repeated meme. “Hey!
Let’s put all of the data on a portable device without encryption and
then leave it in the car!”
Aaron Gould Sheinin reports on yet another breach
involving Georgia voters’ information:
State officials are investigating
the theft last week of equipment from a Cobb County precinct manager’s car that
could make every Georgia voters’
personal information vulnerable to theft.
The equipment, used to check-in
voters at the polls, was stolen Saturday evening, Secretary of State Brian Kemp
said Monday.
Read more on AJC.
Sources for my Computer Security students.
Cybercrime diaries: All the hacks and data breaches in one
place
Global cybercrime damages are predicted to exceed $6 trillion annually by
2021, up from $3 trillion in 2015. The first quarter cybercrime diaries,
published by Cybersecurity Ventures, have hit the stands, breaking down
cybercriminal activity by category.
Reading through the diaries, one might wonder if the $6
trillion figure is an underestimate. The
cybercrime diaries are a series of blogs that provide CIOs, CSOs, CISOs and IT
security teams with bulleted datelines and high-level summary commentary on the
most noteworthy cybercriminal activity in a quarterly period.
Cyberwarfare.com diary
Data Breach Report diary.
Hack Blotter diary.
Password News diary.
Talking points for my Computer Security students.
How CISOs can explain privacy to the C-suite
… It’s the CISO’s role to help inform the
C-suite, investors and board of directors about potential security.
If CISOs are wondering where to start, Malcolm Harkins,
chief security and trust officer at Cylance and Ruby Zefo, vice president of
the Law and Policy Group at Intel Corporation have put together four privacy
and security topics to talk with stakeholders about.
1.
Privacy is not equal to security
2.
Blind spots do exist:
3.
Prep execs for tough questions
4.
BYOD and monitoring:
Not ‘amateur’ surveillance.
Lorenzo Franceschi-Bicchierai and Joseph Cox report:
Morgan Marquis-Boire is a
security researcher who has spent months digging into the consumer spyware industry,
and has seen it used in domestic violence cases first hand. He has also spent years researching spyware
used by governments. For him, the
former kind of surveillance, which can be also called stalkerware or
spouseware, deserves more attention because it’s more common and widespread
than many may think, and “the victims are everyday people,” he said.
Sophisticated government malware
or cyberattacks on individuals are like “a rare bloodborne pathogen,” whereas
consumer spyware is more like “the common cold” or flu. It’s not as exotic, but “it does kill a lot of
people every year,” Marquis-Boire told Motherboard.
Read more on Motherboard.
When Troy goes on a rant, he is fun to read!
Mandatory ISP data retention and the law of unintended
consequences
Well, good one Australia, UK and whoever else has embarked
on this hare-brained scheme, you've just made things a whole lot worse. Our respective governments (in all their
ivory-towered wisdom), have decided that because one of us could one day decide
to become a terrorist, they'd better keep a big whack of our internet browsing
history just in case. The theory these
genius policy makers have is that if they can probe into all our lives far
enough, they'll be able to see when we're doing terrorist kinda stuff. And really, what better way is there than
siphoning up info on the websites we go to? Job done, beer o'clock, glad we solved that
one.
In the UK, you have to be able to Follow your car’s
directions! (Obey your computer
overlords?)
U.K. driving tests will soon add GPS navigation as a required
skill
If your car doesn’t already have GPS navigation technology
built directly into the dashboard, then you probably at least have a smartphone
mount for your windshield so you can use Google Maps for turn-by-turn
directions. Put simply, if you own a
car, computer-based navigation likely plays a central role in your
journeys.
And this is why the U.K.
government will soon require all learner drivers to follow directions from a
sat nav as part of their driving test. The Driver and Vehicle Standards Agency
(DVSA) will provide all driving examiners with a sat nav unit to give to
budding drivers for their test — but this isn’t about having an ability to
search for a route through a sat nav, it’s purely
about being able to follow directions. From December 4, 2017, learners will be
expected to follow a pre-set route provided by the examiner.
(Related).
Turns Out, a Horrifying Number of People Use Their Phones
While Driving
… a new study
indicates that damn near everybody uses their phone while behind the wheel,
damn near all the time. Using sensor
data from more than 3 million drivers and 5.6 billion miles of trips, driving
analytics company Zendrive
found drivers are using their phones on 88 percent of their journeys. The average driver spends 3.5 minutes on the
phone per one hour trip, a stat that sounds worse when you realize just a
two-second distraction increases
your risk of crashing by 20 percent.
Model laws?
Mike Maharrey writes:
On Friday, Montana Gov. Steve
Bullock signed two bills into law that will increase privacy protections in the
state and hinder at least two federal surveillance programs. The new laws will ban warrantless collection
of data from an electronic device in most situations, and limit the use of
Automated License Plate Readers (ALPRs) in the state.
Read more on Tenth
Amendment Center.
Montana is looking more and more attractive these days,
isn’t it?
A reaction to potential federal crackdown?
Ariana Rakhshani reports:
Some worried about the federal
implications of marijuana are rejoicing.
Governor Kate Brown signed a bill protecting those who shop at pot retailers. Dispensaries have been required to keep
customers’ personal information; it allowed the state to audit dispensaries to
make sure they were only selling the legal amount to someone within a 24 hour
period.
Now, dispensaries are not allowed
to keep any personal information.
Read more on KTVL.
Perspective. For
those who can’t read?
Netflix Touts U.S. Growth—and the Market Believes It
Can Netflix keep
adding U.S. subscribers quarter after quarter? The company's CEO seems to think so, painting
a rosy picture of growth even as the streaming service hits 50 million
customers and faces stiff competition from Amazon.
… In a letter to investors and in the video,
Netflix also dropped other nuggets of good news. These included claims that the much-hyped Dave
Chappelle exclusive, which premiered in March, was the "most viewed comedy
special ever," and that subscribers have spent more than half a billion
hours "enjoying" specials involving actor Adam Sandler.
(Related). A different
number?
Netflix Nears 100 Million Subscribers, But Q1 Gains Fall
Short of Expectations
Netflix added fewer subscribers than expected for the
first three months of 2017, while the No. 1 subscription-video provider said it
will surpass the 100-million mark this coming weekend.
… In 2017, the
company plans to spend more than $1 billion marketing its content, Netflix said
in the shareholder letter.
Perspective. For
those who can read.
Amazon expands its literary horizons, making big imprint in
translation niche
The literary translation community in the U.S. has a
tradition of being highbrow, a carefully tended yet narrow reflection of the
stirrings of global culture beyond the Anglosphere.
Then Amazon.com jumped in, like a whale into a koi pond.
… AmazonCrossing, the
publishing unit devoted to scouring the world for good tales, has in a short
time become the most prominent interpreter of foreign fiction into English,
accounting for 10 percent of all
translations in 2016, more than any other publishing house in a field
populated by small imprints.
… Yet Amazon’s shine has been
tarnished by a contentious relationship with New York publishing houses,
bookstores and some authors. Many
bookstores — hurt by the online retailer’s dominance in book sales and its
pricing power — have boycotted titles published by Amazon. They’re also less likely to get reviewed by
the traditional literary outlets, experts say.
This could be amusing just for the potential comparisons!
Steve Ballmer Serves Up a Fascinating Data Trove
… On Tuesday, Mr.
Ballmer plans to make public a database and a report that he and a small army
of economists, professors and other professionals have been assembling as part
of a stealth start-up over the last three years called USAFacts. The database is perhaps the first nonpartisan
effort to create a fully integrated look at revenue and spending across
federal, state and local governments.
… Using his
website, USAFacts.org, a
person could look up just about anything: How much revenue do airports take in
and spend? What percentage of overall
tax revenue is paid by corporations?
For my geeks.
If you’re thinking of learning Python, you might be
overwhelmed by the initial setup process. You need to install Python on your system,
then learn how to use the command line to process code, or learn how to use the
interactive shell, or learn how to set up a Python IDE.
Ignore all of that. It’s unnecessary until you know whether Python is right for you.
Instead, we recommend using an online interactive shell,
which is just a website that lets you write and execute Python code and
instantly see the results. No need to
install anything.
Worth a look?
No comments:
Post a Comment