From the this-can’t-be-good dept.,
Catalin Cimpanu reports:
Sensitive corporate data from
customers protected by Carbon Black endpoint detection and response (EDR)
solutions has been found on multiscanner services, according to an
investigation by DirectDefense, a provider of managed security strategies.
The shocking data leak has been
tied to an API key which DirectDefense claims it belongs to Carbon
Black Cb Response, a next-gen anti-malware EDR product.
Read more on Bleeping
Computer.
[From the
article:
EDR solutions work by managing lists of whitelisted files
and applications. When EDR products find
a new file not included in its database, they upload it to their cloud service,
which it would then upload it to a multiscanner service (think VirusTotal).
The EDR cloud would use the aggregated scan result from
this multiscanner service to decide if to whitelist or blacklist the file. The problem is that even if the EDR and
multiscanner rename the files using hashes, copies of those files are still saved on the multiscanner service.
Most of these multiscanners work on a pay-for-access
model, allowing anyone to access threat intelligence data on past scanned
files, and even download copies for
further analysis. This is
exactly how DirectDefense found the Carbon Black leak.
This is possible only in countries where more advanced technology
has been implemented nation-wide.
Kenya president takes strong lead in elections but opposition
says results hacked
NAIROBI — Kenya’s president, Uhura Kenyatta took what
appears to be an unassailable lead in elections, according to preliminary
results from Kenya’s election commission, but his opponent on Wednesday called
the results fraudulent, raising fears of political violence.
… But the morning after Tuesday’s elections,
Odinga called the outcome “a complete fraud,” outlining an elaborate hacking
scheme that he said dramatically manipulated the results. According to Odinga, a hacker used the login
information of a top election official, Chris Msando, who was mysteriously
murdered last month, to enter the country’s electoral database.
… The hacker, Odinga claimed, “took control of
the entire network” and dramatically altered the results.
The electoral commission said it was not prepared to
dismiss Odinga’s claim outright.
For my Ethical Hacking students. …or perhaps a picture of a picture of the
accountholder’s eye?
Bank of America, Samsung pilot iris-scan logins
by on
American Banker – “This month, Bank of America will begin
piloting technology from Samsung that lets customers log in to mobile banking
by taking a picture of their eye. The
pilot is part of a broader effort to gauge customers’ affinity for various forms of
biometric authentication, says Michelle Moore, head of digital banking at
Bank of America. “One thing we know we
need to work on with our customers is, even in today’s day and age of digital
natives, there are questions about safety and security,” she said. Biometric solutions are part of the answer. The bank is studying what other companies are
doing, inside and outside the financial industry, and it’s learning what
customers want. Moore says it is not
about chasing the next thing. Introducing
new biometrics tools helps to advance the bank in building a digital identity
for its customers that will make authentication easy…”
Almost what I tell my students. “Your job is to make your organization work
better.”
‘Every Business Is a Digital Business’
When Social Media turns anti-social?
ACLU sues Maine's governor for deleting Facebook comments and
blocking users
The American Civil Liberties Union of Maine today
announced that it
is suing Maine Gov. Paul LePage for deleting comments from his official
Facebook page that disagree with his viewpoints. The lawsuit, filed on behalf of two women who
say they’ve had their accounts blocked from further commenting on Gov. LePage’s
profile, claim the act is a form of censorship and violates the country’s free
speech protections.
… Today’s lawsuit
mirrors one filed
against President Donald Trump last month, which claims blocking users
based on difference of opinion is unconstitutional. The ACLU also filed a similar lawsuit against
Maryland Gov. Larry Hogan and Kentucky Gov. Matt Bevin last week for the
same reason as the case against Gov. LePage.
Huge companies and no one knows how to calculate sales
tax? The world continues to provide me
with more truly bad examples than I could ever use.
McDonald's, Walgreens hit with lawsuits over Cook County soda
pop tax
Two of the Chicago area's biggest corporate names are
being sued over allegedly bungling the rollout of Cook County's new
penny-per-ounce sweetened beverage tax, with Walgreens accused of taxing unsweetened beverages and
McDonald's accused of essentially taxing the tax.
McDonald's is allegedly adding the beverage tax to the
subtotal of orders before calculating other sales taxes, which, in turn,
results in overcharging of taxes, according to a lawsuit filed Tuesday in Cook
County Circuit Court. Meanwhile, a
Schaumburg resident alleges in a lawsuit filed Friday in Cook County that
Walgreens improperly charged the tax on unsweetened sparkling water.
Perspective.
Pew – State of the News Media 2017
by on
“Since 2004, Pew Research Center has issued an annual
report on key audience and economic indicators for a variety of sectors within
the U.S. news media industry. These data
speak to the shifting ways in which Americans seek out news and information,
how news organizations get their revenue, and the resources available to
American journalists as they seek to inform the public about important events
of the day. The press is sometimes
called the fourth branch of government, but in the U.S., it’s also very much a
business – one whose ability to serve the public is dependent on its ability to
attract eyeballs and dollars. Over the
years, the Center’s approach to these indicators has evolved along with the
industry, carefully considering the metrics, sectors and format in which the
data appear. This year, instead of a
single summary report, a series of fact sheets showcasing the most important
current and historical data points for each sector – in an easy-to-digest
format – will be rolled out a few at a time over the coming months. Listed here are the 2017 fact sheets
released so far, along with links to related reports that provide other angles
of analysis about the news media industry. (State of the News Media reports from
2004-2016 are archived as PDFs and available here.) Check back in the coming months as the
collection below grows – and in the years to come as these fact sheets continue
to be updated with the latest data…”
Isn’t it faster to read these?
(Related). Not sure
this is useful. If I want to read it, I
probably don’t care how long it takes me.
If I don’t want to read it, I don’t need this excuse.
… If you’re a slow
reader, a short book that you finish quickly might help you feel more motivated
than a long book that slows you down. Likewise, bringing a short book with you on a
long trip could leave you with nothing to do.
That’s where How
Long to Read comes in. Search for any book, and you’ll see some
basic information about it including the title, cover, author, and Amazon price. The site uses an average reading speed of 300
words per minute (WPM) for its estimates.
But you can make this more personal. On the right side, you’ll see a brief sample
of the book. Click the Start
Reading Speed Timer button below it, then read the sample as you would
a book. … After finishing the selection at your normal pace,
click the Stop button to get your customized reading time.
My students don’t use handwriting to take notes. If they want to record anything (which they
rarely do) they take a picture of the whiteboard or computer screen, or they
start their thumbs dancing on their smartphone “keyboards.”
No comments:
Post a Comment