Another attempt to find information for insider
trading?
Nick Hopkins reports:
One of the world’s “big four” accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients, the Guardian can reveal.
Deloitte, which is registered in London and has its global headquarters in New York, was the victim of a cybersecurity attack that went unnoticed for months.
One of the largest private firms in the US, which reported a record $37bn (£27.3bn) revenue last year, Deloitte provides auditing, tax consultancy and high-end cybersecurity advice to some of the world’s biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies.
Read more on The
Guardian, and then see
Brian Krebs’ report for additional details that dispute some of
Deloitte’s statements, perhaps?
Update. When you have lost faith in management
ability, offer the pretense of “retirement?” Say what you mean
(and we all know you mean), fire the bum!
The chief executive officer of Equifax retired
from the company after a data breach affecting approximately 143
million people was reported earlier this month.
Equifax’s board announced Richard Smith’s
retirement, which is effective Tuesday, in a statement that also
appointed an interim CEO.
No security by default? Probably as backwards as
it can be!
Catalin Cimpanu reports:
During the past year, there has been a surge in data breach reporting regarding Amazon S3 servers left accessible online, and which were exposing private information from all sorts of companies and their customers.
In almost all cases, the reason was that companies, through their staff, left Amazon S3 “buckets” configured to allow “public” access. This means that anyone with a link to the S3 server could access, view, or download its content.
Read more on BleepingComputer.
It’s pretty simple to determine what was wrong
based on the “fixes” management(?) immediately implements. Of
course, they may still lack the understanding needed to really
protect their data.
The SEC is
hiring more cybersecurity help after breach that may have allowed
hackers to profit from stock trades
… In the wake of the breach, the SEC is
immediately hiring additional personnel to aid in its cybersecurity
efforts, Clayton plans to tell the committee. “I also directed the
staff to enhance our escalation protocols for cybersecurity incidents
in order to enable greater agencywide visibility and understanding of
potential cyber vulnerabilities and attacks,” he plans to testify.
It’s hard to be Big Brother. Narrowing the
scope and eliminating pesky encryption makes the job far easier.
… In mid-July, Chinese
censors began blocking video chats and the sending of photographs
and other files using WhatsApp, and they stopped many voice chats, as
well. But most text messages on the app continued to go through
normally. The restrictions on video, audio chats and file sharing
were at least temporarily lifted after a few weeks.
WhatsApp now appears to have been broadly
disrupted in China, even for text messages, Nadim Kobeissi, an
applied cryptographer at Symbolic Software, a Paris-based research
start-up, said on Monday. The blocking of WhatsApp text messages
suggests that China’s censors may have developed specialized
software to interfere with such messages, which rely on an encryption
technology that is used by few services other than WhatsApp, he said.
“This is not the
typical technical method in which the Chinese government censors
something,” Mr. Kobeissi said. He added that his company’s
automated monitors had begun detecting disruptions of WhatsApp in
China on Wednesday, and that by Monday the blocking efforts were
comprehensive.
… The censorship has prompted many in China to
switch to communications methods that function smoothly and quickly
but that are easily monitored by the Chinese authorities, like the
WeChat app of the Chinese internet company Tencent, which is based in
Shenzhen.
Is anything that a President of the United States
says NOT newsworthy? The least they could do is point to the
news President Trump is attempting to distract us from (and
succeeding all too often).
Twitter
pledges to update public policies after Trump threatens North Korea
Twitter didn’t act to
remove President Donald Trump’s tweet threatening North Korea in
part because it is newsworthy, the
company said today. Twitter says it will update its public
guidance on what factors may lead to a tweet being pulled from the
platform — or allowed to stay on it — to include a consideration
of newsworthiness, as part of an effort to make the rules clearer to
users.
Okay, some people are more easily amused than I
am.
Paper –
Lawyers’ Abuse of Technology
by Sabrina
I. Pacifici on Sep 25, 2017
Preston, Cheryl B., Lawyers’ Abuse of Technology
(August 11, 2017). Cornell Law Review, Forthcoming; BYU Law Research
Paper No. 17-25. Available at SSRN: https://ssrn.com/abstract=3037079
“The Article is a thorough analysis of how
the current scheme for regulating lawyers has failed to
adapt to technology and why that failure is disastrous. It discusses
(1) why technology, electronic communications, and social media
require specialized attention in lawyer regulation, (2) what
mechanisms can be harnessed to meet this need, and (3)
the (sometimes entertaining) ways in which lawyers’ use of emails,
tweets, texts, social media, data storage, computerized research, and
so forth cross the lines of ethical and professional values.
The ABA recently amended the Model Rules to add the following
language to the Comment of Rule 1.1: “[A] lawyer should keep
abreast of changes in the law and its practice, including the
benefits and risks associated with relevant technology.” A few
lawyers are still behind in embracing the many technological tools
available to assist in their practice. Others are taking full
advantage of the benefits of technology – while turning a blind eye
to the significant ethical and professionalism risks. In an area
where the mistakes are easy to make and the resultant harms can be
extensive and severe, lawyers need to be warned and trained;
expectations need to be standardized, and those standards enforced.
The need for formal guidance on the lines between appropriate and
inappropriate electronic behavior is much more acute than the need
for training with respect to long recognized practice hazards. As
the recent ABA 20/20 Commission’s failures amply illustrate, the
ABA cannot be expected to address the risks of technology within any
reasonable time. While increasing pressure on the ABA to shore up
the Model Rules, bar associations must take action now. One option
is formal ethics opinions that a lawyers can research by
jurisdiction, if the lawyer is alert enough to ask questions. A
better option is a statement of best practices standards adopted by
state, local, and practice group bar associations. Some
jurisdictions already have professionalism and civility creeds, but
almost all of these are devoid of guidance on technology use, as well
as fraught with drafting and definitional problems. Standards need
to be rewritten to clarify the nuances of technology use and ethics.
This Article offers specific language to serve this purpose.”
Why we have so many Criminal Justice majors?
FBI
Releases 2016 Report On Crime In The United States
by Sabrina
I. Pacifici on Sep 25, 2017
“The Federal Bureau of Investigation today
released the 2016
edition of its Crime in the United States (CIUS) report, a part
of the FBI’s Uniform Crime Reports (UCR). The report, which covers
January-December 2016, reaffirms that the worrying violent crime
increase that began in 2015 after many years of decline was not an
isolated incident. The violent crime rate increased by 3.4 percent
nationwide in 2016, the largest single-year increase in 25 years.
The nationwide homicide rate increased by 7.9 percent, for a total
increase of more than 20 percent in the nationwide homicide rate
since 2014…
It probably won’t help my Spreadsheet class.
The
ultimate guide to searching CIA’s declassified archives
by Sabrina
I. Pacifici on Sep 25, 2017
Looking
to dig into the Agency’s 70 year history? Here’s where to start
Written by Emma
Best, Edited by JPat
Brown
“While the Agency deserves credit for compiling
a basic guide to searching their FOIA reading room, it still omits
information or leaves it spread out across the Agency’s
website. In one egregious example, the CIA
guide to searching the records lists only three content types
that users can search for, a review
of the metadata compiled by Data.World
reveals an addition ninety content types. This guide will tell you
everything you need to know to dive into CREST and start searching
like a pro.”
Free is good.
Get Office
365 for free
It's not a trial! Students and teachers are
eligible for Office 365 for Education, which includes Word, Excel,
PowerPoint, OneNote, and now Microsoft Teams, plus additional
classroom tools. All you need to get started is a valid school email
address. Get started.
Some free is better than others.
A Tribute
to Our Readers
Today and tomorrow, we are offering open access to
all of the articles, reports, videos, blogs, and essays we have
published on our site. We do this as a show of appreciation for our
readers, both old and new, without whom MIT SMR would
not exist. There’s over 30 years’ worth of material on the site,
so I encourage you to explore!
No comments:
Post a Comment