Saturday, September 23, 2017

So, no vote counting systems were breached, in fact, most systems were merely scanned not breached, and the companies responsible for security of these systems asked DHS to keep their clients in the dark. Have I correctly de-obfuscated their statements?
U.S. Informs 21 States They Were Targeted By Attempted Russian Hacking
The Department of Homeland Security on Friday gave election officials in nearly two dozen states additional information on Russian targeting of their election systems last year, ending months of uncertainty among administrators about which states were targeted in a Kremlin-backed effort.
… DHS said it would leave it up to the states to disclose to the public whether they were targets of the Russian-backed campaign.
Officials previously have said no evidence of manipulated tallies has been found.
DHS cited the privacy rights of entities that contacted the DHS for help on cybersecurity-related issues for keeping state election officials in the dark, most of which were private-sector vendors who are contracted by state and local governments.
That left election officials in nearly a dozen states unaware of whether their state systems were targeted until Friday.
DHS officials agreed to make sure that the top state election officials were notified about breaches in the future, according to Stephen Reed, the director of communications at the National Association of Secretaries of State
… A DHS official said that most of the Russian activity involved scanning voting systems for possible weaknesses. In some cases, attempts to penetrate computer networks were unsuccessful. DHS said a “small number” of computer networks were successfully penetrated. None of the systems in question were involved in vote tallying, the official said.




Since we can automate this, the number does not surprise me.
1.4 Million Phishing Sites Are Created Monthly: Report
According to a new report, an average of 1.385 million unique new phishing sites are created every month, peaking at 2.3 million in May 2017. The majority of these are online and active for an average of just 4 to 8 hours. This combination of volume and brevity makes it effectively impossible to counter phishing -- especially targeted spear-phishing and whaling -- with block lists. By the time the site is included on a block list, the damage is done and the phishing site is no longer used.
Webroot's latest Quarterly Threat Trends (PDF) report chronicles the increasing sophistication and danger in targeted spear-phishing. According to the Verizon 2017 Data Breaches Investigation Report (DBIR), phishing was found in 90% of security breaches and incidents. And according to the FBI, phishing scams have cost American businesses almost $500 million per year over the last three years.




It is always thus. Trade security for convenience.
Walmart wants to walk into your home and put groceries in your refrigerator
On Friday, the retail giant announced a partnership with August Home, a smart-lock startup, that would allow a delivery person to enter customers' orders and put groceries away in their refrigerators.
The test will take place in Silicon Valley with a small number of August Home users who have opted into the service.
"Think about that — someone else does the shopping for you AND puts it all away," Sloan Eddleston, Walmart's vice president of e-commerce strategy and business operations, wrote in a blog post on Friday.
Eddleston laid out the step-by-step process of "in-fridge delivery" in the post.




Perspective. If it is true that you should buy on bad news, then bad news delivered by proven incompetent managers should cause a deluge of buy orders.
Equifax 'megabreach' creates opportunity for investors: Wells Fargo
Shares of credit reporting agency Equifax, the victim of a “megabreach” earlier this month, rose more than 6% on Friday, as Wells Fargo upgraded the stock to outperform.
Equifax ended the trading session on Friday at $105.04 per share, up $6.79, or 6.9%. As of the close Friday, it was still down more than 26% since the breach.
Wells Fargo said the severity of the hack, in combination with many of the resulting public relations nightmares – including an investigation into whether company executives engaged in insider trading – have created “an attractive entry point for this high-quality consumer credit franchise.” Despite the current bout of negative publicity, Wells Fargo believes Equifax’s core business will remain intact


(Related). $1.9 trillion in assets, revenue of $22.0 billion, net income of $5.8 billion. The paper clip budget is probably more than $100 million!
U.S. watchdog accused of going easy on Wells Fargo with $100M fine
The Consumer Financial Protection Bureau could have fined Wells Fargo in excess of $10 billion for its illegal sales practices but instead settled for $100 million, according to the agency’s internal documents released by congressional Republicans this week.
The CFPB also had evidence that the bank’s sales problems went back to at least 2006 — far earlier than the 2011 to 2016 timetable that Wells Fargo originally admitted to, the documents show.




Perspective. When I say “High Speed” Internet isn’t really High Speed, this is what I’m comparing it to.
Microsoft's subsea speed monster: A cable 16 million times faster than your broadband
Microsoft, Facebook and Telefonica have hit a key milestone in delivering their new trans-Atlantic subsea cable with a data capacity of 160 terabits per second.
… Microsoft boasts that its 160-terabit/s cable is 16 million times faster than your home broadband and could stream 71 million HD videos simultaneously. The cable contains eight pairs of fiber-optic threads wrapped in copper.




A “kind of” interesting article…
How Reddit Is Talking About The Trump Presidency


(Related). ...and a tool to do it yourself.
How The Internet Talks
… To get a sense of the language used on Reddit, we parsed every comment since late 2007 and built the tool above, which enables you to search for a word or phrase to see how its popularity has changed over time. We’ve updated the tool to include all comments through the end of July 2017.


No comments: