Not my Centennial. Also, be careful what you say,
the data accessed looks important to me!
Travis Loose reports:
The Centennial School District on Friday announced a security breach within its student information systems. District officials do not currently believe any important student information was taken, however the investigation is ongoing.
Two Centennial High School students — a junior and senior, both under 18 — are responsible for data breach, school district spokeswoman Carol Fenstermacher told Patch in an email Friday. One of the students reportedly told authorities they did it to “show that the system could be hacked,” Fenstermacher said, but police are working to determine any specific or nefarious intent.
The district’s IT staff reportedly found the access points that were hacked by the students and has secured them, Fenstermacher said. Law enforcement is determining the full extent of the breach and figuring what, if anything, was taken.
Read more on Patch.
[From
the article:
Fenstermacher said the hackers were able to access
the names, birthdates, addresses, schools and grade levels, phone
numbers, student IDs, and demographic information of all current and
former Centennial School District students.
What were they (not) thinking?
I tweeted about this breach disclosure earlier
today after Zack Whittaker called everyone’s attention to it, and I
am glad to see that Catalin has written the matter up:
In a data breach notification letter submitted to the Office of the Attorney General for the state of California, a makeup product vendor said it could not fully assess the impact of a recent card security breach due to a lack of backups.
[…] Beautyblender started investigating the incident after two customers complained about fraudulent transactions on credit cards used on the site.
[…] “Unfortunately, due to the lack of backups of the website that were available from the website hosting company, beautyblender has been unable to confirm the date that the malware was placed on the website.”
Their
last backup was in April, 2015. Ugh.
Read more on BleepingComputer.
North Korea needs hard currency.
Monero
Miner Sends Cryptocurrency to North Korean University
An
application compiled just weeks ago was found to be an installer for
a Monero miner designed to send the mined currency to a North Korean
university, AlienVault reports.
The
application’s developers, however, might not be of North Korean
origins themselves, the security researchers say. They also suggest
that the tool could either be only an experimental application or
could attempt to trick researchers by connecting to Kim Il Sung
University in Pyongyang, North Korea.
Still trust this vendor?
Hardcoded
Backdoor Found on Western Digital Storage Devices
… Discovered
by GulfTech security researcher James Bercegay, the security flaws
could be exploited to achieve remote root code execution on the
affected WD My Cloud personal cloud storage units (the device is
currently the best-selling NAS (network attached storage) device on
Amazon).
One
of the most important security issues the researcher found
was an unrestricted file upload vulnerability created by the “misuse
and misunderstanding of the PHP gethostbyaddr()
function,” the researcher says.
Definitely an article for my Computer Security
student toolkit!
Perhaps you’re an office manager tasked with
setting up a new email system for your nonprofit, or maybe you’re a
legal secretary for a small firm and you’ve been asked to choose an
app for scanning sensitive documents: you might be wondering how you
can even begin to assess a tool as “safe enough to use.” This
post will help you think about how to approach the problem and select
the right vendor.
Something for my researching students?
New guide
helps journalists, researchers investigate misinformation, memes and
trolling
“Recent scandals about the role of social media
in key political events in the US, UK and other European countries
over the past couple of years have underscored the need to understand
the interactions between digital platforms, misleading information
and propaganda, and their influence on collective life in
democracies. In response to this, the Public
Data Lab and First
Draft collaborated last year to develop a free,
open-access guide to help students, journalists and
researchers investigate misleading and viral content, memes and
trolling practices online. Released today, the
five chapters of the guide describe a series of research
protocols or “recipes” that can be used to trace trolling
practices, the ways false viral news and memes circulate online, and
the commercial underpinnings of problematic content. Each recipe
provides an accessible overview of the key steps, methods, techniques
and datasets used. The
guide will be most useful to digitally savvy and social media
literate students, journalists and researchers. However, the recipes
range from easy formulae that can be executed without much technical
knowledge other than a working understanding of tools such as
BuzzSumo and the CrowdTangle browser extension, to ones that draw on
more advanced computational techniques. Where possible, we try to
offer the recipes in both variants…”
Perspective.
Tech’s
Enormous Scale: Samsung Now Outspends Exxon and Shell Combined
Samsung Electronics Co. spent more money on
capital expenditures last year than any other publicly traded
company, offering a dramatic example of how technology and telecom
firms have driven an uptick in global manufacturing investment.
The South Korean tech giant invested $44 billion
to build or expand new facilities making semiconductors, displays and
other products, according to S&P Global Market Intelligence
estimates.
Always an amusing argument.
… Both conservatives and progressives invoke
“consumer welfare” as antitrust’s core concern, but they offer
divergent interpretations of this concept. Guided by the late Robert
Bork’s seminal work, The Antitrust Paradox, conservatives
invoke a total welfare standard that regards efficiency-enhancing
mergers as presumptively legitimate, no matter how those gains are
allocated between consumers and producers. For their part,
progressives also focus on the consequences for consumers, but employ
a broader understanding of consumer welfare that encompasses quality,
innovation, and choice as well as price.
Recently, a third stance has entered the fray.
Populists regard the consumer welfare standard as inadequate, because
it pays no attention to the political dimension of antitrust — in
particular, to the connection between economic concentration and
corporate political power. Reflecting a tradition extending back a
century to the thought of Louis D. Brandeis, populists believe that a
multiplicity of businesses is preferable to a small number of large
firms — for the health of local communities as well as economic
sectors — even if consumers pay higher prices.
(Related).
NYU professor Scott Galloway talks about the
pervasive influence of Big Tech – both good and bad – in his new
book.
For my geeks who Pi.
No comments:
Post a Comment