I’m surprised it took them almost two years to do this.
Bangladesh
to Sue Philippine Bank Over $81M Cyber Heist
Unidentified
hackers
stole $81 million from the Bangladesh central bank's account with
the US Federal Reserve in New York in February 2016.
The
money was then transferred to a Manila branch of the Rizal Commercial
Banking Corp (RCBC), swiftly withdrawn and laundered through local
casinos.
A
case will be filed
against RCBC and "all others" involved in the heist to
try and retrieve the stolen funds, Bangladesh central bank governor
Fazle Kabir told AFP.
… The
Philippines in 2016 imposed a record $21 million fine on RCBC after
investigating its role in the audacious cyber heist.
The
bank has rejected the allegations and in 2017 accused
Bangladesh's central bank of a "massive cover-up".
This
month ex-RCBC manager Maia Deguito was handed a lengthy jail term and
$109 million in fines in the first conviction over the massive theft.
… The
theft exposed the Philippines as a haven for dirty money, where some
of the world's strictest bank secrecy laws protect account holders
from scrutiny
The
hackers
bombarded the US Federal Reserve with dozens of transfer requests,
attempting to steal a further $850 million.
But
the bank's security systems and typing
errors in some requests prevented the full theft.
Something
my Computer Security students need to consider.
Businesses
Are Finding Out That Cyber Insurance Coverage Might Not Be What They
Thought
… Evidence is building that many of these
cyber insurance policies might be close to worthless, as insurance
companies look for any excuse possible to avoid paying out the full
amount of a claim.
One of the most extensive studies on the state of
cyber insurance coverage comes from Mactavish, the UK’s leading
expert on insurance governance. The company recently launched its
own Cyber Risk Consulting Practice, and sought to determine the
current parameters of the cyber insurance market. What they found
was disappointing, to say the least. Overall, there were at
least eight major flaws in how cyber insurance coverage is
determined and eventually paid out. What insurance covers can be
very confusing.
The leading flaw, according to Mactavish, is that
most insurance claims are limited to attacks and unauthorized
activity, and do not include coverage from accidental errors and
omissions. Thus, when deciding whether or not to pay out a claim, an
insurance company could simply point to a factor like human error and
refuse to pay out the claim for a hacked computer system.
...and
we’re probably not done yet!
Hackers Are
Passing Around a Megaleak of 2.2 Billion Records
… Earlier this month, security researcher Troy
Hunt identified
the first tranche of that mega-dump, named
Collection #1 by its anonymous creator, a set of cobbled-together
breached databases Hunt said represented 773 million unique usernames
and passwords. Now other researchers have obtained and analyzed an
additional vast database called Collections #2–5, which amounts to
845 gigabytes of stolen data and 25 billion records in all. After
accounting for duplicates, analysts at the Hasso Plattner Institute
in Potsdam, Germany, found that the total haul represents close to
three times the Collection #1 batch.
Wait until the GDPR hits these companies.
Cheap
Internet of Things gadgets betray you even after you toss them in the
trash
… Although these so-called Internet of Things
gadgets are small and rather dumb, they’re still full-fledged
networked computers for all intents and purposes. You may not need
to do much, but you still need to take many of the same basic
precautions to prevent them from, say, broadcasting your private
information unencrypted to the world, or granting root access to
anyone walking by.
In the case of these low-cost “smart” bulbs
investigated by Limited Results (via Hack
a Day), the issue isn’t what they do while connected
but what they keep onboard their tiny brains, and how.
All the bulbs they tested proved
to have no real security at all protecting the information
kept on the chips inside. After exposing the PCBs, they attached a
few leads and in a moment each device would spit out its boot data
and be ready to take commands.
The data was without exception totally
unencrypted, including the wireless password to the network to which
the device had been connected. One device also exposed its private
RSA key, used to create secure connections to whatever servers it
connects to (for example to check for updates, upload user data to
the cloud and so on). This information would be available to anyone
who grabbed this bulb out of the trash, or stole it from an outdoor
fixture or bought it secondhand.
I don’t see this as illegal or immoral. We
should probably start an organization to do this that is not aligned
with any government. Recruit my Ethical Hacking students.
Special
Report: Inside the UAE’s secret hacking team of U.S. mercenaries
No one thought this was illegal? Selling the lie
is illegal, buying the lie is not?
First on
CNN: NY Attorney General targets fake social media activity
A company that brought in millions of dollars in
revenue by creating fake social media posts and comments has settled
a case with the state of New York after a probe exposed its
activities. It's the first
finding by a law enforcement agency indicating that such activity
constitutes illegal deception and illegal impersonation,
according to the state's top attorney.
The New York Attorney General's office is making
it clear that, in its view, selling fake social media activity in the
state is illegal.
… The settlement between Devumi and the state
of New York does not address whether the activity of Devumi's
customers is also illegal.
Perspective. Lots of data and some graphics to
make it understandable.
Digital
trends 2019: Every single stat you need to know about the internet
We Are Social and
Hootsuite’s latest collection of Global Digital reports reveals
that internet users are growing by an average of more
than one million new users every day, with all of
the original ‘Next Billion Users’ now online.
A simple intro with pointers to other resources.
An intro to
artificial intelligence for the average human (you)
[Also
see: SAS Software's complete
guide to artificial intelligence
Could be a useful tool.
CleverPDF
Offers 20 Ways to Work With PDFs in Other Formats
CleverPDF
is a free service
that anyone can use to convert a PDF into a Word document, a Pages
file, or an ePub file. That's just the tip of the iceberg of what's
on offer from CleverPDF. The service can be used to create
PowerPoint slides, Keynote slides, images, Numbers, and Excel files.
In addition to turning existing PDFs into other
formats, CleverPDF
can be used to convert other files into PDFs. For example, you can
use CleverPDF to create PDFs from Word, PPTX, Excel, and images.
And if you already have a PDF, but need to modify
it, CleverPDF
has tools for that too. CleverPDF will let you combine PDFs, split
PDFs, apply watermarks to your PDFs, and encrypt your PDFs.
I used CleverPDF
to convert one of my PDFs into a Word document today. It was quick
and easy. I didn't have to register on the site or enter my email
address in order to convert my PDF and then download the Word
document.
...and you don’t even need leather pants!
Harley-Davidson
reveals 2 new electric concepts that would not require a motorcycle
license
… According to a news release from H-D, “these
concepts explore the potential of urban mobility and two-wheeled
adoption.” Also noted, the “goal for the concepts is to not
require a motorcycle license to operate and feature twist and go
operation; lowering the learning curve and expanding the opportunity
to riders and aspiring riders everywhere in the process.”
No comments:
Post a Comment