This time they took your free donut. Next time it could be your bank
account and they’ll take everything.
Dunkin'
Donuts accounts compromised in second credential stuffing attack in
three months
Dunkin' Donuts announced today that it was the
victim of a credential stuffing attack during which hackers gained
access to customer accounts.
This marks the second time in three months that
the coffee shop chain notifies users of account breaches following
credential stuffing attacks.
Credentials
stuffing is a cyber-security term that describes a type of
cyber-attack where hackers take combinations of usernames and
passwords leaked at other sites and use them to gain (illegal) access
on accounts on new sites.
Dunkin' Donuts reported a first
credential stuffing attack at the end of November (the actual
attack occurred on October 31). Today, the company reported a second
credential stuffing attack (attack happened on January 10).
Just like in the first, hackers used user
credentials leaked at other sites to gain entry to DD Perks rewards
accounts, which provide repeat customers with a way to earn points
and use them to get free beverages or discounts for other Dunkin'
Donuts products.
… Once hackers break into accounts, they
either exploit them by extracting personal information from accounts
and reselling the personal data to financial fraud operators, or they
sell access to the hacked accounts themselves.
This latter case is what's happening with Dunkin'
Donuts accounts, as hackers put up the hacked accounts for sale,
which are later bought by other persons that use the reward points
found in these accounts at Dunkin' Donuts shops to receive unearned
discounts and free beverages.
Compare to the 59,000 reported under the GDPR
rules.
6,500
Publicly Disclosed Data Breaches in 2018: Report
Both the number of reported breaches and that of
the compromised records have decreased compared to the previous year
(from 6,728 and 7.94 billion, respectively), but incidents continue
to be disclosed and the number of reported events might end up being
higher than in 2017, although the impacted records should remain
under 6 billion.
… According
to Risk Based Security’s latest Data Breach QuickView Report (PDF),
the Business sector was impacted the most last year, accounting for
66.2% of all the reported breaches and 65.8% of the exposed records.
Are we already fighting an undeclared Cyberwar?
Should we go ahead and admit it? What is the definition of a “Just”
Cyberwar?
Germany to
Let NATO Use its Cyber Skills
Germany
is to join the ranks of NATO countries making its cyber warfare
skills available to the alliance to help fight hacking and electronic
warfare, officials said on Thursday.
NATO
has designated
cyberspace as a conflict domain alongside land, sea and air and
says electronic attacks by the likes of Russia and China – but also
criminals and so-called "hacktivists" – are becoming more
frequent and more destructive.
German
officials used a meeting of defence ministers in Brussels on Thursday
to tell allies that Berlin would make its cyber capabilities
available, including
offensive elements.
… The
US, Britain, Denmark, the Netherlands and Estonia have all made their
offensive cyber weapons available to the alliance -- and announced it
publicly -- in the expectation that the threat of counterattack may
deter would-be aggressors.
How
should this work?
Jacqueline Howard reports:
A
pair of public health experts has called for Facebook to be more
transparent in the way it screens posts for suicide risk and to
follow certain ethical guidelines, including informed consent among
users.
The social media giant details its suicide prevention efforts online and says it has helped first responders conduct thousands of wellness checks globally, based on reports received through its efforts. The authors said Facebook’s trial to reduce death by suicide is “innovative” and that it deserves “commendation for its ambitious goal of using data science to advance public health.”
But the question remains: Should Facebook change the way it monitors users for suicide risk?
Read more on CNN.
GDPR
for the rest of the world? Can California learn how to do it?
Naomi Seddon and Merille Raagas of Littler write:
As a proposed Privacy Bill works its way through the New Zealand Parliament, key changes aim to strengthen the protection of confidential and personal information. The Bill is intended to replace prior law on the topic, modernizing privacy regulations and partially adopting provisions included in the European General Data Protection Regulation (GDPR).1
Among other amendments to the Bill, the Privacy Commissioner2 will have increased enforcement powers, including the ability to issue compliance notices to organizations—including private employers—to take specific steps to comply with privacy law, and the ability to approve or deny requests for access to personal information.
One of the most significant changes that the Bill proposes to introduce is a mandatory requirement to notify both the New Zealand Privacy Commissioner and the affected individual of a privacy breach.
Read more on Littler.
An
idea that would work in the US too?
How to
Navigate the Privacy Minefield in 2019
Dr. Maurice Coyle,
Chief Data Scientist at Trūata, explains both the necessity and
benefits of outsourcing anonymization to an independent third party
in a post GDPR world.
What AI should do for the US?
Defense
Department Releases Artificial Intelligence Strategy
On February 12, 2019 the Department of Defense
released a summary
and supplementary
fact sheet of its artificial intelligence strategy (“AI
Strategy”). The AI Strategy has been a couple of years in the
making as the Trump administration has scrutinized the relative
investments and advancements in artificial intelligence by the United
States, its allies and partners, and potential strategic competitors
such as China and Russia.
On the other hand, perhaps all the news is fake
and this AI produces truth?
New AI fake
text generator may be too dangerous to release, say creators
The creators of a revolutionary AI system that can
write news stories and works of fiction – dubbed “deepfakes for
text” – have taken the unusual step of not releasing their
research publicly, for fear of potential misuse.
OpenAI, an
nonprofit research company backed by Elon Musk, Reid Hoffman, Sam
Altman, and others, says its new AI model, called GPT2 is so good and
the risk of malicious use so high that it is breaking from its normal
practice of releasing the full research to the public in order to
allow more time to discuss the ramifications of the technological
breakthrough.
… From a research standpoint, GPT2 is
groundbreaking in two ways. One is its size, says Dario Amodei,
OpenAI’s research director. The models “were 12 times bigger,
and the dataset was 15 times bigger and much broader” than the
previous state-of-the-art AI model. It was trained on a dataset
containing about 10m articles, selected by trawling the social news
site Reddit for links with more than three votes. The vast
collection of text weighed in at 40 GB, enough to store about 35,000
copies of Moby Dick.
Perspective. A harsh way to look at it? A
response the National Enquirer would recognize.
Amazon
calls the socialists' bluff
Following months of complaints from the
progressive politicos who control local politics in New York City,
Amazon CEO Jeff Bezos abruptly canceled
plans to open the online retailer's new corporate headquarters branch
in Queens.
… Ocasio-Cortez, on
the other hand, was arguing against the economic development of a
region of Queens that abuts her congressional district. Along with
fellow naysayers such as state Sen. Mike Gianaris, D-Queens, she
attacked Amazon for bringing in too many jobs, potentially creating
higher standards of living in the area and perhaps also inflating
housing costs.
… Naturally, Ocasio-Cortez and friends have
taken a celebratory lap on Twitter and with the press to gloat. But
they are mostly revealing the financial fallacies behind their
thinking. Ocasio-Cortez, for example, told
the press that if New York was willing to "give away $3 billion
for this deal," then those investments could be used to hire
teachers or fix the subway.
Except that isn't how refundable tax credits work.
The loss of Amazon only saves New York about $325 million in cash
grants that had been destined for Amazon. The rest of the incentive
package comprised of tax savings that Amazon will not realize, money
it would not have had to pay, had it set up shop and paid roughly $10
billion in taxes over the next two decades.
Perspective. Open a virtual bank account, get a
real toaster?
Amazon
Moments lets developers reward customers with actual gifts, not just
virtual ones
Amazon
Moments — as it is called — will let developers create
actions — “moments” — that it wants users to perform — such
as watching several episodes of a series if its a streaming service;
or taking out a subscription if its a news site — and giving users
actual physical gifts in exchange for doing so.
The service is going
live in 100 countries today, Amazon said. Items that are
eligible to be gifted as part of the Moments scheme will come in a
catalogue — Amazon said that there are “millions” of products
in it already, both from Amazon and select third-party vendors —
and will sit alongside other kinds of products that incentivize users
to be more engaged in apps, games and other digital services such as
virtual currencies and gift cards.
Noble, but threatening? How is a scan “unlawful?”
Internet
Archive’s ebook loans face UK copyright challenge
The
Guardian UK – “The Society of Authors (SoA) is threatening
legal action against the Internet
Archive unless it stops what the writers’ body claimed is the
unauthorised lending of books unlawfully
scanned for its Open
Library. Set up in San Francisco 1996 to preserve pages
published on the internet, the Internet Archive also collects digital
books, offering borrowers access to hundreds of thousands of titles
through its Open Library arm. Some are out of copyright, but the
collection includes books from authors including AS Byatt, Kate
Atkinson, Hilary Mantel, William Boyd, Philip Pullman and Iain Banks
that are still in copyright and currently available to be borrowed in
the UK. According to its website, the organisation began digitising
books in 2005, because “not everyone has access to a public or
academic library with a good collection, so to provide universal
access we need to provide digital versions of books”. Today the
archive scans 1,000 books a day in 28 locations around the
world, through its book
scanning and book
drive programmes – with the “ultimate goal of [making] all
the published works of humankind available to everyone in the world”.
Users can borrow up to five books at a time, with each loan expiring
after two weeks.
The SoA, which represents more than 10,000 writers in the UK, called on the Internet Archive to “cease making available to UK users the unauthorised lending of scanned books” via Open Library. In an open letter, the SoA said that in the UK, all scanning and lending must be authorised by the copyright owner. Despite this, users in the UK are currently able to borrow scanned copies of physical books from Open Library. “That is a direct and actionable infringement of copyright,” said the SoA. “Authors are not sked for permission before their work appears on Open Library, and they do not receive ny royalties … We are calling on you to cease this practice, which … is unquestionably nlawful in the UK.”
Practice writing for the 21st Century!
(I’ll have to start one for Undergraduate and Graduate students.)
The Next
Student Blogging Challenge Starts Soon
Blogging can be a great way to get students
interested in writing and publishing their work for an audience. The
challenges of classroom blogging have always been coming up with
things for kids to write about and building an audience for your
students' work. The Edublogs Student Blogging Challenge addresses
both of those challenges. The next Edublogs
Student Blogging Challenge begins on March 3rd.
The Edublogs
Student Blogging Challenge provides weekly blogging suggestions
suitable for K-12 students. Every week students complete the
challenge then you can submit the URL of your students' posts to be
included in a larger Student Blogging Challenge form that other
participating classes can see. By submitting the URLs of your
students' work, you're providing them with an opportunity to get
feedback from other students and teachers who are participating the
challenge.
The Edublogs Student Blogging Challenge is open to
all K-12 classrooms. You do not have to use Edublogs in order to
participate in the challenge. Click
here to read the complete details of the challenge including how
to register.
(Related)
A Guide to
Blogging Terminology
1 comment:
ask anything at JustQuarry.com
Sarkari Results
Sarkari Results
Sarkari Results
Rojgar Results
aExamPaper
Sarkari Result is the most Trusted Latest Government jobs & Sarkari Result Portal for the job seekers. Sarkari Result Provided Updated instantly every moment regularly of all latest jobs Results, Answer keys, Admit Cards, Online form for Various Government Sarkari Exam, Exam Syllabus, Admission form updates related to job information. Through the website. you can get all the latest information of state or central level Government job in india. Sarkari Result provides PSU Jobs informations as well. Government giving enough opportunities to make a good and bright future in india.Sarkari result helps you to get all jobs in government sector.All Universities Admission, Results are Provided on time to time at Sarkari Result. Board Result of all state of india is available on this site. Sarkari Result Providing all the guidance about fill up the online form, Application fee and form submission. All process from start to end is available for the job seekers.Once the Student applied for the new job through the sarkari result. Now he just needs to be updated with the Sarkari Result to get the new information of announcement about exam date, Admit card,Call Letter, Answer key and finally the Result and Interview.
Post a Comment