What
is often worse than no encryption? Reliance on weak encryption.
South
African bank to replace 12m cards after employees stole master key
Postbank,
the banking division of South Africa's Post Office, has lost more
than $3.2 million from fraudulent transactions and will now have to
replace more than 12 million cards for its customers after employees
printed and then stole its master key.
The
Sunday
Times of South Africa,
the local news outlet that broke the story, said the incident took
place in December
2018
when someone printed the bank's master key on a piece of paper at its
old data center in the city of Pretoria.
The
bank suspects that employees are behind the breach, the news
publication said, citing an internal security audit they obtained
from a source in the bank.
The
master key is a 36-digit
code (encryption key) that allows its holder to decrypt the bank's
operations and even access and modify banking systems. It is also
used to generate keys for customer cards.
The
internal report said that between March and December 2019, the rogue
employees used the master key to access accounts and make more than
25,000 fraudulent transactions, stealing more than $3.2 million (56
million rand) from customer balances.
Following
the discovery of the breach, Postbank will now have to replace all
customer cards that have been generated with the master key, an
operation the bank suspects it would cost it more than one billion
rands (~$58 million).
A
significant opportunity for cost cutting. (Of course, this may be a
lie.) Besides, all this truthiness stuff is hard.
https://www.bespacific.com/facebook-now-says-it-wont-even-try-to-block-2020-election-disinformation/
Facebook
now says it won’t even try to block 2020 election disinformation
PCWorld
–
“Can you trust what you read on Facebook? No. And why not?
Because Facebook has now explicitly said that it will obey an
executive order from President Trump and will refuse to fact-check
misinformation and disinformation as American heads into the 2020
election. In April 2017, Facebook published a white
paper that
acknowledged the spread of “information operations” trying to
divide and deceive Americans, in response to accusations that
misinformation helped influence the 2016 U.S. elections. In
September 2017, Facebook chief security officer Alex Stamos
acknowledged
that
some of the accounts and Pages disseminating that information came
from within Russia. Common Cause, a watchdog group, filed
suit.
Then Facebook joined Twitter and Google, telling
Congress that
they would do better. On Thursday, in response to a request
by
the presidential campaign of Senator Joe Biden to stop the spread of
misinformation, Facebook threw in the towel. The company claimed
that a recent executive
order by
President Trump tied its hands. Facebook’s announcement came a day
before Twitter eliminated
thousands of accounts which
it claimed were tied to state disinformation campaigns…”
(Related)
The
Russian Disinfo Operation You Never Heard About
THE
INTERNET RESEARCH Agency
is infamous
for flooding mainstream
social media platforms with compelling disinformation campaigns. The
GRU, Russia's military intelligence agency, deploys strategic
data
leaks and
destabilizing
cyberattacks,
But in the recent history of Russia's online meddling, a third,
distinct entity may have been at work on many of the same
objectives—indicating that Russia's disinformation operations went
deeper than was publicly known until now.
Wait,
we’ll have it figured out any day now!
The
CCPA “Moving Target” One Month Before Privacy Enforcement Begins
… First,
the final regulations issued by the California Office of the
Attorney General were just released to the public on June 2, with a
request for expedited 30-business-day review by the California State
Office of Administrative Law (OAL). As the California Attorney
General’s Final Statement of Reasons acknowledges, the regulations
contain several requirements that go beyond the text of the law (see
below).[1]
Second,
the California Privacy Rights Act (CPRA) initiative[2], which would
significantly change the CCPA and make it very difficult to make
adjustments to the legislation in the future, has been submitted to
the California Secretary of State with more than 900,000 signatures.
(Related)
Just trying to figure out what all those words actually mean...
All
the Time and Money on California's New Privacy Law Wasted?
So
suggests IBM, fighting a lawsuit over the way that the Weather
Channel app collects and disseminates user location data.
As
owner of the Weather Channel app, IBM is fighting the contention made
by the L.A. City Attorney's Office that it has violated California's
unfair competition law by deceptively collecting private geolocation
data from users and selling it for profit. On June 11, IBM submitted
a motion for summary judgment that pointed to California's recent
enactment of the nation's most stringent data privacy statute.
… According
to defendants' summary judgment motion, users were informed that
geolocation data was being collected for transmission to third
parties. But those disclosures happened on an online privacy page.
"Plaintiff’s
case boils down to a claim that the UCL requires additional
disclosures in additional locations," IBM's lawyers at Quinn
Emanuel write. "Specifically, Plaintiff contends that the UCL
requires mobile app operators like Defendants to disclose 'all of
[their] material practices regarding their users’ location [or
other personal] data' in a 'mandatory screen or pop-up within the
App, to which users are required to consent prior to the collection
of any location [or other personal] data.'”
IBM
says that's not the law — that such requirements significantly
exceed the disclosures mandated by both the California Online Privacy
Protection Act and the California Consumer Privacy Act. As such, the
defendant says that what the L.A. City Attorney's Office is doing is
attempting to legislate through litigation.
Is
Kim Jung Un getting tougher or is this his sister’s idea?
North
Korea Blows Up Liaison Office Shared With South Korea
North
Korea on Tuesday blew up a building where its officials and their
South Korean counterparts had recently worked side by side,
dramatically signaling its displeasure with the South after weeks of
threats
to
end the countries’ recent détente.
South
Korean border guards heard an explosion and then saw smoke rising
from Kaesong, the North Korean town where the building was located.
The building appeared to be blown completely apart in a blast so
powerful that windows in nearby buildings were also shattered,
according to video footage from a South Korean surveillance camera on
the border.
The
South’s Unification Ministry confirmed that North Korea had
demolished the four-story glass-and-steel building that housed what
had been known as the joint
liaison office.
Hours later, the North’s official news agency said “the liaison
office was tragically ruined with a terrific explosion,” adding
that the
action reflected “the mind-set of the enraged people” of North
Korea.
No comments:
Post a Comment