Thousands
of TalkTalk and Post Office customers have had their internet access cut by an
attack targeting certain types of internet routers. A spokeswoman for the Post
Office told the BBC that the problem began on Sunday and had affected about
100,000 of its customers. Talk Talk also confirmed that some of its customers
had been affected, and it was working on a fix. It is not yet known who is
responsible for the attack. Earlier in the week, Germany's Deutsche Telekom
revealed that up to 900,000 of its customers had lost their internet connection
as a result of the attack. It involves the use of a modified form of the Mirai
worm - a type of malware that is spread via hijacked computers, which causes
damage to equipment powered by Linux-based operating systems. Mirai was also
involved in an earlier attack that caused several of the world's leading
websites to become inaccessible, including Spotify, Twitter and Reddit. Several
models of router are vulnerable to the latest cyber-assault, including the
Zyxel AMG1302, which is used by the Post Office
PAC raises “serious concerns” about HMRC's digital plans
Defence votes no to enterprise agreement for a third time
PAC raises “serious concerns” about HMRC's digital plans
Defence votes no to enterprise agreement for a third time
ATO deploys Alex aka Sarsha a talking "Siri for tax" digital assistant you can talk to - Report on the ATO's official unveiling of a software to implement a virtual assistant called Alex in the style of Siri to allow people to serve themselves
Cybercriminals
“In an exclusive interview in Russia with Yahoo Global News Anchor Katie Couric, Edward Snowden, the fugitive whistleblower who leaked information about U.S. surveillance activities, says he is “kind of encouraged” by the idea that Russian President Vladimir Putin might return him to the U.S. to stand trial because that would show the world he’s not a spy and Russia “doesn’t own me.” But he also acknowledged he isn’t eager to return home to face U.S. justice, saying such a prospect “would be a threat to my liberty and to my life.” Speaking for 90 minutes in a Moscow hotel room, Snowden — calm and completely unrepentant — also took new swipes at top U.S. intelligence officials, claiming they have accused him of damaging national security only because they were “embarrassed” by his disclosures of classified National Security Agency documents and worried about their “reputations.”” This link includes a slideshow and the actual video interview
Lew Taishoff, NOTICING THE WEB. “Judge Wherry reminds us that government agencies have websites.”
IRS, Security Summit Partners, Remind Taxpayers to Protect Themselves Online (IRS). “Scammers, hackers and identity thieves are looking to steal taxpayers’ personal information and ultimately their money. But, there are simple steps taxpayers can take to help protect themselves, like keeping computer software up-to-date and being cautious about giving out their personal information.”
Annette Nellen, Virtual currency – recent tax matters. “IRS concerns include no information reporting for the transactions, articles about people using bitcoin to avoid tax reporting, exchanging money for virtual currency through foreign banks, and use for crimes including money laundering.”
End the Corporate Shell Games
Pilgrim castigated the bank for continuing to give the boss of the mortgage agency full access to his former employee’s personal account details in CommSee, even after he notified head office of the potential conflict of interest, and asked for her loans to be taken off his mortgage book CBA salesman monitored ex-workers data during unfair dismissal case
Former Atlassian security chief takes role cyber growth centre
The U.S.
Department of Defence has turned to well-intentioned hackers and independent
security researchers to help the government agency find software bugs and
vulnerabilities in its computer systems. But in Canada, the government appears
to still have no formal policy or public guidelines, which makes it difficult for
those who do find flaws to know what to do, or how the government might
respond.
Daily cyber attacks mean it is time to collaborate for what threatens to be a long battle
From cybercrime to cyber warfare: Australia woefully unprepared
Judge forces Coinbase to hand over years’ worth of user data to IRS ars technica Bitcoin = prosecution future
The ABA Journal has released its annual list of the Top 100 Blawgs. I am delighted that five members of our Law Professor Blogs Networkare honored:- Brian Leiter’s Law School Reports, by Brian Leiter (Chicago)
- Constitutional Law Prof Blog, by Steven Schwinn (John Marshall) & Ruthann Robson (CUNY)
- EvidenceProf Blog, Colin Miller (South Carolina)
- The Legal Whiteboard, by Bill Henderson (Indiana) Jeff Lipshaw (Suffolk) & Jerry Organ (St Thomas)
- Race and the Law Prof Blog, by Sahar Aziz (Texas A&M), Khaled Beydoun (Barry), Atiba Ellis (West Virginia), Brant Lee (Akron), Ediberto Román (Florida International) & Nareissa Smith (North Carolina)
Three members of our Law Professor Blogs Network are in the ABA Journal Blawg 100 Hall of Fame:
- Legal Profession Blog, by Alan Childress (Tulane), Michael Frisch (Georgetown) & Jeff Lipshaw (Suffolk):
- Wills, Trusts & Estates Prof Blog, by Gerry Beyer (Texas Tech)
- TaxProf Blog, by Paul Caron (Pepperdine
Gooligan, as researchers from security firm Check Point Software Technologies have dubbed the malware, has been found in at least 86 apps available in third-party marketplaces. Once installed, it uses a process known as rooting to gain highly privileged system access to devices running version 4 (Ice Cream Sandwich, Jelly Bean, and KitKat) and version 5 (Lollipop) of Google’s Android operating system. Together, the vulnerable versions account for about 74 percent of users.The rooted devices then download and install software that steals the authentication tokens that allow the phones to access the owner’s Google-related accounts without having to enter a password. The tokens work for a variety of Google properties, including Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.
“When the Internal Revenue Service (IRS) has shared data, including Personally Identifiable Information, taxpayer information, and other sensitive data, with external entities, it has not always adequately protected the data through secure file transfer technology, according to an audit report that the Treasury Inspector General for Tax Administration (TIGTA) released today. The IRS shares data with various outside entities including Federal, State, and local agencies; financial institutions; and contractors for tax administration purposes. IRS and Federal guidelines require that sensitive data is protected during transmission to prevent unauthorized access or disclosure. TIGTA initiated this audit to determine whether the IRS is properly protecting this data and whether it is maintaining encryption controls and other security configurations in accordance with the National Institute of Standards and Technology. The IRS uses three methods to transfer data to external partners: 1) a commercial off-the-shelf product for transfers over the Internet, 2) a commercial off-the-shelf product for direct mainframe-to-mainframe data transfers, and 3) drop boxes to allow the IRS and its external partners to place and retrieve data transfers. In reviewing all three of these external file transfer methods, TIGTA found the IRS did not ensure that encryption requirements are being enforced and ensure that nonsecure protocols are not being used in order to fully protect information during transmission. These protocols include File Transfer Protocol and Telnet, which are known insecure transfer protocols. The IRS also did not remediate high-risk vulnerabilities or install security patches on file transfer servers in a timely manner. For example, TIGTA found 61 servers with high-risk vulnerabilities, 10 servers with outdated versions of Windows and UNIX operating systems still in operation, and 32 servers missing 18 unique security patches, of which four were deemed as critical. Lastly, the IRS did not ensure that corrective action plans for security control weaknesses met IRS standards. This reduced the assurance that the IRS would correct weaknesses timely. IRS IG – Improvements Are Needed to Ensure the Protection of Data the IRS Transfers to External Partners.”
“No matter how Trump feels about the media, the
fourth estate did not die the day he got elected. It should be ready now more
than ever because the next four years will prove to be the most consequential
in recent American history. And the media cannot be a footnote — but a decider
— in telling the difference between fact and fiction.” — Bankole Thompson, Detroit News columnist
A Slate writer went 5,000 years back in time to find out if the old days were really all that good. He finds, for instance, that many people suffered from "neurasthenia" and that is not a good thing. Read it.
A Slate writer went 5,000 years back in time to find out if the old days were really all that good. He finds, for instance, that many people suffered from "neurasthenia" and that is not a good thing. Read it.