Sad Day for AUSTRALIA - Satirist John Clarke, of Clarke and Dawe fame, dies aged 68
Cambridge Analytica arrives in Australia to STEAL our democracy! Cambridge. Analytica of M7 fame Firm that claims credit for Trump and Brexit arrives to pitch marketers and polliesOne third IBM staff in India Bangladesh
Bitcoins and the future of tickets
Verona Burgess: leak investigators land a target that can’t be controlled
The
hackers trying to build a hack-proof operating system The
Christian Science Monitor
As a
teenage hacker in the early 1990s, David Mirza Ahmad quickly learned that even
the savviest techies can be "owned," old-school computer slang for
exposing someone's identity. After Mr. Ahmad tangled with rival hackers on a
local online message board, they discovered his name and quickly found out his
phone number at his parent's home in Calgary.
Workplace Surveillance Is The New Office ‘Perk’ Vocativ
Workplace Surveillance Is The New Office ‘Perk’ Vocativ
Want to protect your internet privacy at home now that the government has offered up your data? Here's where to start
Meet Ahsan
Tahir, a 13-year-old hacker from Karachi, Pakistan, who is already schooling
some of the biggest technology companies when it comes to cybersecurity. Tahir
is an "ethical hacker," putting his skills to work through bug bounty
programs, helping companies find and fix vulnerabilities in their websites in
exchange for cash and swag
Kerr, Orin S. and Schneier, Bruce, Encryption Workarounds (March 20, 2017). Available at SSRN: https://ssrn.com/abstract=2938033 or http://dx.doi.org/10.2139/ssrn.2938033“The widespread use of encryption has triggered a new step in many criminal investigations: the encryption workaround. We define an encryption workaround as any lawful government effort to reveal an unencrypted version of a target’s data that has been concealed by encryption. This essay provides an overview of encryption workarounds. It begins with a taxonomy of the different ways investigators might try to bypass encryption schemes. We classify six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy
“Lawyers at EFF, the ACLU, and the National Association of Criminal Defense Lawyersreleased a report today outlining strategies for challenging law enforcement hacking, a technique of secretly and remotely spying on computer users to gather evidence
The syringe slides in between the thumb and index finger. Then, with a click, a microchip is injected in the employee’s hand. Another “cyborg” is created.What could pass for a dystopian vision of the workplace is almost routine at the Swedish startup hub Epicenter. The company offers to implant its workers and startup members with microchips the size of grains of rice that function as swipe cards: to open doors, operate printers, or buy smoothies with a wave of the hand.The injections have become so popular that workers at Epicenter hold parties for those willing to get implanted.“The biggest benefit I think is convenience,” said Patrick Mesterton, co-founder and CEO of Epicenter. As a demonstration, he unlocks a door by merely waving near it. “It basically replaces a lot of things you have, other communication devices, whether it be credit cards or keys.”
“Lawyers at EFF, the ACLU, and the National Association of Criminal Defense Lawyersreleased a report today outlining strategies for challenging law enforcement hacking, a technique of secretly and remotely spying on computer users to gather evidence
From The New York
Times: How Uber uses psychological tricks to push its drivers’
buttons
Reuters
The Dutch
parliament's website was briefly hit by a so-called 'ransomware' attack on
Tuesday, Dutch news agency ANP reported. The form of attack in which hackers
scramble a computer system and seek a ransom to unscramble it came amid
concerns that Turkish hackers are targeting the Netherlands. Turkey's relations
with several European Union countries, including the Netherlands and Germany,
have been badly strained after Turkish ministers were banned from campaigning
in their cities ahead of an April 16 referendum that would give Turkish
President Tayyip Erdogan sweeping powers. The Dutch parliament said it had
taken "appropriate measures" in response to the breach but declined
to give details.
Reuters
The German
parliament was the target of fresh cyber attacks in January that attempted to
piggy-back on an Israeli newspaper site to target politicians in Germany,
Berlin's cyber security watchdog said on Wednesday. Cyber defenses installed
after a 2015 hack of the parliament helped avert the attempted breaches, the
Federal Office for Information Security (BSI) said in a statement. The hackers
appeared to use advertising running on the Jerusalem Post website to redirect
users to a malicious site, it said. The BSI looked into unusual activity on the
parliament's network early this year and has just completed a detailed analysis
of the incident, which was first reported by the Sueddeutsche Zeitung newspaper
on Wednesday. At least 10 German lawmakers from all parliamentary groups were
affected by the attempted hack, the Munich daily reported. "The technical
analysis is complete. The website of the Jerusalem Post was manipulated and had
been linked to a malicious third party site," the agency said in a
statement. "BSI found no malware or infections as part of its analysis of
the Bundestag networks."
The
Telegraph
Britain’s
businesses are increasingly aware of the threat of cyber attacks, but often do
not know how to combat digital crimes or how to report attacks. A total of 94pc
of firms believe IT security is important, but only 56pc have a strategy in
place to deal with it, according to a study from the Institute of Directors and
Barclays. Although attacks are increasingly common, 40pc of the nearly 1,000
companies surveyed said that if they were a victim of online fraud they would
not know which law enforcement to inform. The report comes at a time of
significant cybersecurity threats. The IoD said companies should put formal
training systems in place for their staff, as 44pc of companies do not have any
cyber security awareness schemes currently.
AP
Georgia-based Arby’s
restaurant chain failed to prevent hackers from stealing customer information
at hundreds of its stores, a Connecticut couple said in a new federal lawsuit.
Since early February, eight credit unions and banks from Indiana, Alabama,
Arkansas, Louisiana, Michigan, Pennsylvania and Montana have filed seven other
federal lawsuits. All make similar allegations about what the credit unions
describe as a massive data breach. Arby’s said in a statement Monday that it’s
not commenting on the pending litigation, but “we believe the claims are
without merit and intend to vigorously defend against them.”
FCW
Founded in 2014 as a
consortium of cybersecurity firms seeking to improve threat-information sharing
and incident response, the Cyber Threat Alliance is now a formal non-profit
with former White House cyber czar Michael Daniel as its president. After two weeks
at the helm of CTA, Daniel told FCW that he believes the growing member
association can drive a number of changes in the cybersecurity ecosystem.
Ars
Technica
Developers of the
widely used LastPass password manager are scrambling to fix a serious
vulnerability that makes it possible for malicious websites to steal user
passcodes and in some cases execute malicious code on computers running the
program. The flaw, which affects the latest version of the LastPass browser
extension, was briefly described on Saturday by Tavis Ormandy, a researcher
with Google's Project Zero vulnerability reporting team. When people have the
LastPass binary running, the vulnerability allows malicious websites to execute
code of their choice. Even when the binary isn't present, the flaw can be
exploited in a way that lets malicious sites steal passwords from the protected
LastPass vault.
Reuters
McDonald's Corp's
Canadian unit said on Friday personal information of about 95,000 restaurant
job applicants was compromised in a cyber attack on its careers website. The
information included names, addresses, email addresses, phone numbers and
employment backgrounds of candidates who applied online for jobs at McDonald's
Canada restaurants between March 2014 and March 2017.