Comey hype continues as intelligence chiefs testify
First Amendment group threatens to sue President Trump unless he unblocks Twitter critics
Contractor charged in NSA document leak case Washington Post. Her life is over. She admitted everything to the FBI. Does no one tell people 1. never never talk to police without a lawyer present and 2. to take the Fifth Amendment? Or was this world’s fastest plea deal?
Sen. Mark
Warner, D-Va., Monday pressed the Federal Trade Commission on what the agency
is doing to keep hackable children’s toys out of the marketplace. The letter follows
a report from security researcher Troy Hunt about CloudPets, an
internet-connected teddy bear that allows parents to send recorded messages to
their children that left data from hundreds of thousands of users easily
hackable online. Warner wants to know whether the commission has contacted
CloudPets or its parent company Spiral Toys, according to the letter to acting
FTC Chairwoman Maureen Ohlhausen.
Even with
the Senate Intelligence Committee focused this week on its investigation of
Russia's alleged meddling in last year's presidential election, the committee
met behind closed doors today for a classified briefing from senior FBI and
Homeland Security officials over another alleged threat emanating from Moscow:
a major software company whose products are used widely across the United
States. The visit from FBI and Homeland Security officials has long been
planned. But congressional sources told ABC News that in recent days the agenda
expanded to specifically include an update on U.S. intelligence about Kaspersky
Lab, a Moscow-based firm that has become one of the world’s largest and most
respected cybersecurity firms. Current and former U.S. officials worry that
state-sponsored hackers could try to exploit Kaspersky Lab’s anti-virus
software to steal and manipulate users’ files, read private emails or attack
critical infrastructure in the U.S. And they point to Kaspersky Lab executives
with previous ties to Russian intelligence and military agencies.
GCHQ has
demanded that directors start taking charge of cyber security, warning that
they are “devolving responsibility” for protecting businesses from hackers.
Ciaran Martin, the head of the agency’s National Cyber Security Centre (NCSC),
said it is unacceptable for boards to plead ignorance about the threat from
cyber attacks. It comes after this month’s debilitating “WannaCry” ransomware
outbreak, which caused chaos in the NHS and brought operations at factories and
train stations to a halt. “Our business leaders need to stop saying that cyber
security is too complicated – and stop devolving responsibility,” Mr Martin
said at The Telegraph Cyber Security conference. “Boards must start to treat
cyber threats with the same level of critical importance as they do financial
or legal issues. It needs to be unthinkable that a board member would say that
cyber issues are too complex for them to make judgements about.”
A utility
company in Lansing is still transitioning back to stability after a cyberattack
temporarily disabled the company’s internal network and required it to pay a
$25,000 ransom. Dick Peffley, general manager for the Board of Water &
Light, confirmed that 13 information technology employees as well as the
emergency management director left after an April 2016 cyberattack that
officials said didn’t compromise any customer or employee data. Todd
Bertolozzi, one of the IT employees who left the company, said utility
ratepayers should be concerned about BWL’s security because of the staffing
losses. “Every time you lose somebody, especially in IT, there’s a little bit
of chaos for three to six months — at least,” Bertolozzi said. “When 14 people
resign from any department, something is going on that’s not normal.” Peffley
said none of the employees who left were asked to resign, nor did they receive
severance packages.
The
Interior Department stopped a phishing attack by speeding up its plans to
require two-factor authentication for email, the agency’s inspector general
said. More than 1,500 Interior employees received an email with a link to what
appeared to be the agency’s standard log-in page. Instead, it captured
credentials of more than 100 employees and resulted in network access through
at least eight different Gmail accounts in January 2016, according to the
report released Wednesday. The agency’s Office of the Chief Information Officer
fast-tracked implementing two-factor authentication for its Gmail system,
completing it 11 days after the attack. “By implementing two-factor
authentication, DOI ended the attack,” the report said.
The heartiest laghter ... Born in Pilhov ŠTEFAN ŽIVČÁK
Chipotle
warned its customers on Friday that it suffered a breach between March 24 and
April 18 on its sales system. Hackers stole troves of credit card information
from customers, as well as the victims' names. “Customers that used a payment
card at an affected location during its at-risk time frame should remain
vigilant to the possibility of fraud," Chipotle said in a statement. The
thieves infected Chipotle and Pizzeria Locales across the country in Colorado,
Kansas, Missouri and Ohio. You can look up your local Chipotle here to see if
it had been hacked and your local Pizzeria Locale here.
For years,
Yahoo Mail has exposed a wealth of private user data because it failed to
update widely used image-processing software that contained critical
vulnerabilities. That's according to a security researcher who warned that
other popular services are also likely to be leaking sensitive subscriber
secrets. Chris Evans, the researcher who discovered the vulnerabilities and
reported them privately to Yahoo engineers, has dubbed them
"Yahoobleed" because the vulnerabilities caused the site to bleed
contents stored in server memory.
GET SHARES EARLY: Sexbots are going to be big: Invest now