Thursday, April 26, 2018

Sue Sinclair: Remarks at the official opening of the new ATO office in Gosford


Thank you very much Sue [Sinclair] and it is such a great pleasure to be here. And can I also acknowledge the fantastic performance that we heard just before.
Remarks at the official opening of the new ATO office in Gosford

The Minister for Revenue and Financial Services, the Hon Kelly O'Dwyer MP, today officially opened the Australian Taxation Office's (ATO) new site in Gosford with Federal Member for Robertson, Lucy Wicks MP, and Tax Commissioner, Chris Jordan, boosting local jobs and bringing real economic and social benefits to Gosford. 
"Since construction was completed late last year, the influx of ATO and NDIA staff in the building has seen a huge boost in the region, driving even more activity to existing local cafés, restaurants and other small businesses."
"Importantly, the office has also established a vital link with tertiary campuses in the area, providing career opportunities for our young people."

ATO Gosford officially open for business


Bhadu building meaning water - river - in Darkinjung dialect ...


ATO opens Gosford office with NDIA, union fears thin end of the 'hot desking' wedge


The Australian Services Union's tax officers' branch has strongly opposed the introduction of hot desking at the Gosford site, and is currently appealing a decision by the Fair Work Commission which went in the agency's favour last December. The union believed this kind of activity-based office setup was only allowed under ...

The Australian National Audit Office (ANAO) has released its draft 2018–19 Annual Audit Work Program. The draft program is available on our website for a two-week period of public consideration and feedback.

Submissions will close on 10 May 2018 at 11:59pm (Australian Eastern Standard Time)

Australian Taxation Office

 

Strong culture supports risk management, auditor reminds agencies
A significant number of NSW public servants would not feel safe reporting that things have gone wrong, and the auditor-general is concerned.

 

 Tax office defends online systems | SBS News

 

People try to hack into the Tax Office website about 8000 times a week


Juha Saarinen




Emerging Economic Activities - These 11 questions will help you decide if blockchain is right for your business


Explainer: what is a blockchain

'It makes no sense': Former PayPal CEO says bitcoin is the 'greatest scam in history'

 


Visualizing the big topics being discussed on the darkweb right now.
↩︎ DarkOwl


   






CBS -April 20, 2018

Cybersecurity firms and analysts have been sounding the alarm on vulnerabilities in most web-based systems, pointing to loopholes and lapses in security. But a recent report from Proofpoint, a cybersecurity firm, said most cyberattacks are designed to take advantage of human error instead of flaws in hardware or software. In their 2018 Human Factor Report, Proofpoint analyzed cyberattacks throughout 2017, looking into attempted attacks on nearly 6,000 organizations across the world. They found that almost every industry suffered from a growth in the number of attacks, ranging from phishing to ransomware and cloud application breaches. "Email remains the top attack vector...Attackers are adept at exploiting our natural curiosity, desire to be helpful, love of a good bargain, and even our time constraints to persuade us to click," the report said.

False Information on Web and Social Media: A Survey. Srijan Kumar, Neil Shah (Submitted on 23 Apr 2018) Cornell University Library. arXiv.org > cs > arXiv:1804.08559
“False information can be created and spread easily through the web and social media platforms, resulting in widespread real-world impact. Characterizing how false information proliferates on social platforms and why it succeeds in deceiving readers are critical to develop efficient detection algorithms and tools for early detection. 
 


This enthusiastic cockatoo is part of a mural on the side of a house on the corner of Mechanic Street and Hordern Street, in the inner city suburb of Newtown.



CyberScoop -April 17, 2018
A government-backed hacking group tried to breach the Department of Defense via the exact same software vulnerability that was used to breach Equifax, an official with the National Security Agency said Tuesday during a speech at the 2018 RSA conference. “The vulnerability that took down Equifax last year when it was released in March, we had a nation-state actor within 24 hours scanning looking for unpatched servers within the DoD,” said David Hogue, a senior technical director for the NSA’s Cybersecurity Threat Operations Center (NCTOC). The malicious activity caught by NSA shows how most attackers, regardless of skill or available resources, will first rely on simplistic and easily accessible methods to compromise their victims. In this case, the attackers relied on a known vulnerability in the Apache Struts software framework to target the DoD



CBS -April 18, 2018

While many parts of Atlanta city government are back up and running, CBS46 has learned exclusively that the issues at the Atlanta Police Department are dire following a cyber attack. While the department stresses their ability to respond to emergencies has not been affected, sources tell us it has not been easy on the inside. Sensitive case files containing evidence for prosecuting crimes have been wiped in the attack. And it's unclear if and when they will ever be recovered. The Bulldog investigative team has spent weeks pressing police and city officials for clarity on exactly what and how much is missing.



THE 77-YEAR-OLD GANGBANGER: Chicago’s gang database is full of errors. ProPublica Illinois’ Mick Dumke explores the 128,000 people gathered in the database, which seems to be more of a racial profiling mechanism
 
 


Unmasked: The Mystery Hacker Who Stole Data on 168 Million People
The Daily Beast April 19, 2018
The FBI has quietly solved a rash of bulk database thefts that affected 168 million users of some of the internet’s most popular websites, The Daily Beast has learned. The culprit in the breaches is a 28-year-old Arkansas man named Kyle Milliken, who, along with colleagues, stole email addresses and account passwords to feed a lucrative and hugely annoying spam operation that ran from 2010 to 2014. Last month Milliken was sentenced to 17 months at a federal work camp—a sentence lightened by his cooperation with the FBI. He’s set to begin his sentence on May 24. His case remains under seal in federal court in San Jose, California, and with it the remarkable story of a high school dropout from rural Arkansas who rode a wave of hacking and spam to the pinnacle of California high life, until a moment of carelessness reversed his fortunes overnight.




Nextgov April 19, 2018

A number of security gaps in the Treasury Department’s financial reporting system could leave the door open for online bad actors to tamper with the government’s spending data, a congressional watchdog found. The Government Accountability Office uncovered eight different flaws in the system used by the department’s Bureau of the Fiscal Service to check the accuracy of the annual financial reports it publishes for every government agency. The new flaws, when combined with a handful of unresolved issues GAO previously identified within the bureau, could “increase the risk of unauthorized access to, modification of, or disclosure of sensitive data and programs and disruption of critical operations,” investigators wrote in a report published Tuesday.







The New York Times -April 17, 2018
More than 30 high-tech companies, led by Microsoft and Facebook, announced a set of principles on Tuesday that included a declaration that they would not help any government — including that of the United States — mount cyberattacks against “innocent civilians and enterprises from anywhere,” reflecting Silicon Valley’s effort to separate itself from government cyberwarfare. The principles, which have been circulating among senior executives in the tech industry for weeks, also commit the companies to come to the aid of any nation on the receiving end of such attacks, whether the motive for the attack is “criminal or geopolitical.” Although the list of firms agreeing to the accord is lengthy, several companies have declined to sign on at least for now, including Google, Apple and Amazon. Perhaps as important, none of the signers come from the countries viewed as most responsible for what Brad Smith, Microsoft’s president, called in an interview “the devastating attacks of the past year.” Those came chiefly from Russia, North Korea, Iran and, to a lesser degree, China.




Wired - April 19, 2018

Facebook profiles have become the de-facto identities of people across the internet. This is thanks, in large part, to Login With Facebook, the social network's universal login API, which allows users to carry their profile information to other apps and websites. You've probably used it to log in to services like Spotify, Airbnb, and Tinder. But sometimes, especially on lesser known websites, using Facebook's universal login feature may carry security risks, according to new research from Princeton University published Wednesday. In a yet-to-be peer-reviewed study published on Freedom To Tinker, a site hosted by Princeton's Center for Information Technology Policy, three researchers document how third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge.
  



Ars Technica April 16, 2018
The drive to connect everything to the Internet and build the Internet of Things has created a new security nightmare. 
  



Wired - April 17, 2018
In September, security researchers at Cisco Talos and Morphisec made a worst nightmare-type disclosure: the ubiquitous computer cleanup tool CCleaner had been compromised by hackers for more than a month. The software updates users were downloading from CCleaner owner Avast—a security company itself—had been tainted with a malware backdoor. The incident exposed millions of computers and reinforced the threat of so-called digital supply chain attacks, situations where trusted, widely distributed software is actually infected by malicious code.   


The New York Times April 16, 2018
The United States and Britain on Monday issued a first-of-its-kind joint warning about Russian cyberattacks against government and private organizations as well as individual homes and offices in both countries, a milestone in the escalating use of cyberweaponry between major powers. Although Washington and London have known for decades that the Kremlin was trying to penetrate their computer networks, the joint warning appeared to represent an effort to deter future attacks by calling attention to existing vulnerabilities, prodding individuals to mitigate them and threatening retaliation against Moscow if damage was done. “When we see malicious cyberattacks, whether from the Kremlin or other nation-state actors, we are going to push back,” Rob Joyce, a special assistant to the president and the cybersecurity coordinator for the National Security Council, said in joint conference call with journalists by senior officials in Washington and London. That would include “all elements of U.S. power available to push back against these kinds of intrusions,” he added, including “our capabilities in the physical world.”

Labor 2030: The Collision of Demographics, Automation and Inequality. February 07, 2018. Bain report.
“Demographics, automation and inequality have the potential to dramatically reshape our world in the 2020s and beyond. Our analysis shows that the collision of these forces could trigger economic disruption far greater than we have experienced over the past 60 years. The aim of this report by Bain’s Macro Trends Group is to detail how the impact of aging populations, the adoption of new automation technologies and rising inequality will likely combine to give rise to new business risks and opportunities. These gathering forces already pose challenges for businesses and investors. In the next decade, they will combine to create an economic climate of increasing extremes but may also trigger a decade-plus investment boom.



Increased enforcement activity and the introduction of new corporate criminal liability laws have failed to dent the scale of bribery and corruption globally
 



The great decentralisation debate: how to shift jobs well (or badly)
Some members of the federal government want to move more public service jobs out of Canberra, but their efforts at decentralisation so far have been damaging.




ATO statement on claims in tonight's A Current Affair
The ATO is taking steps to correct the record to ensure that public confidence in our administration of the tax and super systems is not undermined.