Thursday, June 22, 2017

Closing the Cybersecurity Skills Gap With a New Collar Approach

Bughunter University

Bughunter University: This site was created by the Google Security Team for members of our Vulnerability Reward Program bug hunter community. If you want to create great vulnerability reports, you've come to the right place! Take a look at various tips on how to be successful with our reward program, get a little behind-the-scenes knowledge, and learn from the mistakes other bug hunters sometimes make.

Program Rules – Application Security – Google

Program Rules – Application Security – Google We have long enjoyed a close relationship with the security research community. To honor all the cutting-edge external contributions that help us keep our users safe, we maintain a Vulnerability Reward Program for Google-owned web properties, running continuously since November 2010.

Patch Rewards – Application Security – Google

Patch Rewards – Application Security – Google Of course, you need to make sure that your work does not violate any law and does not disrupt or compromise any data that is not your own.

HHS targeting outdated regs in wake of damning cybersecurity report, WannaCry

HHS targeting outdated regs in wake of damning cybersecurity report, WannaCry | Healthcare IT News: new cybersecurity threats require updated guidelines, HHS, CMS, ASPR officials say.

Thursday, June 15, 2017

CIA has been hacking into Wi-Fi routers for years, leaked documents show | ZDNet

CIA has been hacking into Wi-Fi routers for years, leaked documents show 

http://www.zdnet.com/article/cia-has-been-hacking-into-wi-fi-routers-for-years-leaked-documents-show/

Advanced CIA firmware has been infecting Wi-Fi routers for years | Ars Technica

Advanced CIA firmware has been infecting Wi-Fi routers for years | Ars Technica

https://arstechnica.com/security/2017/06/advanced-cia-firmware-turns-home-routers-into-covert-listening-posts/

The NSA has linked the WannaCry computer worm to North Korea - The Washington Post

The NSA has linked the WannaCry computer worm to North Korea - The Washington Post: The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with “moderate confidence” to North Korea’s spy agency, the Reconnaissance General Bureau, according to an individual familiar with the report.

Microsoft: Latest security fixes thwart NSA hacking tools | ZDNet

Microsoft: Latest security fixes thwart NSA hacking tools | ZDNet: Microsoft has confirmed its latest round of security patches has fixed three remaining vulnerabilities built by the National Security Agency, which the company previously said it would not fix.

WannaCry ransomware timeline: from the NSA to the NHS

WannaCry ransomware timeline: from the NSA to the NHS | Gallery | Computerworld UK



Annoying format!

Why 'WannaCry' Malware Caused Chaos for National Health Service in U.K. - NBC News

Why 'WannaCry' Malware Caused Chaos for National Health Service in U.K. - NBC News: Last week's worldwide cyberattack potentially put lives at risk by paralyzing computers at state-run medical facilities across the U.K. — including many using discontinued Windows XP.

(U//FOUO) DHS Report: Potential Impacts of WannaCry Ransomware on Critical Infrastructure | Public Intelligence

(U//FOUO) DHS Report: Potential Impacts of WannaCry Ransomware on Critical Infrastructure | Public Intelligence: WannaCry installs the DoublePulsar backdoor, which means that infected machines may still be vulnerable to future attacks.

The Washington Post: The NSA has linked the WannaCry computer worm to North Korea

The NSA has linked the WannaCry computer worm to North Korea
http://wapo.st/2s2G1Gg

Wednesday, June 14, 2017

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | US-CERT

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | US-CERT: "DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. "



'via Blog this'

Director Comey Legally SS7 Taped Calls, Meetings With Trump – patribotics

Director Comey Legally Taped Calls, Meetings With Trump – patribotics

https://patribotics.blog/2017/06/13/exclusive-director-comey-legally-taped-calls-meetings-with-trump/

Friday, June 9, 2017

Digital disruption: Data intelligence, digital supply chain and beyond | IBM

IoT Security Spending Pays Off

OneLogin security chief reveals new details of data breach | ZDNet

"The company has advised customers to change their passwords, generate new API keys for their services, and create new OAuth tokens -- used for logging into accounts -- as well as to create new security certificates.

One report pointed to a corporate customer affected by the breach having to "rebuild the whole authentication security system.""

http://www.zdnet.com/article/onelogin-security-chief-new-details-data-breach/

Monday, June 5, 2017

Saturday, June 3, 2017

Shocke Bikes Spark Commuter eBike | ElectriCity Cycles

Indigenous knowledge systems can help solve the problems of climate change

"Indigenous knowledges have been greatly suppressed as a part of the colonial process in Australia. Our people lived completely sustainably, and in balance with each other and country, for over 60,000 years. We kept our country clean through practices like fire-stick farming, we monitored our species of animals and plants through our totem systems."

https://www.theguardian.com/commentisfree/2017/jun/02/indigenous-knowledge-systems-can-help-solve-the-problems-of-climate-change?CMP=share_btn_tw

QUIZ: How Good Are You At Detecting Bias? (with Lesson Plan) | The Lowdown | KQED News

QUIZ: How Good Are You At Detecting Bias? (with Lesson Plan) | The Lowdown | KQED News: Take this quiz to test how adept you are at recognizing five of the most common forms of cognitive bias that most likely influence your daily decision-making.

Friday, June 2, 2017

About Backchannel

About Backchannel: Mining the tech world for lively and meaningful tales and analysis. May be pitch?

Password manager OneLogin hacked, exposing sensitive customer data | ZDNet

Thursday, June 1, 2017

6 tips for successful enterprise risk management - The Business Journals

6 tips for successful enterprise risk management - The Business Journals: "A recent survey by the American Institute of CPAs (AICPA) and North Carolina State University, however, found that only 28 percent of companies have a complete ERM process in place. Additionally, less than half of companies have a partial ERM process in place, with some, but not all risks addressed. Those are pretty low numbers."



'via Blog this'

the life of a cybercriminal - Google Search

the life of a cybercriminal - Google Search

What to Do If the Laptop Ban Goes Global

Tuesday, May 30, 2017

Russian oligarch's £360m Sailing Yacht A leaves Monaco | Daily Mail Online

IBM SPSS Statistics

How to Offer Survey Incentives Without Sacrificing Good Data | SurveyMonkey Blog

Wally Rebounder Ping Pong Partner Table Tennis Trainer | Wally Rebounder Table Tennis Trainer

Wally Rebounder Ping Pong Partner Table Tennis Trainer | Wally Rebounder Table Tennis Trainer


http://www.wallyrebounder.com/

Cycon | Live Stream of CyCon 2017 Keynotes

Cycon | Live Stream of CyCon 2017 Keynotes: "The 9th International Conference on Cyber Conflict, CyCon 2017, brings key experts and decision-makers of the global cyber defence community to Tallinn from May 30th to June 2nd.

Selected Cycon 2017 Keynotes listed below are broadcast live on the news portal of Estonian national broadcaster ERR http://www.err.ee/598943/kaks-paeva-otseulekandeid-kuberjulgeoleku-konverentsilt

We invite you to share the link! "



'via Blog this'

You're not going to believe what I'm about to tell you - The Oatmeal

You're not going to believe what I'm about to tell you - The Oatmeal



Good source of stuff...

Thursday, May 25, 2017

Swapping DNA for Lower Insurance Costs Is One Wellness Step Too Far – Workforce Magazine

Swapping DNA for Lower Insurance Costs Is One Wellness Step Too Far – Workforce Magazine: The solution to cutting employers' health care spend is not asking employees to sacrifice their personal privacy in exchange for lower premiums, as is the push from HR 1313.

New Wellness Bill HR 1313 Gets Flak for Genetic Privacy Concerns – Workforce Magazine

New Wellness Bill HR 1313 Gets Flak for Genetic Privacy Concerns – Workforce Magazine: The Preserving Employee Wellness Programs Act has received criticism for potentially coercing employees to reveal personal genetic information to their employers.

Wednesday, May 24, 2017

Chemistry PR | Chemistry PR Team

Chemistry PR | Chemistry PR Team

http://chemistrypr.com/our-team/

Encryption: Vital to the Founding Fathers, Vital to Modern America | RealClearTechnology

Encryption: Vital to the Founding Fathers, Vital to Modern America | RealClearTechnology: "However, the issues at stake today are not fundamentally different from those present at America’s founding."



'via Blog this'

Encryption to come under renewed fire from European Commission in June

Encryption to come under renewed fire from European Commission in June: "Encryption will face a make it or break it moment in June when the European Commission lays out new options for forcing internet companies to hand over the keys."



'via Blog this'

At Crypto Hearing, Best Arguments Against Backdoor Mandates Come from Members of Congress Themselves

At Crypto Hearing, Best Arguments Against Backdoor Mandates Come from Members of Congress Themselves: "“I have three general concerns about Director Comey’s proposal. First, it’s impossible to build just a backdoor for just the good guys… j"



'via Blog this'

Encryption Workarounds by Orin S. Kerr, Bruce Schneier :: SSRN

Encryption Workarounds by Orin S. Kerr, Bruce Schneier :: SSRN: "The remainder of the essay develops lessons about encryption workarounds and the broader public debate about encryption in criminal investigations. "



'via Blog this'

Monday, May 22, 2017

My Blogger Buzz: How to Upload Files For Download in Blogger

My Blogger Buzz: How to Upload Files For Download in Blogger: "In this tutorial I am going to show you how to upload files to download in Blogger."

Thursday, May 18, 2017

WannaCrypt Hackers May Have A Hard Time Claiming That Ransom Without Getting Caught

WannaCrypt Hackers May Have A Hard Time Claiming That Ransom Without Getting Caught: Though bitcoin’s anonymity makes it popular, hackers may find it impossible to collect the $70,000 collected so far without leaving a trail behind them.

Chainalysis – Blockchain analysis

Chainalysis – Blockchain analysis: Train your analysts to be able to spot emerging threats from the deep web and investigate ransomware or extortion notes in-house.

New York's New Cybersecurity Regulations: The Good, The Bad And The Ugly - Security - United States

New York's New Cybersecurity Regulations: The Good, The Bad And The Ugly - Security - United States: The first foray into comprehensive state regulation of business data protection practices, and arguably the most stringent, is New York's Cybersecurity Requirements for Financial Services Companies, to be found at 23 NYCRR 500.

Study finds cybersecurity pros are hiding breaches, bypassing protocols, and paying ransoms - TechRepublic

Study finds cybersecurity pros are hiding breaches, bypassing protocols, and paying ransoms - TechRepublic

http://www.techrepublic.com/article/study-finds-cybersecurity-pros-are-hiding-breaches-bypassing-protocols-and-paying-ransoms/

Medical Devices Hit By Ransomware For The First Time In US Hospitals | Forbes Mobile

Adylkuzz hack, called larger than WannaCry, slows computers across the globe - CBS News

Wednesday, May 17, 2017

About - Cymmetria | Cyber deception

About - Cymmetria | Cyber deception: Cymmetria is a cyber deception startup focused on changing the asymmetry of cybersecurity, tilting the traditional security odds so that hackers are the ones who are left vulnerable.

Malware Case Is Major Blow for the N.S.A. - The New York Times

Sunday, May 14, 2017

Hackers use tools stolen from NSA in worldwide cyber attack

Hackers used cyberweapons stolen from the US National Security Agency to strike organisations across the globe on Friday, from the UK's National Health Service to European telecoms company Telefónica and FedEx of the US,

https://www.ft.com/content/e96924f0-3722-11e7-99bd-13beb0903fa3

Microsoft to spooks: WannaCrypt was inevitable, quit hoarding • The Register

Microsoft to spooks: WannaCrypt was inevitable, quit hoarding • The Register

https://www.theregister.co.uk/2017/05/14/microsoft_to_spooks_wannacrypt_was_inevitable_quit_hoarding/

Friday, May 12, 2017

Tuesday, May 9, 2017

Trump extends Obama executive order on cyberattacks | PCWorld

Trump extends Obama executive order on cyberattacks | PCWorld: Executive Order 13694 was introduced on April 1, 2015, and was due to expire on Saturday, but the president sent a letter to Congress on Wednesday evening informing it of his plans to keep it active.

Monday, May 8, 2017

Smart machines v hackers: How cyber warfare is escalating - BBC News

Wanna Know If Someone Planted Spyware on Your Computer? - Motherboard

Wanna Know If Someone Planted Spyware on Your Computer? - Motherboard: "Figuring out whether someone has installed malware on your computer can be tricky. Specifically, victims of domestic abuse and surveillance often don't know what sort of software has been used to monitor them."



'via Blog this'

Tuesday, May 2, 2017

Home Router Botnet Shut Down in Past 72 Hours. Who did it?

Home Router Botnet Shut Down in Past 72 Hours. Who did it?: "Yesterday morning we noticed that there was a rapid drop-off in attacks from the ISPs we identified 3 weeks ago, that had targeted WordPress websites."



'via Blog this'

Dan Geer: Cybersecurity, Humanity's Future "Conjoined" | Threatpost | The first stop for security news

Dan Geer: Cybersecurity, Humanity's Future "Conjoined" | Threatpost | The first stop for security news

https://threatpost.com/dan-geer-cybersecurity-humanitys-future-conjoined/125316/

Friday, April 28, 2017

Managing Insider Risk by Darrell Drystek - program, organization, employee on Peerlyst

Managing Insider Risk by Darrell Drystek - program, organization, employee on Peerlyst: "Insider risk is nothing 'new'. It has been an inherent risk in every form of organization, professional and personal relationship, throughout human history. "



'via Blog this'

Karmen Ransomware Variant Introduced by Russian Hacker

Karmen Ransomware Variant Introduced by Russian Hacker: "The Karmen malware derived from “Hidden Tear,” an open source ransomware project, available for purchase by anyone. As is typical for ransomware infections, Karmen encrypts files on the infected machine using the strong AES-256 encryption protocol, making them inaccessible to the user and may trigger a ransom note or instructions demanding that the user pay a large sum of money to obtain the decryption key from the attacker."

Senate Democrats hatch plan that could leave Donald Trump with little choice but to resign - Palmer Report

Senate Democrats hatch plan that could leave Donald Trump with little choice but to resign - Palmer Report

http://www.palmerreport.com/opinion/senate-democrats-hatch-plan-that-could-leave-donald-trump-with-little-choice-but-to-resign/2481/

After blitzing FlexiSpy, hackers declare war on all stalkerware makers: 'We're coming for you' • The Register

2012 Study finds 90 percent have no recent cybersecurity training

Study finds 90 percent have no recent cybersecurity training: "That 68/32 split you see in the pie chart rang a bell with us because it mirrored a different ESET poll, conducted by Harris earlier this year. The purpose of that poll was to study implications of the bring-your-own-device or BYOD trend. We asked employed U.S. adults if they had received any kind of computer security training from their employer and only 32 percent said they had. Another 64 percent said they had not and 4 percent said they couldn’t recall having such training, which probably means it was not worth remembering."



'via Blog this'

Tuesday, April 25, 2017

NYTimes: Women’s Friendships, in Sickness and in Health

Bose accused of spying on users via Bose Connect app

Russian hacker has created his own 'starter pack' ransomware service

"...criminals who buy this specialized malware, dubbed Karmen, can remotely control the ransomware from their web browser, allowing the attacker to see at-a-glance a centralized web dashboard of their entire ransomware campaign."

http://www.zdnet.com/article/a-russian-hacker-has-created-his-own-starter-pack-ransomware-service

Protecting Remote Access to Your Computer: RDP Attacks and Server Credentials for Sale | Duo Security

Protecting Remote Access to Your Computer: RDP Attacks and Server Credentials for Sale | Duo Security is great advice from Duo:



  • Scan publicly listed IPs for any open RDP or SSH ports, and block them. 
  • Monitor and analyze logs to identify any unusual user behavior on your network. 
  • Deploy an endpoint solution that can give you actionable data about the devices authenticating into your environment - which can tell you where users are coming from, when, and with what IP address.
  • Implement two-factor authentication on all account logins, including privileged and administrative, which can deter criminals from successful remote brute-force attacks. 
  • Don’t share or reuse passwords; this can stop the spread of compromise if one server is breached with stolen administrator/root account credentials. 
  • Create custom policies and controls that dictate which applications can be accessed remotely, and by whom. 
  • Limit the number of administrator RDP accounts, or remove them completely if not needed. 
  • Set an account lockout policy that locks accounts after a certain number of incorrect guesses, to prevent the success of brute-force attacks.

Thursday, April 20, 2017

Spoofer test from Caida

By downloading and running our software, you'll help advance the collective understanding of how to better protect the Internet. 

https://www.caida.org/projects/spoofer/

Bose headphones have been spying on customers, lawsuit claims

Wednesday, April 19, 2017

Homeland Security warns of 'BrickerBot' malware that destroys unsecured internet-connected devices | ZDNet

Homeland Security warns of 'BrickerBot' malware that destroys unsecured internet-connected devices | ZDNet: new malware targets poorly secured Internet of Things devices and renders them useless.

The Erosion Of Trust And What It Means For Brands 02/24/2017

The Erosion Of Trust And What It Means For Brands 02/24/2017: When asked about which industries are the most trustworthy, none were seen as being worthy of full trust. Some industries faired better than others. Sixty-one percent of women trust packaged goods companies vs. less than 50% who somewhat trust healthcare companies.
Here is the full list ranking from highest trust to lowest:

 #1 Not-for-Profit

 #2 Packaged Goods (groceries, household items, apparel)

 #3 Beauty/Personal Care (tied for 3rd)

 #3 Pet Care (tied for 3rd)

 #4 Healthcare (tied for 4th)

 #4 Technology (tied for 4th)

 #5 Financial services (tied for 5th)

 #5 Automotive (tied for 5th)

The Building Shaker: a thumping gadget for annoying your noisy neighbors / Boing Boing

The Building Shaker: a thumping gadget for annoying your noisy neighbors / Boing Boing

https://boingboing.net/2017/04/18/thump-thump-thump.html

Tuesday, April 18, 2017

Digital transformation - European Commission

Digital transformation - European Commission: The digital transformation of EU business and society presents enormous growth potential for Europe.

Digital Technologies Offer Opportunities for Economic Growth

Digital Technologies Offer Opportunities for Economic Growth: much of the world is reaping digital dividends today: companies benefit through economic growth, people benefit through new jobs, and governments are enabled to deliver better services.

CONTRARY BRIN: Those were the days... When was America 'great'? And who has Steve Bannon reincarnated?

CONTRARY BRIN: Those were the days... When was America 'great'? And who has Steve Bannon reincarnated?: “If an online discussion (regardless of topic) goes on long enough, sooner or later someone will invoke Hitler.”

Microsoft Outlines Cyber Geneva Convention Proposal - Nextgov.com

The Building Shaker: a thumping gadget for annoying your noisy neighbors / Boing Boing

The Building Shaker: a thumping gadget for annoying your noisy neighbors / Boing Boing

https://boingboing.net/2017/04/18/thump-thump-thump.html

Saturday, April 15, 2017

Nephrolithotomy, Percutaneous - procedure, recovery, test, blood, tube, removal, pain, complications

Punctuation Commands for Dictation in Voice to Text for Android | The Droid Lawyer™

Here are some commands that are guaranteed to work:

  • Period = period (.)
  • Comma = comma (,)
  • Question mark = question mark (?)
  • Exclamation or exclamation point = exclamation point (!)
  • Apostrophe = apostrophe (')
  • Enter or new line = moves to a new line
  • New paragraph = new paragraph
  • Tab key = tab
  • Colon = colon (:)
  • Dash = dash (-)
  • Ellipsis or dot dot dot = ellipsis (…)
  • Ampersand = ampersand (&)
  • Asterisk = asterisk (*)
  • At sign = at sign (@)
  • Backslash = backslash (\)
  • Forward slash = forward slash (/)
  • Open bracket = open bracket ([)
  • Close bracket = closed bracket (])
  • Open parenthesis = open parenthesis (()
  • Close parenthesis = close parenthesis ())
http://thedroidlawyer.com/2015/09/punctuation-commands-for-dictation-in-voice-to-text-for-android/

Pence’s Medicaid experiment confounds expectations on the left and right - POLITICO

Pence's Medicaid experiment confounds expectations on the left and right - POLITICO

http://www.politico.com/story/2017/04/mike-pence-medicaid-indiana-237241

Friday, April 14, 2017

Wednesday, April 12, 2017

Was your network brute forced via RDP? – xednapS – Examine Everything

Was your network brute forced via RDP? – xednapS – Examine Everything: "I am going to list the process I take when a client has had some kind of malicious attack on their server."



'via Blog this'

Wednesday, April 5, 2017

Attorney General Jeff Sessions Delivers Remarks on Efforts to Combat Violent Crime and Restore Public Safety Before Federal, State and Local Law Enforcement | OPA | Department of Justice

Attorney General Jeff Sessions Delivers Remarks on Efforts to Combat Violent Crime and Restore Public Safety Before Federal, State and Local Law Enforcement | OPA | Department of Justice: "First, we should keep in mind some context.  Overall, crime rates in our country remain near historic lows.  Murder rates are half of what they were in 1980.  The rate of violent crime has fallen by almost half from its peak.  

The people of Richmond have seen this progress firsthand.  Since 1995, murder and violent crime rates in Richmond have fallen by two-thirds.  You have watched neighborhoods that were once in the grip of gangs and drugs transformed into places where kids can play and parents can take walks after sunset without fear.  

In the past four decades, we have won great victories against crime in America.  This happened under leadership from both political parties, and thanks above all to the work of prosecutors and good police using data-driven methods and professional training.  Hundreds of thousands of Americans are alive today as a result."



'via Blog this'

SDBJ Annual Awards Programs & Calendar of Events | San Diego Business Journal

Here you go...



SDBJ Annual Awards Programs & Calendar of Events | San Diego Business Journal

Fewer Than One-Fourth Of Cybersecurity Job Candidates Are Qualified

Fewer Than One-Fourth Of Cybersecurity Job Candidates Are Qualified: More than 20% of organizations get fewer than five applicants for an open security job and more than half of all positions (55%) take at least three months to fill with a qualified candidate.

Monday, April 3, 2017

Saturday, April 1, 2017

Friday, March 31, 2017

The Data That Turned the World Upside Down - Motherboard

The Data That Turned the World Upside Down - Motherboard: "To understand the outcome of the election—and how political communication might work in the future—we need to begin with a strange incident at Cambridge University in 2014, at Kosinski's Psychometrics Center."



'via Blog this'

Number of RDP Brute-Force Attacks Spreading Crysis Ransomware Doubles in 6 Months

Number of RDP Brute-Force Attacks Spreading Crysis Ransomware Doubles in 6 Months: Alternatively, he can always buy access to previously hacked RDP servers, via marketplaces like xDedic.

Technology’s Moral Crisis | Digital Tonto

Technology's Moral Crisis | Digital Tonto

http://www.digitaltonto.com/2017/technologys-moral-crisis/

Thursday, March 30, 2017

RATtrap | Security and Privacy for your smart home | Technology

Protecting Remote Access to Your Computer: RDP Attacks and Server Credentials for Sale | Duo Security

Protecting Remote Access to Your Computer: RDP Attacks and Server Credentials for Sale | Duo Security: After these attacks, hackers will sell credentials in a now-defunct xDedic marketplace that offered as many as 250,000 RDP server credentials for sale that gives a buyer access to all of the data on the server and the possibility to launch future attacks using the server, according to Kaspersky Lab. Features of the compromised servers were listed in the marketplace, including RDP configuration, memory, software, browsing history and more.

https://securelist.com/blog/research/75120/the-tip-of-the-iceberg-an-unexpected-turn-in-the-xdedic-story/


Insider Attacks May Be Closer Than They Appear

Insider Attacks May Be Closer Than They Appear: According to the recently published “IBM X-Force 2016 Cyber Security Intelligence Index,” 60 percent of all attacks in 2015 were carried out by insiders. They either had malicious intent or served as inadvertent actors — insiders who either mistakenly allow an attacker access to data or fail to pay attention to cybersecurity policies.

The Map of Cybersecurity Domains (version 2.0) | Henry Jiang, CISO, CISSP | Pulse | LinkedIn

The Map of Cybersecurity Domains (version 2.0) | Henry Jiang, CISO, CISSP | Pulse | LinkedIn: Three file formats are available for downloading: (PDF, FreeMind Map file, SimpleMind Map File). Cybersecurity Map 2.0.

Cyberwarfare : Influencers

Wednesday, March 29, 2017

About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals

‘Anonymous’ FTP Servers Leaving Healthcare Data Exposed | Threatpost | The first stop for security news

'Anonymous' FTP Servers Leaving Healthcare Data Exposed | Threatpost | The first stop for security news

Allowed?

Security Skills Gap Leaves 1 In 4 Businesses Exposed For 6 Months Or Longer - Dark Reading

Security Skills Gap Leaves 1 In 4 Businesses Exposed For 6 Months Or Longer - Dark Reading: "More than 1 in 4 companies report that the time to fill priority cyber security and information security positions can be six months or longer. In Europe, almost one-third of cyber security job openings remain unfilled"



'via Blog this'

Blog - Wordfence

Blog - Wordfence: "Last Friday we quietly launched a new Premium feature in Wordfence: A real-time IP blacklist that completely blocks known malicious IPs from accessing your website."



'via Blog this'

Tuesday, March 28, 2017

BUSINESS PERCEPTION OF IT SECURITY

BUSINESS PERCEPTION OF IT SECURITY: IN THE FACE OF AN INEVITABLE COMPROMISE - TechRepublic: To investigate cyber threat landscape perception and reality, Kaspersky Lab together with B2B International conducted a global study of more than 4,000 business representatives from 25 countries.

Monday, March 27, 2017

North Korea’s Rising Ambition Seen in Bid to Breach Global Banks - The New York Times

North Korea’s Rising Ambition Seen in Bid to Breach Global Banks - The New York Times: Yet security researchers said the hit list, found embedded in the code of the attack on more than 20 Polish banks, underlines how sophisticated the capabilities of North Korean hackers have become. Their goals have now turned financial, along with efforts to spread propaganda and heist data and to disrupt government and news websites in countries considered enemies.

Project MUSE - The Risk Society Revisited

Project MUSE - The Risk Society Revisited: The authors examine our sociological understanding of risk and how we reconcile modern human conditions with our handling of risk in our quest for improved quality of life. They build a new framework for understanding risk—one that provides an innovative connection between social theory and the governance of technological and environmental risks and the sociopolitical challenges they pose for a sustainable future.

The Rise of the Right to Know: Politics and the Culture of Transparency, 1945-1975: Michael Schudson: 9780674744059: Amazon.com: Books

The Rise of the Right to Know: Politics and the Culture of Transparency, 1945-1975: Michael Schudson: 9780674744059: Amazon.com: Books



As Michael Schudson shows in The Rise of the Right to Know, modern transparency dates to the 1950s, 1960s, and 1970s―well before the Internet―as reform-oriented politicians, journalists, watchdog groups, and social movements won new leverage. At the same time, the rapid growth of higher education after 1945, together with its expansive ethos of inquiry and criticism, fostered both insight and oversight as public values.

Press Release | Press Releases | Newsroom | U.S. Senator Mike Rounds of South Dakota

Press Release | Press Releases | Newsroom | U.S. Senator Mike Rounds of South Dakota: The bill would require that at least 5 percent of scholarship funds go to 2-year program students who attend institutions designated by the NSA and DHS as�Centers of Academic Excellence, such as Dakota State University in Madison. The bill would also make competitive grants available to eligible schools for developing cybersecurity academic programs.

Thursday, March 16, 2017

Automating security? Robots can't replace humans in decision loop | ZDNet

U.S. companies spending millions to satisfy Europe's GDPR | CIO

U.S. companies spending millions to satisfy Europe's GDPR | CIO: Short of a catastrophic breach, there may not be a better business case for U.S. companies operating in Europe to fortify their cybersecurity and risk management portfolios than the GDPR, which regulators will implement on May 25, 2018 to ensure data protection for individuals within the European Union (EU).

What are US companies’ view on GDPR? - Information Age

What are US companies’ view on GDPR? - Information Age: “American multinationals that have not taken significant steps to prepare for GDPR are already behind their peers,” said Cline.

Monday, March 13, 2017

Tweet from @privacyfocused

Nothing is sacred: Ottawa Vibrator Company That Tracked Your Jerking Habits Will Pay $3.75m Settlement https://t.co/NDjMPdQOH4 #privacy

http://twitter.com/privacyfocused/status/841468670471630849

From My iPhone

Tweet from @sigfig

when u need to exfil the corporate secrets but only barely know how to use a computer

http://twitter.com/sigfig/status/841468308025036801

From My iPhone

Hemochromatosis – Genes involved | Genetic Lifehacks

Wednesday, March 8, 2017

Cultural cognition project - home

Cultural cognition project - note communication cognition.

http://www.culturalcognition.net/

Sunday, March 5, 2017

Music-Map: William Orbit

Music-Map: William Orbit: "People who like William Orbit might also like these artists."



'via Blog this'

Swiss Eggs Recipe - Food.com

Why had we not heard of these?

Bipartisan bill demands warrants before police could track phones

"New legislation Wednesday that would force police and other agencies to get a warrant before tracking the movements of suspects using GPS data. The law is aimed at clearing up a legal question that even US courts have struggled to answer..."

http://www.geektime.com/2017/02/17/bipartisan-bill-would-close-loophole-require-warrants-before-police-could-track-phones-using-cell-simulators/

Saturday, March 4, 2017

Making children’s toys swear | Pen Test Partners

Making children’s toys swear | Pen Test Partners: “I’ve been to Toys R Us. Hasn’t everyone? (giggle) I love it there because I get to look at all the new toys. I wish I could work there some day and play with all the cool toys all day long. That sounds like a fun job.”

Data Protection: Weaving a path between F.U.D. and Panglossian hope | Andrew Taylor | LinkedIn

Data Protection: Weaving a path between F.U.D. and Panglossian hope | Andrew Taylor | GDPR,ETC.

https://www.linkedin.com/pulse/data-protection-weaving-path-between-fud-panglossian-hope-taylor

Friday, March 3, 2017

Internet-Connected Teddy Bear Leaks Millions Of Voice Messages and Password

Internet-Connected Teddy Bear Leaks Millions Of Voice Messages and Password: "Now, in the latest security failing of the internet-connected smart toys, more than 2 Million voice recordings of children and their parents have been exposed, along with email addresses and passwords for over 820,000 user accounts."



'via Blog this'

Sunday, February 26, 2017

Security Skills Gap Leaves 1 In 4 Businesses Exposed For 6 Months Or Longer - Dark Reading

Security Skills Gap Leaves 1 In 4 Businesses Exposed For 6 Months Or Longer - Dark Reading: "45% of respondents don’t believe most applicants understand the business of cyber security"



'via Blog this'

Blackboard Malicious OneClass Chrome Extension

Blackboard Malicious OneClass Chrome Extension: "Blackboard has issued a security advisory to inform Blackboard users about a malicious Chrome browser extension being distributed via phishing emails.  "



'via Blog this'

This "retro" technique still makes the best coffee / Boing Boing

This "retro" technique still makes the best coffee / Boing Boing

http://boingboing.net/2017/02/25/this-retro-technique-still.html

Saturday, February 25, 2017

The Peelian Principles | The Crime Prevention Website

The reforms introduced by Sir Robert Peel and the first Police Commissioners were based on a philosophy that the power of the police comes from the common consent of the public, as opposed to the power of the state.

https://thecrimepreventionwebsite.com/police-crime-prevention-service---a-short-history/744/the-peelian-principles/

Cylance marketing money in action

Cylance claims Cylance Saves Millions, Achieves 251% ROI, cites recent Forrester study titled "The Total Economic Impact of Cylance" and "reveals astonishing results".



https://pages.cylance.com/lp-adv-forrester-tei-report-2017.html

About The Podcast - Curious Minds Podcast

Quote: "Ran! I never write to people, however given that you wrote me first, I'll take the opportunity to say how much I love CMPod. It's been a week and I've listened to everything you guys have done. It's got a great format and the information and ideas are presented so clearly. Every bit of it is excellent. Also, please look into recording audio books. Your voice and accent is very great to listen to." (N.D.)
?http://www.cmpod.net/about/

Wednesday, February 22, 2017

Monday, February 13, 2017