Thursday, June 29, 2017

Page Not Found - Lenovo Support

Page Not Found - Lenovo Support: "The document you have requested is not available. You may have entered an incorrect URL or login with authorized credentials (for Lenovo Field Servicers and/or Call Center Agents only) to view the page."



'via Blog this'

Tuesday, June 27, 2017

Why Mechanical Turk is the greatest market research tool you never thought to use

"One tricky thing about mTurk is setting up the HITs themselves. You need to know a little HTML code. But I'll include the very basic version I use:

<h3>Please follow the link for the survey</h3>"


https://medium.com/@vacord/why-mechanical-turk-is-the-greatest-market-research-tool-you-never-thought-to-use-872120766ee

Towards a Cyber-Security Treaty | Just Security

"Policymakers must therefore first acknowledge existing legal frameworks that transcend the orthodox focus on the law of war. These likely provide a much better starting point. Last year's Report of the U.N. Group of Governmental Experts, for example, has come up with cyber-specific rules of responsible behavior in cyberspace. In addition, Russia, China and four other States have signed an additional non-binding "international code of conduct for information security", in which they pledged "not to use information… to interfere in the affairs of other States or with the aim of undermining the political, economic, and social stability.""

https://www.justsecurity.org/32268/cyber-security-treaty/

PSA: Petya Ransomware Affecting Critical Systems Globally: Here's What to Do.

Sunday, June 25, 2017

Survey Shows US CIOs Getting A GDPR Headache - InformationWeek

Survey Shows US CIOs Getting A GDPR Headache - InformationWeek: US companies that don't have a presence in Europe still have to be sure that they comply with the EU's privacy laws regarding personally identifiable data.

Study finds cybersecurity pros are hiding breaches, bypassing protocols, and paying ransoms - TechRepublic

Study finds cybersecurity pros are hiding breaches, bypassing protocols, and paying ransoms - TechRepublic: It's a shocking discovery that could shake your concept of security to its core: Those trusted to protect your networks are ignoring their own policies. Is something rotten in the state of cybersec?

NSA officials worried about the day its potent hacking tool would get loose. Then it did. - The Washington Post

NSA officials worried about the day its potent hacking tool would get loose. Then it did. - The Washington Post: "“NSA identified a risk and communicated it to Microsoft, who put out an immediate patch” in March, said Mike McNerney, a former Pentagon cybersecurity official and a fellow at the Truman National Security Project. The problem, he said, is no senior official took the step of shouting to the world: “This one is very serious and we need to protect ourselves.”

But critics say the government got off easy this time. What if the Shadow Brokers had dumped the exploits in 2014, before the government had begun to upgrade software on its computers? What if they had released them and Microsoft had no ready patch?"



'via Blog this'

NSA officials worried about the day its potent hacking tool would get loose. Then it did. - The Washington Post

NSA officials worried about the day its potent hacking tool would get loose. Then it did. - The Washington Post: "“If one of our targets discovered we were using this particular exploit and turned it against the United States, the entire Department of Defense would be vulnerable,” the second employee said. “You just have to have a foothold inside the network and you can compromise everything.”"



'via Blog this'

EternalBlue has raised questions

The timing of EternalBlue has raised questions for experts because Microsoft made history by cancelling Patch Tuesday in February then released the fixes for the EternalBlue flaws in a March 2017 Patch Tuesday bulletin about one month before the Shadow Brokers unlocked the full details of the EternalBlue exploit.

Risk & Repeat: Microsoft slams NSA over EternalBlue

Risk & Repeat: Microsoft slams NSA over EternalBlue: "In the aftermath of the WannaCry ransomware attacks this month, Microsoft took the unprecedented step of publically calling out the National Security Agency for hoarding vulnerabilities and exploits, such as EternalBlue.

"



'via Blog this'

BBC video

Cycon | Call for Papers 2018

Thursday, June 22, 2017

Closing the Cybersecurity Skills Gap With a New Collar Approach

Bughunter University

Bughunter University: This site was created by the Google Security Team for members of our Vulnerability Reward Program bug hunter community. If you want to create great vulnerability reports, you've come to the right place! Take a look at various tips on how to be successful with our reward program, get a little behind-the-scenes knowledge, and learn from the mistakes other bug hunters sometimes make.

Program Rules – Application Security – Google

Program Rules – Application Security – Google We have long enjoyed a close relationship with the security research community. To honor all the cutting-edge external contributions that help us keep our users safe, we maintain a Vulnerability Reward Program for Google-owned web properties, running continuously since November 2010.

Patch Rewards – Application Security – Google

Patch Rewards – Application Security – Google Of course, you need to make sure that your work does not violate any law and does not disrupt or compromise any data that is not your own.

HHS targeting outdated regs in wake of damning cybersecurity report, WannaCry

HHS targeting outdated regs in wake of damning cybersecurity report, WannaCry | Healthcare IT News: new cybersecurity threats require updated guidelines, HHS, CMS, ASPR officials say.

Thursday, June 15, 2017

CIA has been hacking into Wi-Fi routers for years, leaked documents show | ZDNet

CIA has been hacking into Wi-Fi routers for years, leaked documents show 

http://www.zdnet.com/article/cia-has-been-hacking-into-wi-fi-routers-for-years-leaked-documents-show/

Advanced CIA firmware has been infecting Wi-Fi routers for years | Ars Technica

Advanced CIA firmware has been infecting Wi-Fi routers for years | Ars Technica

https://arstechnica.com/security/2017/06/advanced-cia-firmware-turns-home-routers-into-covert-listening-posts/

The NSA has linked the WannaCry computer worm to North Korea - The Washington Post

The NSA has linked the WannaCry computer worm to North Korea - The Washington Post: The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with “moderate confidence” to North Korea’s spy agency, the Reconnaissance General Bureau, according to an individual familiar with the report.

Microsoft: Latest security fixes thwart NSA hacking tools | ZDNet

Microsoft: Latest security fixes thwart NSA hacking tools | ZDNet: Microsoft has confirmed its latest round of security patches has fixed three remaining vulnerabilities built by the National Security Agency, which the company previously said it would not fix.

WannaCry ransomware timeline: from the NSA to the NHS

WannaCry ransomware timeline: from the NSA to the NHS | Gallery | Computerworld UK



Annoying format!

Why 'WannaCry' Malware Caused Chaos for National Health Service in U.K. - NBC News

Why 'WannaCry' Malware Caused Chaos for National Health Service in U.K. - NBC News: Last week's worldwide cyberattack potentially put lives at risk by paralyzing computers at state-run medical facilities across the U.K. — including many using discontinued Windows XP.

(U//FOUO) DHS Report: Potential Impacts of WannaCry Ransomware on Critical Infrastructure | Public Intelligence

(U//FOUO) DHS Report: Potential Impacts of WannaCry Ransomware on Critical Infrastructure | Public Intelligence: WannaCry installs the DoublePulsar backdoor, which means that infected machines may still be vulnerable to future attacks.

The Washington Post: The NSA has linked the WannaCry computer worm to North Korea

The NSA has linked the WannaCry computer worm to North Korea
http://wapo.st/2s2G1Gg

Wednesday, June 14, 2017

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | US-CERT

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | US-CERT: "DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. "



'via Blog this'

Director Comey Legally SS7 Taped Calls, Meetings With Trump – patribotics

Director Comey Legally Taped Calls, Meetings With Trump – patribotics

https://patribotics.blog/2017/06/13/exclusive-director-comey-legally-taped-calls-meetings-with-trump/

Friday, June 9, 2017

Digital disruption: Data intelligence, digital supply chain and beyond | IBM

IoT Security Spending Pays Off

OneLogin security chief reveals new details of data breach | ZDNet

"The company has advised customers to change their passwords, generate new API keys for their services, and create new OAuth tokens -- used for logging into accounts -- as well as to create new security certificates.

One report pointed to a corporate customer affected by the breach having to "rebuild the whole authentication security system.""

http://www.zdnet.com/article/onelogin-security-chief-new-details-data-breach/

Monday, June 5, 2017

Saturday, June 3, 2017

Shocke Bikes Spark Commuter eBike | ElectriCity Cycles

Indigenous knowledge systems can help solve the problems of climate change

"Indigenous knowledges have been greatly suppressed as a part of the colonial process in Australia. Our people lived completely sustainably, and in balance with each other and country, for over 60,000 years. We kept our country clean through practices like fire-stick farming, we monitored our species of animals and plants through our totem systems."

https://www.theguardian.com/commentisfree/2017/jun/02/indigenous-knowledge-systems-can-help-solve-the-problems-of-climate-change?CMP=share_btn_tw

QUIZ: How Good Are You At Detecting Bias? (with Lesson Plan) | The Lowdown | KQED News

QUIZ: How Good Are You At Detecting Bias? (with Lesson Plan) | The Lowdown | KQED News: Take this quiz to test how adept you are at recognizing five of the most common forms of cognitive bias that most likely influence your daily decision-making.

Friday, June 2, 2017

About Backchannel

About Backchannel: Mining the tech world for lively and meaningful tales and analysis. May be pitch?

Password manager OneLogin hacked, exposing sensitive customer data | ZDNet

Thursday, June 1, 2017

6 tips for successful enterprise risk management - The Business Journals

6 tips for successful enterprise risk management - The Business Journals: "A recent survey by the American Institute of CPAs (AICPA) and North Carolina State University, however, found that only 28 percent of companies have a complete ERM process in place. Additionally, less than half of companies have a partial ERM process in place, with some, but not all risks addressed. Those are pretty low numbers."



'via Blog this'

the life of a cybercriminal - Google Search

the life of a cybercriminal - Google Search

What to Do If the Laptop Ban Goes Global