Wednesday, January 31, 2018

Here are the 'most clicked' phishing email templates that trick victims - TechRepublic

Here are the 'most clicked' phishing email templates that trick victims - TechRepublic

https://www.techrepublic.com/article/here-are-the-most-clicked-phishing-email-templates-that-trick-victims/

Tuesday, January 30, 2018

‘It Can’t Be True.’ Inside the Semiconductor Industry’s Meltdown - Bloomberg

‘It Can’t Be True.’ Inside the Semiconductor Industry’s Meltdown - Bloomberg: "like Prescher more than a year later, the Graz team was skeptical this was a real flaw. Gruss recalls telling Fogh that the chipmakers would have uncovered such a glaring security hole during testing and would never have shipped chips with a vulnerability like that.



"Despite Fogh’s encouragement, the Graz researchers still didn’t think attacks would ever work in practice. "That would be such a major f*ck-up by Intel that it can’t be possible," Schwarz recalled saying. So the team didn’t dedicate much time to it."



'via Blog this'

How the industry-breaking Spectre bug stayed secret for seven months - The Verge

How the industry-breaking Spectre bug stayed secret for seven months - The Verge: "“In the ‘90s we used to think one-vulnerability, one-vendor, and that was the majority of the vulnerabilities you saw. Now, almost everything has some multi-party coordination element.” says Moussouris. “This is just what multi-party disclosure looks like.”"



'via Blog this'

How the industry-breaking Spectre bug stayed secret for seven months - The Verge

How the industry-breaking Spectre bug stayed secret for seven months - The Verge: "(Fogh said it was clear from the beginning that any workable bug would be disastrous. “When you start looking into something like this, you know already that it’s really bad if you succeed,” he told me. After the Meltdown and Spectre releases and the ensuing chaos, Fogh has decided not to publish any of his further research on the topic.)"



'via Blog this'

How the Meltdown Vulnerability Fix Was Invented - IEEE Spectrum

How the Meltdown Vulnerability Fix Was Invented - IEEE Spectrum: "And here, thanks to the gang at Graz is Meltdown in action:"



'via Blog this'

Interactive map shows which San Diego areas have the worst air quality

Interactive map shows which San Diego areas have the worst air quality

http://www.sandiegouniontribune.com/news/data-watch/sd-me-ozone-map-20180130-story.html

Monday, January 29, 2018

ESET Mac

macOS users version 10.13 (High Sierra)

  1. Upgrade to macOS version 10.13.3 or later as soon as possible.
     
  2. (optional) Following the upgrade, you can uninstall and install the most recent version of your ESET product for macOS to ensure that you do not experience errors. If you are unable to uninstall, you may need to start macOS in Safe Boot Mode

https://support.eset.com/alert6654/

Blockchain: so much bigger than bitcoin… | Technology | The Guardian

Sunday, January 28, 2018

The Follower Factory - The New York Times

Meltdown & Spectre: Computing's 'Unsafe at Any ...

Zoom H1 Handy Recorder | Zoom

Zoom H1 Handy Recorder | Zoom

Sony eSupport - ICD-MX20 - Support

Sony eSupport - ICD-MX20 - Support

Check out voice activation 

https://esupport.sony.com/US/p/model-home.pl?mdl=ICDMX20

Friday, January 26, 2018

Rise in cryptomining malware impacts organizations worldwide - Help Net Security

Rise in cryptomining malware impacts organizations worldwide - Help Net Security

https://www.helpnetsecurity.com/2018/01/26/cryptomining-malware/

Blockchain's Bid to Rid the World of Data Breaches

Tech firms let Russia probe software widely used by U.S. government

Cloud Outage Could Cause $19 Billion in Losses, Lloyd's Estimates

Thursday, January 25, 2018

Key Changes with the General Data Protection Regulation

Key Changes with the General Data Protection Regulation: "Under GDPR organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors -- meaning 'clouds' will not be exempt from GDPR enforcement."

'via Blog this'

How Hedge Funds (Secretly) Get Their Way in Washington - Bloomberg

Meltdown & Spectre: Computing's 'Unsafe at Any ...

B&O speakers

Forgot to mention this  - some of the guys at work are saying the speakers are very good - so I googled them. They cost $160! So yes, they should be good!

Wednesday, January 24, 2018

Bitcoin's gender divide could be a bad sign, experts say - Business - CBC News

Bitcoin's gender divide could be a bad sign, experts say - Business - CBC News: Google Analytics results put the divide at 96.57 per cent men to 3.43 per cent women.

Targeted Attacks on Speech-to-Text

[1801.01944] Audio Adversarial Examples: Targeted Attacks on Speech-to-Text

https://arxiv.org/abs/1801.01944

A new theory for why Americans can’t get a raise.

Registration self-assessment | ICO

Tuesday, January 23, 2018

PayPal to Pay $7.7 Million to U.S. Over Alleged Sanctions Violations - WSJ

PayPal to Pay $7.7 Million to U.S. Over Alleged Sanctions Violations - WSJ: The U.S. Treasury Department disclosed on Wednesday a $7.7 million settlement with eBay Inc. EBAY 0.48% unit PayPal Inc. over alleged sanctions violations by the electronic payments company.

Cybersecurity | Homeland Security

Cybersecurity | Homeland Security: On January 5, 2017, the U.S. Department of Commerce and the U.S. Department of Homeland Security released a draft report to President Trump in response to the Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure issued on May 11, 2017.

The Unfalsifiability of Security Claims - Microsoft Research

The Unfalsifiability of Security Claims - Microsoft Research: "when justifications are unfalsifiable, deciding the relative importance of defensive measures reduces to a subjective comparison of assumptions"



'via Blog this'

Privacy Rules for Uber | HuffPost

Privacy Rules for Uber | HuffPost: "But the recent outcry over privacy, news of the “God View,” and the threats to journalists reveal a problem that will not solve itself: There should be privacy law to regulate Uber and other companies in the ride-sharing industry." 2014



'via Blog this'

Monday, January 22, 2018

Android Malware in gaming apps on Play Store downloaded 4 million times

Android Malware in gaming apps on Play Store downloaded 4 million times

https://www.hackread.com/android-malware-in-gaming-apps-on-play-store/

Too much business travel can lead to depression, anxiety and trouble sleeping, study says - LA Times

Too much business travel can lead to depression, anxiety and trouble sleeping, study says - LA Times

http://www.latimes.com/business/la-fi-travel-briefcase-health-study-20180113-story.html

Echoes of History: Understanding German Data Protection | Bertelsmann Foundation

Echoes of History: Understanding German Data Protection | Bertelsmann Foundation

http://www.bfna.org/research/echos-of-history-understanding-german-data-protection/

GDPR, Part I: History Of European Data Protection Law - Data Protection - Worldwide

GDPR, Part I: History Of European Data Protection Law - Data Protection - Worldwide

http://www.mondaq.com/unitedstates/x/643052/data+protection/GDPR+Part+I+History+of+European+Data+Protection+Law

Call For Papers – 12th international CARO Workshop

Call For Papers – 12th international CARO Workshop: The 12th International CARO Workshop will be held on�the 23rd and 24th of May 2018 in Portland, OR, USA (*). The main theme of the workshop will be:

WANNA SHARE…? No? Privacy data is not for sharing either…

Hacker Infects Gas Pumps with Code to Cheat Customers | Threatpost | The first stop for security news

Hacker Infects Gas Pumps with Code to Cheat Customers | Threatpost | The first stop for security news

https://threatpost.com/hacker-infects-gas-pumps-with-code-to-cheat-customers/129599/

Sunday, January 21, 2018

The Truth About The Deloitte Security Breach

The Truth About The Deloitte Security Breach 

"A single administrator account with access to the Azure implementation was guarded only by a username and password, without any two-factor-authentication(2FA). Attackers stole this administrator's credentials and used them to leverage access to the entire email system."

https://blog.safe-t.com/truth-about-deloitte-security-breach

Saturday, January 20, 2018

10 Insanely Good Reasons You Should Publish On Medium | WordStream

10 Insanely Good Reasons You Should Publish On Medium | WordStream: "However, publishers are still finding and adding new contributors to their sites. How? By scouting for popular authors on Medium."



'via Blog this'

You can now unlock your iPhone 5S for free — Quartz

You can now unlock your iPhone 5S for free — Quartz: "As long as the AT&T locked iPhone hasn’t been reported stolen, hasn’t been “associated with fraudulent activity,” and isn’t currently active on a different AT&T customer’s account you can unlock the phones through its website here."

Someone is touting a mobile, PC spyware platform called Dark Caracal to governments • The Register

Someone is touting a mobile, PC spyware platform called Dark Caracal to governments • The Register: "The EFF and Lookout are trying to find out who exactly is running and using the Dark Caracal network. An update is expected in the summer, once attribution can be made with some certainty"



'via Blog this'

Friday, January 19, 2018

Security Passcode for Your Wireless Account - Wireless Support

Security Passcode for Your Wireless Account - Wireless Support: The security passcode helps protect your wireless account. It’s different from your password to sign in, and it’s not related to your device or voicemail.

(20) Crucial Elements of an Incident Response Plan | LinkedIn

(20) Crucial Elements of an Incident Response Plan | LinkedIn: "Every company will suffer a security incident someday, but not all companies are prepared for it, and preparation will determine what impact a security incident will have on your company. "



'via Blog this'

(10) How does Bitcoin Blockchain work and what are the rules behind it? - Quora

(10) How does Bitcoin Blockchain work and what are the rules behind it? - Quora: Store your data on the blockchain and it is incorruptible. [I am not convinced.]

(10) How does Bitcoin Blockchain work and what are the rules behind it? - Quora

(10) How does Bitcoin Blockchain work and what are the rules behind it? - Quora: Store your data on the blockchain and it is incorruptible. [I am not convinced.]

Wednesday, January 17, 2018

Coalition for Cybersecurity Policy & Law

Tuesday, January 16, 2018

The Problems with Seeking and Avoiding True Attribution to Cyber Attacks – Robert M. Lee

The Problems with Seeking and Avoiding True Attribution to Cyber Attacks – Robert M. Lee: Attribution to cyber attacks means different things to different audiences. In some cases analysts only care about grouping multiple intrusions together to identify an adversary group or their campaign. This helps analysts identify and search for patterns.

DROWN Attack

DROWN Attack: DROWN allows attackers to break the encryption and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. Our measurements indicate 33% of all HTTPS servers are vulnerable to the attack.

MIT And BU Researchers Uncover Critical Security Flaw In $2B Cryptocurrency IOTA

MIT And BU Researchers Uncover Critical Security Flaw In $2B Cryptocurrency IOTA: IOTA, a�$2 billion cryptocurrency that�supports Internet of things (IoT) transactions, was�shown to have “serious weaknesses” according to a report�recently released by researchers at MIT and Boston University

Juniper Firmware: New Crypto Flaw Found - BankInfoSecurity

Juniper Firmware: New Crypto Flaw Found - BankInfoSecurity: Eight years after a crypto backdoor was added to the ScreenOS firmware that runs Juniper Networks' NetScreen firewalls, among other devices, the U.S. networking giant has promised to eliminate the vulnerability and moved to reassure customers that its products are now safe to use (see Juniper Devices Are Under Attack).

50 Amazing Internet Security Blogs You Should Be Following [Updated]

50 Amazing Internet Security Blogs You Should Be Following [Updated]: If you are concerned about your online security (and you should), it’s essential to know which are the best cyber security blogs that could help you stay informed about the most recent trends in the threat landscape.



Now 69!

Monday, January 15, 2018

Cyber trust and security – Megatrends by HP

Cyber trust and security – Megatrends by HP

https://hpmegatrends.com/cyber-trust-and-security-dc053abb1cca

2015 Piaggio MP3 500 ABS, 3 Wheel Scooter | Cycle World

Friday, January 12, 2018

Intel Unveils 'Breakthrough' Quantum Computer - ExtremeTech

Criminologists Are Asking Jeff Sessions To Release FBI Crime Data | FiveThirtyEight

Criminologists Are Asking Jeff Sessions To Release FBI Crime Data | FiveThirtyEight

https://fivethirtyeight.com/features/criminologists-are-asking-jeff-sessions-to-release-fbi-crime-data/

AFRL/RIK Division and Branch Offices > Wright-Patterson Air Force Base > Display

AFRL/RIK Division and Branch Offices > Wright-Patterson Air Force Base > Display:



"AFRL/RIKD - Information Grid and Systems Contracting Branch

Mission Statement
The R&D Contracts Branch reviews adequacy of assigned purchase request packages for contract action. Assists engineering personnel in finalizing Statements of Work, specification and data requirements. Publishes "Notices of Contract Action," and/or "Notice of Award" in the FEDBIZOPPS as required by regulation. Selects sources for solicitation and prepares Request for Proposals (RFPs), receives and evaluates proposals, negotiates, request final proposal revisions or makes awards without discussion if possible, performs source selection and awards appropriate contractual instruments. Negotiates and awards contracts resulting from Broad Agency Announcements (BAAs), the Small Business Innovation Research (SBIR) national solicitation, and the Small Business Minority 8A Program. Conducts Contract and Business Clearance Approval for all contractual actions within the approved thresholds. Distributes all contractual documents. Performs contract management of all contracts issued. Terminates assigned contracts as required. Performs final contract closeout and all contract retirement functions. Inputs appropriate acquisition data into the AFMC automated management system database."



'via Blog this'

Thursday, January 11, 2018

Scientists Find New Clues About Mysterious Origins of Humans in Neanderthal Sex and Ape DNA

Scientists Find New Clues About Mysterious Origins of Humans in Neanderthal Sex and Ape DNA

http://www.newsweek.com/scientists-seek-clues-about-mysterious-origins-humans-neanderthal-sex-and-774893

Tuesday, January 9, 2018

ICS-CERT Advice on AV Updates Solid, But Impractical | SecurityWeek.Com

ICS-CERT Advice on AV Updates Solid, But Impractical | SecurityWeek.Com: "The U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has offered some advice on how antivirus software should be updated in industrial environments"



'via Blog this'

Across the USA, governments have a gender hypocrisy gap | Fox News

Across the USA, governments have a gender hypocrisy gap | Fox News

http://www.foxnews.com/opinion/2017/11/17/across-usa-governments-have-gender-hypocrisy-gap.html

Monday, January 8, 2018

macos - Stop Pulse Secure from opening at startup Mac - Stack Overflow

Worked for me: macos - Stop Pulse Secure from opening at startup Mac - Stack Overflow: "There is no system configuration switch on the Mac to prevent auto startup of Pulse Secure.

So we have to using Automater, create an app to run the following script during system boot:"



'via Blog this'

Facial recognition...

Solved: xr11 v3 remote - program 30 second skip - Xfinity Help and Support Forums - 2800046

Pinterest wall ideas

Sunday, January 7, 2018

How to Make a Podcast Feed from Blogger

Meltdown and Spectre – enterprise action plan | Rendition Infosec

San Diego paid out almost $278,000 for security for Trump's border wall build - LA Times

San Diego paid out almost $278,000 for security for Trump's border wall build - LA Times

http://www.latimes.com/local/lanow/la-me-ln-sd-border-wall-20180106-story.html

Rugstc 2x3 Pak Persian Ivory Area Rug, Hand-Knotted,Floral with Silk/Wool Pile | eBay

Saturday, January 6, 2018

Bigso Marten Navy Paper Drawers | The Container Store

Friday, January 5, 2018

Global Threat Intelligence Center 2017 Q3 Threat Intelligence Report

Global Threat Intelligence Center 2017 Q3 Threat Intelligence Report

Thursday, January 4, 2018

What’s the Best Way to Take an Afternoon Nap? - WSJ

Cybersecurity in 2018: What will the new year bring?

Cybersecurity in 2018: What will the new year bring?: "David Harley, senior research fellow at ESET, explained that the number of networked devices, from fridges to toys, could create more opportunities for bad actors, widening the attack surface."



'via Blog this'

Long Jail Terms for Sexual Offenders Do Little Good - The Chronicle of Higher Education

Long Jail Terms for Sexual Offenders Do Little Good - The Chronicle of Higher Education

https://www.chronicle.com/article/Long-Jail-Terms-for-Sexual/236858

Toxic masculinity is probably destroying the planet. | Grist

Toxic masculinity is probably destroying the planet. | Grist

If gender roles are toxic for people and the planet, it's time to rethink them.

Taming Cybersecurity Regulation Mayhem

Meltdown and Spectre

Meltdown and Spectre: These hardware bugs allow programs to steal data which is currently processed on the computer.

Wednesday, January 3, 2018

How to Benchmark Your Windows PC: 5 Free Benchmarking Tools

21st Century Oncology Faces $2.3M HIPAA Settlement ...

21st Century Oncology Faces $2.3M HIPAA Settlement ...: "21st Century Oncology and the US Department of Health and Human Services Office for Civil Rights reached a $2.3 million settlement agreement, following a breach of the company's network SQL database and theft of the medical data and Social Security numbers of millions of patients."



'via Blog this'

The NSA's top talent is leaving because of low pay and flagging morale

Tuesday, January 2, 2018

Does Meeting Compliance Include File Servers? - Enterprise Network Security Blog from ISDecisions

Does Meeting Compliance Include File Servers? - Enterprise Network Security Blog from ISDecisions

https://www.isdecisions.com/blog/it-management/does-meeting-compliance-include-file-servers/

Monday, January 1, 2018

Man, It's Still So Easy to Fool Facial Recognition Software