Hackers don’t just want your credit cards, now they want the pattern of your life
Apr 28th
From: Open Source Intelligence
***
“If you have a credit card number, a name, and any kind of personal information such as the name of their wife or the name of their pets — anything which can be used to guess a password — you can get your hands on anything you want. It’s a very efficient product” said Apolline Aigueperse, lead cyberrisk analyst at cybersecurity firm CybelAngel, speaking at the recent Security & Counter Terror Expo in London.
What becomes of Facebook when people start to value privacy?
Apr 26th
From: engadget
We’ve learned to protect our online image, but that’s inconvenient for a site that wants every gory detail of our lives.
Facebook’s role in the world has changed though I didn’t expect to have an epiphany about that while sitting in the pews of a drafty, 11th-century church. It was at a wedding earlier this month, and the program handed out bore a disclaimer that would have been mystifying a few years ago. “Roger and Stephanie* would like to request that guests DO NOT post any photos of the ceremony, or share anything to social media relating to the day.” Instead of wanting to broadcast their special moments to the world, they were actively asking people to do the opposite. The truth is that Facebook was designed for people to spill their guts, but now more people are deciding that their privacy is more important.
Is the FCC Inviting the World’s Cyber Criminals into America’s Living Rooms?
Apr 21st
Editor’s Note: Cross-posted from OIRA Watch.
In October 2012, the Chairman and Ranking Member of the House Intelligence Committee issued a joint statement warning American companies that were doing business with the large Chinese telecommunications companies Huawei and ZTE to “use another vendor.”
The bipartisan statement cited the Intelligence Committee’s Report that
“highlights the interconnectivity of U.S. critical infrastructure systems and warns of the heightened threat of cyber espionage and predatory disruption or destruction of U.S. networks if telecommunications networks are built by companies with known ties to the Chinese state, a country known to aggressively steal valuable trade secrets and other sensitive data from American companies.”
Smartphone App Lets Anyone Report ‘Suspicious People’ In ‘Transitional’ St. Louis Neighborhood
Apr 20th
From: Think Progress
A wealthy New Orleans real estate developer has created “Uber for cops,” an app that allows anyone with a smartphone to report nonviolent criminals, drug dealers, homeless people and others they feel may be “suspicious.”
According to the creator, Sidney Torres, the French Quarter Task Force app is a user-driven platform that allows bystanders to identify and photograph suspicious behavior and alert cops about where the suspected culprits are located. The app focuses on petty nonviolent crime not usually considered emergencies by law enforcement. Torres says the app would make it easier for cops to know exactly where to find a suspicious person or if a crime — the list offers categories like theft, vandalism, carrying of weapons, drug dealing, assault, prostitution, or “aggressive solicitation” — is in progress.
NIST Gives Agencies Guidance on Boosting Cybersecurity for BYOD, Telework
Apr 19th
From: FedTech
Security concerns increase as more federal offices offer workers greater flexibility through telework options and the ability to use their own devices.
Former Bitcoin Regulator Turns Blockchain Advisor
Apr 18th
From: CryptoCoinNews.com
Former New York regulator Benjamin Lawsky, who oversaw what many consider the most restrictive state bitcoin regulation known as BitLicense, now works as a counsel and media liaison for Axoni, a blockchain technology firm that uses blockchain in settling derivative transactions, according to Reuters.
Elliot Maras
Lawsky said he intended to start a consulting business when he announced his departure from the New York Department of Financial Services last spring, CCN reported. As a regulator, Lawsky had a reputation for consistently pushing for larger fines and stricter rules.
World’s Largest International Technical Cyber Defence Exercise Takes Place Next Week
Apr 15th
From: NATO Cooperative Cyber Defence Centre of Excellence
1500 virtualised systems are deployed during Locked Shields 2016. The virtualized Blue Team networks are custom-built and include a variety of services and platforms.
Locked Shields 2016 is organised in cooperation with the Estonian Defence Forces, the Finnish Defence Forces, the Swedish Defence College, the British Army, the United States European Command, and numerous other partners.
Connecticut Water Regulator Leading the Way on Cyber Risk Management
Apr 14th
From: Our Water Counts Blog
Connecticut Governor Daniel Malloy released the state’s long anticipated Cybersecurity Action Plan for utilities that include the water sector. The Connecticut Public Utilities Regulatory Authority (PURA) began the process of developing a cybersecurity regulatory approach two years ago that has been thoughtful, risk-based and collaborative. The result is cybersecurity regulation that is both flexible and reasonable.
CFPB Targets Online Payment Platform in First Enforcement Action on Cybersecurity
Apr 13th
From: Payments Journal
Donald J. Mosher, Lisa A. Prager, Michael L. Yaeger, Melissa G.R. Goldstein and Kimberly G. Monty |Schulte Roth & Zabel
The Consumer Financial Protection Bureau (“CFPB”) broke new ground last week with its Consent Order against Dwolla Inc. (“Dwolla”), an online payment platform, for deceiving consumers about its information security practices.The Consent Order alleges that Dwolla made public statements regarding the efficacy of its data security system and failed to fulfill those promises. The enforcement action is especially striking because the CFPB imposed a $100,000 civil monetary penalty on Dwolla despite the lack of any evidence that the payment processor experienced a data breach or any kind of cybersecurity incident, and also because the CFPB imposed significant — and expensive — new compliance obligations beyond what other federal regulators have demanded in similar situations. Most notably, the Consent Order provided that Dwolla must perform regular risk assessments and retain an independent third party to perform an annual cybersecurity audit for the next five years.
Sweden issued cyber attack alert as its air traffic reeled
Apr 12th
From: AldriMer.no
With much of Sweden’s air traffic crippled on 4 Nov. 2015, authorities in the Scandinavian country notified NATO of a serious, ongoing cyber attack by a hacker group linked to Russian intelligence.
By KJETIL STORMARK
Officially, the Swedish Civil Aviation Administration blamed a solar storm for knocking out air traffic control systems in much of Sweden on 4 November.
Urgent warning