Posts Tagged ‘security’

cybersecurity story

August 5, 2017

The absent-minded prof in the news…!

http://www.nature.com/news/cybersecurity-for-the-travelling-scientist-1.22379

Cybersecurity for the travelling scientist

Virtual private networks, tracking apps and ‘burner’ laptops: how to protect sensitive data when you take your research on the road.

Brian Owens

02 August 2017

QT:{{”
Mark Gerstein has had his fair share of scares when it comes to losing track of his electronic devices — and, along with them, access to his private information and research data.

“I’m very security conscious, but also a bit of an absent-minded professor,” says Gerstein, a bioinformatician at Yale University in New Haven, Connecticut.

He recalls one trip to Boston, Massachusetts, when he left his phone in a taxi, and watched it get farther and farther away on the tracking app on his iPad while he ran after the car in vain. Luckily, Gerstein was able to contact the taxi company, and eventually watched his phone make the return journey to his pocket.

Gerstein’s story had a happy ending, but all too often, hardware lost on the road is lost for good.
“}}

Inside the Hunt for Russia’s Most Notorious Hacker

April 28, 2017

Inside the Hunt for Russia’s Most Notorious #Hacker
https://www.Wired.com/2017/03/russian-hacker-spy-botnet/ A
progression: Zeus, the Business Club & then espionage

QT:{{”
“As far as anyone could tell, GameOver Zeus was controlled by a very elite group of hackers—and the group’s leader was Slavik. He had reemerged, more powerful than ever. Slavik’s new crime ring came to be called the Business Club. A September 2011 internal announcement to the group—introducing members to a new suite of online tools for organizing money transfers and mules—concluded with a warm welcome to Slavik’s select recipients: “We wish you all successful and productive work.””
“}}

WikiLeaks Shows How the CIA Can Hack a Mac’s Hidden Code

March 25, 2017

WikiLeaks Shows How the CIA Can Hack a Mac
https://www.wired.com/2017/03/wikileaks-shows-cia-can-hack-macs-hidden-code/ Modifying the firmware of Thunderbolt adapters to make spyware implanters

QT:{{”
“The CIA’s documents describe a series of tools that agents can use to install “implants” on target machines, capable of silently monitoring everything that occurs within its operating system and transmitting it to a remote operator. One manual explains how to modify the firmware of a standard Apple Thunderbolt-to-ethernet adapter, turniing it into an spyware-planting tool the CIA calls “Sonic Screwdriver.” When plugged in, the altered adapter can trick a Mac into thinking it’s booting its operating from a spoofed network source that the adapter impersonates, allowing tweaks to its firmware even in the rare cases when the user has set a password for any changes to that deep-seated code.”
“}}

The Demon Voice That Can Control Your Smartphone

January 30, 2017

The Demon Voice That Can Control Your…phone
https://www.theatlantic.com/technology/archive/2017/01/the-demon-voice-that-can-talk-to-your-smartphone/513743 Verbal malware: Yell into a crowd, “Hey #Siri, text mom, I’m pregnant”

QT:{{”

“Here’s a fun experiment: Next time you’re on a crowded bus, loudly announce, “Hey Siri! Text mom, ‘I’m pregnant.’” Chances are you’ll get some horrified looks as your voice awakens iPhones in nearby commuters’ pockets and bags. They’ll dive for their phones to cancel your command.

But what if there was a way to talk to phones with sounds other than words? Unless the phones’ owners were prompted for confirmation—and realized what was going on in time to intervene—they’d have no idea that”
“}}

The Demon Voice That Can Control Your Smartphone

January 30, 2017

The Demon Voice That Can Control Your…phone
https://www.theatlantic.com/technology/archive/2017/01/the-demon-voice-that-can-talk-to-your-smartphone/513743 Verbal malware: Yell into a crowd, “Hey #Siri, text mom, I’m pregnant”

QT:{{”

“Here’s a fun experiment: Next time you’re on a crowded bus, loudly announce, “Hey Siri! Text mom, ‘I’m pregnant.’” Chances are you’ll get some horrified looks as your voice awakens iPhones in nearby commuters’ pockets and bags. They’ll dive for their phones to cancel your command.

But what if there was a way to talk to phones with sounds other than words? Unless the phones’ owners were prompted for confirmation—and realized what was going on in time to intervene—they’d have no idea that”
“}}

Yahoo discloses hack of 1 billion accounts

January 10, 2017

Yahoo discloses #hack of 1 billion accounts
http://social.techcrunch.com/2016/12/14/yahoo-discloses-hack-of-1-billion-accounts/ Seems the scale of this affects a large fraction of all Internet users

Have I been pwned? Check if your email has been compromised in a data breach

November 3, 2016

https://haveibeenpwned.com/

Inside macOS Sierra: Apple’s Optimized Storage and management features – Mac OS X Discussions on AppleInsider Forums

October 17, 2016

Inside…Sierra: $AAPL’s Optimized Storage
http://forums.appleinsider.com/discussion/196115/inside-macos-sierra-apples-optimized-storage-and-management-features Strong filesystem-icloud integration. Maybe good but also heavy handed

QT:{{”

“paxman said:
I am curious though, what do you mean by a very secure iCloud account? Do you just mean that you use two step verification and ‘difficult’ password? or is there something more?
Extremely strong password becaue it’s an internet-facing account that hold so much personal data
Password unique to that account
2FA
Notifcations of access attempts (if that’s possible to set up. I forget) Answers to personal questinons and birthday purposely inaccurate (in other words, the questions are a key to the get the correct answer generated randomly)”
“}}

Yahoo Says Hackers Stole Data on 500 Million Users in 2014 – The New York Times

September 25, 2016

Yahoo Says Hackers Stole Data on 500M in ’14
http://www.nytimes.com/2016/09/23/technology/yahoo-hackers.html I haven’t yet received notice from @Yahoo to change my passwd. Why?

Also:
https://www.ft.com/content/266aa154-8165-11e6-8e50-8ec15fb462f4

Bitcoin Rival Ethereum Gains Traction – WSJ

July 4, 2016

#Bitcoin Rival Ethereum Gains Traction…. but suffers $55m theft due to hacked code. Wow!
http://www.wsj.com/articles/bitcoin-rival-ether-gains-traction-1466461279