chief

now browsing by tag

 
 

#nationalcybersecuritymonth | Hillicon Valley — Presented by Facebook — FCC fines mobile carriers $200M for selling user data | Twitter verified fake 2020 candidate | Dems press DHS to complete election security report | Reddit chief calls TikTok spyware

Source: National Cyber Security – Produced By Gregory Evans

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Maggie Miller (@magmill95), and the tech team, Emily Birnbaum (@birnbaum_e) and Chris Mills Rodrigo (@chrisismills).

 

FCC FINES TOP MOBILE CARRIERS: The Federal Communications Commission (FCC) is proposing more than $200 million in fines against the country’s top mobile carriers after a lengthy investigation concluded T-Mobile, AT&T, Sprint and Verizon improperly sold access to their customers’ precise location information. 

The agency is alleging the companies broke the law by failing to protect information about the geolocation of their hundreds of millions of customers. 

“The FCC has long had clear rules on the books requiring all phone companies to protect their customers’ personal information,” FCC Chairman Ajit Pai (R) said. “And since 2007, these companies have been on notice that they must take reasonable precautions to safeguard this data and that the FCC will take strong enforcement action if they don’t.”

“Today, we do just that,” Pai said.

The proposed fines — which Verizon, AT&T, T-Mobile and Sprint are now allowed to contest — are some of the largest the FCC has proposed in decades. But since reports began emerging about the fines on Thursday night, consumer advocates and privacy hawks in Congress have accused the regulatory agency of holding back and letting the telecom companies off the hook with fines that amount to a “rounding error” compared to their significant bottom lines.

Sen. Ron WydenRonald (Ron) Lee WydenOvernight Health Care — Presented by American Health Care Association — California monitoring 8,400 people for coronavirus | Pence taps career official to coordinate response | Dems insist on guardrails for funding Schiff presses top intel official to declassify part of report on Khashoggi killing Top Trump advisers discuss GOP need to act on health care at retreat with senators MORE (D-Ore.), who was one of the first to shed light on the companies’ unlawful information sharing, released a statement accusing Pai of going easy on the companies.

“It seems clear Chairman Pai has failed to protect American consumers at every stage of the game – this issue only came to light after my office and dedicated journalists discovered how wireless companies shared Americans’ locations willy nilly,” Wyden said. “He only investigated after public pressure mounted.”

“And now his response is a set of comically inadequate fines that won’t stop phone companies from abusing Americans’ privacy the next time they can make a quick buck,” Wyden said.

Verizon, for instance, boasted a total revenue of $31.4 billion in 2019 and is facing a fine of $48 million.

The FCC is proposing a fine of $91 million for T-Mobile, $57 million for AT&T, $48 million for Verizon and $12 million for Sprint.  

T-Mobile, which is facing the largest fine by far, said in a statement Friday that it intends to dispute the FCC’s conclusions.

“We take the privacy and security of our customers’ data very seriously,” T-Mobile said. “While we strongly support the FCC’s commitment to consumer protection, we fully intend to dispute the conclusions of this NAL and the associated fine.” 

Public Knowledge, a consumer rights group, said the FCC’s fines indicate the chairman is enforcing the law “to the barest degree possible.” 

Read more on the fines here.

 

SPONSORED CONTENT — FACEBOOK

Elections have changed and so has Facebook

Facebook has made large investments to protect elections, including tripling the size of the teams working on safety and security to more than 35,000. But the work doesn’t stop there.

See how Facebook has prepared for 2020.

 

TURN IT IN: House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonRussian interference reports rock Capitol Hill Intel officials warned House lawmakers Russia is interfering to get Trump reelected: NYT Top Democrats demand answers on DHS plans to deploy elite agents to sanctuary cities MORE (D-Miss.) on Friday raised concerns around the Department of Homeland Security’s failure to submit a congressionally mandated election security report on time. 

DHS was required under the 2020 National Defense Authorization Act to submit a report to Congress on successful and attempted cyberattacks on U.S. election infrastructure during the 2016 elections, along with any future cyberattacks on elections that DHS anticipates. 

The agency was required by the NDAA to submit the report within 60 days of the bill being signed into law. President TrumpDonald John TrumpThe Memo: Biden seeks revival in South Carolina Congress eyes billion to billion to combat coronavirus Sanders makes the case against Biden ahead of SC primary MORE signed the NDAA on Dec. 20, with Feb. 18 marking the deadline for the report to be submitted to appropriate congressional committees. 

Thompson, whose committee is among those that DHS is required to submit the report to, said Friday that the failure of DHS to submit the report “further obstructs Congress’ abilities to conduct proper oversight,” and noted this was “in direct violation of the law.”

“The threat to our democracy from foreign governments is real, and the Administration’s pattern of denial must stop,” Thompson added. “With President Trump in office, the American people cannot expect our elections to be secure and free from foreign interference or cyber-attacks with status quo measures in place.”

Read more here.

 

‘WALZ’-ING AROUND: Twitter earlier this month verified an account for a fake 2020 congressional candidate created by a teenager.

The account was for a fictional Republican congressional candidate from Rhode Island named Andrew Walz.

His Twitter bio claimed that Walz was a “proven business leader” and a “passionate advocate for students,” CNN Business first reported.

The owner of the account was a 17-year-old high schooler from upstate New York who, according to the network, made the account over the holidays because he was “bored.”

“During Christmas break I was kind of bored and I learned a lot from history class, but also on the news they were talking more about misinformation,” the high school student told CNN Business.

The teen said it took him about 20 minutes to make the website for his candidate and then another five minutes to create the Twitter account.

He got his profile picture from a website called This Person Does Not Exist, which computer generates realistic photos of fake people.

Then, he filled out a short survey with information about his fake candidate on Ballotpedia, the nonprofit “Encyclopedia for American Politics.” Twitter announced in December that it would be partnering with the nonprofit in an attempt to verify more congressional candidates. 

However, according to the student, neither Twitter or Ballotpedia asked for any further kind of identification to confirm that Walz was, in fact, genuine.

The social media platform has received flak from candidates who say it has been slow to verify them.

Read more on the incident here.

 

REDDIT DINGS TIKTOK: TikTok is under scrutiny from Reddit CEO and co-founder Steve Huffman for practices he calls “fundamentally parasitic,” referring to serious privacy concerns surrounding the app.

The app is a video-sharing social networking service owned by ByteDance, a Beijing-based company established in 2012 by Zhang Yiming. TikTok launched in 2017 for iOS and Android in markets outside of China.

Huffman said one of the suspicious practices the company partakes in is fingerprinting, a method of tracking devices for each unique visitor, according to The Verge.

“Maybe I’m going to regret this, but I can’t even get to that level of thinking with [TikTok],” Huffman said at the Social 2030 venture capital conference. “I look at that app as so fundamentally parasitic, that it’s always listening, the fingerprinting technology they use is truly terrifying, and I could not bring myself to install an app like that on my phone.”

Research by data protection expert Matthias Eberl highlights the fingerprinting Huffman refers to as an aggregate of audio and browser tracking, allowing the company to know the types of content each user is following. TikTok parent company ByteDance claims the fingerprinting methods are for recognizing malicious browser behavior, but Eberl offers his skepticism, as the platform seemingly works fine without the scripts enabled.

“I actively tell people, ‘Don’t install that spyware on your phone,’ ” Huffman said of TikTok’s software.

Read more here.

 

SPONSORED CONTENT — FACEBOOK

Elections have changed and so has Facebook

Facebook has made large investments to protect elections, including tripling the size of the teams working on safety and security to more than 35,000. But the work doesn’t stop there.

See how Facebook has prepared for 2020.

 

SCHEMING: Advocates are sounding the alarm over online scams that leave senior citizens particularly vulnerable, urging lawmakers and administration officials to take more steps to protect unsuspecting Americans.

Experts say that threat is heightened during tax season as online options for filing have grown in popularly, opening the door to more scams aimed at obtaining sensitive information or money from victims.

“Consumers should be especially vigilant as we approach tax season,” said Bill Versen, chief product officer at Transaction Network Services, a data services provider.

While there are a slew of scams at tax filing season, experts say that the elderly face a higher risk of being ensnared and experiencing financial hardship.

The most common kinds of tax scams are phishing and calls where a scammer impersonates an IRS official, according to Monique Becenti, a product specialist at cybersecurity firm SiteLock.

Phishing is a tactic used by hackers to get access to private information using fake emails, text messages and social media posts.

These communications are designed to bait unaware users, often the elderly, into giving up their personal information or clicking on links that can download dangerous malware onto computers and phones alike.

But the most common scam between 2014 and 2018 was fraudulent IRS calls, according to a yearly report released by the Senate Committee on Aging.

In those calls, the scammer impersonates an IRS official, demanding payment or sensitive information. In some cases, scammers have been known to threaten to suspend licenses, close businesses or even arrest individuals if they fail to pay fake bills.

“The overall goal is cyber criminals trying to file taxes on behalf of that person,” Becenti told The Hill. And once an individual falls victim, scammers can run further schemes. “Ultimately, they have their Social Security number. … Now they have the ability to open up fraudulent accounts on behalf of that individual.”

Read more here.

 

CHANGE OF PACE: Facebook sued a marketing company Thursday, alleging in federal court that the firm “improperly” collected data from users of the social media platform.

The lawsuit, filed in the Northern District Court of California, claimed oneAudience paid developers to use a malicious software development kit, or SDK, in their apps.

SDKs are tools that let developers make apps more quickly.

OneAudience’s SDK collected data in an improper fashion from Facebook users who opted to log in to certain apps, the lawsuit alleged.

Facebook claimed the data included names, email addresses and gender, in limited cases.

Facebook said it sent a cease-and-desist letter to oneAudience in November, but claimed the company did not cooperate with a requested audit.

OneAudience did not immediately respond to a request for comment.

In a blog post, Jessica Romero, Facebook’s director of platform enforcement and litigation, wrote that the lawsuit was filed to protect the platform’s users.

“This is the latest in our efforts to protect people and increase accountability of those who abuse the technology industry and users,” she wrote. “Through these lawsuits, we will continue sending a message to people trying to abuse our services that Facebook is serious about enforcing our policies.”

Read more here.

 

CAMEO: Former Illinois Gov. Rod Blagojevich (D) joined an app where people can pay for personalized video messages after President Trump commuted his sentence on corruption charges earlier this month. 

Blagojevich is on the app Cameo offering personal messages for $100. 

“Hey it’s Rob Blagojevich. I’m very excited to connect with you on Cameo. If you want a birthday greeting, an anniversary greeting, motivation or any other kind of shoutout, I can’t wait to hear from you,” the former lawmaker said on his account. 

The app features a variety of celebrities and personalities that offer personalized messages for fans upon request. 

Former Trump White House press secretary Sean SpicerSean Michael SpicerRod Blagojevich joins app where people can pay for personalized video message Press: It’s time to bring back White House briefings Rapid turnover shapes Trump’s government MORE also has an account on the app, as does former Trump administration communications director Anthony ScaramucciAnthony ScaramucciRod Blagojevich joins app where people can pay for personalized video message Scaramucci thanks John Kelly for speaking up against Trump Trump lashes out over Kelly criticism: ‘He misses the action’ MORE, former Trump aide Omarosa Manigault and former Trump campaign manager Corey LewandowskiCorey R. LewandowskiRod Blagojevich joins app where people can pay for personalized video message The Hill’s Morning Report – Sanders repeats with NH primary win, but with narrower victory Trump campaign chief relocating to Washington: report MORE

Trump commuted Blagojevich’s sentence earlier this month. He called Blagojevich’s 14-year sentence “ridiculous” 

“He served eight years in jail, a long time. He seems like a very nice person — don’t know him,” Trump said.

Read more here.

 

A LIGHTER CLICK: Hope y’all are happy

 

AN OP-ED TO CHEW ON: Indictment of Chinese hackers is wake-up call for better public-private cooperation

 

NOTABLE LINKS FROM AROUND THE WEB:

Vatican joins IBM, Microsoft to call for facial recognition regulation (Reuters / Philip Pullella, Jeffrey Dastin) 

The World Health Organization has joined TikTok to fight coronavirus misinformation (Verge / Makena Kelly)

Walmart is quietly working on an Amazon Prime competitor called Walmart+ (Recode / Jason Del Rey)

Source link

The post #nationalcybersecuritymonth | Hillicon Valley — Presented by Facebook — FCC fines mobile carriers $200M for selling user data | Twitter verified fake 2020 candidate | Dems press DHS to complete election security report | Reddit chief calls TikTok spyware appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Ohio Chief Information Officer Shares 2020 IT Strategies

Source: National Cyber Security – Produced By Gregory Evans When Ohio Attorney General Mike DeWine was elected as the 70th governor of Ohio in November, 2018, he appointed Ervan Rodgers II as the State’s chief information officer (CIO). Rodgers, who served as CIO at the Ohio Attorney General’s Office for more than four years under […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | Alex Pickering, BBC Studios’ Content Security Chief Named as New Chair by CDSA Board of Directors

Source: National Cyber Security – Produced By Gregory Evans The global entertainment industry’s advocate for content security, content protection and information security, the Content Delivery & Security Association (CDSA), has named BBC Studios’ Content Security Director, Alex Pickering as its new Chairman. Pickering will direct the strategy for the Association’s mission of providing global community engagement around […] View full post on AmIHackerProof.com

#linuxsecurity | Thinking big: Nextcloud chief aims to overtake Office365 and GSuite

Source: National Cyber Security – Produced By Gregory Evans

The head of the open-source file syncing and sharing software company Nextcloud, which has been growing at a fast pace, has ambitions to overtake proprietary services like Office 365 and Google GSuite.

Founder and chief executive Frank Karlitschek told iTWire that, given these plans, the forthcoming Nextcloud releases would see big improvements in productivity, collaboration, communications, scalability and security.

Nextcloud was started as a breakaway from another company, ownCloud, that Karlitschek himself started in 2010. Asked about the split, which occurred in 2016, he said he did not want to dwell on the reasons for the break-up, but said: “At the end of the day the complete set-up of the old company was wrong. [It had] the wrong management, investors, product focus and strategy.

“With Nextcloud we were lucky to fix these issues so that Nextcloud is on a lot better track now. And the results proves us right which makes the full team happy and proud.” He added that while he still had friends at ownCloud, when it came to business the two companies were competitors.

Karlitschek has been a contributor to open source software for a long time and has also been on the board of KDE, the first full-fledged desktop environment for Linux users.

However, he says that this experience has not helped him negotiate deals with German and other European companies. “KDE is not a business and doesn’t do negotiations with customers. But I learned a lot for KDE how to run a real big, and successful open source project and product. I believe that the Open Source development model is superior in innovation, speed, creativity and security compared to the classic proprietary model.”

Apart from his KDE experience, Karlitschek has managed engineering teams for more than two decades and also worked as head of unit and managing director at different Internet companies. In 2001 he created the openDesktop.org social network as well as GTK-Apps.org, GNOME-Look.org, KDE-Apps.org and other ‘AppStores’ before AppStores existed.

He attributed Nextcloud’s progress over the three years of its existence to its employees. “The reason is that we as a company have a focus on hiring only the best people,” he said.

“We have a shared vision and mission that goes beyond the normal ‘making money’. And we work a lot better with the community and with partners. And there is a clearer strategy for the product. This all results in a great momentum and high development speed.”

Karlitschek agreed that there was a mystique about cloud computing when in reality it was just someone else’s computer. “This is an interesting challenge. For a lot of people this kind of cloud services are completely abstract and magical,” he said.

“They don’t realise that this is software running somewhere by people. There is a lot of education and communication needed to explain how the cloud world really works. And I expect there will be more and more privacy violations and data breaches on this big cloud services in the future. This will make it clearer that the current centralized services are not a good idea and the future belongs do decentralised solutions like Nextcloud.”

No shrinking violet when it comes to plugging his own firm, Karlitschek said while Nextcloud had competitors like Seafile, Pydio and others, “it is safe to say that Nextcloud is the most advanced solution with the biggest momentum. Our only real competition in the market is Office365, over which we have the unique advantage of being on-premises”.

Karlitschek has a number of other feathers in his cap: he was an invited expert at the W3C to help to create the ActivityPub standard. He has spoken at MIT, CERN, Harvard and ETH and keynoted LinuxCon, Latinoware, FOSSASIA, Campus Party and many other conferences. He is also a fellow of Open Forum Europe and an adviser to the United Nations.

Source link
____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

The post #linuxsecurity | Thinking big: Nextcloud chief aims to overtake Office365 and GSuite appeared first on National Cyber Security.

View full post on National Cyber Security

Democrats’ Biggest Cybersecurity Upgrade Is Their New Tech Chief

Source: National Cyber Security – Produced By Gregory Evans

The Democratic National Committee is upping its cybersecurity efforts — and it’s getting some help from a former Silicon Valley exec. Back in June, the committee hired Raffi Krikorian — a former top engineer at Uber and Twitter — as chief technology officer. Since his hire, Krikorian has instituted better…

The post Democrats’ Biggest Cybersecurity Upgrade Is Their New Tech Chief appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Internet firms should use profits to stamp out child abuse images, says police chief

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Internet companies should reinvest some of their “eye-watering” profits into efforts to stamp out child abuse images online, a chief constable has said. Mike Barton challenged firms to do more to stop the content appearing in…

The post Internet firms should use profits to stamp out child abuse images, says police chief appeared first on Become007.com.

View full post on Become007.com

Kaspersky Lab chief urges global assault on hackers

Source: National Cyber Security – Produced By Gregory Evans

The man who runs the global internet security firm under fire from US authorities over claims of cyber-espionage says governments across the world must urgently launch a co-ordinated effort to crack down on state-sponsored hackers. Eugene Kaspersky, chairman and chief executive of internet security company Kaspersky Lab, said the US,…

The post Kaspersky Lab chief urges global assault on hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Israel security chief: Agency strikes back at online hackers

Source: National Cyber Security – Produced By Gregory Evans

Israel’s security chief said Tuesday that the Shin Bet has gone on the offensive against hackers trying to carry out cyberattacks against Israel on the internet. The remarks by Nadav Argaman are a rare admission of Israel’s use of offensive cyber capabilities. Argaman comments were made at a cyber defense…

The post Israel security chief: Agency strikes back at online hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber Section Chief

Source: National Cyber Security – Produced By Gregory Evans

Cyber Section Chief

General Description: The Cyber Section Chief supervises the section for effective delivery including coordination and monitoring of domestic or overseas ATA cyber training activity to include completion of related technical and administrative tasks. The CTSC will liaise extensively with ATA-contracted subject matter experts and Partner Nation senior security or law enforcement officials. He/she has supervisory responsibility for the achievement of …

The post Cyber Section Chief appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Expiring spying law helped U.S. conclude Russia hacked election: NSA chief

Source: National Cyber Security – Produced By Gregory Evans

Expiring spying law helped U.S. conclude Russia hacked election: NSA chief

A top U.S. intelligence official said Thursday a controversial surveillance law that allows the broad electronic spying of foreigners played a major role in understanding Russia’s alleged interference in the 2016 presidential election. The statement from Admiral Mike Rogers, the director of the U.S. National Security Agency, may bolster efforts by intelligence agencies to fully preserve the authority, known as …

The post Expiring spying law helped U.S. conclude Russia hacked election: NSA chief appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures