now browsing by tag


Daily Discovery: Lamenting The Struggles Of Online Dating, Dani Taylor Offers Some Advice: “Love Is Not A Race” | #bumble | #tinder | #pof | #onlinedating | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

“At the moment in my life when I wrote this song, I was really craving connection,” Dani Taylor told American Songwriter. Born in Phoenix, Arizona and currently based in Nashville, […]

The post Daily Discovery: Lamenting The Struggles Of Online Dating, Dani Taylor Offers Some Advice: “Love Is Not A Race” | #bumble | #tinder | #pof | #onlinedating | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

New stage and film project gives life to Queens’ pandemic experience — Queens Daily Eagle | #bumble | #tinder | #pof | #onlinedating | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

By Rachel Vick A hybrid production using film and theatre to chronicle the pandemic experience in the World’s Borough will make its debut at the Queens Theatre later this month. […]

The post New stage and film project gives life to Queens’ pandemic experience — Queens Daily Eagle | #bumble | #tinder | #pof | #onlinedating | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

#sextrafficking | Man pleads guilty to sex trafficking women in Central Illinois – News – Canton Daily Ledger – Canton, IL | #tinder | #pof | #match | romancescams | #scams

PEORIA—Following jury selection, as his trial was about to begin, Franshon Stapleton, 47, entered pleas of guilty to sex trafficking young women in Central Illinois from 2016 to May 2018. […] View full post on National Cyber Security

#hacking | Daily Inter Lake – Politics & Government, The big lesson from the Bezos hack: Anyone can be a target

Source: National Cyber Security – Produced By Gregory Evans

PROVIDENCE, R.I. (AP) — You may not think you’re in the same league as Jeff Bezos when it comes to being a hacking target. Probably not, but you — and just about anyone else, potentially including senior U.S. government figures — could still be vulnerable to an attack similar to one the Amazon founder and Washington Post owner apparently experienced.

Two U.N. experts this week called for the U.S. to investigate a likely hack of Bezos’ phone that could have involved Saudi Arabian Crown Prince Mohammed bin Salman. A commissioned forensic report found with “medium to high confidence” that Bezos’ iPhone X was compromised by a video MP4 file he received from the prince in May 2018.

Bezos later went public about the hack after the National Enquirer tabloid threatened to publish Bezos’ private photos if he didn’t call off a private investigation into the hacking of his phone. It’s not clear if those two events are related. The Saudis have denied any involvement in the purported hack.

The events could potentially affect U.S.-Saudi relations. On Friday, Sen. Ron Wyden, an Oregon Democrat, said he is asking the National Security Agency to look into the security of White House officials who may have messaged the crown prince, particularly on personal devices. Jared Kushner, a White House aide and President Donald Trump’s son-in-law, is known to have done so using WhatsApp.

Wyden called reports of the Bezos hack “extraordinarily ominous” and said they may have “startling repercussions for national security.”

But they could resonate at the personal level as well. As the cost of hacking falls while opportunities to dig into peoples’ online lives multiply, more and more people are likely to end up as targets, even if they’re not the richest individuals in the world.

Ultimately, that boils down to a simple lesson: Be careful who you talk to — and what you’re using to chat with them.

“People need to get out of the mindset that nobody would hack them,” said Katie Moussouris, founder and CEO of Luta Security. “You don’t have to be a specific target or a big fish to find yourself at the mercy of an opportunistic attacker.”

WhatsApp, owned by Facebook, is generally considered a secure way of trading private online messages due to the fact that it scrambles messages and calls with encryption so that only senders and recipients can understand them. What many people may not have realized is that it, like almost any messaging service, can act as a conduit for malware.

That encryption, however, is no help if a trusted contact finds a way to use that connection to break into the phone’s operating system. In fact, an infected attachment can’t be detected by security software while it’s encrypted, and apps like WhatsApp don’t scan for malware even once files are decrypted.

WhatsApp users can disable the automatic downloading of photos, videos and other media, which happens by default unless the user takes action.

Other messaging apps are likely also vulnerable. “It just so happens that this one was a vulnerability in WhatsApp,” said JT Keating, of Texas-based security firm Zimperium. “It could have been in any one of any number of apps.”

Prince Mohammed exchanged numbers with Bezos during a U.S. trip in spring 2018. On the same visit, the prince also met with other tech executives, including the CEOs of Google, Apple and Palantir, as well as sports and entertainment celebrities and academic leaders. Virgin Group founder Richard Branson gave the Saudi delegation a tour of the Mojave Air and Space Port in the desert north of Los Angeles.

Google and Apple didn’t respond to emailed requests for comment this week on whether their executives shared personal contacts after that trip. Palantir Technologies confirmed that its CEO Alex Karp met with the prince but said they never shared personal messages. Virgin Group said it was looking into it.

UC Berkeley cybersecurity researcher Bill Marczak cautioned that there’s still no conclusive evidence that the Saudi video was malicious, adding that it might be premature to jump to broader conclusions about it. Many other security experts have also questioned the forensics report upon which U.N. officials are basing their conclusions.

But Marczak said it is generally good advice to “always be on the lookout for suspicious links or messages that sound too good to be true.”

Even caution about avoiding suspicious links might not be good enough to ward off spyware — especially for high-profile targets like dissidents, journalists and wealthy executives. Hackers-for-hire last year took advantage of a WhatsApp bug to remotely hijack dozens of phones and take control of their cameras and microphones without the user having to click anything to let them in.

In such cases, said Marczak, “there doesn’t need to be any interaction on the part of the person being targeted.”


Source link

The post #hacking | Daily Inter Lake – Politics & Government, The big lesson from the Bezos hack: Anyone can be a target appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | A New Look At Ritwik Ghatak’s Bengal | by Ratik Asokan | NYR Daily

Source: National Cyber Security – Produced By Gregory Evans National Film Archive of IndiaA still from Ritwik Ghatak’s Subarnarekha, 1962 In February 1972, three months after the close of East Pakistan’s bloody war of secession, the Indian filmmaker Ritwik Ghatak traveled to Dhaka, capital of the new nation of Bangladesh, as a state guest. It […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | The CyberWire Daily Podcast for 12.13.19

Source: National Cyber Security – Produced By Gregory Evans

The CyberWire Daily Podcast

Friday, December 13, 2019

Parties unknown are phishing for government credentials in at least eight countries. Some other parties unknown are compromising Telegram accounts in Russia. Lateral movement is in the news, but not the good, Lamar Jackson kind. A familiar order of battle in the Crypto Wars emerges, again. NSA’s IG reports on SIGINT data retention. And a peek into what we suppose we must call the minds of some of the people hacking Ring systems. Daniel Prince from Lancaster University on Cyber security testbeds for IoT research. Guest is David Belson with Internet Society on Russian “Sovereign Internet” Law.


Dave Bittner: [00:00:00] Hey, everybody. Dave here with some exciting news. We are pleased to announce our news subscription program, CyberWire Pro. It’s launching early in 2020 for cybersecurity professionals and others who want to stay abreast of our rapidly evolving industry. CyberWire Pro is a premium news service that will save you time as it keeps you informed. You can learn more and sign up to get launch updates at thecyberwire.com/pro. That’s thecyberwire.com/pro. Do check it out. Thanks. 

Dave Bittner: [00:00:34]  Parties unknown are phishing for government credentials in at least eight countries. Some other parties unknown are compromising Telegram accounts in Russia. Lateral movement is in the news, but not the good, Lamar Jackson kind. A familiar order of battle in the Crypto Wars emerges again. NSA’s IG report on SIGINT data retention. And a peek into what we suppose we must call the minds of some of the people hacking Ring systems. 

Dave Bittner: [00:01:06]  And now a word from our sponsor, the upcoming Cybersecurity Conference for Executives. The Johns Hopkins University Information Security Institute and Ankura will host this event on Wednesday, March 25 in Baltimore, Md., on the Johns Hopkins Homewood campus. You can find out more at isi.jhu.edu and click on 6th Annual Cybersecurity Conference for Executives. Learn about the dos and don’ts of risk management with industry leaders and other cyber professionals. Check out the details at isi.jhu.edu. Click on the 6th Annual Cybersecurity Conference for Executives. And we thank the Johns Hopkins University Information Security Institute for sponsoring our show. 

Dave Bittner: [00:01:54]  Funding for this CyberWire podcast is made possible in part by McAfee – security built by the power of harnessing 1 billion threat sensors from device to cloud, intelligence that enables you to respond to your environment and insights that empower you to change it. McAfee – the device-to-cloud cybersecurity company. Go to mcafee.com/insights. 

Dave Bittner: [00:02:16]  From the CyberWire studios at DataTribe, I’m Dave Bittner with your CyberWire summary for Friday, December 13, 2019. Researchers at Anomali describe a phishing campaign apparently intended to harvest credentials from some 22 government agencies and government contractors in several countries around the world. U.S. targets have received the most attention, but Australia, China, Japan, Mexico, Peru, Poland and Sweden were also prospected. The U.S. targets include the Departments of Commerce, Energy and Veteran Affairs. 

Dave Bittner: [00:02:48]  No one, ZDNet says, has any idea who’s behind the operation or what their ultimate objective might be, but there’s some speculation that the goal might be industrial espionage or some related form of criminal activity. The phishing emails directed victims to a site where they were asked to enter their credentials. About 120 bogus sites were deployed over the course of the campaign. 

Dave Bittner: [00:03:10]  Forbes reports that Group-IB is investigating compromises of Telegram accounts belonging to a number of Russian entrepreneurs. Attribution in this case is also mysterious, but Group-IB doesn’t think the incidents involve any flaw in the messaging app. The researchers do note that Telegram credentials are being widely traded in the dark web. 

Dave Bittner: [00:03:30]  In the course of its investigation of exploits leaked by The Shadow Brokers, Zscaler has found a botnet it’s calling BuleHero that excels at lateral movement within its targets. The more lateral movement an attack technique is capable of, the more dangerous it is to the networks it infests. 

Dave Bittner: [00:03:48]  Techdirt reports that Representative Ro Khanna, a Democrat of California representing the California 17th district, which includes much of Silicon Valley, sent a pro-encryption letter to Senator Graham, Republican of South Carolina, who’s running the Judiciary Committee’s hearing on encryption. Representative Khanna’s position is pro-encryption, as is the position of most of the tech companies. 

Dave Bittner: [00:04:12]  He also attached a letter from Pentagon CIO Dana Deasy that stressed the importance and value of strong end-to-end encryption. Deasy’s letter to Representative Khanna said, in part, quote, “The importance of strong encryption and VPNs for our mobile workforce is imperative.” He closed with this sentence. The department believes maintaining a domestic climate for state-of-the-art security and encryption is critical to the protection of our national security. This seems to have been the pattern in the Crypto Wars, at least in the U.S. The Defense Department has been notably more pro-encryption than the Department of Justice. The Intelligence Community has been quieter but generally hasn’t shown much disposition to jump on the anti-encryption bandwagon. To some extent, this almost certainly reflects agencies’ disposition to approve of the things that make their jobs easier. Encryption makes the DOD’s job easier, but it makes justice’s job harder. 

Dave Bittner: [00:05:05]  In the U.S., NSA’s inspector general has found deficiencies in the agency’s data retention procedures. Some signals intelligence data have been retained beyond limits established by law and policy. The IG looked at two representative data stores and found that the agency had retained a small percentage of the large number of SIGINT data objects beyond legal and policy retention limits. As the IG pointed out in the report’s conclusion, the deficiencies the investigation found could have an effect on privacy and civil liberties. 

Dave Bittner: [00:05:37]  The conclusion isn’t that there’s a major scandal or a great deal of nefarious collection underway, but rather that NSA has some work to do on compliance, and compliance in this matter is important since it touches safeguards of civil liberties. The IG made 11 recommendations to improve NSA compliance procedures. The agency accepted the findings and is working to bring its procedures into compliance. The IG’s report can also serve as a cautionary tale. Anyone who thinks compliance is easy should ask NSA, which is a well-resourced and professional agency. 

Dave Bittner: [00:06:11]  And finally, did you know? Have you heard? There are creeps abroad in cyberspace. We’ve been seeing accounts of people whose Ring cameras, which they’ve installed for the home security system is designed to provide, have been hacked into by various alleged human beings who then use the system to wake people in the middle of the night, telling people, I can see you in bed, frighten and swear at small children, try to teach small children racist epithets and so on. These seem oddly pointless actions, yet someone’s doing it. 

Dave Bittner: [00:06:43]  We’re sorry to say that at least some of those someones are, well, podcasters. Many of the most repellent hacks were featured on the NulledCast podcast livestreamed on Discord, Vice reports. Vice’s account offers an interesting inside look at the geniuses behind NulledCast. Apparently, it was funny, a joke – you know, like what you might see on “Jackass” or “Impractical Jokers.” Once the hacks began to gain media attention – most disapprovingly, so bravo, media, on this one – the podcasters struck a new high-minded and socially responsible tone, writing, Nulled does not and will not tolerate the harassments of individuals over Ring cameras or similar. So the grammar’s off, but the sentiment is surely one your high school civics teacher would approve of. 

Dave Bittner: [00:07:28]  There is also some evidence that the performance artists of the Ring caper are hearing footsteps of law enforcement. Vice found the following message on the NulledCast Discord server – hey NulledCast fans, we need to calm down on the Ring trolling. We have three investigations, and two of us are already probably effed. Drop suggestions on what else we should do. It will still happen, just on a smaller scale. Thanks, the NulledCast. 

Dave Bittner: [00:07:54]  That’s not exactly a ringing call to straighten up and fly right, but at least they have the wit to realize that being effed is a bad thing. But if they are really effed, it couldn’t happen to an effing better bunch of effers. So why did they do it? Hope for the glory of being an influencer and remoter but more glittering hopes of influence-pumped wealth? Maybe. But it still seems like motiveless malice. Motiveless malice is, alas, common enough in cyberspace, but it’s also not new. After all, Iago did it for the lulz. 

Dave Bittner: [00:08:32]  It’s time to take a moment to tell you about our sponsor, Recorded Future. Recorded Future is the real-time threat intelligence company whose patented technology continuously analyzes the entire web to develop information security intelligence that gives analysts unmatched insight into emerging threats. And when analytical talent is as scarce and pricey as it is today, every enterprise can benefit from technology that makes your security teams more productive than ever. We here at the CyberWire have long been subscribers to Recorded Future’s Cyber Daily. And if it helps us, we’re confident it will help you, too. Subscribe today and stay a step or two ahead of the threat. Go to recordedfuture.com/cyberwire to subscribe for free threat intelligence updates from Recorded Future. That’s recordedfuture.com/cyberwire. And we thank Recorded Future for sponsoring our show. 

Dave Bittner: [00:09:34]  And I’m pleased to be joined once again by Daniel Prince. He’s a senior lecturer in cybersecurity at Lancaster University. Daniel, it’s always great to have you back. We wanted to touch today about some research that you all are working on when it comes to IoT and specifically, some cybersecurity testbeds. What do you have to share with us? 

Daniel Prince: [00:09:52]  Well, at Lancaster, one of the key things that we do is build things. It’s one of the core parts of our research. Yes, we do the theoretical stuff, but we also like to do a lot of the applied research, really testing what it’s like in a real environment. But as part of that, we build a lot of testbeds. And one of the testbeds we’ve been working on for nearly a decade now is our industrial control systems research testbed. And that’s slowly – over the last couple of years, that’s starting to develop into an Internet of Things testbed where we can really tackle some of the more interesting cybersecurity problems. 

Daniel Prince: [00:10:26]  But one of the challenges that we’re finding, one of the things I wanted to talk about, is when you move from ICS to IoT, you’re moving to this completely different physical process. So within industrial control systems, actually, it’s quite straightforward to create something that emulates the water treatment work or electricity grid – notwithstanding those are quite complex, but it’s a defined and scoped process. 

Daniel Prince: [00:10:51]  But the problem with a lot of IoT-type work is the process you’re trying to emulate and simulate is that of people, that of a group of people working in a building. If you’re thinking about industrial IoT, yes, again, that’s related to industrial processes. But a lot of the IoT technology that sits around that also interacts with humans in a slightly different way than just your pure industrial control system. So one of the challenges we’re trying to tackle here at Lancaster is how do we build an IoT testbed that enables us to have high accuracy around the human aspect of interaction with that – those systems. 

Dave Bittner: [00:11:28]  Is it a matter of that there’s a much greater degree of complexity? 

Daniel Prince: [00:11:34]  Well, yeah. So when you think about – say you’re trying to simulate an IoT SMI environment for a building. So you take the building that I work in, InfoLab, you know, there’s 60 academics, the academics that work in there, about 40 support staff. Then you’ve got a whole number of businesses. So you’ve got about 20 businesses that work in that building. They’ve got four or five staff as well. So you’re talking several hundred people going in and out of that space. And then you’ve got a cafe in there as well. So it’s a great place to work, but you’ve got lots of people going through. 

Daniel Prince: [00:12:04]  Now, if we wanted to simulate or practice in that SMI environment, yes, we can scope it down. But how do we scale it up? You know, how do we simulate the behavior or emulate the behavior or capture the real-world behavior of 200, 300 people on a day-to-day basis? Sitting around that is all the privacy and ethics concerns. And this is one of the big challenges that we’re facing as we’re starting to develop our IoT research, is that the actual physical process that we need to test is that of human beings interacting in a social environment. 

Dave Bittner: [00:12:37]  And I suppose the range of potential devices that can be brought in and made part of an IoT network is much broader than what you would have to deal with ICS. 

Daniel Prince: [00:12:48]  Yeah. And one of the key things there as well is the range of devices are also the attack vectors. And you’re never quite certain actually what the attacker might be trying to do. We’ve heard all sorts of stories about attackers breaking into organizations, fire temperature sentences in fish tanks, for example. And they all hang off similar or interconnected networks. And the key part of the attack for IoT is really that human elements in a – probably, and I would suggest, in a way that’s not much different to the ICS testbeds that we’re used to. Because of that, it’s really important that we understand the way that the individuals interact with the IoT environment much more than perhaps we do with ICS testbeds. 

Dave Bittner: [00:13:32]  All right. Well, it’s interesting research to be sure. Daniel Prince, thanks for joining us. 

Dave Bittner: [00:13:41]  And now a word from our sponsor OpenVPN. OpenVPN Access Server is a flexible VPN solution that secures data communications from remote access to IoT to networking cloud data centers. While private networks have the security advantage of isolating critical IT services, it can be costly to extend to different sites, devices and users. Enter OpenVPN Access Server, a full-featured and cost-effective VPN solution. Access Server has an economical licensing model based on the number of concurrent VPN connections rather than the number of users. OpenVPN Access Server can be deployed on premises or on the cloud and allows load balancing, failover and fine-grained access controls, making it the best solution for small to medium-sized enterprises. You can test drive OpenVPN Access Server for free. It comes with two VPN connections. Get started today at openvpn.net/cyberwire. And we thank OpenVPN for sponsoring our show. 

Dave Bittner: [00:14:53]  My guest today is David Belson. He’s senior director of internet research and analysis at the Internet Society, a group that has its origins in the Internet Engineering Task Force. Their stated mission is to support and promote the development of the internet as a global technical infrastructure, a resource to enrich people’s lives and a force for good in society. My conversation with David Belson focuses on Russia’s sovereign internet law and how efforts like it may ultimately affect a free and open global internet. 

David Belson: [00:15:26]  So, I mean, right now, obviously the law, the sovereign internet law, is focused on Russia and the Russian internet in terms of tightening control over it with respect to DNS, with respect to filtering and deep packet inspection and so on. The way it impacts the rest of the global internet, I guess is a couple fold. One is that it may make it more challenging for users outside of Russia to access resources that are hosted within the country. So if you are an expat and you want to access Yandex or another tool or application that’s hosted within the country, it may be the case that it slows down, or it just becomes inaccessible for users from certain countries. 

David Belson: [00:16:08]  But I think that the bigger threat, to be honest, is that other countries are looking at this and monitoring the effort, monitoring the potential success and looking to implement something similar within their countries. We saw this with – around last month, for instance. They had a multi-day internet shutdown there. And, you know, talking to some of the folks within the industry, it appears that it may have been something of a trial run for their national intranet, which they’ve been talking about doing for several years. 

Dave Bittner: [00:16:43]  I’ve heard some policy folks refer to it as the splinternet, that, you know, we’ll have these sort of – perhaps islands around the world. What does it mean for internet providers, the folks who are routing the traffic around the globe? 

David Belson: [00:16:59]  It’s a complex system to start with, but I think it’s going to wind up adding complexity because you now have potentially these islands of connectivity that exist within a country or outside of the country. So, you know, questions of how do I route this traffic – if the traffic is coming from within one of these splinternet countries, you know, does it get routed outside the country, or does it have to stay within? If I’m an international provider, an international backbone provider, I need to figure out, you know, can I reach endpoints within that given country. And if so, how? 

David Belson: [00:17:32]  The Russian model now is talking about only exchanging traffic at specific, approved internet exchange points. So that may create challenges as well for these international providers, where today, because the Russian internet has grown up a little more freely over the years, there are dozens of internet exchange points out there – or within the country, excuse me – connecting hundreds of networks. So that may change if I’m an international network provider or an international content provider going forward under this new law. 

Dave Bittner: [00:18:05]  Does it mean that we’ll end up with some pinch points where, you know, all data has to route through specific areas for inspection, if you will – you know, a border stop virtually? 

David Belson: [00:18:19]  Under this law, yes. Absolutely in Russia. That’s what they’ve said, is that domestic traffic will have to only be exchanged within these approved internet exchange points. There is a component within the law about switching to a – effectively a national DNS system, so basically where they can control the ability to enable a user to get to twitter.com or what have you – Wikipedia, whatever. 

David Belson: [00:18:45]  Not only are they potentially limiting the number of exchange points that the traffic can go through, but they’re also talking about implementing filtering and things like deep packet inspection at those exchange points. My understanding is that the providers locally are starting to warn users that this may result in slower services ultimately, you know, because all those – all that traffic has to go through those now limited number of pinch points. 

Dave Bittner: [00:19:07]  Do we suppose that folks are going to spin up workarounds? I mean, I’m imagining sort of the internet version of pirate radio stations. 

David Belson: [00:19:15]  (Laughter) It’s likely that they will try to. You know, my understanding is that there’s already been some efforts online to talk about, OK, if this goes into place, here’s how we can get around it. You know, that may be VPNs. It may be using alternative DNS providers. It may be using alternative tools that can enable traffic to masquerade. So, you know, traffic that’s normally, you know, over one protocol can sort of be smuggled over a different protocol that may not be getting filtered, or it may be much harder to filter. So I think that as this is implemented, we’ll definitely see efforts to circumvent it. 

Dave Bittner: [00:19:49]  What’s been the response from other nations around the world, you know, those who are interested in a free and open internet? 

David Belson: [00:19:55]  Certainly not a positive one, at least among those countries. For those of us that are interested in a free and open internet, we don’t want to see something like this. You know, the other challenge as well is that these efforts ultimately reduce internet resilience as a whole. So the internet is an interconnected network of networks. It only works successfully when everybody is sort of behaving themselves and cooperating. When these things start occurring, it ultimately lowers the resiliency of the global internet. That’s a bug, not a feature. Russia may be looking at as a feature, but for everybody else, it’s really a problem. 

David Belson: [00:20:31]  So, you know, we may not see things immediately, but I think over time, we’ll have to continue to watch and see, you know, is there – are there any artifacts of what they’re doing here? But I think that we also need to continue to work as an industry and as a community to convince the legislators and the policymakers in countries that maybe are looking at this with interest that this is not the right approach, and this is not the road they should be going down, that their free and open internet is critically important and that it has ultimately, you know, a number of benefits for their country. Even if they’re looking at it and saying, you know, Jesus loves our citizens to communicate or to organize or what have you, there’s a number of other impacts, a number of other benefits that an open internet has for them as well that they need to really understand and focus on. 

Dave Bittner: [00:21:22]  That’s David Belson from the Internet Society. 

Dave Bittner: [00:21:22]  And that’s the CyberWire. Thanks to all of our sponsors for making the CyberWire possible, especially our supporting sponsor, ObserveIT, the leading insider threat management platform. Learn more at observeit.com. 

Dave Bittner: [00:21:35]  The CyberWire podcast is proudly produced in Maryland out of the startup studios of DataTribe, where they’re co-building the next generation of cybersecurity teams and technology. Our amazing CyberWire team is Elliott Peltzman, Stefan Vaziri, Kelsea Bond, Tim Nodar, Joe Carrigan, Carole Theriault, Nick Veliky, Bennett Moe, Chris Russell, John Petrik, Jennifer Eiben, Peter Kilpe. And I’m Dave Bittner. Thanks for listening.

Copyright © 2019 CyberWire, Inc. All rights reserved. Transcripts are created by the CyberWire Editorial staff. Accuracy may vary. Transcripts can be updated or revised in the future. The authoritative record of this program is the audio record.

Source link

The post #nationalcybersecuritymonth | The CyberWire Daily Podcast for 12.13.19 appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | MACAU DAILY TIMES 澳門每日時報 » Briefs

Source: National Cyber Security – Produced By Gregory Evans

Next month, the Health Bureau (SSM) will reach out to the alcohol industry and local youth to collect their opinions on Macau’s alcohol control regime, which has already been drafted. According to Lam Chong, director of the Disease Control Center of the SSM, in November, the SSM will approach the alcohol wholesale industry and local youth groups, as well as other groups in order to reach a consensus on the definitions of alcohol, the minimum age for purchasing alcohol and the penalties for violating the regime. Currently, the SSM has not yet made a decision on a timetable for public consultation regarding the regime. In March, the SSM said that it expected to initiate public consultation for the regime in the second half of this year.

16 university students fall victim to phone scams

Sixteen university students have fallen victim to phone scams since the beginning of this year, according to the Judiciary Police (PJ). During this period, a total of 84 phone scam cases (around 10 fewer cases compared to the same period last year) were registered by the police authority, with a total claimed loss of 12.28 million patacas. For the 16 university students scammed, including one postgraduate student, most of scammers pretended to be government employees. PJ director Sit Chong Meng believes that, once the city’s cyber security law comes into effect on December 22 and once the SIM card real name registration policy is implemented, phone scams will be cracked down upon more effectively.

FDCT grants 1.46 billion patacas over 15 years

Between 2004 and 2019, the Science and Technology Development Fund (FDCT) approved 1,243 science research projects, granting a total of 1.46 billion patacas in funding, Ma Chi Ngai, chairman of the Administration Council of FDCT, revealed on Friday during a TDM program. A large sum went towards funding university research institutions, followed by industry. Only a small amount was granted to individuals. According to Ma, most of the research results of individuals were small inventions or daily necessities that require low technology. Currently, FDCT is considering how university research projects can be put onto the market. By doing so, Ma hopes to promote cooperation between industry and universities. Ma said that FDCT has already arranged for a team of experts to evaluate all types of projects.

Source link

The post #cyberfraud | #cybercriminals | MACAU DAILY TIMES 澳門每日時報 » Briefs appeared first on National Cyber Security.

View full post on National Cyber Security


Source: National Cyber Security – Produced By Gregory Evans

The Homeland Security Department wants to know how biometrics—fingerprints, iris scans, facial images, and other snapshots of a person’s biological characteristics—can be used to help citizens, instead of just surveilling them. DHS has awarded a sole-source contract to the University of Texas at Austin’s Center for Identity, a research unit…

The post DHS THINKS BIOMETRICS CAN ‘IMPROVE DAILY LIFE appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

TalkTalk hack: industry hits back after Daily Mail targets ‘gaming addict’

Source: National Cyber Security – Produced By Gregory Evans

TalkTalk hack: industry hits back after Daily Mail targets ‘gaming addict’

The gaming industry has hit back after theDaily Mail claimed a suspect arrested in connection with the TalkTalk hack was a “violent video game addict”. The UKIE, the UK’s games industry body, told WIRED that there was “no link between addiction or antisocial behaviour” and playing games in a “balanced” way. After TalkTalk was hit by a major cyberattack — its second this year — a teenage boy from Northern Ireland was arrested on Monday and charged with offences under the Computer Misuse Act. Although the teenager, who cannot be named, has been released on bail and authorities are still investigating whether he has any connection to the ransom demands sent to TalkTalk, he has become the figurehead for one of the UK’s most significant data breaches. And his actions are already being linked to violent video games. “Games are played by millions of people safely and sensibly every day and the games industry takes its responsibility towards players, especially younger ones, seriously,” Dr Jo Twist, CEO of UKIE said in response to the Daily Mail’s claims. “Just like any other mature medium, games deal with adult themes, but the PEGI age ratings are robust and there to guide parents and children around what content is appropriate for different ages.” Source: http://www.wired.co.uk/news/archive/2015-10/28/talktalk-hacker-gamer-blame-daily-mail

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post TalkTalk hack: industry hits back after Daily Mail targets ‘gaming addict’ appeared first on National Cyber Security.

View full post on National Cyber Security

Shorter Daily Beast: Parents Shouldn’t Be Able to Opt Kids Out of Sex Ed

It’s such a damn shame the U.S. is so religious. Otherwise, who knows, maybe mandatory sex ed would be a nationwide reality like it is several European countries and, more proximate to American readers, the Canadian province of Quebec. That’s the sentiment conveyed by Daily Beast writer Samantha Allen in her September 3 story Later in her piece, Allen lamented how “in the United States, which is a far more religious nation than even the UK, compulsory nationwide sex education would present a challenge. Even some of the most ardent U.S. advocates for comprehensive sex education stop short of challenging parental opt-out laws and policies.

Read More

The post Shorter Daily Beast: Parents Shouldn’t Be Able to Opt Kids Out of Sex Ed appeared first on Parent Security Online.

View full post on Parent Security Online