Little

now browsing by tag

 
 

#cybersecurity | #hackerspace | Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 263’

Source: National Cyber Security – Produced By Gregory Evans

via the respected information security capabilities of Robert M. Lee & the superlative illustration talents of Jeff Haas at Little Bobby Comics.

Permalink

The post Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 263’ appeared first on Security Boulevard.

Source link

The post #cybersecurity | #hackerspace |<p> Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 263’ <p> appeared first on National Cyber Security.

View full post on National Cyber Security

When Your Used Car is a Little Too ‘Mobile’ — Krebs on Security

Source: National Cyber Security – Produced By Gregory Evans

Many modern vehicles let owners use the Internet or a mobile device to control the car’s locks, track location and performance data, and start the engine. But who exactly owns that control is not always clear when these smart cars are sold or leased anew. Here’s the story of one former electric vehicle owner who discovered he could still gain remote, online access to his old automobile years after his lease ended.

Mathew Marulla began leasing a Ford Focus electric vehicle in 2013, but turned the car back in to Ford at the end of his lease in 2016. So Marulla was surprised when he recently received an email from Ford.com stating that the clock in his car was set incorrectly.

Out of curiosity, Marulla decided to check if his old MyFordMobile.com credentials from 2016 still worked. They did, and Marulla was presented with an online dashboard showing the current location of his old ride and its mileage statistics.

The dashboard also allowed him to remotely start the vehicle, as well as lock and unlock its doors.

https://krebsonsecurity.com/

Mathew Marulla turned in his leased Ford EV to Ford 4 years ago, so he is no longer the legal owner of the car. But he can still remotely track its location and usage, lock and unlock it, and start the engine.

“It was a three-year lease from Ford and I turned it in to Ford four years ago, so Ford definitely knows I am no longer the owner,” Marulla said, noting that the dashboard also included historic records showing where the Focus had been driven in days prior.

“I can track its movements, see where it plugs in,” he said. “Now I know where the current owner likely lives, and if I watch it tomorrow I can probably figure out where he works. I have not been the owner of this vehicle for four years, Ford knows this, yet they took no action whatsoever to remove me as the owner in this application.”

Asked to comment on Marulla’s experience, a spokesperson for Ford said all Ford dealerships are supposed to perform a “master reset” as part of their used car checklist prior to the resale of a vehicle. A master reset (carried out via the vehicle’s SYNC infotainment screen by a customer or dealer) disassociates the vehicle from all current accounts.

“A master reset cleans phone data and removes previous Ford Pass and My Ford Mobile connections,” the company said in a statement released to KrebsOnSecurity. “Once complete, a previous owner will no longer be able to connect to the vehicle when they log in to My Ford Mobile or Ford Pass.”

As Marulla’s experience shows, if you’re in the market for a used car you should probably check whether it’s possible to reset the previous owner’s control and/or information before purchasing it, or at least ask the dealership to help you ensure this gets done once the purchase is made.

And if you’re thinking of selling your car, it’s a good idea to clear your personal data from the vehicle first. As the U.S. Federal Trade Commission advises, some cars have a factory reset option that will return the settings and data to their original state.

“But even after a factory reset, you may still have work to do,” reads an FTC consumer privacy notice from 2018. “For example, your old car may still be connected to subscription services like satellite radio, mobile Wi-Fi hotspots, and data services. You need to cancel these services or have them transferred to your new vehicle.”

By the way, this issue of de-provisioning is something of a sticky wicket, and it potentially extends well beyond vehicles to a number of other “smart” devices that end up being resold or refurbished. This is doubly so for Internet-connected/capable devices whose design may give the previous owner a modicum of access to or control over the device in question regardless of what steps the new owner takes to limit such access (particularly some types of security cameras).



Tags: Focus EV, Ford, Mathew Marulla, MyFordMobile.com, U.S. Federal Trade Commission

The source of this story comes from click here!

The post When Your Used Car is a Little Too ‘Mobile’ — Krebs on Security appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | Sonos backtracks (a little) over its software updates fustercluck

Source: National Cyber Security – Produced By Gregory Evans Sonos, the maker of wireless home sound systems, has got itself into some real hot water this week. On Tuesday, Sonos announced on its blog that from May 2020 it would no longer be pushing out software updates and new features to some of its legacy […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘Exclusively’

Source: National Cyber Security – Produced By Gregory Evans

via the respected information security capabilities of Robert M. Lee & the superlative illustration talents of Jeff Haas at Little Bobby Comics.

Permalink

The post Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘Exclusively’ appeared first on Security Boulevard.

Source link

The post #cybersecurity | #hackerspace |<p> Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘Exclusively’ <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#school | #ransomware | Cyberattack on Morial Convention Center has little immediate effect on events there, but problems may grow | Business News

Source: National Cyber Security – Produced By Gregory Evans The Ernest N. Morial Convention Center, one of the cornerstones of New Orleans’ multibillion-dollar tourism economy, is the latest victim in a string of cyberattacks against city and state computer systems that have had serious consequences for government officials and the public. New Orleanians were left […] View full post on AmIHackerProof.com

#hacking | Andrew Little says probe into foreign interference has arrived too late

Source: National Cyber Security – Produced By Gregory Evans

Sweeping law changes proposed by an official inquiry into last year’s election and foreign interference have taken too long to be of use for next year’s election, Justice Minister Andrew Little says.

Parliament’s Justice Select Committee on Tuesday released the findings of its long-delayed report into the 2017 election and 2016 local body elections.

Major recommendations in a lengthy list of 55 include handing control of local elections from councils to the Electoral Commission and giving the Commission powers to enforce and investigate minor breaches of electoral law (major breaches would stay with the police).

They also cover changes to foreign donations, a ban on foreign Government’s owning New Zealand media organisations, changes to advertising laws, stricter requirements on parties to properly check the source of donations and recommendations aimed at defending against misinformation and hacking during the next election.

But Justice Minister Andrew Little, who has already introduced a series of changes to electoral laws in this term in Government, says the report has come back too late to be of any use before voters head to the polls in 2020.

“The inquiry has been going for over 18 months … It’s unfortunate that the delay means that we pretty much won’t be able to take anything else out of the report to make changes,” Little told reporters.

“When you leave it to two weeks before Christmas before an election year to recommend changes to the Electoral Act it’s pretty hard to make changes.”

Little has already introduced legislation based on the Electoral Commission’s recommendations and says he couldn’t wait any longer.

Changes already put forward by the Government include a ban on most foreign donations announced last week, and allowing voting at supermarkets on election day, revealed earlier this year.

National MP Nick Smith as blamed the Government for taking too long to get the inquiry going in the first place. Photo / Mark Mitchell

The Select Committee process has been fraught, having gone through six different chairs this year and prompted National MP Nick Smith to describe it as a farce.

The committee is split between National and Labour Party members.

It wasn’t started until September, 2018, – a year after the election – and later expanded to also cover foreign interference risks – although intelligence agencies said their security protocols for dealing with foreign and cyber-security threats weren’t necessary in 2017. Two National and two Labour members also left the during the process.

The committee’s first chair, Labour’s Raymond Huo, stood down in April this year after a debate over whether to let China expert and University of Canterbury professor Anne-Marie Brady be heard.

In its response to Tuesday’s report, National said the process had also been turned into a “sham” by Little introducing electoral laws before the recommendations were out, and without consensus with the Opposition.

“I don’t think the Government took the inquiry seriously,” Smith said.

“It’s very disappointing and dismissive of the Minister. There’s many recommendations in there that are important.”

Smith said the Government had taken too long to begin the process.

“It’s peculiar for the Minister to be criticising the delay,” he said.

“They didn’t even start the inquiry until 12 months after the election. The extension of the terms of reference did not occur until late last year and we didn’t even hear submissions on the foreign interference issue until April this year.”

But Labour’s Meka Whaitiri, the committee’s last chair, said while she shared Little’s regret at the delay, she dismissed Smith’s criticism and said “a lot of diplomacy” had been required to get the report over the line.

“If it was just a single, stand-alone inquiry, but it was complicated that it was really three substantive inquiries in one,” she said.

“Put it this way, the fact that it’s a split Select Committee you are going to get robust debate. And that’s exactly what we got.”

Source link

The post #hacking | Andrew Little says probe into foreign interference has arrived too late appeared first on National Cyber Security.

View full post on National Cyber Security

Disclosure Does Little to Dissuade Cyber Spies

Source: National Cyber Security – Produced By Gregory Evans In the past, outing nation-state cyber espionage groups caused a few to close up shop, but nowadays actors are more likely to switch to new infrastructure and continue operations. When cybersecurity services firm Mandiant released its APT 1 report in 2013, the Chinese group immediately shut […] View full post on AmIHackerProof.com

Many #employees know #little about #cybersecurity #threats

Companies are surrounded by cybersecurity threats, but many are not making it a priority to educate employees about them, a survey says.

Nearly half (46%) of entry-level employees don’t know whether their company has a cybersecurity policy, according to research firm Clutch.

The survey demonstrated a lack of awareness that can put companies at risk for IT security breaches. Nearly two-thirds of employees (63%) said they don’t know whether the quantity of IT security threats their companies face will increase or decrease over the next year. Additionally, among entry-level employees, 87% said they don’t know how the number of threats will shift in the next year.

The survey also found that employees are less likely to recognize IT services as the primary area of security vulnerability at their company. Instead, they cited theft of company property as the primary threat to company security, ahead of unauthorized information and email phishing scams.

The findings are a bit ironic, because “most cyberbreaches are caused by employees, inadvertently,” Robert Anderson, co-chair of the cybersecurity and data privacy group at Lindabury, McCormick, Estabrook & Cooper, P.C., told FierceCEO.

“There is a tendency for businesses to not put the emphasis on employees, but they are the greatest vulnerability,” Anderson said.

Read More….

advertisement:

The post Many #employees know #little about #cybersecurity #threats appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers can buy the new ‘Disdain’ exploit kit for as little as £60 on the dark web

Source: National Cyber Security – Produced By Gregory Evans

For just over £60 per day, tech-savvy criminals can now buy access to a new exploit kit (EK) which has been designed to remotely infect computers, experts have warned. Known as “Disdain”, the hacking tool was recently put up for sale on an underground Russian forum hosted on the dark…

The post Hackers can buy the new ‘Disdain’ exploit kit for as little as £60 on the dark web appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers’ Little Helpers: Employees With Bad ‘Cyber-Hygiene’

Source: National Cyber Security – Produced By Gregory Evans

On this year’s list of top 10 policy and technology priorities, the National Association of State Chief Information Officers (NASCIO) named cybersecurity No. 1. When people think about cybersecurity, they often focus on the vulnerabilities of hardware and software systems. For example, as Governing reported in late July, “several local…

The post Hackers’ Little Helpers: Employees With Bad ‘Cyber-Hygiene’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures