mark

now browsing by tag

 
 

#cybersecurity | #hackerspace | DEF CON 27, Crypto And Privacy Village – Mark B. Cooper’s ‘PKI And SHAKEN STIR Will Fix Robocalls’

Source: National Cyber Security – Produced By Gregory Evans

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn.

Permalink

The post DEF CON 27, Crypto And Privacy Village – Mark B. Cooper’s ‘PKI And SHAKEN STIR Will Fix Robocalls’ appeared first on Security Boulevard.

Source link

The post #cybersecurity | #hackerspace |<p> DEF CON 27, Crypto And Privacy Village – Mark B. Cooper’s ‘PKI And SHAKEN STIR Will Fix Robocalls’ <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Best of 2019: Privacy: Where Security and Ethics Miss the Mark

Source: National Cyber Security – Produced By Gregory Evans

As we close out 2019, we at Security Boulevard wanted to highlight the five most popular articles of the year. Following is the fifth in our weeklong series of the Best of 2019.

Privacy. We all know what it is, but in today’s fully connected society can anyone actually have it?

For many years, it seemed the answer was no. We didn’t care about privacy. We were so enamored with Web 2.0, the growth of smartphones, GPS satnav, instant updates from our friends and the like that we seemed to not care about privacy. But while industry professionals argued the company was collecting too much private information, Facebook CEO Mark Zuckerberg understood the vast majority of Facebook users were not as concerned. He said in a 2011 Charlie Rose interview, “So the question isn’t what do we want to know about people. It’s what do people want to tell about themselves?”

In the past, it would be perfectly normal for a private company to collect personal, sensitive data in exchange for free services. Further, privacy advocates were almost criticized for being alarmist and unrealistic. Reflecting this position, Scott McNealy, then-CEO of Sun Micro­systems, infamously said at the turn of the millennium, “You have zero privacy anyway. Get over it.”

And for another decade or two, we did. Privacy concerns were debated; however, serious action on the part of corporations and governments seemed moot. Ten years ago, the Payment Card Industry Security Standards Council had the only meaningful data security standard, ostensibly imposed by payment card issuers against processors and users to avoid fraud.

Our attitudes have shifted since then. Expecting data privacy is now seen by society as perfectly normal. We are thinking about digital privacy like we did about personal privacy in the ’60s, before the era of hand-held computers.

So, what happened? Why does society now expect digital privacy? Especially in the U.S., where privacy under the law is not so much a fundamental right as a tort? There are a number of factors, of course. But let’s consider three: a data breach that gained national attention, an international elevation of privacy rights and growing frustration with lax privacy regulations.

Our shift in the U.S. toward expecting more privacy started accelerating in December 2013 when Target experienced a headline-gathering data breach. The termination of the then-CEO and the subsequent following-year staggering operating loss, allegedly due to customer dissatisfaction and reputation erosion from this incident, got the boardroom’s attention. Now, data privacy and security are chief strategic concerns.

On the international stage, the European Union started experimenting with data privacy legislation in 1995. Directive 95/46/EC required national data protection authorities to explore data protection certification. This resulted in an opinion issued in 2011 which, through a series of opinions and other actions, resulted in the General Data Protection Regulation (GDPR) entering force in 2016. This timeline is well-documented on the European Data Protection Supervisor’s website.

It wasn’t until 2018, however, when we noticed GDPR’s fundamental privacy changes. Starting then, websites that collected personal data had to notify visitors and ask for permission first. Notice the pop-ups everywhere asking for permission to store cookies? That’s a byproduct of the GDPR.

What happened after that? Within a few short years, many local governments in the U.S. became more and more frustrated with the lack of privacy progress at the national level. GDPR was front and center, with several lawsuits filed against high-profile companies that allegedly failed to comply.

As the GDPR demonstrated the possible outcomes of serious privacy regulation, smaller governments passed such legislation. The State of California passed the California Consumer Privacy Act and—almost simultaneously—the State of New York passed the Personal Privacy Protection Law. Both of these legislations give U.S. citizens significantly more privacy protection than any under U.S. law. And not just to state residents, but also to other U.S. citizens whose personal data is accessed or stored in those states.

Without question, we as a society have changed course. The unfettered internet has had its day. Going forward, more and more private companies will be subject to increasingly demanding privacy legislation.

Is this a bad thing? Something nefarious? Probably not. Just as we have always expected privacy in our physical lives, we now expect privacy in our digital lives as well. And businesses are adjusting toward our expectations.

One visible adjustment is more disclosure about exactly what private data a business collects and why. Privacy policies are easier to understand, as well as more comprehensive. Most websites warn visitors about the storage of private data in “cookies.” Many sites additionally grant visitors the ability to turn off such cookies except those technically necessary for the site’s operation.

Another visible adjustment is the widespread use of multi-factor authentication. Many sites, especially those involving credit, finance or shopping, validate login with a token sent by email, text or voice. These sites then verify the authorized user is logging in, which helps avoid leaking private data.

Perhaps the biggest adjustment is not visible: encryption of private data. More businesses now operate on otherwise meaningless cipher substitutes (the output of an encryption function) in place of sensitive data such as customer account numbers, birth dates, email or street addresses, member names and so on. This protects customers from breaches where private data is exploited via an all-too-common breach.

Respecting privacy is now the norm. Companies that show this respect will be rewarded for doing so. Those that allegedly don’t, however, may experience a different fiscal outcome.

Source link

The post #cybersecurity | #hackerspace |<p> Best of 2019: Privacy: Where Security and Ethics Miss the Mark <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | DCC UK second-gen smart meter network passes three million mark

Source: National Cyber Security – Produced By Gregory Evans Smart DCC, the licence-holder building and managing the secure national infrastructure that underpins the roll-out of smart meters across the UK, has passed a milestone in its network capability, with the three millionth second-generation smart meter (SMETS2) attached to its smart network. The Capita subsidiary was […] View full post on AmIHackerProof.com

Facebook #secretly deleted #some of Mark Zuckerberg’s private #messages over fears the #company could be #hacked

Want to delete that embarrassing message you just sent? WhatsApp will let you, and so will Instagram — but if you’re using Facebook, then you’re out of luck.

Unless you’re Mark Zuckerberg, the CEO and cofounder of Facebook.

TechCrunch reported Thursday that some old messages sent by Zuckerberg and senior executives have disappeared from recipients’ Facebook Messenger inboxes, proven by the original email receipts sent at the time.

The company appeared to confirm the unique arrangement, telling TechCrunch the change was made in response to an uptick in hacking.

“After Sony Pictures’ emails were hacked in 2014 we made a number of changes to protect our executives’ communications. These included limiting the retention period for Mark’s messages in Messenger. We did so in full compliance with our legal obligations to preserve messages,” the company said.

The Sony hack targeted the emails of Sony film executives, which revealed a side of Hollywood rarely seen by outsiders, and the decision to name the event as a catalyst for Facebook’s message purge indicates how troubling the incident was in Silicon Valley — and that Facebook was concerned about being hacked.

The company also raised the idea of a “retention period,” though there is no such thing for normal users. If a user long presses a private message on Facebook a “Delete Message” pop up confirms that the function will “delete your copy of the message,” and the recipients’ copy will remain.

Facebook-owned Instagram has long had the option to “unsend” direct messages, while Facebook-owned WhatsApp recently launched a deletion function where unread messages can be deleted “for everyone.” A message is then displayed to all participants that content has been deleted.

But Zuckerberg’s deleted messages didn’t leave behind any such message, probably because they had already been read, many years ago.

The messages were originally sent to former employees and people outside of Facebook. According to TechCrunch, the recipients of the now-deleted messages were not informed at any stage that correspondence they received had been erased.

Zuckerberg may be the CEO of Facebook, but it’s unclear how the decision to remove senior executives’ messages would be allowed under the company’s terms of service. The terms only allow Facebook to remove content if the company believes “that it violates this Statement or our policies” or for infringing copyright.

Deleting messages quietly, and selectively, also appears to fly in the face of Facebook’s campaign to “make the world more open and transparent.” Its own policies say that the company “should publicly make available information about its purpose, plans, policies, and operations.”

Facebook appears to have not followed these policies in this instance, and it raises questions about the recipient’s right to privacy.

The news comes just weeks after the Cambridge Analytica scandal which has seen Zuckerberg admit that tens of millions of users probably had their data scraped.

advertisement:

The post Facebook #secretly deleted #some of Mark Zuckerberg’s private #messages over fears the #company could be #hacked appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ex-teacher Mark Frost admits two decades of child abuse

A retired teacher who abused children for decades both in the UK and abroad has admitted 45 sex offences in one of the worst cases to come to court.

Mark Frost, known as Andrew Tracey, pleaded guilty at the Old Bailey to a catalogue of abuse against nine children in Thailand between 2009 and 2012.

After the allegations emerged in Asia, two former pupils of a school in Worcestershire came forward claiming they too were sexually assaulted by the English teacher in the 1990s.

Frost, now 70, had sex with one of the boys in a school store room, at his home where he lived with his adopted son, and in a car park in Woking.

Read More

The post Ex-teacher Mark Frost admits two decades of child abuse appeared first on Parent Security Online.

View full post on Parent Security Online

Mark Zuckerberg’s covering of laptop camera, mic helps prevent hack attacks

mark-zuckerberg

Source: National Cyber Security – Produced By Gregory Evans

Facebook CEO Mark Zuckerberg posted a photo to his social media account celebrating half a billion monthly users for Facebook-owned Instagram. A Twitter user noticed that the camera and microphone jack of the Facebook co-founder’s laptop seemed to be covered up with tape. Various media outlets questioned whether it was a case of paranoia or […]

The post Mark Zuckerberg’s covering of laptop camera, mic helps prevent hack attacks appeared first on National Cyber Security.

View full post on National Cyber Security

Ransomware, bogus emails from your ‘boss’ mark growing skill of cyber-criminals

Source: National Cyber Security – Produced By Gregory Evans

Ransomware, bogus emails from your ‘boss’ mark growing skill of cyber-criminals

Cyber-criminals are hacking into corporate computer systems and using the public profiles of top executives to fine-tune email scams that are duping Canadians out of hundreds of millions of dollars each year, a CBC News investigation has discovered. “It came on the scene in a massive way, from virtually nothing to $19 million in 2014” in losses reported, said Daniel Williams of the Canadian Anti-Fraud Centre, a federal government agency. He also says that research by the CAFC and police suggests that less than three per cent of these email scams ever gets reported, meaning the incidents and the losses are probably much higher. “Most probably in the range of $500 million to $1 billion,” Williams says. “It’s big, big money. It’s very organized, very sophisticated crime groups with a lot of resources putting a lot of effort … really on an industrial scale.” Source: http://www.cbc.ca/news/technology/ransomware-cyber-scams-bogus-emails-1.3314221

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Ransomware, bogus emails from your ‘boss’ mark growing skill of cyber-criminals appeared first on National Cyber Security.

View full post on National Cyber Security