now browsing by tag
The best recent crime and thrillers – review roundup | Books | #College. | #Students | #parenting | #parenting | #kids
Set in an unnamed city in northern England, journalist Saima Mir’s debut novel, The Khan (Point Blank, £14.99), is a south Asian reworking of The Godfather. Successful lawyer Jia returns […]
View full post on National Cyber Security
Sequin in a Blue Room, review: stylish cyber sex thriller | #bumble | #tinder | #pof | #onlinedating | romancescams | #scams
Online dating allows you to be anyone you want, but it also affords malignant strangers the same inscrutability. This is what 16-year-old “Sequin” (so-called because of the sequin top he […]
View full post on National Cyber Security
U conducts external review of its police department; crime near campus rises | #College. | #Students | #parenting | #parenting | #kids
The University of Minnesota has tapped an outside expert to review its campus police department’s policies and practices in response to student demands for accountability following George Floyd’s death. Cedric […] View full post on National Cyber Security
Forensic review underway after Twitter hack, tips to protect your accounts | #corporatesecurity | #businesssecurity | #
Twitter says a forensic review is underway. “Dr. Fraud” shared these tips on how you can avoid your accounts from being hacked: · Use two factor authentication · Super strong password · Lock […] View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans Key thinkers on the biggest security stories and trends in 2019 2019, what to say? From keynote speaker controversies, to hacktivism of a Google Chromecast variety, the year in infosec has certainly been a test of what divides us can only make us stronger – plus […] View full post on AmIHackerProof.com
We’re back with another round-up of some of the most notable information security stories of the past month.
In this edition, we discuss a hospital employee who abused their power to contact patients, an update on last year’s Ticketmaster data breach and an upsetting incident at a Scottish high school assembly.
1. NHS radiographer used medical record info to pester female patients
Stories of hospital workers snooping into patients’ files illegally are unfortunately common, but a recently disclosed breach at Hairmyres Hospital in East Kilbride is particularly egregious for what the employee did with the information.
The Hamilton Sheriff Court heard this month of a radiographer who gathered female patients’ contact details and hounded them for dates.
Using fake names, Andrew Stewart contacted more than 200 women – some of whom were domestic abuse victims – via Facebook and WhatsApp “in a desperate bid to get into relationships with them”.
He sent them pictures of himself, told them he was mature “when it comes to pleasing women in bed” and said the women were “hot”, “gorgeous” and had “nice boobs”.
Stewart even offered to tell one patient the results of her MRI scan before she had spoken to her consultant.
His actions were revealed when a woman he had been messaging recognised him at University Hospital Crosshouse in Kilmarnock and reported them.
The NHS launched an enquiry, which led to 2 charges of obtaining personal data illegally and 16 charges of acting in a threatening and abusive manner.
2. Victims of Ticketmaster breach file lawsuit
Those affected by last year’s Ticketmaster data breach could soon receive financial compensation, after several legal cases were launched in the Irish courts.
As many as 40,000 customers – including those who use Ticketmaster International, GET ME IN! and TicketWeb websites – had their personal and financial information stolen as a result of a malware infection.
There was some disagreement at the time about who was responsible. Ticketmaster said that the breach stemmed from a vulnerability in a third-party support product hosted by Inbenta Technologies.
“Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customized script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability.”
The lawsuits against Ticketmaster suggest that this is the case, although it remains to be seen whether the organisation will protest its innocence in court. It could take a year or more for a decision to be made.
3. High school exposes students’ health conditions during assembly
Pupils at Brechin High School in Scotland were left stunned this month after an assembly presentation revealed the names of 52 students with autism spectrum disorder and other health conditions.
The presentation, intended as an exam preparation for senior students, contained a slide titled “what if you have ASD or a medical condition?”, followed by a list of students.
Speaking to The Scottish Sun, one furious parent said he feared the children whose data was exposed may be bullied.
“Today pupils were getting a talk about exam preparation, when a slide appeared listing the names of 52 people with autistic spectrum disorder and other medical conditions. My child’s name was on the list,” he said.
“It was a bit of a shock to my child. Their medical condition had been kept among family, and they didn’t want to tell friends.
He added: “My child’s initial response was that they wouldn’t be able to go back to school. But they’ve gotten support on social media, and people asking how they feel.
“But you always worry there’ll be other pupils who take the opportunity to bully your child as a result.
Manage your cyber security threats with Vigilant Software
These incidents show that security threats can come in any number of ways – whether it’s a cyber attack, a malicious insider or an error of judgement.
It can be tough to manage them all, but Vigilant Software’s CyberComply platform makes things much easier.
Its combination of Cloud-based software enables you to take control of your cyber risk requirements by helping you:
- Conduct risk assessments or DPIAs (data protection impact assessments);
- Track regulatory requirements; and
- Map the flow of data through your organisation.
Available on a monthly or annual subscription basis, CyberComply ensures that you stay on top of your cyber security needs in a way that suits you.
The post Monthly cyber security review: December 2019 appeared first on Vigilant Software – Compliance Software Blog.
*** This is a Security Bloggers Network syndicated blog from Vigilant Software – Compliance Software Blog authored by Luke Irwin. Read the original post at: https://www.vigilantsoftware.co.uk/blog/monthly-cyber-security-review-december-2019
The post #cybersecurity | #hackerspace |<p> Monthly cyber security review: December 2019 <p> appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans In episode 100: Kevin Johnson, CEO of SecureIdeas joins us in this very special milestone episode to discuss the year that was 2019 and what Kevin’s “predictions” are for cybersecurity and privacy 2020. Thank you to Kevin for being our special guest! ** Show notes and […] View full post on AmIHackerProof.com
“Jerry Barkley is a Minnesota IT contractor just trying to earn a living for his family. He’s no superhero. He never worked for the government. He knows nothing about international espionage. Nobody believes his warnings when he uncovers a plot to launch the largest cyberattack in history. Somebody is gathering data to plan a series of bombings and a biological attack while trying to pin blame on a terrorist group. Oh, and the FBI thinks Jerry is part of it.
Hundreds are already dead. Thousands more could die, first from Ebola and then potentially from a war with the wrong enemy. If he doesn’t act, who will? Up against willful ignorance, a hostile law-enforcement bureaucracy, and armed with nothing but IT skills and quick wits, Jerry must leave his keyboard comfort one and go face-to-face with elite foreign agents and shut the attack down.”
This intro is a (slightly edited) description of the fiction novel: Virus Bomb by D. Greg Scott. The book was released this past summer.
Greg Scott is a veteran of the tumultuous IT industry. Greg graduated from Wabash College in Crawfordsville, Indiana with a double major of math and speech and earned an MBA from the University of St. Thomas in Minneapolis. He started Scott Consulting and Infrasupport Corporation with a focus on infrastructure and security. He currently works for an enterprise software company and holds several IT industry certifications, including a CISSP certification. Greg lives in the Minneapolis/St. Paul metro area with his wife, daughter, and two grandchildren.
Very Brief Book Excerpt
“Hey, Dan.” Jerry said into his cell phone. The Minnesota midafternoon sun shone through his basement window. “I just finished talking to the antivirus team in England. They disassembled the code from Leah’s workstation. And all I can say (Read more…)
The post #cybersecurity | #hackerspace |<p> Book Review: Virus Bomb – Security Boulevard <p> appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans As we enter December, many organisations slow down as they turn their attention to Christmas. Office parties, secret Santas and discussions of when it’s acceptable to put the tree up start to take precedence over work, as employees kill time hoping not to start any big […] View full post on AmIHackerProof.com
“Investigate the investigators” is one of President Donald Trump’s favorite attack lines against the Russia probe into 2016 election interference.
And now at least one internal Justice Department review of the Russia investigation has morphed into a criminal inquiry. The New York Times reported late Thursday that John Durham, the prosecutor tapped by Attorney General Bill Barr to assess the Russia investigation, is pursuing a criminal inquiry, which will allow him to subpoena witnesses and convene a grand jury if necessary. Though what, exactly, that criminal inquiry is looking into remains unclear. The Washington Post also backed up this reporting on Thursday.
NBC News reported over the weekend that Barr had expanded the review, and that Durham is now interested in interviewing “a number of current and former intelligence officials involved in examining Russia’s effort to interfere in the 2016 presidential election, including former CIA director John Brennan and former director of national intelligence James Clapper.”
Justice Department officials told NBC News that Durham had found something “significant,” but did not specify what.
Durham’s review has been closely overseen by Barr, who’s long expressed skepticism about the origins of the Russia investigation that was later overseen by special counsel Robert Mueller.
In recent weeks, Barr has been globetrotting in an apparent effort to find proof of a conspiracy theory, pushed by Trump and some of his Republican allies, that the entire Russia inquiry started because of a plot by the Obama administration and/or Hillary Clinton to thwart Trump’s presidential campaign.
The expansion of the Justice Department review raises concerns that Barr is injecting politics into this inquiry and using the full weight of law enforcement to pursue right-wing talking points and discredit the special counsel’s probe — just as Trump is facing the threat of impeachment for pressuring Ukraine, including over the conspiracy theory that Ukraine, not Russia, hacked the Democratic National Committee in 2016.
Barr ordered this review of the Russia probe back in May, even though the Department of Justice Inspector General Michael Horowitz was already pursuing a similar inquiry. The IG has a lot of powers, including to subpoena documents and witnesses, but he can’t charge people with crimes or even discipline individuals — though he can make recommendations to prosecutors.
The inspector general’s investigation has been ongoing since March 2018. According to the New York Times, Horowitz told Congress Thursday that they are wrapping up that investigation, but the public has been hearing that the IG is a few weeks from releasing his report since the spring.
It’s not clear whether Horowitz might have made a criminal referral to the Justice Department, but if and when the report is released, it might offer some clues as to what Barr and Durham are looking at.
Horowitz told Congress in September that he had shared information with Durham. “I have had communications with him, but it’s really — they’re a separate entity that he’s working on at the direction of the attorney general,” Horowitz said. “I’m obviously independent.”
All of which is to say Barr’s “investigation into the investigators” is still really opaque and somewhat alarming because the details are so fuzzy.
Special counsel Robert Mueller did not find a criminal conspiracy between the Trump campaign and the Russian government, but it made clear that the Trump campaign welcomed the Kremlin’s efforts.
It also documented Russia’s interference in the 2016 election to benefit Trump, including its online propaganda campaign and its hacking of the Democrats, which led to multiple indictments. The findings have been backed up by the intelligence community and a GOP-led Senate panel.
Russia is at it again (along with China and Iran), so this latest news obviously raises concerns that it might muddle the central findings of the Russia investigation ahead of the 2020 elections.
But just because the review now appears to be a criminal inquiry doesn’t necessarily mean there’s anything criminal to be found — or even if there is, that it will confirm the GOP’s talking points about the investigation. Still, Trump has long wanted to diminish the credibility of the Russia “witch hunt.” The question is whether the Justice Department is helping him do that.
What does this criminal investigation mean?
Barr tapped Durham in May to lead this other review of the Russia investigation. Though Barr picked Durham for the job, Barr has made it clear that he himself is also deeply involved — and deeply concerned about the origins of the Russia investigation and the actions the FBI took during the 2016 campaign.
“Government power was used to spy on American citizens,” Barr told the Wall Street Journal in May. “I can’t imagine any world where we wouldn’t take a look and make sure that was done properly.”
Barr’s “spying” reference is tangled up in a web of Republican conspiracy theories about the investigation and its origins in the summer of 2016. The first has to do with the so-called Steele dossier, a lengthy report compiled by former MI6 agent Christopher Steele. Steele’s dossier contained explosive allegations which the Mueller investigation didn’t bear out, so Republicans have been arguing that US intelligence inappropriately relied on this “phony” dossier.
That includes using the dossier in the Foreign Surveillance Intelligence Act (FISA) warrant for Carter Page, a former Trump campaign aide with Russia contacts. Republicans believe that the FBI inappropriately relied on this information to surveil Page.
And finally, GOPers have cried foul about the use of confidential informants to talk to former Trump aide George Papadopoulos to find out what he knew about Russia’s efforts to hurt Hillary Clinton, after he spilled to an Australian diplomat that the Russians had political “dirt” on Clinton in the form of thousands of emails. The Australian diplomat tipped off US officials, which prompted the investigation in July 2016. (Yes, these are very complicated conspiracy theories, so if you need a more detailed refresher, read here and here.)
Horowitz, the inspector general, was already looking into these origins of the Russia investigation, which is why Barr’s decision to pursue his own probe was so unusual. And by all accounts, the attorney general has been personally involved, jet-setting to Italy (regarding a professor who met with Papadopoulos) and the UK (Christoper Steele) to get more information. They’ve also been talking to Australia. Oh, and Ukraine, because of a baseless conspiracy theory that Kyiv framed Russia for the hacking of the Democrats in 2016. (For more on the conspiracy world tour, read here.)
Foreign governments have rebuffed the US’s overtures so far. Italian Prime Minister Giuseppe Conte dismissed the idea Italy had any involvement in the opening of the Russia investigation. Australia defended its diplomat and dismissed allegations that he had acted inappropriately. And Ukraine, well, that’s now its own separate mess.
NBC News and the New York Times also report that Durham wants to speak to current and former intelligence officials, though he has not interviewed high-level folks in the Obama administration, such as former CIA director John Brennan or director of national intelligence James R. Clapper. But, according to the Times, in Durham’s interviews with other officials, he asked whether the CIA officials “might have somehow tricked the FBI into opening the Russia investigation.”
New York Times also reported over the weekend that Durham was looking into former FBI officials involved in the case, interviewing nearly two dozen current and former officials. Durham, however, has not interviewed some key players, including former FBI director James Comey and former deputy FBI director Andrew McCabe, both frequent targets of Trump.
Durham is also reportedly looking into FBI agent Peter Strzok, who opened the investigation after getting a tip from the Australian diplomat. Strzok, of course, was removed from the case after anti-Trump text messages between him and Department of Justice lawyer Lisa Page emerged in the investigation.
All of this information is coming in bits and pieces, which means there are a lot of unknowns about what Barr and Durham are looking into with this review. The big question here is whether Barr and Durham are going into this clear-eyed or are specifically looking for information to fit the narrative that’s been pushed by the president about rogue Trump-haters at the FBI and CIA who conspired to cook up an investigation into a presidential candidate.
The Russia investigation was a sprawling inquiry, and it was also unprecedented. It is possible that intelligence or law enforcement officials made missteps or acted inappropriately along the way. That’s what the inspector general, the independent watchdog, was supposed to investigate.
But the deep involvement of Barr — who’s made it clear from the start that he’s fine protecting the president — rightfully raises concerns about whether politics are at play here. Trump is enduring an impeachment battle that grows more damning by the day — but it would be quite a win if the Russia investigation was diminished, too.
Listen to Today, Explained
Top Ukraine ambassador William Taylor finally testified and it was a doozy.
Subscribe to Today, Explained wherever you get your podcasts, including: Apple Podcasts, Google Podcasts, Spotify, Stitcher, and ART19.
View full post on National Cyber Security