1. About those NSA backdoors
The DoublePulsar NSA backdoor detected on Windows boxes can now be remotely removed. Microsoft believes the number of infected machines is under 10,000; whereas some researchers have claimed to have found anywhere between 30 – 100 thousand infected machines.
- Related IPs in OTX
- NSA zero day actively wreaking havoc on Windows PCs
- DoublePulsar spreading rapidly in the wild
2. Hacker sentenced to 27 years
Crime shouldn’t go unpunished, and I’m glad a hacker responsible for running vast credit card and identity theft operations has been apprehended. But 27 years for a non-violent crime seems rather heavy-handed. Or maybe it’s just the authorities way of sending out a statement to other would-be hackers.
On the other side of the pond in the UK, Adam Mudd, who created the titanium Stresser program to carry out attacks that netted him the tidy sum of £386,000 has been jailed for two years.
At the time of sentencing, Judge Michael Topolski stated that the sentence must have a “real element of deterrent.”
- Teenage hacker jailed for global attacks
- Russian hacker received record 27 year jail sentence in USA
- Russian MP Seleznev incensed after son jailed in US
3. GDPR cometh
GDPR mania is running wilder than Hulk Hogan ever did in the 80’s. So finding sensible advice on the upcoming regulation is getting difficult to find. But fear not, this Alien keeps its eye peeled for good sources of information.
- GDPR: Both a threat and an opportunity for the channel
- Met Police: Quarter of cyber-crimes solved, GDPR could be the next PPI
4. Threats from the inside
Dmitry Sazonov was charged with attempted theft of trade secrets for his alleged attempted theft of proprietary code for a trading platform from his employer. This is just an allegation and still needs to be proven, but illustrates the growing need for strong detection controls that can identify any rogue behaviour by an employee.
Using a honeypot in your environment at strategic critical points can definitely help spot and alert to these kinds of activity. Haroon Meer has written a handy blue team guide on where are the best places to deploy a honeypot.
5. But it’s just metadata
Apple has been developing its self-driving car. The team of experts it has assembled that includes NASA veterans and robotics experts has been exposed. It came to light after an Apple filing with California’s DMV listed employee names. As the old saying goes, you can hide some of the data from some of the people some of the time, but not all the data from all the people all the time.
6. What if?
Security researchers are good at coming up with ‘what if’ scenarios. In fact one could say it lies at the heart of all hacker curiosity. What if I took apart this device? What if I intercepted the communications? What if I take control of a moving car via its entertainment system?
Sometimes these scenarios never play out in the real world. But other times, scenarios are very real and worrying when there’s no easy escape plan.
- What happens when a company goes belly up with your kids’ data?
- What to do if your SMEs social media accounts are hacked
7. Headphones that spy on you
I believe it was Warren Bennis that said, “The factory of the future will have only two employees, a man and a dog. The man will be there to feed the dog, the dog will be there to keep the man from touching the equipment.”
Maybe that’s the direction tech companies want to take. Consumers pay money to buy a product, only to have the product spy on the buyer. As Tyler Durden said, “the things you own end up owning you.”
- Bose Headphones have been spying on customers, lawsuit claims
- These popular headphones spy on users, lawsuit says
- If you need reminding of some of the potentially sinister uses of such data
8. AI & ML
Artificial intelligence and Machine Learning continue to take up column inches and banner space in IT Security. So what are these and how do they work? Maybe these articles can help shed some light.
- A brief history of machine learning
- The arrival of artificial intelligence
- Google’s AI doodle bot will transform your crude drawings into glorious clip art
9. Tech companies are rich, but are they also the new powerful?
There’s never a shortage of opinion on tech companies. While Silicon Valley startups have their fair share of commentary, the more pressing questions come around the large global companies and the amount of power they have amassed.
This piece in the NYT asks the question whether it’s time to break up Google. In just 10 years, the world’s five largest companies by market capitalization have all changed, save for one: Microsoft. Exxon Mobil, General Electric, Citigroup and Shell Oil are out and Apple, Alphabet (the parent company of Google), Amazon and Facebook have taken their place.
And while this power is undeniable to the companies themselves, how does this translate to individuals? This well-written piece on Selling Mark Zuckerberg takes a critical look at how the Facebook CEO has not only changed his image, but may be having loftier ambitions.
10. Let’s not work together
It seems these days much effort has been put into trying to decipher the best way to work. Should employees be flexible and work from home, are open plan offices better than cubicles or individual rooms? Should the CEO dress casually and buy everyone pizza on Friday?
In another piece, collaboration creates mediocrity, not excellence. That’s apparently according to science, so who am I do disagree?