About Over 50 Articles Library
Content: Services - Computer
Computer Security No 52: Prizes offered to celebrate our 1 year anniversary
Corporate - Private Computer Security
Prizes offered to celebrate our 1 year anniversary
We would like to thank our readers and wish to offer 5 winners free entry to our courses, listed below:.
* Cyber threats and defences Tactical plans
* Directors and Officers Module (Strategy)
* Risk Management Workshop for Cyber
* Cyber Crisis simulation
Please fill in the following Survey to be in the running to win a free seat at one of our courses (2 minutes):
The team @ Advisory Boards Group
Botnet (robot+network) = a collection of internet-connected devices (PCs, servers, mobile devices and Internet of things devices) that are infected and controlled by a common type of malware. Infected devices are controlled remotely and used by the threat actors (often criminals) to send spam emails, click on fraud campaigns or generate traffic for distributed denial of services attacks.
Mirai (the future in Japanese) is a type of malware that turns networked devices running out of date versions of Linux into bots. A report stated back in December 2016 that Mirai disrupted internet service for more than 900,000 Deutsche Telekom customers in Germany, and infected almost 2,400 TalkTalk routers in the UK. Further, researchers published evidence that 80 models of Sony cameras are vulnerable to a Mirai takeover.
Hajime (beginning in Japanese) is a new botnet that is a vigilante-style project intended to disrupt Mirai and similar IoT botnets: It blocks access to four ports known to be vectors used to attack many IoT devices. Hajime also lacks distributed denial-of-service capabilities or any other attacking code except for the propagation code that allows one infected device to seek out and infect other vulnerable devices.
"Most interesting of all: Hajime appears to be the brainchild of a grayhat hacker, as evidenced by a cryptographically signed message it displays every 10 minutes or so on terminals." The message reads:
Just a white hat, securing some systems.
Important messages will be signed like this!
So far, Hajime attacked over 300,000 IoT devices.
(source:securelist; image source: truthdig)
13 April 2017 - Telco Deadline for MetaData retension (Australia)
All ISPs operating in Australia must now comply with the data retention regime.
According to Choice, there are serious flaws in the legislation:
* The regime gives warrantless access to personal data to government agencies that are not strictly law enforcement agencies.
* Confusion reigns because the legislation is unclear and leaves out overseas webmail services and many messaging apps.
* Consumer protections, such as mandatory data breach legislation, were missing when the law was enacted.
WHO can access the data:
* federal, state and territory police
* Australian Security Intelligence Organisation (ASIO)
* Australian Crime Commission (ACC)
* Australian Border Force
* Australian Securities and Investments Commission (ASIC)
* Australian Competition and Consumer Commission (ACCC).
NUMBERS of requests:
Between 2014–15, 83 enforcement agencies made 365,728 authorisations for the disclosure of historical telecommunications data. Telstra had 92,882 law enforcement requests in the 2015–16 financial year.
* The Attorney-General claims that the scheme could cost in the order of $188m to $319m (PwC)
* The government is spending more than $131m in upfront capital costs, which may end up costing $738m in its first 10 years of operation.
* Some reports have suggested it could add up to $100 a year to the cost of phone and internet plans for consumers.
The Electronic Frontiers Foundation publishes a list of countries with mandatory data retention laws.
Argentina: Data retention scheme ruled unconstitutional and annulled because it compromised privacy.
Brazil: Data retention bill was proposed, but prevented by public campaigns.
Czech Republic: Data retention law ruled unconstitutional and ISP obligations were cancelled.
Europe: Law under review in Hungary and Finland and being fought in Greece. Declared unconstitutional in Bulgaria, Cyprus, Germany and Romania. Resisted in Sweden and Slovakia. Poland has a scheme that goes beyond the EU parameters.
Mexico: Data retention scheme has been unsuccessfully challenged.
US: No scheme, but communications law can be used to compel providers to preserve data on government request.
METADATA = IP (computer's address), Time of day, Browser, Location, to and from email addresses, length of phone calls or Internet session, application used to go online
HOW TO PROTECT YOUR METADATA
* Use a VPN to protect data on your network - this means you simply shift the problem to a vendor
* Secure messaging apps such as Wickr, Signal, Telegram, etc.
* Anonymous browsing using Tor.
* File and email encryption
Source (Choice) and to read the full article:
IS THIS REALLY THE BIGGEST PRIVACY CONCERN?
Is this the biggest problem? I am more concerned about the healthcare records or government databases that contain copious amounts of information about us and could be (and in some cases have been) hacked by criminals.
Significant funds are expended to catch petty criminals. Is this the smartest way to police them? The real criminals surely know how to go to the deep and dark webs and leave little or no trace of their activities...
Blockchain & CryptoCurrencies (Part 3)
We started a series about Blockchain and Cryptocurrencies, We will discuss the Blockchain technology, cryptocurrencies and Bitcoin in particular (only in the fortnightly Private Security newsletters - even numbers #48, 50, etc).
1) Categories of Bitcoin blockchain:
Wayne Vaughan, CEO of Tierion sees six broad categories of uses for the Bitcoin blockchain:
1) Currency - Bitcoin began as a P2P electronic cash system. Anyone can hold bitcoin and pay anyone without a middle man. Examples: Bitcoin, Litecoin. (P2P is peer to peer with no intermediary)
2) Payment Infrastructure - You can use Bitcoin to send money around the world. Merchants can accept bitcoin payments. This is slightly different than using bitcoin as a currency. Use cases include merchant processing and remittances. Examples: BitPay, Abra.
3) Digital Assets - The blockchain can be used to create digital assets such as stocks, bonds, land titles, and frequent flyer miles. These assets are created using protocols on top of the Bitcoin blockchain. Example protocols include Coloredcoins and Counterparty. Companies using this technology: Chain, NASDAQ, Openchain.
4) Identity - Companies offer blockchain IDs that can be used to sign in to apps and web sites, digitally sign documents, etc. Companies: Onename, Keybase
5) Verifiable Data - Create a verifiable record of any data, file, or business process on the blockchain. Examples: Tierion, Proof of Existence, Factom
6) Smart Contracts - Software programs that live on the blockchain and execute without the possibility of third-party interference. Wayne calls this "PHP in the sky". Examples: Ethereum, RootStock.
Tierion is a pioneer of the verifiable data category. Here are some practical use cases that have been built using their platform.
* Created a verifiable audit trail of insurance claims.
* Created an audit trail for healthcare processes and patient data.
* Tracked the purchasing approvals of goods and services in Salesforce.com
* Archived every Slack communication, creating a verifiable record of the company's online conversations. Handy for regulated industries such as finance and healthcare.
2) The safe logic of Bitcoin:
To be continued
Cyber Security & Privacy suite for Directors and Executives
Are you prepared to discuss cyber at Board level? Are you aware of your obligations and defence as a director or officer of the company? Have you taken the necessary steps to mitigate the consequences of a cyber attack?
ABG offers the Cyber suite of course modules:
- Cyber threats and defences Module - Tactical plans
- Directors and Officers Module - Strategy
- Risk Management Workshop for Cyber
- Cyber Crisis simulation
Send your enquiries to email@example.com
Memories of jokes
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© About Over 50s 2017 website by aml websites online