Saturday, September 27, 2014
43% of companies had a data breach in the past year
One reason might be that few companies seem to take the need seriously. Of the companies surveyed, just 3% looked at their plan of action each quarter. Thirty-seven percent hadn't reviewed or updated their plan since it was first put in place.
More:
http://www.11alive.com/story/news/2014/09/24/43-of-companies-had-a-data-breach-in-the-past-year/16144167/
Friday, September 19, 2014
World Wide Web inventor slams Internet fast lanes: ‘It’s bribery.’
More:
http://www.washingtonpost.com/blogs/the-switch/wp/2014/09/19/world-wide-web-inventor-lashes-out-at-internet-fast-lanes-its-bribery/
CDC: 90% of kids who died last flu season didn't get vaccine
That's according to a new report by the Centers of Disease Control and Prevention, aimed to encourage Americans to get vaccinated now. The flu kills up to approximately 36,000 people each year, but less than half of the population gets an annual flu shot. That's something the CDC wants to change.
Saturday, September 6, 2014
The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud
On Tuesday afternoon, Apple issued a statement calling the security debacle a "very targeted attack on user names, passwords and security questions." It added that "none of the cases we have investigated has resulted from any breach in any of Apple's systems including iCloud® or Find my iPhone."
But the conversations on Anon-IB make clear the photo-stealing attacks aren't limited to a few celebrities. And Zdziarski argues that Apple may be defining a "breach" as not including a password-guessing attack like iBrute. Based on his analysis of the metadata from leaked photos of Kate Upton, he says he's determined that the photos came from a downloaded backup that would be consistent with the use of iBrute and EPPB. If a full device backup was accessed, he believes the rest of the backup's data may still be possessed by the hacker and could be used for blackmail or finding other targets. "You don't get the same level of access by logging into someone's [web] account as you can by emulating a phone that's doing a restore from an iCloud backup," says Zdziarski. "If we didn't have this law enforcement tool, we might not have the leaks we had."
Friday, September 5, 2014
US Air Force admits to quietly changing a regulation that now requires all personnel to swear an oath to God -- Airmen denied reenlistment for practicing constitutional rights
The Air Force said it cannot change its AFI to make "so help me God" optional unless Congress changes the statute mandating it.
Miller pointed out that Article VI of the Constitution prohibits requiring religious tests to hold an office or public trust.
"Forcing [the airman] to swear to a supreme being as a condition of his reenlistment is tantamount to a 'religious test' and is therefore violative of this constitutional provision as well," Miller said
...
More:
http://www.airforcetimes.com/article/20140904/NEWS05/309040066/Group-Airman-denied-reenlistment-refusing-say-help-me-God-
Thursday, September 4, 2014
Well, isn't that special... Army can't track spending on $4.3b system to track spending, IG finds
The problem, according to the IG, is that the Army has failed to comply with a variety of federal laws that require agencies to standardize reporting and prepare auditable financial statements.
"This occurred because DOD and Army management did not have adequate controls, including procedures and annual reviews, in place to ensure GCSS-Army compliance with Treasury and DOD guidance," the IG report concludes.
"Although Army personnel have been responsive to correcting deficiencies identified during the audit, the Army has spent $725.7 million on a system that still has significant obstacles to overcome" to comply with federal financial reporting laws.
Tuesday, September 2, 2014
Apple says iCloud is safe and secure, stolen celebrity pics were targeted accounts
The company's statement dispels rumors that a wider exploit of its iCloud services, including the Find My iPhone function, played a part in the leaks. Apple recommends that its users employ a strong password, and also enable two-step verification to maximize security.
More:
http://appleinsider.com/articles/14/09/02/apple-says-icloud-is-safe-and-secure-stolen-celebrity-pics-were-targeted
Monday, September 1, 2014
Android security mystery - 'fake’ cellphone towers found in U.S.
"What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases." says Goldsmith. "Whose interceptor is it? Who are they, that's listening to calls around military bases? The point is: we don't really know whose they are."
Baseband attacks are considered extremely difficult – the details of the chips are closely guarded. "Interceptors" are costly devices – and hacking baseband chips is thought to be technically advanced beyond the reach of "ordinary" hackers, ESD says. The devices vary in form, and are sold to government agencies and others, but are computers with specialized software designed to defeat the encryption of cellphone networks. The towers target the "Baseband" operating system of cellphones – a secondary OS which sits "between" iOS or Android, for instance, and the cellular network.