Hoping to clear up confusion in a snap

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Snapchat is responding to fears that its latest update came with some unpleasant changes to its privacy policy. After the social-media company prompted users to review its newly rewritten policy, rumors circulated that the app would store user’s personal photos on its servers, and that it could share those pictures at will. Snapchat’s main function is to give users a way to send pictures and videos that automatically “self-destruct” after being viewed. On Sunday, Snapchat reassured users that their content would not be stored. “The Snaps and Chats you send your friends remain as private today as they were before the update,” Snapchat said in a blog post. “Our Privacy Policy continues to say—as it did before—that those messages ‘are automatically deleted from our servers once we detect that they have been viewed or have expired.’” Source: CBS News

Anonymous aims to make members of KKK not anonymous

sh_Ku Klux Klan_280Hacktivist group Anonymous has begun publishing the personal details of members of the Ku Klux Klan as its campaign of cyber war against the white supremacist group escalates. Anonymous, the amorphous online activist collective, last week promised to reveal the identity of 1,000 members of the KKK after coming into possession of the private information through a compromised Twitter account associated with the group. The details include email addresses and phone numbers that the hacktivist group claims belong to members of the KKK. So far, Anonymous hackers have published four separate listings on text-sharing website Pastebin, including 57 phone numbers and 23 email addresses. There has been no verification of the details yet, but Anonymous has vowed to reveal the full identities of up to 1,000 members of the KKK by Thursday, to coincide with the group’s global protest movement, called the Million Mask March. Source: International Business Times

A life lived under a cloud

The nightmare that ruined Marcus Calvillo’s life started when he was a teenager and was wrongly accused of writing bad checks. His driver’s license was revoked for unpaid traffic tickets he never got. Then he got fired from his job as a cable installer. Today, the 45-year-old Texan can’t keep a job, pay his bills or support his children. But a case in federal court in Kansas is offering him hope of clearing his name, after federal prosecutors charged a convicted child sex offender with assuming Calvillo’s identity. “My whole life has been put on hold because of this person,” Calvillo said. His case illustrates the fallout of “total identity theft,” in which con artists go beyond financial fraud. Prosecutors say undocumented workers can use the identities of U.S. citizens for years—entangling employment records, criminal histories, credit, government benefit accounts, and even health information. When the man who assumed Calvillo’s identity had his first run-in with law enforcement, his fingerprints became linked to Calvillo’s name in crime databases. So did his convictions for indecent liberties with a child, bribery, drug offenses and others. Calvillo was in his 20s when he learned his identity had been hijacked by a sex offender. After being turned down for numerous jobs, Calvillo demanded that the clerk explain why he wouldn’t be hired—prompting her to highlight the crimes on his background check. To set Calvillo’s record straight, federal prosecutors plan to go back to the counties where the alleged impostor was convicted and seek to correct the defendant’s name. Source: Claims Journal

So far, so good? OPM data still not for sale

sh_black market_280Data stolen in a breach of the Office of Personnel Management has not shown up on the black market, a sign that a foreign government launched the attack, a researcher with U.S. cybersecurity firm FireEye said. No credible reporting shows the data on more than 21 million Americans was for sale, Richard Bejtlich, chief security strategist at FireEye said, noting that individual hackers tend to quickly sell stolen data. U.S. officials have linked the breach, which was disclosed in June, to hackers in China, but have not formally identified the source of the attack. “Everything points to this being a nation-state attack, Bejtlich said. “It’s not the same as when someone steals credit cards from a major retailer and they’re for sale on the black market within days, and they’re advertised as being fresh, and here are the limits.” Source: NBC News

Coverage gets a new look, and it’s still changing

Insurers’ experience with data breach claims is changing the way cyber coverage is underwritten. “We’re always trying to learn from our experience—and even better if we can learn from someone else’s experience,” says Tim Francis, enterprise lead for Cyber insurance at Travelers. He said Travelers is focused on the differences among industries and different-size companies within those industries. “In the past, we asked the same sets of questions to all customers,” he says. “Now, in many cases we’re actually asking fewer questions, but those questions are targeted to the exposure that class or size of business has.” For example, in the hacker-targeted retail sector, underwriters are looking more deeply at point-of-sale systems and other technologies that store customer data. “Underwriters look at whether sensitive data is stored, how much data is stored, and how it is stored. They are looking into retailers’ systems to be sure they have state-of-the-art security in place,” says William Boeck, senior vice president and claims counsel at Lockton. Another difference between the underwriting environment of today and just a few years ago is that companies are employing specialists in technology. “Insurers that have not added staff with that specialization are using third parties to help them,” Boeck says. Source: Property Casualty 360

Paging some publishers: You’ve been hacked

sh_books_280Anti-blocking firm PageFair, which works with about 3,000 publishers, was hacked over the weekend, leaving visitors to 501 publishers’ sites vulnerable to malware attacks. Anyone visiting one of these sites from a Windows computer on Saturday evening would have been vulnerable, though only if they clicked on what looked like an Adobe Flash update. If they did, they would have downloaded malware directly to their computer. In a blog post called “The Core Facts,” which went up Sunday, CEO Sean Blanchfield explained the company noticed the breach almost immediately, though it took more that 80 minutes to shut it down. “If you are a publisher using our free analytics service, you have good reason to be very angry and disappointed with us right now,” he wrote. Source: Digiday

No calls, please; schools’ phones are iffy

The Salt Lake City School District phone system is working after officials said a cyber hack took down phone and online systems Monday. “Our district network was the target of a cyber attack where thousands of external systems coordinated to access our system at the same time. This attack is still affecting both systems,” a statement said. School officials said parents’ and students’ data has not been compromised. Technicians are working to restore the services, including Powerschool Parent and Student Portals, as soon as possible. Officials said parents should contact the district by email until the issues are resolved. Source: KSTU, Salt Lake City

Sell, and sell alike

The State Department’s Defense Trade Advisory Group (DTAG) met to discuss the classification of “cyber products” and recommended against adding new ones to the munitions list. Several cyber products are currently on the munitions list, such as equipment designed or modified to use cryptographic techniques to generate spreading code, burst techniques, and information security to suppress the compromising emanations of information-bearing signals. DTAG is an advisory panel of private-sector defense exporters and defense trade specialists. Member Rebecca Conover, Intel’s export compliance program manager, said, “We do think that it would be a negative impact to add more controls on cyber products.” If the State Department follows the recommendations, it might make it easier for technology companies to expand into in China, Russia and Iran, among other locations. Source: SC magazine

Airman, we really want you to stay

sh_air force_280The Air Force added cyber warfare operations to its list of career fields eligible for special duty pay. Airmen in the 1B4X1 cyberspace defense operations career field can get paid an extra $150 per month if they’ve been on the job for six to 12 months, or $225 monthly if they’ve been in that job more than a year.  “We use this program to ensure the Air Force is attracting the right people for these high-demand specialties and appropriately compensate them based on the complexity, difficulty and degree of responsibility required of their duties,” Brig. Gen. Brian Kelly, director of military force management policy, said in a statement. Source: Air Force Times

Safety first, small businesses told

Small and medium-size businesses in the United Kingdom are being asked to prove their cyber credentials to most procurement managers, who say they would consider leaving a supplier if they suffered a data breach. According to new figures published by KPMG, 70 percent say that such businesses could do more to protect client data. “Cybersecurity is not just a technical issue anymore; it has become a business critical issue,” said George Quigley, partner in KPMG’s cyber security practice. “Larger companies are placing an increased emphasis on the cybersecurity of their suppliers and increasingly the onus is on (smaller businesses) to show that they are tackling this issue head on.” Source: Computer Business Review