Investigators find cybersecurity is poor at several Trump properties

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Internet security at Mar-a-Lago and other Trump properties is easy to bypass, according to an investigation by ProPublica and Gizmodo, which found wireless networks and devices vulnerable to spying and hacking. Investigators parked a boat equipped with a wireless antenna offshore near Mar-a-Lago in Palm Beach, Fla., and found three Wi-Fi networks with poor encryption. The investigation also found wireless vulnerabilities at Trump National Golf Club in Bedminster, N.J.; Trump International Hotel in Washington, D.C.; and Trump National Golf Club in Sterling, Va. Trump has made frequent visits to many of these properties as president, especially the Mar-a-Lago resort, where he has hosted foreign leaders including Chinese President Xi Jinping and Japanese Prime Minister Shinzo Abe. The report says that hackers could have monitored any diplomatic conversations they may have had. Source: The Washington Examiner

Unhappy ending? Hackers say they have access to a Disney film

Walt Disney CEO Bob Iger says hackers claiming to have access to a Disney movie threatened to release it unless the studio paid a ransom. Iger didn’t disclose the name of the film, but said Disney is refusing to pay. The studio is working with federal investigators. The Disney chief said the hackers demanded that a huge sum be paid in bitcoin. They said they would release five minutes of the film at first, and then in 20-minute chunks until their financial demands are met. Source: The Hollywood Reporter

Consumers don’t feel personal threat from data breaches

Despite widespread news reports of data breaches, consumers’ vigilance and awareness haven’t kept pace, according to a survey by Experian. Consumers store an average of 3.4 types of personal identifiable information online. Half don’t think they’re likely to ever experience identity theft because they believe poor credit makes them unappealing targets. Sources: PR Newswire, Experian

Cyber-savvy kids do the darndest things

At a cyber safety conference in the Hague, Netherlands, 11-year-old Reuben Paul used a small computer called a “raspberry pi” to hack into audience members’ Bluetooth devices and download phone numbers. Paul then used one of the numbers to hack into a “smart” teddy bear, which connects to the internet via Bluetooth or Wi-Fi, and used the toy to record a message from the audience using the computer language program Python. Source: Fortune

WannaCry might not have been cause of some computers woes

Many computers and servers around the world whose owners believed they were operating slowly because of the WannaCry ransomware attack, were actually victims of malware called Adylkuzz, according to the security company Proofpoint. Adylkuzz turned them into “miners” working to funnel digital currency, likely destined for dark web markets. Proofpoint says this malware took advantage of the same National Security Agency-developed tools that drove WannaCry. Source: CBS News

North Korea suspected in worldwide ransomware attack

North Korea may be behind the huge global hack that took down Britain’s National Health Service, among other organizations. The hack took down computers across the world and might be responsible for deaths in affected hospitals. Those behind the attack asked for money to unlock the computers that were caught up in it. Experts said that the code used, as well as the way that the hackers took computers hostage, were similar to the way that North Korea has worked in the past. Source: The Independent

Education platform deals with double whammy

Classroom-learning platform Edmodo was the victim of a hack that led to tens of million of users’ account details (including email addresses) being put up for illicit sale on the dark web. In addition, a blogger published a post detailing what he described as Edmodo’s practice of tracking students’ and teachers’ activity on their web-based platform, then sending the information to data brokers. Source: Education Week

Bell Canada calling: Your account might have been hacked

Bell Canada says an anonymous hacker has obtained some customers’ names and telephone numbers as well as email addresses. Illegally accessed information included approximately 1.9 million active email addresses and approximately 1,700 customer names and active phone numbers. Bell says there is no indication that any financial, password or other sensitive personal information was accessed. Source: HuffPost Canada

Sign here; or wait, maybe you shouldn’t

Digital signature service DocuSign said an unnamed third-party had obtained access to email addresses of its users after hacking into its systems. The hackers gained temporary access to a peripheral subsystem for communicating service-related announcements to users through email, the company said. Only email addresses were accessed, not other details such as names, physical addresses, passwords, Social Security numbers, credit card data or other information. Source: PC World

Google’s Chrome might lose some of its shine

A vulnerability in Google’s Chrome browser allows hackers to download a malicious file onto a victim’s PC that could be used to steal credentials and launch relay attacks. The attacker entices the victim (using fully updated Google Chrome and Windows) to visit his website to be able to reuse victim’s authentication credentials. Source: Kaspersky Lab

Some cars might be built to resist outside control

BlackBerry is working with at least two automakers to develop a security service that would remotely scan vehicles for computer viruses and tell drivers to pull over if they were in critical danger. Aston Martin and Range Rover are testing the service, which also would be able to install security patches on an idle car. Source: Reuters

Insider may have exposed patient data at New York hospital

A volunteer at NYC Health + Hospitals/Coney Island gained unauthorized access to the health information of nearly 3,500 patients, the hospital told the U.S. Department of Health and Human Services. The volunteer entered patient names in a logbook, cleaned up data storage areas and transported specimens within the hospital—without being vetted by Coney Island’s human resources department. The hospital told affected patients it was not aware that their personal information “has been further improperly disclosed or inappropriately used in any way.” Source: Crains New York

Dressed for a lack of success when it comes to security

A credit card breach at Brooks Brothers took a year to get under control, according to a data breach notification. The clothing giant said that a hacker obtained the credit card details of customers who visited stores in the United States and Puerto Rico. That includes the name, card number, expiration date, and verification code. The hacker installed malware on point-of-sale devices used to process payments in-store. Source: ZD Net

Facebook will have to cough up some cash

France’s independent privacy watchdog fined Facebook for breaching French privacy laws by tracking and using the personal data of 33 million users, as well as nonusers who browse the internet. The National Commission on Informatics and Liberties imposed sanctions of 150,000 euros ($166,000) on the social networking company for failing to comply with French data protection laws after a formal warning last year. Source: ABC News

 

 

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page