Trump goes back and forth on Russia hack

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Don­ald Trump was pressed on Rus­sia ear­ly and often dur­ing a news con­fer­ence, assert­ing that Rus­sia will no longer hack Amer­i­can insti­tu­tions but again not clear­ly say­ing whether he blames Rus­sia for elec­tion-relat­ed cyber attacks. Trump first said he thinks Rus­sia direct­ed cyber attacks on Demo­c­ra­t­ic Par­ty tar­gets, but lat­er made his view less clear. He said the hack­ing “could be oth­ers” and repeat­ed­ly deflect­ed atten­tion to attacks by Chi­na and oth­er coun­tries and insti­tu­tions. He con­tend­ed that Rus­sia would no longer hack the Unit­ed States when he is pres­i­dent but did not answer ques­tions about whether he will uphold sanc­tions in response to inter­fer­ence in the elec­tion. The U.S. intel­li­gence com­mu­ni­ty con­clud­ed that Russ­ian Pres­i­dent Vladimir Putin direct­ed an effort to influ­ence the elec­tion in Trump’s favor. … Rus­sia hacked into Repub­li­can state polit­i­cal cam­paigns and old email domains of the Repub­li­can Nation­al Com­mit­tee, but there is no evi­dence it pen­e­trat­ed Pres­i­dent-elect Don­ald Trump’s cam­paign, said FBI Direc­tor James Comey. Sources: CNBC, Reuters

Forecast: Passwords on way out, cyber war likely

sh_password_400Exper­ian Data Breach Resolution’s Data Breach Indus­try Fore­cast says five data breach trends will dom­i­nate 2017: after­shock pass­word breach­es will expe­dite the death of the pass­word; nation-state cyber attacks will move from espi­onage to war; health care orga­ni­za­tions will be the most tar­get­ed sec­tor; crim­i­nals will focus on pay­ment-based attacks; and inter­na­tion­al data breach­es will cause headaches for multi­na­tion­al com­pa­nies. Source:

Falling for this could lead to a net loss

Cyber­se­cu­ri­ty com­pa­ny Fire­Eye Labs is warn­ing Net­flix cus­tomers to beware of a scam tar­get­ing cred­it card and per­son­al infor­ma­tion. The scam email asks cus­tomers to update Net­flix mem­ber­ship infor­ma­tion. A link in the email directs peo­ple to a page that looks like an offi­cial Net­flix login page. The fraud­u­lent link requests billing and cred­it card infor­ma­tion. Net­flix says it will nev­er ask for per­son­al data such as pay­ment infor­ma­tion, Social Secu­ri­ty num­ber or account pass­word in an email. Source: WBAY, Green Bay, Wisconsin

Geek Squad reports child porn to FBI for pay; privacy at issue

sh_geek-squad_280Over sev­er­al years, a hand­ful of Best Buy Geek Squad tech­ni­cians con­duct­ing repairs have noti­fied the FBI when they see signs of child pornog­ra­phy, earn­ing pay­ments from the agency. The exis­tence of the small cadre of infor­mants was revealed in the case of a Cal­i­for­nia doc­tor fac­ing fed­er­al charges after a tech­ni­cian flagged his hard dri­ve. The case rais­es issues about pri­va­cy and gov­ern­ment use of infor­mants. Source: The Wash­ing­ton Post

Nation-state breached Anthem, report says

The Cal­i­for­nia Depart­ment of Insur­ance says that the 2015 Anthem breach was the result of a nation-state attack. Crowd­Strike deter­mined that the attack­er was act­ing on behalf of a for­eign gov­ern­ment, accord­ing to an Anthem exam­i­na­tion report, which didn’t iden­ti­fy the gov­ern­ment in ques­tion. The breach com­pro­mised 78.8 mil­lion con­sumer records includ­ing those of at least 12 mil­lion minors. Source: SC mag­a­zine

Heart implants get cyber patch to block hacks

sh_heart-implant_280Abbott Lab­o­ra­to­ries released a soft­ware patch for its St. Jude heart implants to guard against pos­si­ble cyber attacks. The com­pa­ny dis­closed the moves some five months after the U.S. gov­ern­ment launched a probe into claims the devices were vul­ner­a­ble to poten­tial­ly life-threat­en­ing hacks that could cause implant­ed devices to pace at poten­tial­ly dan­ger­ous rates or cause them to fail by drain­ing their bat­ter­ies. Source: Reuters

Hey, handsome: Hamas used sexy photos to get into phones

Pales­tin­ian group Hamas used pic­tures of attrac­tive women to hack phones belong­ing to Israeli sol­diers, an Israeli Defense Force intel­li­gence offi­cial said. After send­ing the sol­diers pic­tures, they would sug­gest down­load­ing a “video chat” app that actu­al­ly was a Tro­jan horse that allowed them access to the sol­diers’ con­tacts and files, GPS data, pho­tographs and text mes­sages and allowed them to install appli­ca­tions. Hamas was able to take pho­tos of offices and com­put­er screens. Source: Geek Times

Showing peace sign in selfie could give away fingerprints

sh_peace-sign_280Flash­ing the peace sign in a self­ie could be set­ting you up for iden­ti­ty theft. The “zoom-and-enhance” tech­nique on phone cam­eras is capa­ble of cap­tur­ing a fin­ger­print accu­rate­ly enough for some­one to steal it. Source: CNet

Health care company fined for keeping quiet about breach

An Illi­nois health sys­tem reached a $475,000 set­tle­ment over alle­ga­tions it wait­ed too long to report a data breach. Pres­ence Health uncov­ered a breach on Oct. 22, 2013, affect­ing 836 indi­vid­u­als, but didn’t report the breach to affect­ed indi­vid­u­als until Feb. 3, 2014, the HHS Office for Civ­il Rights said. In addi­tion to the pay­ment, Pres­ence agreed to a two-year cor­rec­tive action plan. Source: BNA Bloomberg

You might have to wait a little while for that weed

sh_marijuana_280Mar­i­jua­na shops across the coun­try are being affect­ed by the appar­ent hack of a sales and inven­to­ry sys­tem. MJ Free­way is a Den­ver com­pa­ny whose “seed-to-sale” track­ing soft­ware is used by hun­dreds of mar­i­jua­na com­pa­nies to com­ply with state reg­u­la­tion. The soft­ware is a major tool for mar­i­jua­na dis­pen­saries, which use it to ring up sales to cus­tomers, track inven­to­ry, pre­pare required reports to state reg­u­la­tors and oth­er busi­ness func­tions. MJ Free­way said the out­age was the work of unknown hack­ers. Source: The Boston Globe

Machine-learning cyber protection system finds new home

Northrop Grum­man has sold Blu­Vec­tor, a next-gen­er­a­tion machine-learn­ing threat detec­tion and cyber-hunt­ing solu­tion, to LLR Part­ners. Blu­Vec­tor uses machine learn­ing to pro­vide net­work-based advanced threat detec­tion and reduce response time from months to min­utes, LLR Part­ners said. It enables secu­ri­ty oper­a­tions cen­ter ana­lysts and inci­dent response teams to get insight in real-time. Source: Wash­ing­ton Technology