Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Scoop.it!
Some desperate Ashley Madison users hope hired hackers can scrub their names from the leaked database, but experts say that's not possible. 
No comment yet.
Sign up to comment
Scoop.it!
Farid Mheir's insight:
We think that having a fingerprint reader on your phone is a secure options but these guys show that it is not fool proof. Attention: technical read!
Scoop.it!
The series I’ve written about ATM skimmers, gas pump skimmers and other related fraud devices have become by far the most-read posts on this blog. I put this gallery together to showcase the entire series, and to give others a handy place to reference all of these stories in one place. Click the headline or the image associated with each blurb for the full story.
Farid Mheir's insight:
An overview of all the ways that thief use to capture our credit card and bank card numbers to fraud. WHYIS THIS IMPORTANT Even when very careful, you can get your credit card number stolen. Also, we should fear the real world as much or more as the virtual world when it comes to fraud.
Scoop.it!
In January 2015, the FBI released stats showing that between Oct. 1, 2013 and Dec. 1, 2014, some 1,198 companies lost a total of $179 million in so-called business e-mail compromise (BEC) scams, also known as “CEO fraud.” The latest figures show a marked 270 percent increase in identified victims and exposed losses. Taking into account international victims, the losses from BEC scams total more than $1.2 billion, the FBI said.
Farid Mheir's insight:
We often think that malware (ie. computer viruses) are big business but it looks like emails scams are an even bigger one. Made me think of recent scams publicized in Montreal local papers. banking fraud: http://www.lapresse.ca/201101/24/01-4363327-fini-lhameconnage-place-au-harponnage.php government employees: http://www.lapresse.ca/le-droit/politique/fonction-publique/201406/23/01-4778248-environ-2000-fonctionnaires-hameconnes.php WHY IS THIS IMPORTANT Business email scams are difficult to protect against because users are the weak link and technology has limited means to prevent that. Businesses should make sure all employees are briefed on the security hazards of email scams and how to prevent them. Below is link on how banks try to help prevent email scams: worth reading. http://www.cba.ca/en/consumer-information/42-safeguarding-your-money/91-email-fraud-phishing
Christophe Chambet-Falquet's curator insight,
September 4, 2015 3:47 AM
The FBI urges businesses to adopt two-step authentication for email where relevant. A good way to harden money transfer processes. 
Farid Mheir's comment,
September 4, 2015 8:46 AM
Thank you @Christophe Chambet-Falquet, you are right, 2factor authentication does help but few people use it I believe
Scoop.it!
Only 32 million data records were stolen, far less than in recent hacks of Adobe, eBay, and the US military.
Farid Mheir's insight:
A good visual summary of recent data breaches.
Scoop.it!
Praetorian tracking all IoT devices in Austin, Texas running on ZigBee protocol, similar to the Shodan scanner.
Farid Mheir's insight:
A project has been devised to map all internet of things devices in the Austin Texas area, and identify vulnerabilities. Cool demonstrations of what you can do with a drone and some technology skills. See the full map here: https://www.praetorian.com/iotmap/ WHY THIS IS IMPORTANT? There will be 9B IoT devices soon and many more in the future. Great opportunities but it needs to be safe and private.
Tracy Harding's comment,
September 1, 2015 9:19 AM
You need to work on formatting of your replies. This is one giant sentence. Remember the requirements. You need a 2-3 sentence summary, at least 1 sentence of IR implications and 1 sentence about your thoughts.
Farid Mheir's comment,
September 1, 2015 9:23 AM
@Tracy Harding: not sure I understand your comment re: formatting. Can you be more specific and email me a screengrab? thank you!
Scoop.it!
The other shoe just dropped. The hackers who breached the cheating site AshleyMadison.com appeared to make good on their threat to expose customer data on Tuesday, dumping the stolen information online.
Farid Mheir's insight:
A review of what we know about the data breach. WHY IS THIS IMPORTANT Interesting to see how pirates distribute their loot and wha constitutes valuable information, other than credit card numbers. What is most interesting here I believe are these stats: - thousands of fake female profiles - 90-95% of actual users are male Speaks volume on the anonymity of the Internet and the lack of reliable information out there. Also read this most insightful post on the Verge: http://www.theverge.com/2015/8/19/9178855/ashley-madison-data-breach-implications
Scoop.it!
The Tesla Model S is the most connected car in the world. It might surprise you to hear that it is also one of the most secure. In this talk we will walk you through the architecture of a Tesla Model S noting things that Tesla got right as well as identifying those that they got wrong. From this talk you will get an intimate understanding of how the many interconnected systems in a Tesla model S work and most importantly how they can be hacked. You will also get a good understanding of the data that this connected car collects and what Tesla does with this telemetry. We will also be releasing a tool that will enable Tesla Model S owners to view and analyse that telemetry in real time. Finally we will also be releasing several 0day vulnerabilities that will allow you to hack a Tesla Model S yourself - both locally and remotely. Note - only one of the 6 vulnerabilities we will discuss and release has been fixed. Disclaimer: With great access comes great responsibility - In other words we are not responsible for any Tesla Model S bricked by over enthusiastic attendees of this talk :)
Farid Mheir's insight:
I love August because it is the month where hacking conferences are held. And they always have their share of flamboyant hacks like this one. Looking forward to see what this year's crop will bring... Also read the short piece in the WSJ about the hack and what it does. http://blogs.wsj.com/digits/2015/08/06/hackers-take-control-of-a-tesla-sort-of/
Scoop.it!
From
qz
Tens of millions of people have lost their private information in data breaches over the past few years. But what happens after that—how the data are leveraged for financial gain—remains murky.
Farid Mheir's insight:
Reporter has gone to dark web to find out that user information of quality is worth almost 100$. WHY THIS IS IMPORTANT? There is an opportunity for a company to start charging higher fees to collect and protect your digital identity. Today it seems Apple may be gearing towards that model: you pay more for its services than Google, Amazon, Facebook and others but they - as far as we know - do not sell your data.
agilITe Services's curator insight,
August 3, 2015 7:46 AM
Reporter has gone to dark web to find out that user information of quality is worth almost 100$. WHY THIS IS IMPORTANT? There is an opportunity for a company to start charging higher fees to collect and protect your digital identity. Today it seems Apple may be gearing towards that model: you pay more for its services than Google, Amazon, Facebook and others but they - as far as we know - do not sell your data.
Scoop.it!
Italian jeweler Bulgari is bringing traditional craftsmanship into the digital ecosystem with an intelligent timepiece focused on data security.
Farid Mheir's insight:
Luxury watch now includes an NFC chip to allow it to be recognized by digital devices such smartphones. WHY THIS IS IMPORTANT? Access to your wrist will become key in the future for security reasons. You wear a watch all the time and can never leave home without it as you could a phone or another device. As multi-factor authentication gains in popularity, the watch will become an essential component for payment, authentication, etc. And with Apple now trying to secure they are the only device on your wrist (no way you'll wear multiple devices), luxury brands will try to incorporate electronics into their analog watches.
Scoop.it!
I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
Farid Mheir's insight:
A team of engineers remotely gain control over a Jeep and demonstrate vulnerabilities in its computer systems. WHY THIS IS IMPORTANT I wrote about this before as a reminder that digital transformation enables great new opportunities as well as new security and privacy issues. More about this here http://www.scoop.it/t/digital-transformation-of-businesses/?tag=carJacking
Scoop.it!
Here's an inside look at the crazy business models ruling the hacking world, where hackers can make more than $80,000 a month by infecting people's computers. Via Roger Smith
Farid Mheir's insight:
Some very interesting data and review of how hackers break computer security mechanisms and violate our privacy. WHY IS THIS IMPORTANT Privacy is one of our biggest digital challenge I believe. Being aware of the problem is the first step.
Scoop.it!
10 local and cloud-based contenders make passwords stronger and online life easier for Windows, OS X, iOS, Android, BlackBerry, and Windows Phone users
Farid Mheir's insight:
Great review of essential tools in everyone's computer and mobile phone.WHY THIS IS IMPORTANTStrong password are our only protection for our digital lives and yet to many people still rely on simple and easy to guess ones. I wrote about this many times before http://www.scoop.it/t/digital-transformation-of-businesses?q=password, and this article provides links and ratings for different solutions on the market.And by the way, when possible, always turn on two-factor authentication : see http://sco.lt/6DAZgv
Scoop.it!
Bruce Schneier, American cryptographer, computer security and privacy specialist, will be coming to Google to talk about his new book: "Data and Goliath: The...
Farid Mheir's insight:
Bruce Schneier is a legend in the security and privacy world and he explains in a 30 minute talk (20min if you listen at 1.5x speed ;-) the content of his new book. He makes me want to read it (good job I guess) but also closes with an interesting analogy: data is the pollution of the information age. WHY THIS IS IMPORTANT Bruce raises the issue of privacy but also ventures into solutions, which is rare because it is a difficult subject with no straight answer. He makes the case that there is duality in producing data and analyzing it: it is both useful and dangerous. Every company is faced with the questions that Bruce raises.
Scoop.it!
Looking back at the discovery of Flame, here are some lessons we learned.
Farid Mheir's insight:
A short account of the level of sophistication that computer viruses have achieved. And a video that pleades for the need to keep computers secure.
Scoop.it!
The incident is notable because it's one of the few computer intrusions to cause physical damage. The Stuxnet worm that targeted Iran's uranium enrichment program has been dubbed the world's first digital weapon, destroying an estimated 1,000 centrifuges. Last week, Bloomberg News reported that a fiery blast in 2008 that hit a Turkish oil pipeline was the result of hacking, although it's not clear if the attackers relied on physical access to computerized controllers to pull it off. The suspected sabotage of a Siberian pipeline in 1982 is believed to have used a logic bomb. Critics have long argued that much of the world's factories and critical infrastructure aren't properly protected against hackers.
Farid Mheir's insight:
Article is short but links to the IDC report is included. This goes along with previous posts I wrote in the past: http://bit.ly/1Cgw469
Scoop.it!
Report: Planes could be targeted by a malicious hacker on the ground.
Farid Mheir's insight:
I wrote about this in 2013 when the conference happened http://sco.lt/97hSPx but it remains a concern today. Scary.
Scoop.it!
How strong are your passwords? Here's an analysis of 10 million via @wpengine
Farid Mheir's insight:
This analysis is very in depth and looks at many different angles to show how and why we pick simple passwords. I continue to be amazed by the lack of proper passwords being used by people in general. This study is recent but I assume things may change quite rapidly and solutions such as lastpass or password box are helping change this trend. Also I assume this applies well to the USA but may be different in Canada, Quebec and elsewhere due to differences in language and culture. Also consider reading: Kill the Password: Why a String of Characters Can't Protect Us Anymore | Gadget Lab | Wired.com
Scoop.it!
As digitization creates new cyberthreats, businesses should make security an integrated part of their IT infrastructure. A McKinsey & Company article.
Scoop.it!
If you are viewing online porn in 2015, even in Incognito mode, you should expect that at some point your browsing history will be publicly released and attached to your name.
Farid Mheir's insight:
Beyond the catchy title, this short post highlights some very important links to help you determine if your browser sessions are safe Mine are not it seems...
Scoop.it!
Open source intelligence (OSINT) tools can provide a unique view for analyst teams.
Scoop.it!
On Sunday night, 60 Minutes aired a segment about the Defense Advanced Research Projects Agency, or DARPA, and its attempts to secure the internet from hackers, human traffickers and other criminals. One of the DARPA efforts the program highlighted — and did so even more in an unaired segment for the web — is a project called…
Farid Mheir's insight:
This is must see TV. Look at both the 60 minutes program and the unaired segment. It will confirm many of the things I've been highlighting for a while now regarding security and privacy, but also regarding car hacking. I am not a pessimist but I believe security should be more present as we make our digital transformation.
Scoop.it!
After breaking up into a number of task forces and discussing strategic priorities, CIOs at the Journal’s CIO Network event came together to create a prioritized set of recommendations to drive business and policy in the coming year. While proposals ran the gamut, consensus seemed to form around two major themes: cybersecurity, and delivering change through effective communication with the rest of the business. The full results will be published in The Wall Street Journal CIO Network special report later this month. Here’s a look at the top five:
Farid Mheir's insight:
security, security, security...
Dianne M. Kipp's curator insight,
February 9, 2015 11:18 AM
All top 5 point to "changing the way business works", i.e. corporate culture and the behavior changes required to successfully transition from "old world" to "new world".
Scoop.it!
It’s not enough to just implement new controls and technologies around the systems, though; smart organizations are dedicating teams to look in the deep crevices of the web for detailed information on threats to their environments. World news and events, potentially controversial company announcements, new executive appointments, industry and partner breaches, industry-specific malware — all of these and more can indicate a risk, and analysts need to find the intelligence that must be acted upon to protect the company and its customers. The wealth and scope of available information can be overwhelming for intelligence analysts, however. While in the past actionable and credible threat intelligence could be elusive, now information can be found online anywhere, at any time, in any language. With the volume of information and limited resources and budgets, organizations need to be strategic in their intelligence gathering.
Farid Mheir's insight:
First time I hear of "open source intelligence" (OSINT). should be good.
|
Curated by Farid Mheir
Get every post weekly in your inbox by registering here: http://fmcs.digital/newsletter-signup/
|
Oh well, too bad.
Made me think of stories I published in the past about how to disappear from the web http://sco.lt/4pi8g5