Pete Recommends – Weekly highlights on cyber security issues October 28 2018

Subject: How Russian trolls manipulated American politics
Source: CNNPolitics
https://www.cnn.com/2018/10/19/politics/russian-troll-instructions/index.html

The Justice Department said the Russians “took extraordinary steps” to hide the fact that their controversial posts were coming from foreign meddlers. To make that happen, managers at the troll farm gave employees comprehensive instructions on how to pose as American activists, according to a court filing. Often these directions accompanied real article that the trolls would share, along with their own comments.

The court filing…https://edition.cnn.com/2018/10/19/politics/criminal-complaint-elena-alekseevna-khusyaynova-russia/index.html


Subject: UK’s NCSC Releases 2018 Annual Review
Source: DHS US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/10/19/NCSC-Releases-2018-Annual-Review

The United Kingdom’s (UK) National Cyber Security Centre (NCSC) has released its Annual Review for 2018, which provides a snapshot of their work from September 1, 2017, to August 31, 2018. NCSC provides enhanced services to protect the UK against cybersecurity threats. NCCIC encourages users and administrators to review NCSC’s 2018 Annual Review for more information.

NB – Contents

PDF: https://www.ncsc.gov.uk/annual-review-2018/docs/ncsc_2018-annual-review.pdf


Subject: 3D Printers Have ‘Fingerprints’, a Discovery That Could Help Trace 3D-Printed Guns: Study
Source: ScienceDaily via Slashdot
https://news.slashdot.org/story/18/10/19/2022236/3d-printers-have-fingerprints-a-discovery-that-could-help-trace-3d-printed-guns-study

Like fingerprints, no 3D printer is exactly the same. That’s the takeaway from a new University at Buffalo-led study that describes what’s believed to be the first accurate method for tracing a 3D-printed object to the machine it came from

Tagged: news printer yro

RSS feed for Slastdot: http://rss.slashdot.org/Slashdot/slashdotMain

and for ScienceDaily: https://www.sciencedaily.com/rss/


Subject: The electronics we throw away are catching fire in trucks and recycling centers when lithium-ion batteries explode –
Source: The Washington Post
https://www.washingtonpost.com/technology/2018/09/11/explosive-problem-with-recycling-ipads-iphones-other-gadgets-they-literally-catch-fire/

Around the world, garbage trucks and recycling centers are going up in flames. The root of the problem: volatile lithium-ion batteries sealed inside our favorite electronics from Apple, Samsung, Microsoft and more. They’re not only dangerous but also difficult to take apart — making e-waste less profitable, and contributing to a growing recycling crisis.

Old devices end up in trouble when we throw them in the trash, stick them in the recycling bin, or even responsibly bring them to an e-waste center. There isn’t official data on these fires, but the anecdotal evidence is stark. Since the spring of 2018 alone, batteries have been suspected as the cause of recycling fires in New York, Arizona, Florida, Wisconsin, Indiana, Idaho, Scotland, Australia and New Zealand. In California, a recent survey of waste management facilities found 83 percent had at least one fire over the last two years, of which 40 percent were caused by lithium-ion batteries.

NB other W.P. tech-focused articles;
https://www.washingtonpost.com/news/the-switch/


Subject: Now Apps Can Track You Even After You Uninstall Them
Source: Bloomberg BusinessWeek
https://www.bloomberg.com/news/articles/2018-10-22/now-apps-can-track-you-even-after-you-uninstall-them

New trackers make it easy for developers to identify fed-up users and pester them with targeted ads.

BOTTOM LINE – Uninstall tracking may violate Apple and Google policies against ad-focused use of their mobile developer tools, but so far the companies haven’t taken action.

NB https://www.bloomberg.com/businessweek


Subject: Google adds search engine usage controls
Source: Google Blog via beSpacific
https://www.bespacific.com/google-adds-search-engine-usage-controls/

Google Blog: “…Today, we’re making it easier for you to make decisions about your data directly within the Google products you use every day, starting with Search. Without ever leaving Search, you can now review and delete your recent Search activity, get quick access to the most relevant privacy controls in your Google Account, and learn more about how Search works with your data…Before today, if you were searching on Google and wanted to review or manage this data, the best way for you to do that would have been to visit your Google Account. Now, we’re bringing these controls to you – from directly within Search, you can review or delete your Search activity and quickly get back to finding what you were searching for…” [or – you can just use DuckDuckGo]


Subject: Apple boss takes aim at ‘weaponization’ of customer data
Source: Reuters Business News
https://www.reuters.com/article/us-eu-privacy-apple/apple-boss-takes-aim-at-weaponization-of-customer-data-idUSKCN1MY1DF

BRUSSELS (Reuters) – Apple Chief Executive Tim Cook on Wednesday said customer data was being “weaponized with military efficiency” by companies to increase profit and called for a federal privacy law in the United States.

But Facebook CEO Mark Zuckerberg defended his company’s ad-based business model said users were aware of a trade-off for free services.

Cook, speaking at the International Conference of Data Protection and Privacy Commissioners, said Apple would support a U.S. privacy law and also touted the iPhone maker’s commitment to protect users’ data and privacy.


Subject: Suspected explosive devices are hard for UPS, FedEx, USPS to detect
Source: USA Today Money
https://www.usatoday.com/story/money/2018/10/25/suspicious-package-handling-ups-fedex-usps/1763186002/

For example, since suspects often don’t pay for exact postage in person to avoid being seen on security cameras, they end up using far too many stamps to ensure that explosive packages rigged with timers reach their destinations as expected, Cohen said.


Subject: Cybersecurity Resources for Non-Profits
Source: FTC Consumer Information
https://www.consumer.ftc.gov/blog/2018/10/cybersecurity-resources-non-profits

October 25, 2018 by Rosario Méndez – Attorney, Division of Consumer and Business Education, FTC

Do you work for a charity or other non-profit? If so, you know that your organization collects all sorts of private information, including details about people you serve and financial information related to donors. Your own personal information, too, is probably in your organization’s employee records. Cyber criminals would love to get their hands on that data. You can help protect your organization using the information at FTC.gov/Cybersecurity.

At FTC.gov/Cybersecurity you’ll find resources on 12 different topics…

Tagged with: business, charity, cyber security
Blog Topics:Privacy, Identity & Online Security


Subject: How to Spot a Twitter Bot
Source: Symantec Blogs
https://www.symantec.com/blogs/election-security/spot-twitter-bot

Twitter bots and botnets sparked much discussion in the run-up to the 2016 U.S. presidential election. With the midterm elections rapidly approaching, we ask: What is a Twitter bot? How can you detect what’s real and what’s not? What is a social media bot?

Twitter bots are automated user accounts that interact with Twitter using an application programming interface (API). These bots can be programmed to perform tasks normally associated with human interaction, including follow users, favor tweets, direct message (DM) other users and, most importantly, they can tweet content, and retweet anything posted by a specific set of users or featuring a specific hashtag. Many are used to perform important functions, such as tweet about earthquakes in real-time and serve as part of a warning system. In the case of a campaign, however, political or otherwise, they are normally used to generate mass interest in specific content by spreading messages at a rate that isn’t possible with human users. A research paper produced by Indiana University in March 2017 found that 15 percent of all Twitter accounts were bots.

RSS for the blog:
https://content.connect.symantec.com/rss/v1/blogs/rss.xml

Other Election Security articles:
https://www.symantec.com/blogs/election-security

Posted in: Congress, Cybercrime, Cybersecurity, E-Commerce, Government Resources, Privacy, Social Media