Pete Recommends – Weekly highlights on cyber security issues June 22, 2019

Subject: Cybersecurity report: Hackers targeting U.S. power grid
Source: UPI 14 (UPI) — A group of hackers has targeted the U.S. power grid over the past several months but has so far been unable to trigger any outages or other incidents, a cybersecurity firm said in an analysis Friday.The company, Dragos, has been tracking the hacker group known as Xenotime or the Triton actor for months as it scans the U.S. electrical grid looking for weaknesses. The group is known for its Triton malware, which was responsible for disabling the cybersecurity systems at Saudi Arabia’s Petro Rabigh oil refinery in 2017….Read MoreHack that cost Baltimore $18M a mystery after experts eye NSA link
Security firm: North Korean hackers shifted focus from causing chaos to acquiring moneyTopics

See also blog entry:


Subject: New York Times: US ramping up cyber attacks on Russia
Source: The New York Times via CNNPolitics

Washington (CNN) The US is escalating cyber attacks on Russia’s electric power grid and has placed potentially crippling malware inside the Russian system, The New York Times reported Saturday.

The placement of the malware that deep within the Russian grid had never previously been attempted, the Times reports, and is intended partly as a warning and also to put the US in a position to conduct cyber attacks should a significant conflict arise with Russia.

The incursion into the Russian electric power grid seems to have been conducted under new legal authorities in the military authorization bill passed by Congress last year, the Times reports. Under the law, the defense secretary can authorize, without special presidential approval, routine “clandestine military activity” in cyberspace, according to the Times.

Subject: Adobe Develops Tool to Identify Photoshopped Images of Faces
Source: Digital Trends

With deepfake videos making headlines recently and campaigns against the over-Photoshopping of models picking up steam in the last few years, people are more aware than ever of how images can be digitally manipulated. Now the company that created Photoshop, Adobe, wants to give tools to users to let them spot faked images themselves.

filed under


Editors’ Recommendations

Subject: Three U.S. Universities Disclose Data Breaches Over Two-Day Span
Source: Bleeping Computer

Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees’ email accounts. All three universities — Graceland University, Oregon State University, and Missouri Southern State University — have notified the individuals whose personal information was potentially stolen or accessed about the security incidents. In addition, no evidence has been found of the impacted personal information being stolen or used in a malicious manner while investigating the disclosed data privacy incidents involving all three universities.


site RSS:


Related Articles:

Quest, LabCorp, AMCA Sued For Breach Impacting Over 19 Million
Over 400,000 Opko Health Clients Impacted by AMCA Data Breach
Phishing Kits Add More Vulnerabilities to Hacked Servers
Private Info of Over 1.5M Donors Exposed by UChicago Medicine
Billing Details for 11.9M Quest Diagnostics Clients Exposed

Subject: It’s Time to Switch to a Privacy Browser
Source: WIRED

There’s a new battleground in the browser wars: user privacy. Firefox just made its Enhanced Tracking Protection a default feature, Apple continues to pile privacy-focused features into its Safari browser, and people are more aware than ever before of the sort of information they can reveal every time they set a digital footprint on the web.

If you want to push back against online tracking, you’ve got several options to pick from when choosing a default browser. These are the browsers that put user privacy high on the list of their priorities.



Related Video – Security – How to Make Your Browsing Data More Private than a Thousand Incognito Windows. Thanks to an assist from Congress, your cable company has the legal right to sell your web-browsing data without your consent. This is how to protect your data from preying eyes.


Subject: In Court, Facebook Blames Users for Destroying Their Own Right to Privacy
Source: The Intercept via beSpacific

The Intercept: “In April 2018, Facebook CEO Mark Zuckerberg sat before members of both houses of Congress and told them his company respected the privacy of the roughly two billion people who use it. “Privacy” remained largely undefined throughout Zuckerberg’s televised flagellations, but he mentioned the concept more than two dozen times, including when he told the Senate’s Judiciary and Commerce committees, “We have a broader responsibility to protect people’s privacy even beyond” a consent decree from federal privacy regulators, and when he told the House Energy and Commerce Committee, “We believe that everyone around the world deserves good privacy controls.” A year later, Zuckerberg claimed in interviews and essays to have discovered the religion of personal privacy and vowed to rebuild the company in its image.

beSpacific Subjects: Congress, Courts, Internet, Legal Research, Social Media

The Intercept RSS feeds:

Subject: After Equifax breach, US watchdog says agencies aren’t properly verifying identities
Source: TechCrunch

A federal watchdog says the government should stop relying on the credit agencies to verify the identifies of those using government services. In a report out this week, the the Government Accountability Office said several government departments still rely on the credit agencies — Equifax, Experian and TransUnion — to check if a person is who they say they are before they can access their services online.

Agencies like the U.S. Postal Service, the Social Security Administration, Veterans Affairs, and the Centers for Medicare and Medicaid Services ask several questions of a new user and match their answers to information held in an individual’s credit file. The logic is that these credit files have information only the person signing up for services can know. But following the Equifax breach in 2017 those answers are no longer safe, the watchdog said.,,

Only Veterans Affairs implemented a new system but still relies on knowledge-based verification in some cases.


Subject: Delta to launch facial recognition technology in more U.S. airports, CEO Ed Bastian says
Source: Atlanta Business Chronicle

Delta CEO Ed Bastian says the Atlanta-based airline is planning to launch facial recognition technology in more of its international hubs across the U.S., and will eventually add the facial recognition technology to domestic terminals altogether.

“We are already rolling it out. We have it in Detroit already, and pretty soon, we’ll have it in most of our international facilities,” said Bastian during a sit-down interview with CNBC last week. “The next big thing for us is obviously the domestic [terminals]. We are working with TSA on anything to expedite.”

However, there are privacy concerns. During the CNBC interview, Bastian acknowledged that majority of people are sensitive about facial technology, particularly with privacy being the primary concern.

filed under:

Subject: Protect your online identity now: Fight hackers with these 5 security safeguards
Source: The Ed Bott Report via ZDNet via beSpacific

ZDNET – Having your identity stolen can be a nightmare, and cleaning up the mess can take months. You can make life difficult for a would-be identity thief by locking down these five key aspects of your online life. “…You don’t have to be the next victim. With a little effort (and, yes, a little expense), you can lock down the security of crucial online services. Follow these five guidelines and you can make life extremely difficult for a would-be identity thief…”

beSpacific Subjects: Cybercrime, Cybersecurity, E-Mail, E-Records, ID Theft, Internet
ZDNet Topic: Security
RSS feed for the Ed Bott Report:

Subject: Millions of Business Listings on Google Maps Are Fake and Google Profits
Source: WSJ via beSpacific

[paywall for the article but see also the same article free –] – Google Maps is filled with false business addresses created by firms pretending to be nearby – “Out of habit, Nancy Carter, a retired federal employee, turned to Google for help one August evening. She ended the night wishing she hadn’t. Ms. Carter had pulled into her Falls Church, Va., driveway and saw the garage door was stuck. The 67-year-old searched Google and found the listing of a local repair service she had used before. She phoned in a house call. Google’s ubiquitous internet platform shapes what’s real and what isn’t for more than 2 billion monthly users. Yet Google Maps, triggered by such Google queries as the one Ms. Carter made, is overrun with millions of false business addresses and fake names, according to advertisers, search experts and current and former Google employees…

beSpacific Subjects: Internet, Knowledge Management, Legal Research, Search Engines

Posted in: AI, Civil Liberties, Cyberlaw, Cybersecurity, Email Security, Internet Trends, KM, Legal Research, Privacy, RSS Newsfeeds, Search Engines, Search Strategies, Social Media, Technology Trends