Pete Recommends – Weekly highlights on cyber security issues, October 19, 2019

Subject: New Report: “The Market of Disinformation”
Source: Oxford Technology & Elections Commission via LJ infoDOCKET

This report by Oxford Information Labs examines the impact of algorithmic changes made by social media platforms, designed to curb the spread of disinformation, through the lens of digital marketing. The report highlights some of the techniques used by campaigners to attract, retain and persuade online audiences. It also sets out recommendations for the UK Electoral Commission….

Subject: This just got real: US, UK agencies issue joint VPN security alert
Source: TechBeacon

[thx, Dale … ]

If your employees are using … VPNs from Fortinet, Palo Alto, or Pulse Secure, you really need to patch the products and search … for signs of compromise. … A group of Chinese state-backed hackers known as APT5 have been attacking enterprise VPN servers.

The VPN flaws would allow attackers to gain authentication credentials that can be used to connect to the VPN and change configuration settings or provide privileges to use additional exploits to gain a root shell. … The UK’s National Cyber Security Centre (NCSC), a unit of UK spy agency GCHQ … is recommending organizations … check all VPN settings and carry out checks on logs for services such as email that users connect to the network through a VPN. It also recommends wiping devices if they may have been compromised.

TechBeacon category:


Subject: Plan for the Future. Manage the Present. Open or access your my Social Security account today!
Source: SSA Blog via Social Security Matters

my Social Security is your online gateway to Social Security. There’s never been a better time to open or access your my Social Security account. We’ve added several new features. These features include:

my Social Security account holders will still be able to request a replacement Social Security card, check the status of their Social Security application, set up or change direct deposit information, get a proof of income letter, change their address, and more.

[3 bullet points; note well the last one]

This entry was posted in Online Services by Mike Korbey, Deputy Commissioner for Communications.

Subject: Preparing for Evolving Cybersecurity Threats Facing the U.S. Electric Grid
Source: WatchBlog: Official Blog of the U.S. GAO

Electricity is essential for modern life. In addition to our modern home conveniences, like our microwaves, computers, and lighting, electricity is vital to hospitals, first responders, and financial services in our country. So, what would happen if our electric grid were attacked?

For National Cybersecurity Awareness Month, today’s WatchBlog looks at our recent report on the cybersecurity risks to the U.S. electric grid and federal efforts to address them. Read on, and listen to our podcast with Frank Rusco and Nick Marinos, the directors who led the report, to learn more.

We recommended that FERC consider adopting changes to its approved standards to more fully address federal guidance and evaluate the potential risk of a coordinated attack.

This entry was posted in Information Security, Science and Technology and tagged critical infrastructure, Critical infrastructure protection, Critical infrastructure vulnerabilities, Cyber attacks, cybersecurity, Department of Energy, Electricity, Electricity grids, Federal Energy Regulatory Commission, Frank Rusco, Information technology and cybersecurity, Natural Resources and Environment, Nick Marinos, Security threats

Sample RSS feed:

Subject: Contemporary cyber-related topics posted on beSpacific
Source: various via beSpacific

This week, the following beSpacific categories (curated by Sabrina Pacifici) have had a number of cyber-related articles posted (some cross-posted to other categories). Click on any of them to see abstracts, and then click-through to the fuller-text of the posting:

On the right hand side of each page, there is a lists of Subjects aka Categories which are also topical.

Same category RSS feed:

Posted in: Cybersecurity, Economy, Elder Law, Government Resources, Legal Research, Privacy