Subject: VISA warns of POS malware incidents at gas pumps across North America
Source: ZDNet
https://www.zdnet.com/article/
VISA says it’s aware of POS malware being deployed on the networks of five North American fuel dispenser merchants. Payments processor VISA says North American merchants who operate gas stations and gas pumps are facing a rash of attacks from cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks.
…
The payments processor said cybercrime groups carried out attacks with the main purpose of gaining access to fuel dispenser merchants’ networks, where they installed POS malware. POS malware works by continuously scraping a computer’s RAM for what looks like unencrypted payment card data, which it collects, and then uploads to a remote server. The VISA Payment Fraud Disruption (PFD) team says cybercrime groups appear to have found a weak spot in how gas stations and gas pump operators work.
…
These gas pump card readers still operate on older technology that can only read payment data from the card’s magnetic stripe. Data from these outdated card readers is sent unencrypted to the gas station’s main network, where crooks have realized they can intercept it.
…
Topic: Security
Source: Unified Judicial System of Pennsylvania
http://www.pacourts.us/news-
News Article December 13, 2019 – Between 2014 and 2018, there were 799 cybercrime offenses committed by 287 people in Pennsylvania. The top convictions for cybercrime offenses are making or forcing someone to participate in online child pornography and unlawful use of a computer – which could include accessing or altering computer data, providing passwords without authorization, etc.
The infographic…highlights relevant court data including the total number and type of cybercrime offenses committed over the last five years, defendant demographics and the total amount in fines assessed for cybercrime convictions statewide.
Download a high-resolution version of the graphic.
Source: Putin Still Uses Obsolete Windows XP, Report Says
https://www.themoscowtimes.
Russian President Vladimir Putin appears to still use Microsoft’s discontinued Windows XP operating system, the Open Media news website reported Monday after examining photographs of his desktop.Microsoft stopped releasing security updates for Windows XP and Office 2003, with occasional exceptions, in April 2014. Russian officials are technically banned from using foreign software as Moscow aims to protect national interests amid fears of foreign espionage and boost Russia’s tech industry.
Putin avoids smartphones and has long viewed the internet with suspicion.
Earlier this month, Russia banned the sale of smartphones without Russian-made software and apps starting July 2020. Putin also signed into law measures that would cut off the Russian segment of the internet from the rest of the world when needed.
…
Subject: Various Cyber-related categories posted to this week in beSpacific
Source: external via beSpacific
Various beSpacific topics aka categories have had articles updated recently. You may want to click on a category below to see summaries. Of course these summaries will overlap within the other categories:
https://www.bespacific.com/
https://www.bespacific.com/
https://www.bespacific.com/
Sample RSS feed:
https://www.bespacific.com/
Subject: VISA warns of POS malware incidents at gas pumps across North America
Source: ZDNet
https://www.zdnet.com/article/
VISA says it’s aware of POS malware being deployed on the networks of five North American fuel dispenser merchants.Payments processor VISA says North American merchants who operate gas stations and gas pumps are facing a rash of attacks from cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks.
…
The payments processor said cybercrime groups carried out attacks with the main purpose of gaining access to fuel dispenser merchants’ networks, where they installed POS malware. POS malware works by continuously scraping a computer’s RAM for what looks like unencrypted payment card data, which it collects, and then uploads to a remote server.
The VISA Payment Fraud Disruption (PFD) team says cybercrime groups appear to have found a weak spot in how gas stations and gas pump operators work.
…
These gas pump card readers still operate on older technology that can only read payment data from the card’s magnetic stripe. Data from these outdated card readers is sent unencrypted to the gas station’s main network, where crooks have realized they can intercept it.
…
Topic: Security
Source: The Moscow Times
https://www.themoscowtimes.
Russian President Vladimir Putin appears to still use Microsoft’s discontinued Windows XP operating system, the Open Media news website reported Monday after examining photographs of his desktop.Microsoft stopped releasing security updates for Windows XP and Office 2003, with occasional exceptions, in April 2014. Russian officials are technically banned from using foreign software as Moscow aims to protect national interests amid fears of foreign espionage and boost Russia’s tech industry.
Putin avoids smartphones and has long viewed the internet with suspicion.
Earlier this month, Russia banned the sale of smartphones without Russian-made software and apps starting July 2020. Putin also signed into law measures that would cut off the Russian segment of the internet from the rest of the world when needed.
…
Subject: Various Cyber-related categories posted to this week in beSpacific
Source: external via beSpacific
Various beSpacific topics aka categories have had articles updated recently. You may want to click on a category below to see summaries. Of course these summaries will overlap within the other categories:
https://www.bespacific.com/
https://www.bespacific.com/
https://www.bespacific.com/
Sample RSS feed:
https://www.bespacific.com/
Source: NIST via LJ infoDOCKET
https://www.infodocket.com/
From NIST: How accurately do face recognition software tools identify people of varied sex, age and racial background? According to a new study by the National Institute of Standards and Technology (NIST), the answer depends on the algorithm at the heart of the system, the application that uses it and the data it’s fed — but the majority of face recognition algorithms exhibit demographic differentials. A differential means that an algorithm’s ability to match two images of the same person varies from one demographic group to another.
Results captured in the report, NISTIR 8280 Face Recognition Vendor Test (FRVT) Part 3: Demographic Effects, are intended to inform policymakers and to help software developers better understand the performance of their algorithms. Face recognition technology has inspired public debate in part because of the need to understand the effect of demographics on face recognition algorithms.
Source: New York Times [interactive] via beSpacific
https://www.bespacific.com/an-
The New York Times – Twelve Million Phones, One Dataset, Zero Privacy – By Stuart A. Thompson and Charlie Warzel, December 19, 2019. “Every minute of every day, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files. The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles. …
beSpacific Subjects: Congress, E-Mail, E-Records, Internet, Legal Research, Legislation, Privacy, Search Engines, Social Media
Source: Digital Trends
https://www.digitaltrends.com/
More than 267 million Facebook users’ IDs, phone numbers, and names were exposed to an online database that could potentially be used for spam and phishing campaigns.Security researcher Bob Diachenko uncovered the database, according to Comparitech. The database was first indexed on December 4, but as of today, December 19, it is unavailable. Comparitech reports that before the site was taken down, the database was found on a hacker forum as a downloadable file.
Most of the Facebook users that were affected by this leak are located in the U.S., and the data included people’s Facebook IDs, phone numbers, and their full names.
Diachenko told Comparitech that the leaked data was most likely a result of illegal scraping or a hole in Facebook’s API. Scraping is against Facebook’s policies but can be easily done, especially if users have public profile settings.
…
RSS news feed: https://www.digitaltrends.com/
Source: CSMonitor.com
https://www.csmonitor.com/USA/
If the thousands of Californians who use Josh Simons’ app for musicians demand next month that Vampr delete their personal information, Mr. Simons will be ready to comply.The social network company expects to be one of many businesses nationwide subject to the California Consumer Privacy Act, a law that takes effect Jan. 1 and gives consumers control over the personal information companies collect, store, and often share with other enterprises. Mr. Simons, who already had a user privacy policy in place before the act became law last year, has retooled the policy and the Vampr app.
“We have half a million users around the world,” Mr. Simons says. “It’s definitely something we have to keep in mind.”
Companies across the country need to be aware of the law’s complex requirements even if they don’t deal directly with consumers. It covers companies that conduct business in California, including out-of-state companies that sell products or merchandise to California residents. The law can also cover companies that make money from providing services like payment processing or website hosting to businesses that are subject to the law.
…
The law aims to protect consumers from having their information sold without their knowledge or consent. It was passed by the California Legislature in June 2018, and modeled on the European Union’s General Data Protection Regulation, which took effect in May 2018. The California law was enacted amid increasing concern about companies sharing consumer data, especially after it was learned that the data firm Cambridge Analytica improperly accessed Facebook user informatio
Source: New York Times [interactive] via beSpacific
https://www.bespacific.com/an-
The New York Times – Twelve Million Phones, One Dataset, Zero Privacy – By Stuart A. Thompson and Charlie Warzel, December 19, 2019. “Every minute of every day, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files. The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles.
beSpacific Subjects: Congress, E-Mail, E-Records, Internet, Legal Research, Legislation, Privacy, Search Engines, Social Media
Source: Digital Trends
https://www.digitaltrends.com/
More than 267 million Facebook users’ IDs, phone numbers, and names were exposed to an online database that could potentially be used for spam and phishing campaigns.Security researcher Bob Diachenko uncovered the database, according to Comparitech. The database was first indexed on December 4, but as of today, December 19, it is unavailable. Comparitech reports that before the site was taken down, the database was found on a hacker forum as a downloadable file.
Most of the Facebook users that were affected by this leak are located in the U.S., and the data included people’s Facebook IDs, phone numbers, and their full names.
Diachenko told Comparitech that the leaked data was most likely a result of illegal scraping or a hole in Facebook’s API. Scraping is against Facebook’s policies but can be easily done, especially if users have public profile settings.
…
RSS news feed: https://www.digitaltrends.com/
Source: CSMonitor.com
https://www.csmonitor.com/USA/
If the thousands of Californians who use Josh Simons’ app for musicians demand next month that Vampr delete their personal information, Mr. Simons will be ready to comply.The social network company expects to be one of many businesses nationwide subject to the California Consumer Privacy Act, a law that takes effect Jan. 1 and gives consumers control over the personal information companies collect, store, and often share with other enterprises. Mr. Simons, who already had a user privacy policy in place before the act became law last year, has retooled the policy and the Vampr app.
“We have half a million users around the world,” Mr. Simons says. “It’s definitely something we have to keep in mind.”
Companies across the country need to be aware of the law’s complex requirements even if they don’t deal directly with consumers. It covers companies that conduct business in California, including out-of-state companies that sell products or merchandise to California residents. The law can also cover companies that make money from providing services like payment processing or website hosting to businesses that are subject to the law.
…
The law aims to protect consumers from having their information sold without their knowledge or consent. It was passed by the California Legislature in June 2018, and modeled on the European Union’s General Data Protection Regulation, which took effect in May 2018. The California law was enacted amid increasing concern about companies sharing consumer data, especially after it was learned that the data firm Cambridge Analytica improperly accessed Facebook user information.