Not surprising at all is it? If you want to target sensitive data, a third party who doesn't have the same strong sense of protecting it, and an industry that has a reputation for somewhat lax security measures, would be a pretty tempting place to start.
The exposure to being hacked raises a lot of questions about the so-called Internet of Things. If everything is connected to the Net, then everything is tracking you. That information is valuable in and of itself to hackers looking to embarrass or blackmail people.
But, as bad as that is, what is worse is the ability of hackers to actually take control of those devices, especially when talking about medical devices, or transportation. Given the number of hacks that have already been reported, and the severity of them, I have little faith that anyone can truly protect our information or devices.
Maybe I'm just a pessimist. What do you think?
Can we really be surprised? This is why I've written before that while using mobile technology to replace banks for many people impossible, the security has to get better!
Keep those Andriod devices safe people!
This seems scary. If you don't think cyber security concerns you, you should probably be aware of how many things currently, or shortly will be, connected to the internet. Yes, it's cool to be able to control your house from your smartphone, or start your car from inside using it on a cold day, but if the communication is going across the internet insecurely, that means anyone else can too! We're not just talking about a defaced website, or even credit card information, we're talking about things that can kill you.
Frankly, until this is secured as much as possible, the self-driving car is a non-starter. I kind of like the idea of the self-driving car, but not so much if it can be hacked and actually controlled by someone else.
Malwarebytes has been one of my go-to resources for years when helping people clean up infected machines. Interesting to see them dip into a tool for Macs, which obviously can, and do, get malware as well!
Stop what you are doing and grab this patch. This security flaw is already out in the wild, attached to some of the nastiest malware out there. Get the update if you have Flash installed. (And you probably do!)
What's interesting about this is the timing. Obviously with Deflategate there was an inability to get texts from Tom Brady's phone, but having a mobile forensics expert wouldn't have changed that. You need access to the phone. Is the NFL planning on making that part of the CBA, that players have to turn over their phones to provide information to the league in an investigation? Would they actually agree to that? I don't think I would. It's not a matter of having something to hide either, we all have data that just shouldn't be public, or in anyone else's hands, on our devices. Just because I work for a company doesn't give them access to my personal phone. Putting that clause in a player's contract is overreaching, IMHO.
I've always been bothered by the idea of QR codes. I felt that they undermined everything we tried to teach users about online security. Don't open email attachments that you weren't expecting, don't blindly follow links without checking where they go, or just go to the website and login without clicking a link in an email, but then the marketing people got into the QR game and realized they could get people to "play" with their smartphones and scan a code, and that code could take them anywhere the marketer wanted to take them, and suddenly that seemed like something we should encourage? No, no and no. As this story points out, as a user, you have no idea where that QR code is taking you, are you really ok with that?
The facts about how shabby the security procedures at the OPM are appalling. The US government is constantly asking us to trust them to know what's best and protect us, but how can we when facts like these come out? No security staff until 2013 and not using encryption? WTH?
--"23% of recipients open phishing messages and 11% click on attachments"
Click in to find related links.