THREATS
Bye-passcode. A bug in Apple's new mobile software—iOS 13, released Thursday—supposedly allows people to expose contact details in iPhone address books without requiring a passcode or biometric unlock. A researcher informed Apple of the issue, which requires physical access to a device, in July, but the company appears to have opted to release the software anyway, reports CNN. A fix is slated for the next iOS update, iOS 13.1, due out on Sept. 24.
Forget sex—fear sells. Chris Krebs, cybersecurity director for the Department of Homeland Security, chastised the cybersecurity industry for its typically fear-mongering approach to communications. "One of the things we've got to do a better job of is stop selling fear," he said during a keynote address at a summit organized by his agency. "Fear sells, but we have far too much to offer to just be looking for the next mark."
MacGyver vs. McDonald's. Some estimates place the number of unfilled cybersecurity job openings at nearly 3 million. Why such a shortage? Cybersecurity news site CyberScoop says the industry's problem may be, at least partially, "self-inflicted." Pointing to a July Forrester report , the outlet notes that hiring managers "expect to hire MacGyver but pay like McDonalds."
Strike a pose. Chinese cybersecurity experts are warning that posing for selfies with a hand-gestured "peace sign"—fingers splayed outward in the shape of a "V"—is a risky behavior. Why? Because hackers can magnify the image and use artificial intelligence techniques to reconstruct a subject's fingerprints, useful for breaking into biometric-locked devices. Maybe we should all just stop taking photos and move to the woods.
A star is born. Acronis, A Swiss data backup and recovery firm, raised $147 million in funding at a private valuation in excess of $1 billion, making it the latest "unicorn" startup in cyberland. Goldman Sachs led the round.
Man, WeWork, get it together.
Share today's Cyber Saturday with a friend: http://fortune.com/newsletter/cybersaturday/?utm_source=email&utm_medium=newsletter&utm_campaign=cyber-saturday&utm_content=2019092116pm
Looking for previous Data Sheets? Click here.
ACCESS GRANTED
Memories of my melancholy computers. Edward Snowden, the U.S. government secret leaker, has written an autobiography. The Nation published an excerpt that describes the whistleblower's first adventures in cyberspace. Snowden says he experienced the throes of "technological puberty" after his father bought the family a Compaq Presario 425 computer. Department of Justice lawyers are now suing Snowden for failing to clear the text with his former employers, the CIA and NSA—a lapse that surprises no one. (He left on bad terms.)
From the age of twelve or so, I tried to spend my every waking moment online. The Internet was my sanctuary; the Web became my jungle gym, my treehouse, my fortress, my classroom without walls. If it were possible, I became even more sedentary. If it were possible, I became even paler. Gradually, I stopped sleeping at night and instead slept by day in school. My grades went into free fall.
FORTUNE RECON
Russian Hacker Will Plead Guilty for Role in JPMorgan Cyber-Attack by Christian Berthelsen
'Security' Cameras Are Dry Powder for Hackers. Here's Why by Robert Hackett
Who Is Robert O'Brien? What to Know About Trump's New National Security Adviser by Terry Collins
Huawei's Big Offer by Alan Murray and David Meyer
Mechanic in American Airlines Sabotage Case Had Islamic State Videos on Phone, Prosecutors Say by Curt Anderson and The Associated Press
Startup Raises $4 Million to Secure Crypto Transactions Without an Internet Connection by Jeff John Roberts
After Saudi Oil Attack, Trump Pledges Help for Middle East Allies By Jordan Fabian, Nick Wadhams, David Wainer, and Glen Carey
ONE MORE THING
A hacker by any other name... Last week the U.S. Treasury Department added several North Korea-affiliated hacking groups to its sanctions list. The update referred to a single, blocked entity by as many names as Game of Thrones' Daenerys Targaryen has titles. Witness: Lazarus Group, AppleWorm, APT-C-26, Group 77, Guardians of Peace, Hidden Cobra, Office 91, Red Dot, Temp.Hermit, The New Romantic Cyber Army Team, Who Is Hacking Team, Zinc...*Gasps for breath.*
InfoSecurity Magazine's Danny Bradbury astutely notes that the cybersecurity industry has a naming problem—an issue that is exacerbated by the number of private companies seeking to slap their own branding on the groups they uncover. Ultimately, the muddled taxonomy makes it harder for researchers and crime-fighters to keep track of the baddies. Let's just use The New Romantic Cyber Army Team for this one.
No comments:
Post a Comment