| |
Journalists Attacked, Detained in Egypt
Wall Street Journal (02/03/11)
A number of foreign journalists have been attacked as the recent Egyptian protests continue to escalate. Some journalists have been beaten by supporters of President Hosni Mubarak while others have been reported detained by security forces or missing. The Egyptian government has denied any involvement in attacks on reporters. Several hotels, including the Ramses Hilton and the Intercontinental Hotel have confiscated journalists' cameras after threats were made against the hotels if reporters did not stop broadcasting from them. Journalists from CNN, CBS, the BBC, Danish TV2 News, Swiss television, The Associated Press, and Belgium's Le Soir newspaper have all be targeted while the Washington Post's Cairo bureau chief Leila Fade and photographer Linda Davidson were among approximately 24 journalists arrested by the Egyptian Interior Ministry. The U.S. has joined the chorus condemning violence or intimidation against international journalists. France, Britain, Italy, and Spain have also lodged complaints.
Drug Use At Work: Higher Than We Thought
CNNMoney.com (02/03/11) Fisher, Anne
According to a recent report by the drug-testing company Quest Diagnostics, the number of Americans using cocaine while at work fell 29 percent between 2008 and 2009 to about 0.29% of the population. However, heroin use and prescription medication use has increased. The rise in positive heroin tests from 0.0008 percent to 0.04 percent between January and June 2010 is attributed to new, more accurate testing methods that use oral swabs instead of urine samples. "Stress in the workplace, which can play a role in increased substance use, has amplified in recent years due to job insecurity and a trend toward working longer hours," says a report from the federal Substance Abuse and Mental Heath Services Administration. To combat the problem, most employers offer employee assistance programs (EAPs), including drug and alcohol counseling. However, even employees who want to get help are often hesitant to do so because of fears that the counseling is not truly confidential, said Ruth Donahue, a benefits specialist in the Chicago office of human resources consultants The Segal Company. Donahue said that companies need to do a better job of dispelling these myths and reassuring workers that getting help will not endanger their careers.
Data Out of the Door
Financial Times (02/02/11) Marsh, Peter; Anderlini, Jamil
Industrial espionage, or the theft of sensitive company information and intellectual property, is becoming a growing problem for companies around the world as more and more firms are increasingly interested in obtaining their competitors' secrets as early in the development cycle of products and services as possible. In the U.S. alone, the illicit use of technology and business ideas costs companies between $100 billion and $250 billion a year in sales. A variety of companies are vulnerable to industrial espionage, particularly those that have high levels of research and development and those that develop high-tech products. Industrial espionage can be carried out in several ways, including the hacking of company systems and the theft of data by employees who are leaving the company. Several countries have programs that aim to appropriate technology from foreign companies, including Russia, France, and Israel. However, China is probably biggest threat to the proprietary information of U.S. companies, one expert said. Beijing has a program in place called the 863 program, which purportedly aims to stimulate cutting-edge technologies in a variety of fields and to make China independent of financial obligations for foreign technologies. But some say that the program also supports the illegal acquisition of proprietary information held by foreign companies. The Chinese government has denied being involved in industrial espionage. There are several things that companies can do to protect themselves from industrial espionage, including using technology or other means to reduce the possibility of leaks or by focusing only on protecting advanced technologies that would be impossible for an outsider to reproduce.
Is Europe Losing the Fight Against Internet Pirates?
Time (01/30/11) Crumley, Bruce
In recent years, a number of European countries have passed anti-piracy laws designed to stop the sharing of copyrighted music, movies, and other material. However, a recent poll shows that even French legislation, which was decried as being too harsh when it was passed in 2009, has proved ineffective in discouraging Internet piracy. In fact, the poll indicates that 49 percent of French Internet users continue to illegally download music and video, and 52 percent say that the new law, which would allow the government to deprive them of the Internet while forcing them to continue paying for their connection, has not influenced their surfing habits. French authorities say that, despite those figures, the law has had some effect. Before its passage, most illegal material was shared using peer-to peer (P2P) technology. The poll found that P2P has now declined 42 percent. Instead, the use of direct-download sites such as Megaupload and Rapidshare — whose downloaded content cannot be detected by outside monitors — has increased to 37 percent. Use of captured streamed content — when video or music is saved to a computer's memory as it is played by a remote site -- has also increased. Officials are hopeful that as the legislation begins to be enforced, these other types of usage will also decline. But while casual users may be deterred by a warning, serious downloaders are expected to mount legal challenges to the new legislation. A similar law in the U.K. has already faced challenges. For example, broadband service providers BT and Talk Talk have won a judicial review of the law, challenging the legality of being forced to cut off customers and block sites proven to have been involved with illicit downloading.
The Elephant in the Room--Law Firm Fraud
Law Office Management & Administration Report (01/01/11) Vol. 2011, No. 1,
Law firms are frequent targets of fraud, but they can take steps to curb the risk, according to Brenda Christiansen, a CPA and vice president with the LaPorte Sehrt Romig Hand. This includes being aware of red flags, such as an employee earning $40,000 who buys a new car entirely in cash. Common types of fraud that can occur at law firms include asset misappropriation, skimming, check tampering, payroll embezzlement, and misstatements/omissions on financial statements. Warning signs to look out for include staff who never take time off, employees who act territorially, changes in lifestyle, delays in furnishing financial data, use of drugs or alcohol, taking several personal calls out of the office, and high debt or bills. Christiansen says fraud typically occurs when three things are present--need, opportunity, and rationalization. The latter can be aggravated by circumstances in the office, such as a lack of internal controls, inadequate segmentation of duties, and attorneys who are uninterested in overseeing the firm's operations. As a result, it is important that companies establish internal controls and procedures to curb fraud, especially if they work with customers that are SOX-compliant. Companies also need to set the right management tone by monitoring the controls, enforcing a habit of documenting expenses, thoroughly screening new hires, and dividing financial duties.
Senators Question Intelligence Agencies' Anticipation of Egypt Uprising
Washington Post (02/04/11) P. A17 Miller, Greg
Lawmakers on Thursday used a Senate Intelligence Committee hearing on the nomination of Stephanie O'Sullivan to be the principal deputy director of the Office of Director of National Intelligence to criticize the nation's intelligence community for its handling of the protests in Egypt. During the hearing, committee Chairman Sen. Dianne Feinstein (D-Calif.) said that she doubted that the intelligence community provided President Obama and other policymakers with timely intelligence on the Egyptian protests. Following the hearing, Feinstein noted that the CIA and other intelligence agencies ignored posts on publicly accessible Web sites such as Facebook from organizers of the protesters. Feinstein added that the intelligence on the unrest in the Middle East was lacking "on collection." O'Sullivan responded by saying that the nation's intelligence community warned Obama late last year that the Egyptian government could be toppled, though she conceded that no one knew what would trigger such an event. Another U.S. official who is familiar with the intelligence on Egypt but did not appear at the hearing said analysts warned that the unrest in Tunisia could spread and that protests in Egypt could gain momentum and threaten Egyptian President Hosni Mubarak's government.
Five Fatally Shot in Second Day of Bloody Clashes in Tahrir Square
Washington Post (02/03/11) Fadel, Leila; Englund, Will; Wilgoren, Debbi
Five pro-democracy protesters were shot and killed in Cairo's Tahrir Square on Thursday morning, one day after violent clashes between supporters and opponents of embattled Egyptian President Hosni Mubarak. The violence on Wednesday began at about midday, when supporters of Mubarak broke through security checkpoints that had been established at Tahrir Square by pro-democracy supporters, who have been camped out in the area for the past nine days. Mubarak supporters on camels and horses then charged the pro-democracy protesters using whips and clubs. In addition, Mubarak supporters threw rocks at the anti-government protesters, who responded by throwing rocks back. The Egyptian military attempted to end the clashes by firing into the air and using military vehicles to separate the pro- and anti-government protesters, though rocks continued to be thrown. When evening came, anti-government protesters began dropping gasoline bombs from the roof of an 11-story building, while Mubarak supporters threw gasoline bombs from a shorter building next door. The two groups also threw bombs at each other. Three people were killed and more than 600 were injured in Wednesday's violence, which some have said was instigated by Egypt's ruling party, the police, or by wealthy businessmen with ties to the government. The Interior Ministry has denied those claims.
Financial Institutions in New York Warned by FBI of Al-Qaeda Terror Threat
Bloomberg (02/02/11) Hurtado, Patricia
The FBI is warning financial institutions in New York that they could be attacked by al-Qaida. The warnings come after Anwar al-Awlaki, the American-born radical Muslim cleric, published an editorial online about why Western financial institutions should be targeted. According to al-Awlaki, Western financial institutions should be attacked because their wealth is not rightfully theirs, since they are "disbelievers" who have "animosity towards Muslims." Al-Awlaki also called for attacks against government-owned property, global corporations, and U.S. citizens. Despite the FBI's warnings, there is no imminent or specific information about a threat, said Jim Margolin, a spokesman for the FBI's New York office. Meanwhile, U.S. officials are keeping an eye out for attempts by terrorists to use mail and shipping to carry out terrorist attacks. The heightened vigilance comes after al-Qaida in the Arabian Peninsula allegedly hid bombs in printer cartridges that were shipped on aircraft bound for the U.S. last October. Investigators have been looking into whether those shipments were a dry run for a future terrorist attack.
Officials: No Terror Threat to Super Bowl, But Law Enforcement on Lookout
Canadian Press (Canada) (02/02/11)
The U.S. government says that Sunday's Super Bowl is under no specific terrorist threat, although intelligence officials say that some terrorist groups are still interested in attacking such a high-profile event. The heightened security around Cowboys Stadium is expected to deter attacks at the event, although nearby targets such as hotels and restaurants may make for more appealing targets because they are less secure. Intelligence officials have warned that terrorists might attempt to infiltrate events by impersonating government, military, or emergency personnel. "Detecting and detaining such individuals would pose a key security challenge prior to and during the Super Bowl," said one intelligence report. The NFL spends about $6 million annually on Super Bowl security, in addition to local and federal government spending. Security is provided by more than 60 government agencies more than 1,200 private security employees.
Chicago Artist's Protest Backfires as He Faces 15 Years in Jail… Because he Recorded His Own Arrest on Video
Daily Mail (UK) (01/24/11)
Authorities in Illinois are currently prosecuting nine people for allegedly violating a law that makes it illegal to record conversations with a police officer and other officials without their knowledge. Among them is Chris Drew, the founder of the Uptown Multi-Cultural Art Center in Chicago. Drew was arrested in December 2009 for protesting restrictions about where artists can sell their work. Although Drew thought that he was being taken into custody for a misdemeanor, he was charged with a felony because his friend recorded his arrest in violation of the Eavesdropping Act. That law applies to 12 states, though Illinois, Maryland, and Massachusetts are the only ones that make it illegal to record conversations with police officers. Drew faces up to 15 years in jail if he is convicted on the charges against him. His trial is expected to begin on April 4.
America's Power Grid Too Vulnerable to Cyberattack, US Report Finds
Christian Science Monitor (02/03/11) Clayton, Mark
The U.S. Department of Energy Inspector General has released a report that found that the nation's power grid is still prone to a cyberattack. The report blamed the vulnerable state of the power grid on several different factors, including the fact that the "critical infrastructure protection" (CIP) cyber standards that power companies were to have fully implemented a year ago are not effective. One reason why the cyber standards are not seen as being effective is because they do not provide a clear definition of what constitutes a "critical asset" or a "critical cyber asset," and instead gives utilities the freedom to define these terms themselves. The report noted that this can result in utilities saying that they do not have any critical assets or critical cyber assets, which exempts them from complying with the remaining original CIP standards. The report went on to offer several solutions for these and other problems, including giving the Federal Energy Regulatory Commission (FERC) more power to ensure the cybersecurity of the nation's power grid, implementing stricter standards, and adopting measurements to analyze the performance of regional overseers such as the North American Electric Reliability Corp. (NERC). FERC Chairman Jon Wellinghoff has said that he agrees with most of the report's recommendations.
Waledac Botnet Poised for a Rebound With Stolen Credentials
IDG News Service (02/02/11) Kirk, Jeremy
The Waledac botnet appears poised for a major resurgence after taking sizable hits last year, including legal action from Microsoft and covert infiltration by security researchers. Waledac was all but shut down after Microsoft—whose Hotmail service had been compromised by the botnet—was awarded a temporary restraining order by a U.S. court that shuttered domain names the botnet used for its operations. Security researchers also managed to upset Waledac's peer-to-peer communications platform and seize control over approximately 60,000 infected machines. But according to researchers from Last Line, Waledac has amassed 489,528 credentials for POP3 email accounts, which will likely be used for sophisticated spamming initiatives. "The technique abuses legitimate mail servers by authenticating as the victim through the SMTP-AUTH protocol to send spam messages," a method that makes IP-based blacklist filtering significantly more challenging, Last Line wrote on their blog. In addition, Waledac has accumulated 123,920 FTP server log-in credentials. Last Line's examination of a Waledac command-and-control server revealed that over 12,000 infected computers had connected, which is much less than estimates of the botnet prior to the February 2010 takedown, but could climb. "The Waledac botnet remains just a shadow of its former self for now, but that's likely to change given the number of compromised accounts that the Waledac crew possesses," Last Line concluded.
New IU Malware Records Data From Cell Phones
Indiana Daily Student (02/01/11)
Indiana University researchers have developed Soundminer, a smartphone Trojan Horse virus that can record and steal conversations, keypad sounds, credit card numbers, and bank account information. The researchers developed the virus with the goal of improving security for Android-based smartphones. "We're in the business of building secure systems," says Indiana professor Apu Kapadia. "We want to live in a more secure world, but part of that job is also trying to be one step ahead of the bad people." The researchers developed Soundminer by tracking trends in smartphone usage and researching commonly known threats. "If you can show that there's some security flaws in Android and those can be fixed, that will actually benefit a large number of people," says City University in Hong Kong visiting researcher Roman Schlegel. Since smartphones are just like small computers, protecting them from malware is mainly about remaining aware of new viruses and new defense strategies, says Indiana's Scott Wilson.
Gingerbread Data-Stealing Flaw Discovered
ITPro (02/01/11) Brewster, Tom
Researchers led by North Carolina State University professor Xuxian Jiang have found a vulnerability in the most recent version of the Android operating system. A Gingerbread user could have their device tainted by clicking on a pernicious link. The original flaw was supposed to have been fixed in Android 2.3, but the researchers found a way to circumvent the patch. In attempting to compromise the device, the researchers discovered they could read and even upload contents of files, including photos and voicemails, as long as they were stored on the phone's SD card and the exact filename was known. Jiang has been in contact with the Google Android security team and says they are seriously addressing the problem. A patch is expected to be issued by the next major release of Android, and possibly sooner. "Also, I need to mention that this attack is not a root exploit, meaning it still runs within the Android sandbox and cannot grab all files on the system (only those on the SD card and a limited number of others)," Jiang notes.
European Project Keeps Personal Details Private
eWeek Europe (United Kingdom) (01/31/11) Doyle, Eric
The European Union recently launched the four-year ABC4Trust project, which will use encryption technology developed by IBM Research, academic institutions, Microsoft, and others to increase online privacy by requiring that users submit only essential data. The project will be piloted by a secondary school in Soderhamn, Sweden, and at the Research Academic Computer Technology Institute in Patras, Greece, where students will use the Internet without unintentionally revealing personal information. The ABC4Trust program uses cryptographic algorithms, such as IBM's Identity Mixer and Microsoft's U-Prove, to protect a user's identity, including personal traits and behavior profiles. "With technologies like Identity Mixer, we provide the technical capabilities to bring not only strong security to Internet services, but--at the same time--also better privacy," says IBM Research, Zurich's Jan Camanisch. "Making use of more than 10 years of research and development, we are now going to deploy these solutions in practice and address usability and interoperability."
Abstracts Copyright © 2011 Information, Inc. Bethesda, MD |
No comments:
Post a Comment