Ready to Start Your Career?
March 17, 2017
UNM4SK3D: Yahoo, IBM, and Twitter
March 17, 2017
#indictmentsIn the ongoing saga over Yahoo's security breaches, one of which affected over 500 million users, a grand jury has indicted four defendants on charges of computer hacking, economic espionage and other criminal offenses in connection with a conspiracy. But that's not even the most intriguing part. Of the four, Dmitry Aleksandrovich Dokuchaev, Igor Anatolyevich Sushchin, Alexsey Alexseyevich Belan, and Karim Akehmet Tokbergenov (try saying those names 5 times fast), two are officers of the Russian Federal Security Service (FSB). The indictment alleges the FSB officers Dokuchaev and Sushchin "protected, directed, facilitated and paid" hackers Belan, a Russian national and U.S. resident, and Baratov, a resident of Canada, to access Yahoo's systems to steal the user account information.According to the prosecutors, the hackers allegedly used the stolen information to access the contents of accounts on other email providers, like Google. These accounts belonged to everyone from Russian journalists, and U.S. and Russian government officials, to private-sector employees of financial, transportation and other companies. Belan also exploited access to Yahoo’s network to facilitate a spam campaign for his personal financial gain. He was able to do so by "searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts."The FBI and the US Department of Justice worked with Yahoo and Google on the investigation to discover who was allegedly responsible, an investigation they are considering successful. Regardless of the outcome of this case, it points to a few aspects to consider. First, cyber security shortcomings at Yahoo were systemic and most likely, they are not the only enterprise who does not take threat reports seriously. Likewise, the case highlights an increasing entanglement between nation-state actors and private companies. A tangled mess which has only gotten more tangled.
Today we continue to pierce the veil of anonymity surrounding cyber crimes. We are shrinking the world to ensure that cyber criminals think twice before targeting U.S. persons and interests. - James Comey, FBI DirectorIf you want answers to questions like: What are the laws governing cybercrime, and more importantly, what are the penalties and how often have they been imposed? Read 'Cybercrime and Punishment: Who's Actually Paying the Price? '
#datastorageAre you the kind of person always losing things? IBM may just have discovered the ideal data storage for you. Imagine storage being a part of your DNA. Researchers took a big step towards improving computing technology by figuring out a way to store data on a single atom. The first question that comes to mind is whether or not you could charge rent for storing someone else's data. All joking aside, this could be an excellent solution to a major problem. "Currently, hard drives use about 100,000 atoms to store a single bit of information — a 1 or 0 — using traditional methods. So, this breakthrough could allow people to store 1,000 times more information in the same amount of space in the future applications." And the kind of data that has been stored on a strand of DNA as of Wednesday is pretty expansive, at least if you're a millennial. The digital data successfully stored includes an entire operating system, a movie, an Amazon gift card, a study and a computer virus.If you've got questions as to how this is even possible, well, you're not alone. Essentially, IBM researchers developed the world's smallest magnet using a single atom and they packed it with one bit of digital data. Their experiment builds on a strong foundation of nanotechnology research at the company, replicating the process of writing binary data (1s and 0s) to a traditional magnetic hard drive using the rare earth element holmium, magnesium oxide, and a very accurate needle. Future applications of nanostructures built with control over every atom could someday make data centers, computers, and other personal devices smaller and much more powerful.
We conducted this research to understand what happens when you shrink technology down to the most fundamental extreme—the atomic scale. -Christopher Lutz, IBM nanoscience researcherIf you're planning on sticking to more 'traditional' storage devices at this point, watch the 'Install and Configure Storage' video to learn what a storage device is, how they are used and examine the specs of each type.
#hackedThe report of the latest Twitter security incident doesn't have to do with Donald Trump, but it is concerning nonetheless. Thousands of Twitter accounts were compromised early on March 15th and spread a disturbing spam message written in Turkish comparing the Dutch to the Nazis, with Swastikas and a "#NaziHollanda" or "#Nazialmanya" (Nazi Germany) hashtag. Of the accounts involved were media outlets to celebrities, including the European Parliament, Forbes, Amnesty International, UNICEF, Nike Spain and numerous others. One of the most worrisome and probably the most widely reported of those accounts was Starbucks Argentina, who continued to display the Turkish flag long after many other companies had repaired the damage. In some cases, account's profile pictures were changed to an image of the Turkish flag and Ottoman Empire coat of arms. Others linked to a YouTube video talking up Recep Erdoğan, the current President of Turkey.Recent reports say this inappropriate Twitter activity is the result of a vulnerability in the third-party app called Twitter Counter. Twitter Counter is a social media analytics service that helps Twitter users to track their stats and also offers a variety of widgets and buttons. Legitimate third-party Twitter apps don’t actually store, or even know, your password, so they can’t take over your account entirely, but when you activate these services, they're issued a security token nonetheless to perform certain actions on your account. The problem arises because services that you have authorized to access your account at any time in the past can continue to do so, even after you log off from Twitter in your own browser, or after you logout via the Twitter software on your mobile phone. It's best to revoke permission for Twitter Counter, if you use it.
We're aware that our service was hacked and have started an investigation into the matter. We've already taken measures to contain such abuse. -Twitter Counter repConcerned about your Twitter account? Read 'Social Media Risks and Controls.'