Author Archives: Scalper1

DOJ Says Apple iPhone Privacy Claims Are ‘A Diversion’

The Justice Department on Thursday accused Apple ( AAPL ) of deliberately raising technological barriers to prevent law enforcement officials from accessing data on its smartphones. The FBI is seeking Apple’s assistance to unlock an iPhone used by one of the two now-dead assailants in the Dec. 2 terrorist shootings in San Bernardino, Calif. It needs to bypass the iPhone’s security to see if the device contains data useful to the investigation. Apple has resisted a federal court order to unlock the iPhone, claiming government overreach. The company says it would have to write software that doesn’t exist to get around the security safeguards on its phones, effectively making it an agent of law enforcement. Once that software is created it could be used as a back door by hackers, criminals and spies, exposing customers’ personal data, Apple said. In its filing Thursday, the Justice Department said Apple and its supporters are trying to alarm the court with talk about network security and privacy. “That is a diversion,” the DOJ said. The court’s order is “modest,” “narrow” and “targeted” to a single iPhone, the filing says. “Apple deliberately raised technological barriers that now stand between a lawful warrant and an iPhone containing evidence related to the terrorist mass murder of 14 Americans,” the DOJ filing said. “Apple alone can remove those barriers so that the FBI can search the phone, and it can do so without undue burden.” The Justice Department criticized Apple’s argument that unlocking the iPhone would be an undue burden. “As Apple Inc. concedes in its opposition, it is fully capable of complying with the court’s order,” the DOJ said. “By Apple’s own reckoning, the corporation – which grosses hundreds of billions of dollars a year – would need to set aside as few as six of its 100,000 employees for perhaps as little as two weeks. This burden, which is not unreasonable, is the direct result of Apple’s deliberate marketing decision to engineer its products so that the government cannot search them, even with a warrant.” Last week, a host of technology companies and civil liberties groups filed legal briefs in support of Apple’s position. Companies backing Apple included Amazon.com ( AMZN ), Alphabet ’s ( GOOGL ) Google, Facebook ( FB ) and Microsoft ( MSFT ). The next court hearing on the case is set for March 22 in the federal court in Riverside, Calif. RELATED: Tech Rivals Unite To Support Apple In iPhone Privacy Case Vs. FBI

Satya Nadella Is No Steve Ballmer. Rumors About Slack Bolster the Case.

Image source Slack. Microsoft is a different company under CEO Satya Nadella for the simple reason that the company knows how to say no. Under former CEO Steve Ballmer, the company

Cyberheist Dumps Seagate Technology, Snapchat Deep In Phishing Hole

A sprawling tax-fraud scheme duped Seagate Technology ( STX ) and Snapchat into dispensing thousands of W-2 forms, highlighting a major fissure in the cybersecurity industry, a Proofpoint ( PFPT ) representative said Thursday. The breach exposed nearly 10,000 former and current Seagate employees, according to a statement from the data storage firm. The breach was discovered March 1 on the heels of a similar attack on photo-sharing app Snapchat. Seagate stock fell 3.5% Tuesday as the news made headlines and fell a fraction Wednesday before rising 2.2% Thursday. Seagate confirmed the breach in an email to IBD. “The information was sent by an employee who believed the phishing email was a legitimate internal company request,” Seagate said. Released information includes Social Security numbers, birthdates and addresses of anyone employed by Seagate in 2015. Phishing Attacks On The Rise Phishing attacks on businesses are becoming more prevalent, Ryan Kalember, Proofpoint senior vice president of cybersecurity strategy, told IBD. He refers to it as “impostor fraud.” The W-2 attack is just the most recent iteration, he said. Snapchat admitted to a similar attack on Feb. 28 in a blog post titled “An Apology to Our Employees.” The scammer impersonated CEO Evan Spiegel , successfully asking for payroll information. Internal systems and user information remained secure. Both Seagate and Snapchat reported the attacks to the FBI, which recorded more than $215 million lost in phishing attacks between October 2013 and December 2014, according to a report in January. Both firms also offered two years of credit monitoring for the victims. “When something like this happens, all you can do is own up to your mistake, take care of the people affected and learn from what went wrong,” Snapchat wrote. Tax fraud phishing is seasonal, Kalember noted. Wire transfer requests are also popular — and thrifty — modes of generating a lot of money. Networking firm Ubiquiti Networks ( UBNT ) found that out the hard way last August after a phisher tricked it into wiring $46.7 million overseas. Spear-Phishing Targets Companies And scammers are becoming more sophisticated, says Slawek Ligier, Barracuda Networks ’ ( CUDA ) vice president of product development. “Spear-phishing” and “whaling” involve targeting someone with either money or access. Tricky email tactics — changing the “N” in Barracuda Networks to “M” or spoofing a CEO’s email address — tend to reap the most success, Ligier told IBD. From there, scammers indulge in a series of social engineering measures. “They don’t want to waste their time on people who won’t fall for it,” he said. “But the scammer will really invest a lot of time and effort to slowly reel their victim in.” Stickier yet, there are legitimate reasons to spoof a CEO’s email, Kalember says. A company will allow a third-party to spoof an email — make it appear as if the email is coming from that CEO — for marketing purposes. A spoof can use any display name that the spoofer chooses. Traditional email protection services can’t deal with spoofs, Kalember says. “Defenses are looking for malware, and they are not equipped for this,” he said. “There is no malware. There is no payload. And the tricky part is, there’s also legitimate business emails from people who need their W-2s.” Scammers Rely On Social Engineering Agari CEO Patrick Peterson says his privately held company aims at this problem. Cisco Systems ( CSCO ) IronPort business veterans (Cisco bought IronPort in 2007) founded Agari, which uses proprietary technology to filter out phishing emails, Peterson told IBD. It differs from Proofpoint, which plans this quarter to flag phishing emails in the same vein as spam and “adult content.” “When (executives) see these stories about Seagate, I imagine they break out into a cold sweat, thinking they have no solution,” Peterson said. Spear-phishers differ from mass phishers. The latter sends a blast email hoping to dupe a few vulnerable people. The former involves more research and relies on social engineering to persuade a target of its legitimacy. “The best defense we have today — which is a pretty crappy one — is telling people to be careful,” he said. At the annual cybersecurity RSA Conference last week in San Francisco, Calif., executives were most concerned about phishing scams, he said. Malware detection has become so sophisticated that scammers have been forced to rely on the weak human link. So far, it’s working. Recent breaches of the Office of Personnel Management, Anthem ( ANTM ), Sony ( SNE ) Pictures Entertainment and Target ( TGT ) also began with a phishing email; they account for about 90% of all attacks, Peterson said. “This really serves as a wake-up call to the tech industry to dig deep and find solutions,” he said. “Unfortunately, my crystal ball says we’re going to see a lot more of these notices.”