Join our network of non-profits, companies and individuals who believe social change can happen through design.

Become A Member
avatar

almari ginobili

Germany

Member since September 02, 2013


  • Snowden disclosures prompt warning on widely used computer security formula

    (Reuters) - In the latest fallout from Edward Snowden's intelligence disclosures, a major U.S. computer security company warned thousands of customers on Thursday to stop using software that relies on a weak mathematical formula developed by the National Security Agency.

    RSA, the security arm of storage company EMC (EMC.N) Corp, told current customers in an email that a toolkit for developers had a default random-number generator using the weak formula, and that customers should switch to one of several other formulas in the product.

    Last week, the New York Times reported that Snowden's cache of documents from his time working for an NSA contractor showed that the agency used its public participation in the process for setting voluntary cryptography standards, run by the government's National Institute of Standards and Technology, to push for a formula that it knew it could break.

    NIST, which accepted the NSA proposal in 2006 as one of four systems acceptable for government use, this week said it would reconsider that inclusion in the wake of questions about its security.

    But RSA's warning underscores how the slow-moving standards process and industry practices could leave many users exposed to hacking by the NSA or others who could exploit the same flaw for years to come.

    RSA had no immediate comment. It was unclear how the company could reach all the former customers of its development tools, ...

  • Source http://www.lexology.com/library/detail.aspx?g=d65a514f-d341-4dc3-9ca7-2bd1b2a15287

    Massive scams with a global scope referred to as "the forged international bank transfer order scams" have been targeting for approximately the last two years, the subsidiaries of large French companies located within the European Union or the foreign subsidiaries of companies based in France.

    From a French perspective, this phenomenon represents, over such period, more than 400 attempted or committed offences, for which the damages are estimated to exceed 200 million Euros.

    According to the Serious Financial Crime Office of the French Judicial Police (Office Central pour la Répression de la Grande Délinquance Financière de la Direction Centrale de la Police Judiciaire) (the "OCRGDF"), which has identified with great precision the modus operandi of these crooks, the authors of these offences all operate by telephone. The tracing of the fraudulent transfers has in particular enabled to determine that the funds identified to China for final destination and more particularly banks in the Zhejiang province.

    To organize their "forged international bank transfer order scams," the criminal organizations have broken down their actions into several steps:

    The Preparatory Acts For The Scams

    Firstly, the criminal organization proceeds with the "social engineering" of the targeted companies. To this effect, the criminal organization purchases via the ...