MGT Capital Investments, Inc. (NYSE MKT: MGT) today provided a commentary from the Company’s proposed Executive Chairman and Chief Executive Officer, John McAfee. On Sunday afternoon May 29th, Mr. McAfee, conceded the Libertarian Party nomination for President of the United States to former New Mexico Governor Gary Johnson. Throughout his nearly yearlong campaign, Mr. McAfee continually highlighted issues of privacy, security and cyber threats that confront people across the globe. He provoked dialog on the technology people welcome into their homes, vehicles and pockets to provide convenience and enrichment, but also open a gateway for major threats to privacy and security. As a successful entrepreneur and cybersecurity pioneer, Mr. McAfee is best known for creating the McAfee anti-virus software suite which has been installed on over a billion computers worldwide since its introduction. He is also credited with being an early developer of instant messaging with his company Tribal Voice. “So many problems in the world can be easily fixed with common sense and a good grasp of the technology that people use daily, as long as we monitor the vulnerabilities caused by these same technologies. I see my upcoming new role as CEO of an exciting new cybersecurity company as paramount to that mission,” Mr. McAfee said at the Libertarian National Convention in Orlando, Florida. “As Chief Executive of MGT, I will lead a team to aggressively develop technology platforms, software, hardware and components designed to protect people and their freedoms. Under the technical leadership of the Company’s proposed Chief Technology Officer, Eric ‘Eijah’ Anderson, we will be laser focused on bringing these technologies to market.” “It is my life’s work,” McAfee concluded. “I fully expect that we will leave an even greater and longer lasting impact than the company I created in the 1980’s.” As previously announced, MGT has executed asset purchase agreements to acquire certain technology and assets from D-Vasive Inc., a provider of leading edge anti-spy software, and Demonsaw LLC, a provider of a secure and anonymous file sharing software platform. In conjunction with the anticipated acquisitions, the Company also announced the proposed appointment of John McAfee as Executive Chairman and Chief Executive Officer upon closing of the transactions. Further, MGT Capital also intends to change its corporate name to John McAfee Global Technologies, Inc. Closing is contingent on customary conditions including approval by MGT’s stockholders.
Dive Brief: New data released by Kaspersky Lab last week found that the number of people who encountered ransomware during the last year increased by more than 500% over the previous year. Kaspersky researchers say the number of reported ransomware attacks jumped from 131,111 to 718,536 between April 2015 and March 2016. Meanwhile, the number of enterprise users attacked by ransomware jumped from about 7% of all ransomware victims to more than 13% a year later. Dive Insight: Ransomware continues to pose a significant threat to all types of institutions, both public and private. Earlier this month, the University of Calgary in Canada became the victim of a ransomware attack and paid about $16,000, or $20,000 CDN, to cyberattackers. In February, Hollywood Presbyterian Medical Center in Los Angeles paid the equivalent of $17,000 in bitcoins to a hacker to regain control of its computer systems.
The topics of marketing technology, data security and privacy are increasingly interconnected. As more organizations rely on marketing technology to provide granular audience targeting, richer analytics and improved online conversions, a greater degree of information—and trust—is necessary from consumers. But that doesn’t mean consumers are handing over such information willingly, or without significant reservations. SHARE 3 9 0 11 0 As many consumer surveys reveal, US internet users are often skeptical of who they trust with the personal data relied upon by marketers, worrying that such information is easily stolen by hackers and cyber-criminals. One April 2016 study from Feedzai and The Harris Poll illustrates the perceived concern, with more than 50% of US Internet users indicating they didn’t trust any organization with their personal data. It’s amidst this environment of consumer skepticism that many corporate executives are seeking to establish new safeguards to better secure and protect their organizations’ customer data. But not all executives are confident their companies currently offer an acceptable level of data security. June 2016 research from the Economist Intelligence Unit (EIU) found that a significant minority (25%) of C-level executives were either “not very confident” or “not at all confident” their company had an acceptable level of data security. As more members of the C-suite are forced to deal with cyber-security problems, or at least recognize the threat such attacks present, many are taking proactive measures to address the problem. Based on the EIU’s survey “supporting a proactive security strategy” was the most important action a company’s executives and board could take to support data security, with 32% of respondents mentioning the action.
Cyberthreats continue to be the biggest concern for registered investment advisers, with 88% of firms identifying “cybersecurity/privacy/identity theft” as their main worry, according to a new compliance testing survey. The survey — conducted by the Investment Adviser Association (IAA), ACA Compliance Group and the asset management holding company OMA — also found that anti-money laundering, anti-bribery and anti-corruption concerns are gaining greater importance among RIAs. The survey showed increased efforts to battle cybersecurity, as the number of firms with formal, written, standalone cybersecurity programs increased by 29% from last year. And over the past 18 months, nearly 20% of the adviser firms were victims of a cybersecurity breach, according to the survey.
In the month since activist hacking group Anonymous pledged to target banks across the world, senior officials have said the public websites of the central banks of both Indonesia and South Korea have been hit by cyber attacks. In response to the attempted hacks, Bank Indonesia has blocked 149 regions that do not usually access its website, including several small African countries, deputy governor Ronald Waas told Reuters. Waas said several central banks were hit by similar attacks and were sharing the IP addresses used by the perpetrators. According to officials, no money was lost in the attacks on Bank Indonesia and the Bank of Korea, which were mainly distributed denial of service (DDoS) attempts. They also said there is no word on who is responsible for the attacks.
The NFL has a social media problem that can only be fixed by professionals. Following a string of high-profile online mishaps and hacks, the National Football League Players Association (NFLPA) is reaching out to cybersecurity firm K2 Intelligence for help. Earlier this week, the official NFL Twitter account became the latest target in a series of data breaches across the social network. Alongside profiles belonging to pop stars Katy Perry and Drake, the official NFL account fell prey to hackers, who used it to tweet a hoax concerning the death of commissioner Roger Goodell. The man himself quickly cleared up the ensuing confusion by announcing he was alive and well, but it seems the NFL wants to guarantee that no such slip-up occurs again. Consequently, the league has tasked K2 Intelligence with providing its players and their families with a comprehensive social media game plan — from tightening cybersecurity on their accounts to educating athletes about how to conduct their online activities.
Chinese hacking of corporate and government networks in the U.S. and other countries appears to be declining, according to computer-security experts at companies hired to investigate these breaches. ENLARGE The U.S. government has long accused Chinese hackers of widespread espionage into both corporate and government networks. PHOTO: REUTERS The drop-off is stark and may date back two years. Hackers operating out of China were linked to between 50 and 70 incidents that the cybersecurity company FireEye Inc. was investigating on a monthly basis in 2013 and the early part of 2014, said Laura Galante, the company’s director of global intelligence. Starting in October 2015, however, this tally dropped below 10 incidents and hasn’t recovered, she said. “We saw this decline start in 2014 and then another dip in 2015,” she said. FireEye rival CrowdStrike Inc. says that it, too, has noticed a drop in China-based hacking incidents. Chief Technology Officer and co-founder Dmitri Alperovitch said the decline occurred this year and may be caused by a sweeping reorganization of China’s military, announced earlier this year. “I would not necessarily assume that this is a long-term trend,” he said. RELATED FireEye Report: Redline Drawn: China Recalculates Its Use of Cyber Espionage President Xi Jinping’s Most Dangerous Venture Yet: Remaking China’s Military (Apr. 25) Mandiant’s APT1 Report: Exposing One of China’s Cyber Espionage Units Why One Cybersecurity Firm Says China Has Soured on Conventional Hacking (Apr. 22) Chinese Executive Pleads Guilty to Hacking U.S. Defense Contractors (Mar. 24) FireEye thinks the decline started earlier and resulted from multiple factors, including public scrutiny and pressure from the U.S. government. The U.S. government has long accused Chinese hackers of widespread espionage into both corporate and government networks. In 2013, security researchers at Mandiant, later acquired by FireEye, published a report detailing a widespread computer-espionage campaign, called “APT1,” that the company linked to the Chinese military. The U.S. government ramped up the pressure in 2014, when it indicted five Chinese military officers on charges of hacking into U.S. companies to steal trade secrets. None of those charged has appeared in the U.S. In March, Su Bin, a Chinese aviation executive, pleaded guilty to cyberespionage charges for attempting to steal data on Boeing Co.’s C-17 Globemaster III aircraft. Ahead of a visit to the U.S. by Chinese President Xi Jinping in September 2015, news leaked that President Barack Obama was considering sanctions against Chinese companies that benefited from hacking. China’s top security czar flew to Washington to hammer out an agreement, later announced by the two presidents, that China would stop supporting cyberespionage for commercial purposes.
This being my last post for the year, I thought I’d make a Top 10 list of things that really are instead of pretending I know what will be. 25 best cities for jobs Tech positions are among the in-demand jobs in most of the 25 cities READ NOW These are all just really good sources that I check religiously in my RSS feed. They are not listed in any particular order KrebsOnSecurity: Brian Kr ebs is a top-notch reporter with an amazing knowledge of IT security. DO NOT go to his site to find out what the latest headlines are. DO go because he breaks news and does a superb job of in-depth reporting. ThreatPost: Anyone would be skeptical about a news site run by a vendor. However, a couple of them have learned that providing real, solid news coverage does far more for your brand than shilling the product. ThreatPost, Kaspersky Labs’ news site, is one of the best at this… Naked Security: … So is Naked Security, which is run by Sophos. Both sites shy away from stories that might be critical of them, which is understandable, but they give a good solid look at the latest news. Salted Hash: I promise you this is not just here because it’s from CIO’s sister publication CSO – which I have also written for. If you doubt this just go and read Bill Brenner’s blog for yourself. He doesn’t give you all the news, instead he goes deep on one or two stories of the week. Read him and you will definitely learn something. SCMagazine: This one isn’t really a blog – although there are bloggers involved – as much as a news feed of articles in the magazine and on the site. Because this is a British publication it offers a lot of stories that don’t make it into the US-centric sites. InfoSec Island: This is an analysis site where a lot of very smart people write about various security issues. These range from looks at breaking news to looks at the trends shaping the news. Very straight ahead and very little snark – but I hope you know where to go for that. SlashDot: This one doesn’t need an me explanation. Go. Read. Learn. The Register: Now these folks know how to do snark and a lot of stories other people miss. My one complaint isn’t about the content it’s about the RSS feed. You can’t just get the security news, even though that’s what you are promised. You get everything and at The Register everything is a lot. Help Net Security: You’re going to see a lot of the same stories on all the news feeds because that’s the nature of the beast. What makes a feed useful for me is quality of reporting, finding stories others miss and smart analysis. HelpNet does all of these. IDG News: I know I sound like a homer but IDG is really quite good at this. The link here goes to NetworkWorld’s security feed but each magazine has its own news feed focusing on issues of interest to its readers. CIO’s feed is here. And as an added bonus, the two best infog
LaunchKey, the leading mobile authentication platform, today announced that Silicon Valley Bank and MasterCard have tapped the company to develop and test ways to employ their next-generation authentication within the growing consumer financial services sector. As part of this partnership, LaunchKey has been selected to participate in the fourth class of Commerce.Innovated., a bi-annual virtual accelerator limited to a handful of select early stage companies seeking to break into the financial technology (Fintech) space. LaunchKey will go through a four-month virtual program that provides resources to help refine and enhance business ideas through access to operational expertise from Silicon Valley Bank, MasterCard and their respective networks. “Our multi-factor authentication approach is a viable alternative to traditional passwords, even for highly-regulated and secure sectors such as banking and finance,” said LaunchKey CEO Geoff Sanders. “The password-based systems presently in use are inadequate for next generation financial services and the needs of consumers. We look forward to working with both MasterCard and Silicon Valley Bank though the Commerce.Innovated. program to place a higher value on security, privacy and user experience in the banking and consumer financial services industries moving forward.” “The security of account information and payment apps are top of mind with consumers, retailers and financial institutions,” said Stephane Wyper, vice president of startup engagement and acceleration for MasterCard. “The Commerce.Innovated. program will help LaunchKey build on its commercial traction and scale its business to meet the evolving needs of security across financial services and the broader industry.” “We’re pleased to welcome LaunchKey into the fourth class of Commerce.Innovated.,” said Reetika Grewal, head of Silicon Valley Bank’s payments strategy. “LaunchKey aims to drive important advancements to the authentication space. We are excited to work side by side with them and share our knowledge and networks to help them develop the infrastructure and operations that they need to accelerate their growth.”
There have been a number of high-profile hacks recently, evidently demonstrating that hiding and using secrest on the Internet is still really difficult. From the $5 million in bitcoin lost at Bitstamp to the Sony hack, it is clear that a new approach to the problem is required. Recently, I was at CES, and the IoT is moving along at breakneck speed, with barely and afterthought for cyber security. All of the things end up controlled by a smartphone or PC. The integrity of the connection from your computing device to your house, car or medical equipment will need the same peer-to-peer security that bitcoin requires. So how should we all be approaching the problem? All private keys should be protected by tamper-resistant hardware — a device, not the operating system. Smart cards or USB tokens are great solutions, but the embedded trusted execution environment provides the built-in solution we all desire. It also provides the tamper-resistant security to match that of a SIM module, but it is not controlled by the carrier. In addition to access, the instruction sent to a cloud service or another device should be encrypted (for privacy) and signed (for integrity), assuring that the intended action is not corrupted. This critical step is mostly overlooked on today’s systems. Protecting the instruction assures that the intended action is actually what happens. Instructions are critical interactions between the client and the cloud. Rivetz leverages the trusted execution environment to assure the formation of the highest quality instructions. Trusted user input and output is by far the hardest piece of the puzzle. This is where an uncorrupted presentation of the intended transaction to the user and the proper collection of the user’s consent is executed. Secure display in combination with a secure PIN or secure biometrics is ultimately required to be fully effective. The technology to do this is just now being integrated but is not available on most platforms. Intel has been at the forefront of trusted display for a number of years. Rivetz is now demonstrating the trusted user interface on Intel and on some Samsung Galaxy Note 4 phablets released in December.
Continue Reading: Cyber Security and Blockchain – AlleyWatch