Why the Next Silicon Valley Will Probably Be Outside the U.S.
The San Francisco Bay Area remains the world’s leading hub of startups, but cities outside of America are making considerable gains, according to a new report by CB Insights, one of the leading trackers of venture-capital investment in high-tech startups. Although Silicon Valley is still “off the charts … Beijing and Shanghai are poised to be the tech hubs of the future,” the report notes. The world of startups and VC investment remains concentrated, clustered, and spiky, with a relatively small number of heavyweight hubs accounting for the lion’s share of investment. Although San Francisco remains the world’s preeminent hub, its dominance may be starting to fade, as large cities like New York and London—and Beijing and Shanghai—emerge as major challengers.
Traditionally only a few of your devices at home could connect to the Internet, such as your laptop, smartphone, or gaming console. However today, more and more devices are connecting to the Internet, from your lightbulbs and speakers to your TV, locks on your door or even your car. Soon, almost every device in your house could be connected to the Internet. These connected devices often go by the name of Internet of Things (IoT) or Smart Home devices. While these connected devices bring a great deal of convenience, they also bring unique dangers.
Facebook shuts off access to user data for hundreds of thousands of apps
Facebook this evening announced that it’s shutting off access to its application programming interface, the developer platform that lets app makers access user data, for hundreds of thousands of inactive apps. The company had set an August 1st deadline back in May, during its F8 developer conference, for developers and businesses to re-submit apps to an internal review, a process that involves signing new contracts around user data collection and verifying one’s authenticity. The goal is to ensure third-party software on Facebook was in line with the company’s data privacy rules and new restrictions put in place in the wake of the Cambridge Analytica scandal, in which a third-party developer siphoned user data and sold it to another firm in violation of Facebook’s terms of service. Now, after it identified numerous apps that were either inactive or from developers who had not submitted the software for review, Facebook is cutting off those apps’ access to its Platform API.
Mozilla warns it plans to distrust all Symantec-chained certs in October
By October, Symantec-chained TLS certificates will be rejected by both Firefox and Chrome as the pair of web browsers continue down the path of distrusting Symantec certificates first laid out last year. Mozilla said in a blog post that when it distrusts Symantec in Firefox 63, slated for release on October 23, the switch will affect 3.5 percent of the top 1 million sites. Chrome is set to do the same with Chrome 70, set for release around October 16. Among the sites impacted if the change were to happen now is PayPal, as pointed out by security consultant Liam O, which currently serves up a Symantec certificate that expires on October 31, 2019.
Phishing attack exposes data of more than a million patients across Midwest
Nearly 1.4 million people across the U.S. Midwest may have had their personal information exposed in a data breach at one of the region’s largest health care networks. UnityPoint Health, a network of hospitals, clinics, and home care services in Iowa, Illinois, and Wisconsin, said this week that multiple internal email accounts were compromised between March 14 and April 3, following a series of phishing attacks. The phishing emails were disguised to appear to have originated from a “trusted executive” within UnityPoint Health.
Study suggests robots when left unsecured on Internet allow hackers to control them
Robots, when left unsecured on the Internet, can expose users across the web, thereby allowing hackers to control them remotely in ways that could be dangerous to both the robot and the human operators, warns a study. It is possible to control these robots remotely — to spy on camera feeds and even send commands to move the robots around, according to a study presented at the 2018 Robotics Science and Systems conference in Pittsburgh, US. For the study, a team of researchers from Brown University in Rhode Island, US, carried out a worldwide scan in search of hosts running the Robot Operating System (ROS) over three different periods in 2017 and 2018.
Kentucky city cites the risk of terrorism for not releasing surveillance details
The Lexington, Ky., police department cited the risk of terrorism as an excuse to not release information concerning its surveillance equipment. When a local resident filed an Open Records Act request after noticing surveillance cameras had been installed in a public park without prior notice, according to an American Civil Liberties Union press release, the police department denied his request, claiming that releasing the camera models and manuals would endanger law enforcement personnel and compromise criminal investigations and confidential informants.
FTC Warns Citizens About Government Imposter Scams
Someone from the IRS calls and demands money for back taxes and says that if you don't comply immediately, you will be arrested. What do you do? In a panic, you might fork over the money. But the Federal Trade Commission wants you to stop, take a deep breath and consider whether this might be a scam. Criminals often impersonate government officials or other authority figures in order to wring cash out of innocent targets. The agency detailed what to look out for in a blog post on Monday so that you don't fall victim. "Scammers will try to make it seem legitimate. They might give you a badge number, or even know information like the last four digits of your Social Security number. A Washington, D.C. area code on your caller ID also might seem convincing. But caller ID can be faked," writes Carol Kando-Pineda, an attorney for the FTC's Division of Consumer and Business Education.
Android apps infected with umm… *Windows* malware
Security researchers at Palo Alto Networks recently discovered 145 apps in the official Google Play Android store that were “infected by malicious Microsoft Windows executable files.” Yes, you read that correctly. Android apps carrying malicious Windows executables. The malicious code can’t infect your Android device, of course, as the malware needs to run on a Windows system… not an Android one. But it’s still a concern. Why? Because, as the security researchers explain in a blog post, it suggests that software developer ‘odieapps’ is not creating their apps in secure environment.
Reddit Hacked, Some User Data Stolen
According to chief technology officer Christopher Slowe, Reddit—the fifth-most trafficked website in the U.S.—suffered a data breach at the hands of a hacker or a group of hackers between June 14 and June 18. Veteran users of the “frontpage of the internet” should consider securing their accounts. In a post to r/announcements, Slowe explains that while Reddit employees use two-factor authentication to secure their credentials to the site, the attack relied on intercepting text messages that were supposed to reach those employees containing single-use login codes. “We learned that SMS-based authentication is not nearly as secure as we would hope,” Slowe wrote.
Cryptocurrency Insurance Could Be A Big Industry In The Future
As cryptocurrency markets mature, they are attracting players from other industries. The insurance industry is one them. According to a Bloomberg report, cryptocurrency insurance is poised to become a “big opportunity”. A spokesman from Allianz, one of the world’s biggest insurers, told the news publication that the company was exploring product and coverage options in the space because cryptocurrencies were “becoming more relevant, important, and prevalent on the real economy.”
Ancestry, 23andMe and other popular companies that offer genetic testing pledged on Tuesday to be upfront when they share users’ DNA data with researchers, hand it over to police or transfer it to other companies, a move aimed at addressing consumers' mounting privacy concerns. Under the new guidelines, the companies said they would obtain consumers' “separate express consent” before turning over their individual genetic information to businesses and other third parties, including insurers. They also said they would disclose the number of law-enforcement requests they receive each year.
U.S. charges three Ukrainians in payment card hacking spree
Three Ukrainians have been arrested on criminal hacking charges including stealing payment card numbers, in attacks on more than 100 U.S. companies that cost businesses tens of millions of dollars, the U.S. Justice Department said on Wednesday. U.S. prosecutors alleged that the three Ukrainians, who were arrested in Europe between January and June, are members of FIN7, a notorious cybercrime gang. Victims include the Chipotle Mexican Grill, Emerald Queen Hotel and Casino in Washington state, Jason’s Deli, Red Robin Gourmet Burgers, Sonic Drive-in and Taco John’s, according to the Justice Department. The Emerald Queen stopped the attack and no customer data was stolen, prosecutors said in a press release.
'Unhackable' Bitfi crypto-currency wallet maker will be shocked to find fingernails exist
A crypto-currency wallet heavily promoted as "unhackable" – complete with endorsements from the security industry's loopy old uncle John McAfee and a $350,000 bounty challenge – has, inevitably, been hacked within a week. The $120 Wi-Fi-connected Bitfi wallet is a hardware device that stores your crypto-coins and assets, and requires a passphrase to access these goodies. The phrase is used to temporarily generate, for a few milliseconds, the private key needed to unlock the data, and is then discarded. So without the passphrase, you can't get at the gizmo's fun bux, allegedly. It was thus launched last week with some bold claims: it was the "most sophisticated instrument in the world" offering "fortress-like security" for your electronic coins. Its phone-like device is "the world’s first unhackable device", the manufacturer announced – to some mockery by security experts.