MENTIS

Week of September 1, 2017

MENTIS
news

Week of September 1, 2017

Mayweather-McGregor Match Draws Millions to Illegal, Pirated Streams*:

  • Content security specialists identified 239 steams that illegally redistributed the match of those, 67 were provided via traditional pirate streaming websites.
  • There were also 165 social media streams as pirates exploited multiple channels, including Facebook, YouTube, Periscope and Twitch.
  • The match was a highly anticipated premier event, with both boxing (Mayweather) and UFC (McGregor) fans drawn to it.
  • It was offered for an average of $89 to $100 as a pay-per-view event via cable and satellite outlets in the US.
  • The illegal streams reached approximately 2.9 million viewers.
  • There has been an increase in pirates creating professional websites, fooling some consumers into thinking they are accessing a legal service.
  • Irdeto identified 42 advertisements in the week leading up to the fight for illicit streaming devices offering Mayweather vs. McGregor on e-commerce websites, including Amazon, eBay and Alibaba.
  • The most effective strategy in combatting live sports piracy is an intelligence-driven approach with a 360-degree view of piracy.

*Source: Info Security, August 28, 2017

 


Google's Clever Trick to Protect Your Photos From Theft*:

  • Unauthorised use of photos is frustrating for amateurs and often costly for professionals.
  • Five researchers at Google have published a paper detailing how one of the most popular methods of protecting your content – the visible watermark – can be easily circumvented by simple algorithms.
  • The team also describes how to defeat their own algorithms by designing more secure watermarks which are much more difficult to remove.
  • A visible watermark serves two functions: to make known the owner of the image and to render it unusable without first purchasing a non-watermarked original.
  • The vulnerability occurs when several different images are protected by an identical watermark, such as might occur on a stock photography site; by comparing the watermarked images, the Google team was able to use the watermark pattern to reverse the watermarking process and create a copy of the original picture.
  • This automated process works even when the watermark logo appears at different sizes and in different positions on the image.
  • The best way to make your watermarks secure involves making small changes to the shape of the watermark as applied to each image.
  • These small changes in geometry proved far more effective in foiling the watermark removal process because visual traces of the watermark always remained after processing.

*Source: Forbes, August 28, 2017

 


FICO Reports a 39 Percent Rise in Debit Cards Compromised at U.S. ATMs and Merchants*:

  • The number of cards compromised at U.S. ATMs and merchants rose 39 percent in the first six months of 2017, compared to the same period in 2016.
  • FICO has also tracked a 21 percent increase in compromises of ATMs and point-of-sale (POS) devices in the US for the same time period.
  • FICO offers these tips for consumers:
    • If an ATM looks odd, or your card doesn’t enter the machine smoothly, consider going somewhere else for your cash.
    • Never approach an ATM if anyone is lingering nearby or engage in conversations around an ATM.
    • If your card is captured inside an ATM, call your card issuer immediately and report it.
    • Ask your card issuer for a new card number if you suspect that your card may have been compromised at a merchant, restaurant, or ATM.
    • Check your card transactions frequently.
    • Ask your card provider if they offer account alert technology in the event that fraudulent activity is suspected on your payment card.
    • Update your address and cell phone information for every card you have, so that you can be reached if there is a situation that requires your immediate attention.
  • FICO previously reported a 30 percent increase in compromised devices for 2016, compared to 2015, and a 70 percent rise in compromised cards for that period.

*Source: PR newswire, August 31, 2017

 


New Digital Piggy Bank Helps Swiss Kids Save*:

  • In Switzerland, one of the world's wealthiest countries, financial planning starts young.
  • The country's number two bank Credit Suisse, showed off a piggy bank with built-in apps allowing children under 12 to set savings goals, check their balance, and make payments.
  • Credit Suisse cited a recent study showing that 90% of parents in the wealthy Alpine nation want their children to learn how to handle money.
  • Swiss parents have asked questions about how to teach children about money when it increasingly exists in digital form instead of coins and notes.
  • The piggy bank "provides a wide range of options for teaching kids in a simple way how cash and digital money work and how to use them.

*Source: Rappler, August 29, 2017

 


Hackers Use Thousands of Infected Android Devices in DDoS Attacks*:

  • Hundreds of thousands of home routers, IP cameras and other internet-of-things devices have been infected with malware over the past year and have been used to launch distributed denial-of-service (DDoS) attacks.
  • Attackers are now doing the same with Android devices, with the help of malicious applications hosted on Google Play and other third-party app stores.
  • A joint investigation by several security teams has led to the discovery of a large botnet made up of over 100,000 Android devices located in more than 100 countries.
  • The investigation was launched in response to large DDoS attacks that have hit several content providers and content delivery networks over the past few weeks.
  • This particular Android botnet, which has been dubbed WireX, was used to send tens of thousands of HTTP requests that were meant to resemble those coming from legitimate browsers; researchers traced the requests back to malicious Android applications.
  • Some of the applications were available in third-party app stores that came pre-installed on devices, but around 300 of them were hosted on Google Play.
  • Most of the rogue applications requested device administrator permissions during installation, which allowed them to launch attacks even when the applications themselves were not actively used.
  • Google has removed the malicious applications from Google Play and started to remotely remove them from affected devices as well.
  • This is not the first Android-based DDoS botnet ever found, but it is certainly the largest.
  • At the peak of the attacks, the researchers observed malicious traffic coming from over 120,000 unique IP addresses per hour.

*Source: Forbes, August 28, 2017

 

Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

Image CAPTCHA
scroll top