Na warte, dir Bengel strieme ich den nackten Hintern ordentlich durch bis du nicht mehr sitzen kannst.

2. Mose 21. Kapitel 25-26

25 - Brandmal um Brandmal, Wunde um Wunde, Strieme um Strieme!

26 - Schlägt jemand seinen Knecht oder Magd derart ins Auge, daß er es damit zugrunde richtet, so soll er diese zur Entschädigung für ihr Auge die Freiheit schenken!

Anmerkung: Vers 23 bis 26 kann ich persönlich nur als Abschreckung/Warnung Gottes verstehen, damit eben jemand genau  n i c h t  so handelt, sodaß die aufgeführten Strafen auch nicht zum Tragen kommen. Microposter 01.05.21

Strieming  Definition: Das Anbringen von Striemen auf dem Körper des Mannes

Shower, Net, and Dod: SHOWER PACK dod tarts POptartaday 3 IN 1 FORMULA! striem 200 CEURES 200 200 CLDMES CALORIES 4 Conditioner 4 Body Wash 4 Shampoo 12 TOASTER PASTRIES/PASTELILLOS PARA TOSTAR NET WT/PESO NETO 22 0Z (1 LB 602) (624g) POtartaday Thanks I hate none poisonous poptarts

Jeder Schlag mit dem abscheulichen Rohrstock hinterließ eine rote, schmerzende Strieme auf meinen schuldlosen Po. Jedes Mal, wenn ein Hieb hart aufschlug, wurde er mit lautem Geheule und Gewinsel von mir begleitet und meinem inständigen betteln, mir doch bitte, bitte zu vergeben und bitte, bitte keine weiteren Haue! Als Antwort folgten weitere Schläge mit der zynischen Bemerkung, wie sie sehe, bringe anscheint die gute alte, bewährte Methode, mich mit dem zweckdienlichen Rohrstock durchzuprügeln, wohl einen ersten, kleinen Erfolg! Sie hätte ihn viel zu selten bei mir eingesetzt, dass würde sich jetzt aber endgültig ändern! Aber auch von dem Kochlöffel und dem Teppichklopfer bekäme gleich mein verlängerter Rücken noch reichlich Besuch! Die beiden warteten schon darauf gute Arbeit zu leisten, auch wenn sich meine Kehrseite wohl nicht so freuen würde. Sie lachte schadenfroh über ihren eigenen Humor, und ergötzte sich an mein kindisches Flennen.

 Every stroke with the horrible cane left a red, aching strain on my guiltless butt. Every time a blow hit hard, he was accompanied by loud howling and whining me and my beging for, please me, please forgive and please, please no further beating! In response, more strokes followed with the cynical remark, as she can see now, bring the good old, proven method to beat me with the appropriate cane, probably a first, small success! She had used him to me too rarely, that would change now but finally! But also the wooden spoon and the carpet beater would visit my bum  just enough! She laughed mischievously at her own humor, and delighted in my childish bawl.

Dir bringe ich schon bei sich zu benehmen. Runter mit den Hosen und über den Pult beugen. Den nackten strieme ich dir bis du nicht mehr sitzen kannst du Bengel.

Schönes Muster - jede Strieme ein eigner Schmerz

Wunderschöne Striemen Wonderful marks

Cybereason raises $200 million for its enterprise security platform

Cybereason, which uses machine learning to increase the number of endpoints a single analyst can manage across a network of distributed resources, has raised $200 million in new financing from SoftBank Group and its affiliates. 

It’s a sign of the belief that SoftBank has in the technology, since the Japanese investment firm is basically doubling down on commitments it made to the Boston-based company four years ago.

Israeli Cybersecurity Firm Cybereason Raises $59M Series C Led By SoftBank

The company first came to our attention five years ago when it raised a $25 million financing from investors including CRV, Spark Capital and Lockheed Martin.

Cybereason’s technology processes and analyzes data in real-time across an organization’s daily operations and relationships. It looks for anomalies in behavior across nodes on networks and uses those anomalies to flag suspicious activity.

The company also provides reporting tools to inform customers of the root cause, the timeline, the person involved in the breach or breaches, what tools they use and what information was being disseminated within and outside of the organization.

For founder Lior Div, Cybereason’s work is the continuation of the six years of training and service he spent working with the Israeli army’s 8200 Unit, the military incubator for half of the security startups pitching their wares today. After his time in the military, Div worked for the Israei government as a private contractor reverse engineering hacking operations.

Over the last two years, Cybereason has expanded the scope of its service to a network that spans 6 million endpoints tracked by 500 employees with offices in Boston, Tel Aviv, Tokyo and London.

“Cybereason’s big data analytics approach to mitigating cyber risk has fueled explosive expansion at the leading edge of the EDR domain, disrupting the EPP market. We are leading the wave, becoming the world’s most reliable and effective endpoint prevention and detection solution because of our technology, our people and our partners,” said Div, in a statement. “We help all security teams prevent more attacks, sooner, in ways that enable understanding and taking decisive action faster.”

The company said it will use the new funding to accelerate its sales and marketing efforts across all geographies and push further ahead with research and development to make more of its security operations autonomous.

“Today, there is a shortage of more than three million level 1-3 analysts,” said Yonatan Striem-Amit, chief technology officer and Co-founder, Cybereason, in a statement. “The new autonomous SOC enables SOC teams of the future to harness technology where manual work is being relied on today and it will elevate  L1 analysts to spend time on higher value tasks and accelerate the advanced analysis L3 analysts do.”

Most recently the company was behind the discovery of Operation SoftCell, the largest nation-state cyber espionage attack on telecommunications companies. 

Hackers are stealing years of call records from hacked cell networks

That attack, which was either conducted by Chinese-backed actors or made to look like it was conducted by Chinese-backed actors, according to Cybereason targeted a select group of users in an effort to acquire cell phone records.

As we wrote at the time:

… hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records — including times and dates of calls, and their cell-based locations — on at least 20 individuals.

Researchers at Boston-based Cybereason, who discovered the operationand shared their findings with TechCrunch, said the hackers could track the physical location of any customer of the hacked telcos — including spies and politicians — using the call records.

Lior Div, Cybereason’s co-founder and chief executive, told TechCrunch it’s “massive-scale” espionage.

Call detail records — or CDRs — are the crown jewels of any intelligence agency’s collection efforts. These call records are highly detailed metadata logs generated by a phone provider to connect calls and messages from one person to another. Although they don’t include the recordings of calls or the contents of messages, they can offer detailed insight into a person’s life. The National Security Agency  has for years controversially collected the call records of Americans from cell providers like AT&T and Verizon (which owns TechCrunch), despite the questionable legality.

It’s not the first time that Cybereason has uncovered major security threats.

Back when it had just raised capital from CRV and Spark, Cybereason’s chief executive was touting its work with a defense contractor who’d been hacked. Again, the suspected culprit was the Chinese government.

As we reported, during one of the early product demos for a private defense contractor, Cybereason identified a full-blown attack by the Chinese — ten thousand usernames and passwords were leaked, and the attackers had access to nearly half of the organization on a daily basis.

The security breach was too sensitive to be shared with the press, but Div says that the FBI was involved and that the company had no indication that they were being hacked until Cybereason detected it.

Interesting Papers for Week 27, 2017

Spontaneous dynamics of neural networks in deep layers of prefrontal cortex. Blaeser, A. S., Connors, B. W., & Nurmikko, A. V. (2017). Journal of Neurophysiology, 117(4), 1581–1594.

Coding of navigational affordances in the human visual system. Bonner, M. F., & Epstein, R. A. (2017). Proceedings of the National Academy of Sciences of the United States of America, 114(18), 4793–4798.

Role of the cerebellum in high stages of motor planning hierarchy. Casartelli, L., Federici, A., Cesareo, A., Biffi, E., Valtorta, G., Molteni, M., … Borgatti, R. (2017). Journal of Neurophysiology, 117(4), 1474–1482.

Metaplasticity as a Neural Substrate for Adaptive Learning and Choice under Uncertainty. Farashahi, S., Donahue, C. H., Khorsand, P., Seo, H., Lee, D., & Soltani, A. (2017). Neuron, 94(2), 401–414.e6.

Parietal neurons encode expected gains in instrumental information. Foley, N. C., Kelly, S. P., Mhatre, H., Lopes, M., & Gottlieb, J. (2017). Proceedings of the National Academy of Sciences, 114(16), E3315–E3323.

Separating the effect of reward from corrective feedback during learning in patients with Parkinson’s disease. Freedberg, M., Schacherer, J., Chen, K.-H., Uc, E. Y., Narayanan, N. S., & Hazeltine, E. (2017). Cognitive, Affective, & Behavioral Neuroscience, 17(3), 678–695.

Cerebellar granule cells acquire a widespread predictive feedback signal during motor learning. Giovannucci, A., Badura, A., Deverett, B., Najafi, F., Pereira, T. D., Gao, Z., … Wang, S. S.-H. (2017). Nature Neuroscience, 20(5), 727–734.

Cholinergic, But Not Dopaminergic or Noradrenergic, Enhancement Sharpens Visual Spatial Perception in Humans. Gratton, C., Yousef, S., Aarts, E., Wallace, D. L., D’Esposito, M., & Silver, M. A. (2017). Journal of Neuroscience, 37(16), 4405–4415.

In monkeys making value-based decisions, amygdala neurons are sensitive to cue value as distinct from cue salience. Leathers, M. L., & Olson, C. R. (2017). Journal of Neurophysiology, 117(4), 1499–1511.

The Computational and Neural Basis of Rhythmic Timing in Medial Premotor Cortex. Merchant, H., & Averbeck, B. B. (2017). Journal of Neuroscience, 37(17), 4552–4564.

The effect of face patch microstimulation on perception of faces and objects. Moeller, S., Crapse, T., Chang, L., & Tsao, D. Y. (2017). Nature Neuroscience, 20(5), 743–752.

Context-dependent spatially periodic activity in the human entorhinal cortex. Nadasdy, Z., Nguyen, T. P., Török, Á., Shen, J. Y., Briggs, D. E., Modur, P. N., & Buchanan, R. J. (2017). Proceedings of the National Academy of Sciences of the United States of America, 114(17), E3516–E3525.

Dynamic range adaptation in primary motor cortical populations. Rasmussen, R. G., Schwartz, A., & Chase, S. M. (2017). eLife, 6(e21409).

When one is Enough: Impaired Multisensory Integration in Cerebellar Agenesis. Ronconi, L., Casartelli, L., Carna, S., Molteni, M., Arrigoni, F., & Borgatti, R. (2017). Cerebral Cortex, 27(3), 2041–2051.

Nonspecific synaptic plasticity improves the recognition of sparse patterns degraded by local noise. Safaryan, K., Maex, R., Davey, N., Adams, R., & Steuber, V. (2017). Scientific Reports, 7, 46550.

Dopamine transients are sufficient and necessary for acquisition of model-based associations. Sharpe, M. J., Chang, C. Y., Liu, M. A., Batchelor, H. M., Mueller, L. E., Jones, J. L., … Schoenbaum, G. (2017). Nature Neuroscience, 20(5), 735–742.

Asymptotic Analysis of Objectives Based on Fisher Information in Active Learning. Sourati, J., Akcakaya, M., Leen, T. K., Erdogmus, D., & Dy, J. G. (2017). Journal of Machine Learning Research, 18(34), 1–41.

Sensory system plasticity in a visually specialized, nocturnal spider. Stafstrom, J. A., Michalik, P., & Hebets, E. A. (2017). Scientific Reports, 7, 46627.

Sensorimotor-independent development of hands and tools selectivity in the visual cortex. Striem-Amit, E., Vannuscorps, G., & Caramazza, A. (2017). Proceedings of the National Academy of Sciences of the United States of America, 114(18), 4787–4792.

BK Channels Mediate Synaptic Plasticity Underlying Habituation in Rats. Zaman, T., De Oliveira, C., Smoka, M., Narla, C., Poulter, M. O., & Schmid, S. (2017). Journal of Neuroscience, 37(17), 4540–4551.

Strieme um Strieme wirst du an mich denken….

Wonderful caning by Alexandra 

Marriott security breach exposed data of up to 500M guests

NEW YORK — Hackers stole information on as many as 500 million guests of the Marriott hotel empire over four years, obtaining credit card and passport numbers and other personal data, the company said Friday as it acknowledged one of the largest security breaches in history.

The full scope of the failure was not immediately clear. Marriott was trying to determine if the records included duplicates, such as a single person staying multiple times.

The affected hotel brands were operated by Starwood before it was acquired by Marriott in 2016. They include W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Méridien and Four Points. Starwood-branded timeshare properties were also affected. None of the Marriott-branded chains were threatened.

The crisis quickly emerged as one of the biggest data breaches on record.

“On a scale of 1 to 10 and up, this is one of those No. 10 size breaches. There have only been a few of them of this scale and scope in the last decade,” said Chris Wysopal, chief technology officer of Veracode, a security company.

By comparison, last year’s Equifax hack affected more than 145 million people. A Target breach in 2013 affected more than 41 million payment card accounts and exposed contact information for more than 60 million customers.

Security analysts were especially alarmed to learn that the breach began in 2014. While such failures often span months, four years is extreme, said Yonatan Striem-Amit, chief technology officer of Cybereason.

It was unclear what hackers could do with the credit card information. Though it was stored in encrypted form, it was possible that hackers also obtained the two components needed to descramble the numbers, the company said.

For as many as two-thirds of those affected, the exposed data could include mailing addresses, phone numbers, email addresses and passport numbers. Also included might be dates of birth, gender, reservation dates, arrival and departure times and Starwood Preferred Guest account information.

“We fell short of what our guests deserve and what we expect of ourselves,” CEO Arne Sorenson said in a statement. “We are doing everything we can to support our guests and using lessons learned to be better moving forward.”

The breach of personal information could put Marriott in violation of new European privacy laws, as guests included European travelers.

Marriott set up a website and call center for customers who believe they are at risk.

The hackers’ access to the reservation system could be troubling if they turn out to be, say, nation-state spies rather than con artists simply seeking financial gain, said Jesse Varsalone, associate professor of cybersecurity at the University of Maryland University College.

Reservation information could mean knowing when and where government officials are traveling, to military bases, conferences or other destinations abroad, he said.

“There are just so many things you can extrapolate from people staying at hotels,” Varsalone said.

The richness of the data makes the hack unique, Wysopal said.

“Once you know someone’s arrival, departure, room preferences,” that could be used to incriminate a person or for a reputation attack that “goes beyond your traditional identity theft or credit-card theft,” he said.

It isn’t common for passport numbers to be part of a hack, but it is not unheard of. Hong Kong-based airline Cathay Pacific Airways said in October that 9.4 million passengers’ information had been breached, including passport numbers.

Passport numbers are often requested by hotels outside the U.S. because U.S. driver’s licenses are not accepted there as identification. The numbers could be added to full sets of data about a person that bad actors sell on the black market, leading to identity theft.

And while the credit card industry can cancel accounts and issue new cards within days, it is a much more difficult process, often steeped in government bureaucracy, to get a new passport.

But one redeeming factor about passports is that they are often required to be seen in person, said Ryan Wilk of NuData Security. “It’s a highly secure document with a lot of security features,” he said.

Email notifications for those who may have been affected begin rolling out Friday.

When the merger was first announced in 2015, Starwood had 21 million people in its loyalty program. The company manages more than 6,700 properties across the globe, most in North America.

While the first impulse for those potentially affected by the breach could be to check credit cards, security experts say other information in the database could be more damaging.

The names, addresses, passport numbers and other personal information “is of greater concern than the payment info, which was encrypted,” analyst Ted Rossman of CreditCards.com said, citing the risk that thieves could open fraudulent accounts.

An internal security tool signaled a potential breach in early September, but the company was unable to decrypt the information that would define what data had possibly been exposed until last week.

Marriott, based in Bethesda, Maryland, said in a regulatory filing that it was premature to estimate what financial impact the breach will have on the company. It noted that it does have cyber insurance, and is working with its insurance carriers to assess coverage.

Elected officials were quick to call for action.

The New York attorney general opened an investigation. Virginia Sen. Mark Warner, co-founder of the Senate Cybersecurity Caucus, said the U.S. needs laws that limit the data companies can collect on customers and ensure that companies account for security costs rather than making consumers “shoulder the burden and harms resulting from these lapses.”

from FOX 4 Kansas City WDAF-TV | News, Weather, Sports https://fox4kc.com/2018/12/01/marriott-security-breach-exposed-data-of-up-to-500m-guests/

from Kansas City Happenings https://kansascityhappenings.wordpress.com/2018/12/01/marriott-security-breach-exposed-data-of-up-to-500m-guests/

New Post has been published on Skyhotel - Quản lý khách sạn online, phần mềm quản lý khách sạn

New Post has been published on https://skyhotel.vn/tin-tuc-khach-san/thong-tin-cua-500-trieu-khach-cua-he-thong-khach-san-marriott-bi-danh-cap

Thông tin của 500 triệu khách của hệ thống khách sạn Marriott bị đánh cắp

Tin tặc đã đánh cắp thông tin 500 triệu khách hàng của đế chế khách sạn Marriott trong hơn bốn năm qua, thu thập số thẻ tín dụng và hộ chiếu cùng những dữ liệu cá nhân khác, công ty cho biết hôm 30/11 và thừa nhận đây là một trong những sự cố an ninh lớn nhất trong lịch sử.

Quy mô đầy đủ của vụ thất thoát vẫn chưa lường hết được ngay. Marriott đang cố gắng xác định xem các hồ sơ có cả các bản sao, chẳng hạn như một người ở khách sạn nhiều lần, có bị mất không.

Các thương hiệu khách sạn bị ảnh hưởng do Starwood điều hành trước khi được Marriott mua lại vào năm 2016. Các thương hiệu ấy bao gồm W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Méridien và Four Points. Các bất động sản đồng sở hữu theo thời gian (timeshare) thương hiệu Starwood cũng bị ảnh hưởng. Không có chuỗi khách sạn mang thương hiệu Marriott nào bị đe dọa.

Vụ khủng hoảng nhanh chóng nổi lên như là một trong những sự cố dữ liệu lớn nhất được ghi nhận.

“Dựa theo thang điểm từ một đến mười trở lên, đây là một trong những vụ xâm phạm cỡ điểm mười. Chỉ có một vài vụ xâm phạm đạt quy mô này trong thập kỷ vừa qua,” Chris Wysopal, giám đốc công nghệ công ty bảo mật Veracode, nói.

Để so sánh, vụ tấn công Equifax hồi năm ngoái ảnh hưởng đến hơn 154 triệu người. Vụ xâmphạm Target năm 2013 ảnh hưởng hơn 41 triệu tài koản thẻ thanh toán và để lộ thông tin liên hệ tiếp xúc của hơn 60 triệu khách hàng.

Các nhà phân tích an ninh đặc biệt báo động là cần phải biết rằng xâm phạm bắt đầu từ năm 2014. Trong khi những thất bại như thế thường kéo dài vài tháng, bốn năm là quá mức, Yonatan Striem-Amit, giám đốc công nghệ của Cybereason, đánh giá.

Vẫn chưa rõ ràng tin tặc có thể làm gì với thông tin thẻ tín dụng. Mặc dầu chúng được lưu trữ dưới dạng mã hóa, có thể tin tặc cũng thu được hai thành phần cần thiết để giải mã các con số, công ty cho biết.

Đối với khoảng hai phần ba số người bị ảnh hưởng, dữ liệu bị lộ có thể gồm các địa chỉ thư từ, số điện thoại, địa chỉ email và số hộ chiếu. Cũng có thể gồm cả ngày sinh, giới tính, những ngày đặt phòng, thời gian đến và đi và thông tin tài khoản của Khách ưu đãi của Starwood (Starwood Preferred Guest).

“Chúng tôi đã thiếu sót đối với những gì khách hàng đáng được hưởng và những gì chúng tôi kỳ vọng ở chính mình,” CEO Arne Sorenson phát biểu trong một tuyên bố. “Chúng tôi đang làm tất cả những gì có thể để hỗ trợ khách hàng của chúng tôi và dùng những bài học rút ra được để tiến lên phía trước.”

Vụ vi phạm thông tin cá nhân có thể đặt Marriott vào việc vi phạm những luật về quyền riêng tư mới của châu Âu, vì trong số các khách hàng có cả những du khách châu Âu.

Marriott thiết lập một trang web và trung tâm cuộc gọi dành cho các khách hàng tin rằng họ có nguy cơ.

Vụ truy cập vào hệ thống đặt phòng của tin tặc có thể phiền toái nếu chúng, nói không biết chừng, là những gián điệp cấp quốc gia thay vì là những kẻ lừa đảo đơn giản tìm lợi ích tài chính, Jesse Varsalone, phó giáo sư về an ninh mạng Đại học Maryland, nói.

Thông tin đặt phòng có thể có ý nghĩa là khi nào và ở đâu các viên chức nhà nước đang đến, từ các căn cứu quân sự, các cuộc họp và các điểm đến khác ở nước ngoài, ông nói. “Có nhiều thứ mà bạn có thể ngoại suy từ những người ở khách sạn,” Varsalone nói.

Sự phong phú của dữ liệu làm cho vụ đánh cắp trở nên có một không hai, Wysopal nói. “Một khi anh biết được sở thích đến và đi, loại phòng của ai đó,” là có thể dùng buộc tội cho một người hoặc dùng cho một cuộc tấn công vào uy tín, vượt lên cả sự đánh cắp căn cước hoặc đánh cắp thẻ tín dụng như lâu nay,” ông nói.

Việc đánh cắp số hộ chiếu vừa qua vốn không phổ biến, mặc dầu cũng đã từng có. Hãng hàng không Hong Kong Cathay Pacific cho biết hồi tháng mười 9,4 triệu thông tin của hành khách bị vi phạm, trong đó có cả số hộ chiếu.

Số hộ chiếu thường được các khách sạn bên ngoài Hoa Kỳ yêu cầu vì giấy phép lái xe của Mỹ không được chấp nhận để thay thế giấy tờ tùy thân. Các con số hộ chiếu có thể được bổ sung vào bộ dữ liệu đầy đủ về một cá nhân được những kẻ gian bán trên thị trường chợ đen, dẫn đến hành vị ăn cắp danh tính.

Và trong khi ngành thẻ tín dụng có thể hủy bỏ các tài khoản và phát hành các thẻ mới trong vài ngày, việc có được một hộ chiếu mới lại là một quá trình khó khăn hơn do sự quan liêu của bộ máy hành chính.

Nhưng bù lại là các hộ chiếu thường được yêu cầu gặp đích thân người mang, Ryan Wilk, hãng NuData Security, nói. “Đó là một tài liệu rất an toàn với rất nhiều tính năng bảo mật,” ông nói.

Các thông báo qua email cho những người có thể bị ảnh hưởng bắt đầu triển khai hôm 30/11.

Khi lần đầu tiên được công bố sát nhập, Starwood đã có 21 triệu người trong chương trình khách hàng thân thiết. Công ty quản lý hơn 6.700 cơ sở khắp thế giới, hầu hết ở Bắc Mỹ.

Trong khi sự hối thúc đầu tiên đối với những người có thể bị ảnh hưởng bởi vụ vi phạm là kiểm tra thẻ tín dụng, các chuyên gia bảo mật cho rằng thông tin khác trong cơ sở dữ liệu có thể gây tai hại nhiều hơn.

Danh tính, địa chỉ, số hộ chiếu và thông tin cá nhân khác “là mối quan tâm lớn hơn thông tin thanh toán được mã hóa,” nhà phân tích Ted Rossman của CreditCards.com nói và lưu ý nguy cơ kẻ trộm có thể mở các tài khoản gian lận.

Một công cụ bảo mật nội bộ báo hiệu một khả năng vi phạm hồi đầu tháng chín, nhưng công ty đã không thể giải mã thông tin xác định dữ liệu nào có thể bị lộ cho đến cuối tuần qua.

Marriott, có trụ sở tại Bethesda, bang Maryland, Mỹ, cho biết trong một đơn nộp theo quy định rằng công ty đã sớm ước tính tác động tài chính của vụ vi phạm đối với công ty. Công ty có bảo hiểm mạng, và đang làm việc với các hãng bảo hiểm để đánh giá việc đền bù.

Các viên chức dân cử nhanh chóng kêu gọi hành động.

Tổng chưởng lý New York đã mở cuộc điều tra. Thượng nghị sĩ bang Virginia Mark Warner, đồng sáng lập Ủy ban an ninh quốc gia thượng viện, cho rằng Mỹ cần có luật hạn chế dữ liệu mà các công ty có thể thu thập từ khách hàng và bảo đảm rằng các công ty chịu chi phí an ninh thay vì bắt người tiêu dùng “gánh chịu và bị thiệt hại do những thất bại như thế.”

Trần Bích

Đăng ký Phần mềm quản lý khách sạn Skyhotel

Na warte du Rotzlöffel, jetzt kannst du was erleben. Hosen runter und bücken. Dir strieme ich den nackten bis du wieder artig bist du Bengel.

Espionage or incrimination? Risks from stolen Marriott data

New Post has been published on https://www.articletec.com/espionage-or-incrimination-risks-from-stolen-marriott-data/

Espionage or incrimination? Risks from stolen Marriott data

NEW YORK (AP) – Security experts alarmed by the scope of a data breach at the Marriott hotel empire worry that stolen information on specific hotel stays could be used for burglary, espionage or reputational attacks.

Hackers stole information on as many as 500 million guests of the Marriott hotel empire over four years, obtaining credit card and passport numbers and other personal data, including arrival and departure dates.

The crisis quickly emerged as one of the biggest data breaches on record. By comparison, last year’s Equifax hack affected more than 145 million people. A Target breach in 2013 affected more than 41 million payment card accounts and exposed contact information for more than 60 million customers.

Chris Wysopal, chief technology officer with the security firm Veracode, said the attack goes beyond traditional credit-card theft, as information about a person’s hotel stay “could be used to incriminate someone.”

Jesse Varsalone, professor of cybersecurity at the University of Maryland, said hackers’ access to the reservation system could be troubling if the hackers turn out to be, say, nation-state spies rather than those out simply for financial gain.

That information could mean knowing when and where government officials are traveling, such as to military bases or conferences, he said.

“There are just so many things you can extrapolate from people staying at hotels,” he said.

And because the data included reservations for future stays, along with home addresses, burglars could learn when someone wouldn’t be home, said Scott Grissom of LegalShield, a provider of legal services.

The affected hotel brands were operated by Starwood before it was acquired by Marriott in 2016. They include W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Méridien and Four Points. Starwood-branded timeshare properties were also affected. None of the Marriott-branded chains were threatened.

Email notifications for those who may have been affected begin rolling out Friday.

The full scope of the failure was not immediately clear. Marriott was trying to determine if the records included duplicates, such as a single person staying multiple times.

Security analysts were especially alarmed to learn that the breach began in 2014. While such failures often span months, four years is extreme, said Yonatan Striem-Amit, chief technology officer of Cybereason.

It was unclear what hackers could do with the credit card information. Though it was stored in encrypted form, it was possible that hackers also obtained the two components needed to descramble the numbers, the company said.

For as many as two-thirds of those affected, the exposed data could include mailing addresses, phone numbers, email addresses and passport numbers. Also included might be dates of birth, gender, reservation dates, arrival and departure times and Starwood Preferred Guest account information.

The breach of personal information could put Marriott in violation of new European privacy laws, as guests included European travelers.

Marriott set up a website and call center for customers who believe they are at risk.

It isn’t common for passport numbers to be part of a hack, but it has happened before. Hong Kong-based airline Cathay Pacific said in October that 9.4 million passengers’ information had been breached, including passport numbers.

Passport numbers are often requested by hotels outside the U.S. because U.S. driver’s licenses are not accepted there as identification. The numbers could be added to full sets of data about a person that bad actors sell on the black market, leading to identity theft.

And while the credit card industry can cancel accounts and issue new cards within days, it is a much more difficult process, often steeped in government bureaucracy, to get a new passport.

But one redeeming factor about passports is that they are often required to be seen in person, said Ryan Wilk of NuData Security. “It’s a highly secure document with a lot of security features,” he said.

When the merger was first announced in 2015, Starwood had 21 million people in its loyalty program. The company manages more than 6,700 properties across the globe, most in North America.

While the first impulse for those potentially affected by the breach could be to check credit cards, security experts say other information in the database could be more damaging.

The names, addresses, passport numbers and other personal information “is of greater concern than the payment info, which was encrypted,” analyst Ted Rossman of CreditCards.com said, citing the risk that thieves could open fraudulent accounts.

An internal security tool signaled a potential breach in early September, but the company was unable to decrypt the information that would define what data had possibly been exposed until last week.

Marriott, based in Bethesda, Maryland, said in a regulatory filing that it was premature to estimate what financial impact the breach will have on the company. It noted that it does have cyber insurance, and is working with its insurance carriers to assess coverage.

Elected officials were quick to call for action.

The New York attorney general opened an investigation. Virginia Sen. Mark Warner, co-founder of the Senate Cybersecurity Caucus, said the U.S. needs laws that limit the data companies can collect on customers and ensure that companies account for security costs rather than making consumers “shoulder the burden and harms resulting from these lapses.”

___

Chapman reported from Newark, New Jersey.

Copyright © 2018 The Washington Times, LLC.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.

Source link

Gedaan met strakgefotoshopte modellen, buitenlandse lingeriemerken slaan massaal nieuwe weg in. (kunst en cultuur ) 27/04

Lingeriecampagnes zijn doorgaans mooi gestileerd, perfect belicht en achteraf grondig bewerkt zodat geen enkele porie, rimpel of striem zichtbaar is. Steeds meer merken zetten zich daar echter tegen af en doen net het tegenovergestelde. Geen modellen met maatje nul, maar vrouwen in alle vormen, kleuren en maten die vol zelfvertrouwen poseren. Vaak zelfs zonder Photoshop.

Van & Other Stories en Monki tot Savage X Fenty en Everlane, ze kozen het voorbije jaar allemaal niet voor strakke lijven, geairbrushte gezichten en afgelikte foto’s voor hun lingeriecampagnes. Het mag allemaal wat echter zijn, niet zo perfect. Diverser ook, modellen zijn niet meer uitsluitend begin twintig, mager en blank. Een trend die al langer gaande is in de modewereld, maar die we de laatste tijd vooral terugzien in lingeriecampagnes.

De merken willen er naar eigen zeggen vrouwen mee aanmoedigen om hun eigen schoonheid te omarmen in plaats van zich te vergelijken met het onrealistische schoonheidsbeeld dat door merken als Victoria’s Secret opgedrongen wordt. Een boodschap waar wij uiteraard achterstaan. Daarom een paar krachtige voorbeelden op een rij.

mening : Ik vind het goed dat deze verandering eindelijk is gekomen en dat ze vechten tegen die stereotypes van modellen die we zien. Iedereen kan zich eindelijk eens mooi voelen omdat ze dat ook hebben. Zo moet het verder.