Zuckerberg asked to testify in UK; data firm’s CEO suspended

LONDON (AP) — A British parliamentary committee on Tuesday summoned Facebook CEO Mark Zuckerberg to answer questions as authorities stepped up efforts to determine if the personal data of social media users has been used improperly to influence elections.The request comes amid allegations that a data mining firm based in the U.K used information from more than 50 million Facebook accounts to help Donald Trump win the 2016 presidential election. The company, Cambridge Analytica, has denied wrongdoing.However, the firm’s board of directions announced Tuesday evening that it had suspended CEO Alexander Nix pending an independent investigation of his actions. Nix made comments to an undercover reporter for Britain’s Channel 4 News about various unsavory services Cambridge Analytica provided its clients.“In the view of the board, Mr. Nix’s recent comments secretly recorded by Channel 4 and other allegations do not represent the values or operations of the firm and his suspension reflects the seriousness with which we view this violation,” the board said in a statement posted on the firm’s website.Facebook also drew continued criticism for its alleged inaction to protect users’ privacy. Earlier Tuesday, the chairman of the U.K. parliamentary media committee, Damian Collins, said his group has repeatedly asked Facebook how it uses data and that Facebook officials “have been misleading to the committee.”“It is now time to hear from a senior Facebook executive with the sufficient authority to give an accurate account of this catastrophic failure of process,” Collins wrote in a note addressed directly to Zuckerberg. “Given your commitment at the start of the New Year to ‘fixing’ Facebook, I hope that this representative will be you.”The request to appear comes as Britain’s information commissioner said she was using all her legal powers to investigate the social media giant and Cambridge Analytica over the alleged misuse of data.Commissioner Elizabeth Denham is pursuing a warrant to search Cambridge Analytica’s servers. She has also asked Facebook to cease in its efforts to pursue its own audit of Cambridge Analytica’s data use.“Our advice to Facebook is to back away and let us go in and do our work,” she said.Cambridge Analytica said it is committed to helping the U.K. investigation. However, Denham gave the firm a deadline to produce the information she requested – and it failed to meet it, her office said.Denham said the prime allegation against Cambridge Analytica is that it acquired personal data in an unauthorized way, adding that the data provisions act requires platforms like Facebook to have strong safeguards against misuse of data.Chris Wylie, who once worked for Cambridge Analytica, was quoted as saying the company used the data to build psychological profiles so voters could be targeted with ads and stories.The firm found itself in further allegations of wrongdoing. Britain’s Channel 4 used an undercover investigation to record Cambridge Analytica’s chief executive, Alexander Nix, saying that the company could use unorthodox methods to wage successful political campaigns for clients.He said the company could “send some girls” around to a rival candidate’s house, suggesting that girls from Ukraine are beautiful and effective in this role.He also said the company could “offer a large amount of money” to a rival candidate and have the whole exchange recorded so it could be posted on the internet to show that the candidate was corrupt.Nix says in a statement on the company’s website that he deeply regrets his role in the meeting and has apologized to staff.“I am aware how this looks, but it is simply not the case,” he said. “I must emphatically state that Cambridge Analytica does not condone or engage in entrapment, bribes or so-called ‘honeytraps’, and nor does it use untrue material for any purposes.”Nix told the BBC the Channel 4 sting was “intended to embarrass us”.“We see this as a coordinated attack by the media that’s been going on for very, very many months in order to damage the company that had some involvement with the election of Donald Trump,” he said.The data harvesting used by Cambridge Analytica has also triggered calls for further investigation from the European Union, as well as federal and state officials in the United States.

New Survey: 75% of Middle East Oil & Gas Companies Have Suffered a Security Compromise

The oil and gas sector in the Middle East has become a top target for cybercriminals, enduring 50 percent of all cyber-attacks in the region, revealed a new report.The study, conducted by industrial giant Siemens and the Ponemon Institute, polled around 200 individuals in the Middle East responsible for securing or overseeing cyber risk in oil and gas companies.According to the report, three in four respondents said their organization had suffered at least one security compromise that resulted in the loss of confidential information or disruption to operations in the OT environment over the past 12 months.Meanwhile, 11 percent reported that they had experienced more than 10 cyber breaches in their OT environments – a rate three times the global average, the report noted. Even so, such numbers likely under-report the true figures, with nearly half of respondents admitting they may not be aware of all breaches.Furthermore, 60 percent of respondents believe they face a greater risk in the OT than the IT environment. Similarly, 67 percent believe the risk level to industrial control systems over the past few years has substantially increased because of cyber threats.“The convergence of IT and OT has become a key opportunity for attackers to infiltrate an organization’s critical infrastructure, disrupting physical devices or operational processes,” said Leo Simonovich, Vice President and Global Head, Industrial Cyber at Siemens Energy, in a press release.“We know that attacks are becoming more frequent and increasingly sophisticated, and firms quickly need to assign dedicated ownership of OT cyber, gain visibility into their assets, demand purpose-built solutions and partner with experts who have real domain expertise,” Simonovich said.Companies are aware of the rising cyber risks, yet few are prepared to address them. Less than half of respondents said they continually monitor all infrastructure to prioritize threats and attacks. Additionally, oil and gas companies in the Middle East today allocate only a third, on average, of their total cybersecurity budget to securing their OT environment.Although more companies are investing in resources to strengthen their defenses, such as hiring qualified staff, Siemens argues “the next step in this OT cybersecurity journey will require a more holistic strategy.”“Organizations that adopt both a risk-based and compliance-based approach to their OT security programs will be those who close the cyber readiness gap soonest,” the report concluded.

YouTuber Found Guilty of Being ‘Grossly Offensive’ for Teaching a Dog a Nazi Salute

A man who taught a pug to do a Nazi salute in response to phrases like “gas the Jews” and “Sieg Heil” has been found guilty of being “grossly offensive” by Scottish courts and is currently awaiting sentencing.

This Free Ad Blocker for Samsung Phones Also Kills Bloatware and Manages App Permissions

There are plenty of great ad blockers to choose from, but most just delete the ads or replace them with something less offensive. If you’re looking for an ad blocker that can do a little more (and you have a Samsung phone) here’s a new app worth checking out.

This tortoise shows kids that robot abuse is bad

When humanity’s back is against the wall and the robots have us cornered I’d say I’m all for whanging a few with a baseball bat. However, until then, we must be kind to our mechanical brethren and this robotic tortoise will help our kids learn that robot abuse is a bad idea.

There’s still a lot of life left in tape backup

This industry likes to abandon technologies as soon as it adopts them, but a few find a way to hang around. I recently purchased a car, and in the finance office was a dot matrix printer, chugging away at the same multipage forms I saw used more than 25 years ago.

Online Sandbox Services Used to Exfiltrate Data: Researcher (SecurityWeek)

Attackers can use online sandbox services to exfiltrate data from an isolated network, a SafeBreach security researcher has discovered.

Telegram Ordered to Hand Over Encryption Keys to Russian Authorities

Russia’s top court ruled Tuesday that the Telegram messaging service, with 9.5 million active Russian users, must hand over encryption keys to authorities.

Vivendi trying to take control of Ubisoft: News and updates

Contributors:

For years now, Vivendi and Ubisoft have been locked in a struggle to to determine who will maintain ownership of the French powerhouse developer and publisher.

LG Hom-Bot Turbo+ Review: Pretty, But Disappointing

In a crowded botvac market, it can be hard to stand out. LG’s latest vacuum, the Hom-Bot Turbo+, tries to fulfill several functions, above and beyond what you might expect of a humble home appliance.

Critical Security Controls v7 RELEASED

I have previously posted on the Critical Security Controls, which many still incorrectly called the “SANS Top 20” and the like, tho SANS hasn’t been managing them for some time.  The current org that manages them is the Center for Internet Security, which has overseen them since around 2015.  They previously put out v6 and after about a year working on the have released v7.  You can download them from the CIS website, along with other materials.

Grafana Heatmaps with the IRONdb Data Source

GrafanaCon EU 2018 Recap

A couple weeks ago at GrafanaCon EU 2018 we announced the beta release of the IRONdb Data Source for Grafana. We’ve continued to make improvements to some features, such as the heatmap visualization of histogram data. In this blog post, we’ll show you how to use the IRONdb data source to produce these visualizations. We will start with the assumption that you already have IRONdb up and running; if not, the installation instructions are here (you can get a free 25k metric license here). If you don’t have a host to install IRONdb on, or want to try out the free hosted IRONdb version on Circonus, just keep reading to see the hosted example; we got you covered!

Data Source Installation

The first order of business is to get the data source installed. You’ll need Grafana v5.0 or 4.6.3 installed as a prerequisite, as it contains a number of updates needed for rendering the heatmap visualization. The IRONdb data source can be found here on GitHub. As with most Grafana plugins, the code is installed in /var/lib/grafana/plugins, and a server restart makes the data source available in the UI. Follow the data source configuration instructions, and you should have the IRONdb datasource installed on the Grafana host.

Data Source Configuration

Hosted or Standalone

Your data source should look something like this; note that this is an example using the Circonus API (URL is set to https://api.circonus.com). If you don’t have a host to install IRONdb on, you can create a circonus account, grab an API token, and setup a hosted instance. Select IRONdb for the Type field under settings. Enter your IRONdb cluster url in the URL field (https://api.circonus.com for hosted, something like http://localhost:8112 for standalone). You’ll want proxy set under the Access field, since direct mode is not supported yet (this means requests to IRONdb are proxied through Grafana).

Auth and Advanced HTTP Settings

No changes are needed here from the default.

IRONdb Details

The rest of the configuration is specifying hosted or standalone under the installation type, and entering in the API Token.

For standalone IRONdb installation:

  • Set the IRONdb Type field to standalone.
  • Enter the Account ID to the value set in your irondb.conf file.
  • Set the Query Prefix field to the root value of your metrics namespace for the metrics selector.

For hosted IRONdb installation:

  • Set the IRONdb Type field to hosted.
  • Enter the API Token from the API Token Page in your Circonus account.
  • You will not need to make any change to the Query Prefix setting unless you are collecting your own custom metrics (like via Statsd).

Save & Test

Click to save the configuration and test the datasource; if it is working, you’ll see the “Data source is working” status message. If not, revisit the values you entered. Feel free to reach out to us at the Circonus Labs Slack #irondb channel if you have questions or problems you can’t resolve.

Collecting Histogram data

If you are an existing IRONdb user who has histogram metrics already available, you can go to the next step. If not, you’ll need to get histogram data into your instance. To generate a meaningful heatmap, you’ll likely want to be using data that represents latency or a duration, such as HTTP request duration.

For standalone IRONdb installations, see the IRONdb documentation on how to write histogram metrics.

For hosted IRONdb installations, modify the metric type on an existing check you have (Integrations -> Checks) by clicking the histogram icon.

Creating the Heatmap Panel

Panel Creation

In your Grafana instance, click the + sign on the left nav, then select Heatmap from the grid.

Data Source Selection

Select Edit at the top of the panel, and then under the Metrics tab, select your IRONdb data source from the drop down. Then to create a new metric, click the Histogram and CAQL boxes, and click the hamburger menu to the right and select Toggle Edit Mode.

Add Metrics

Now enter the check uuid and the metric name in the following CAQL (Circonus Analytics Query Language) format:

metric:histogram("<check_uuid>", "<metric_name>")