WRALtechwire.com logo

Tech wrap: SEC reports breach; Equifax breach in March ; Apple Watch woes; door bell facial recognition (+ video)

Bulldog

Sep, 21 2017, 5:43 AM

In today's Bulldog tech news wrapup:

The details:

The Securities and Exchange Commission said Wednesday that a cyber breach of a filing system it uses may have provided the basis for some illegal trading in 2016.

In a statement posted on the SEC's website, Chairman Jay Clayton said a review of the agency's cybersecurity risk profile determined that the previously detected "incident" was caused by "a software vulnerability" in its EDGAR filing system.

The statement said the software was patched quickly after the hack was uncovered in 2016, although the possibility that some may have used it to make illegal profits was only discovered last month.

The SEC revelation comes as Americans continue to grapple with the repercussions of a massive, months-long hack of Equifax, a credit reporting agency, which exposed highly sensitive personal information of 143 million people.

The SEC chairman said this breach did not result in exposing personally identifiable information.

The SEC files financial market disclosure documents through its EDGAR system, which processes over 1.7 million electronic filings in any given year according to the agency's 4,000-word statement.

Clayton's statement also mentioned that a 2014 internal review was unable to locate some agency laptops that may have contained confidential information.

Hackers broke into Equifax's computer systems in March, two months earlier than the company had previously disclosed, according to a Wall Street Journal report .

That gave the intruders months to probe vulnerabilities and eventually gain access to the data of 143 million Americans. The Journal cited a report from the Mandiant unit of security firm FireEye that was sent to some Equifax customers this week.

The breach on March 10 came two days after security researchers at Cisco Systems warned of a flaw in an open-source software package called Apache Struts. One expert told the Journal that hackers probably found the Equifax server by "spamming" the internet for computers with that flaw.

The attackers then essentially cased the Equifax system for several weeks, the Journal reported. They eventually gained access to Equifax usernames and passwords, as well as "documents and sensitive information stored in databases, between May and late July, according to the Mandiant report, according to the Journal.

In an update last Friday , Equifax said only that hackers gained access to "certain files containing personal information" between May 13 and July 30. It did not mention earlier activity.

An Equifax spokesperson contacted by email said the company's investigation found that someone had "interacted" with the company's server on March 10. But the representative characterized that as "part of a common pattern of probing of systems on the Internet to find vulnerabilities." There was no evidence that this probing was related to the more serious compromise of sensitive information, the spokesperson said.

Apple confirmed that its new Series 3 Apple Watch can encounter problems connecting to a cellular network. The problems arise when the watch joins unauthenticated Wi-Fi networks without connectivity.

This can happen when the watch tries to join a Wi-Fi network the user has previously logged in to using another Apple device, like an iPhone or a computer. The company says it is investigating a fix for the problem.

To work around it, users can get their phone to "forget" the network.

The latest watch, which starts at $399, has been hotly anticipated because its cellular connectivity means people can use it without carrying their phone around.

The watch doesn't require a new data plan, but an add-on to existing plans. This generally costs $5 to $10 a month

Home device maker Nest Labs is adding Google's facial recognition technology to a camera-equipped doorbell and rolling out a security system in an attempt to end its history of losses.

The products announced Wednesday expand upon the internet-connected thermostats, smoke detectors and stand-alone security cameras that Nest has been selling since its inception six years ago.

Although Nest has been among the early leaders in the effort to make home appliances as intelligent as people's smartphones, it hasn't been able to make money to the frustration of its corporate parent, Alphabet. In an attempt to shake things up, Alphabet brought in cable industry veteran Marwan Fawaz to replace Nest founder Tony Fadell as CEO after Fadell stepped down 15 months ago.

Nest had been supplementing its existing product line with slightly different choices until Wednesday's move into entirely new categories.

The Hello doorbell comes with a built-in video camera and speakers that will make it seem like it can recognize and talk to people.

The doorbell will draw upon Google's facial recognition technology so it can warn a home's occupants when a stranger approaches. Google bought Nest for $3.2 billion in 2014 and then spun it off after it hatched Alphabet as its parent company.





Menu