Summary:
In a controlled study by the FTC, cybertheives were able to utilize personal data shared online very quickly after it was posted and noticed by a Twitter bot. In another test, it took 10 times as long. Nonetheless, the mean time to exploit is significantly longer than organizational response times. Significantly, two-factor authentication was a full deterrent to account access.

Summary:
A group that released information and software from NSA digital hacking tools has threatened to release some kind of data about nuclear or missile programs in China, Iran, North Korea, and Russia. They indicated that this and further information might be disseminated through a subscription service.

More Windows 10 vulnerability exploits might be in the works. The hacker group seems to be searching for a way to capitalize on its expertise in digital weaponry acquisition.

Summary:
Although Emmanuel Macron prevailed in the French presidential election, his campaign was subjected to an 11th hour disinformation/hacking attack by a group that TrendMicro identified as probably being part of the Russian KGB.

A large number of documents from Macron's campaign computers were anonymously posted online just before the election. The volume was huge, but an initial assessment indicated that the documents were a mix of mundane campaign files and bogus inflammatory messages.

Summary:
The WannaCry crypto ransomware attack hit the British National Healthcare System and other businesses around the world. The software was based on part of a digital arsenal developed by NSA and disclosed by a group called Shadow Brokers. Although Microsoft immediately released a patch to disable the core vulnerability exploited by the ransomware, older computers and many others remained unpatched and unprotected.

Although the attack spread around the world, the perpetrators may not have profited proportionately. Backups of files and restoration procedures may have saved some victims, and others may have abandoneed their data.

Summary:
The first announcement that the NSA cyber hacking tools had been released to a public website was troubling for multiple reasons. Technology companies were dismayed that the vulnerabilities had not been made available to the software providers in the first place; this practice, called "equities", depends on trust between technology providers and the government. However, subsequent statements from Microsoft showed that they had issued patches for Windows systems a month before the disclosure. Whether they were warned by the hackers or by the government remains unknown.

Another troubling aspect concerned extracting information from the international banking communications network, SWIFT. That undermined trust in the agreement between the EU and the US that information would be shared under formal safeguards.

The hacking software may be viewed by European court as evidence that the US cannot be trusted to uphold European privacy rules, and that makes it difficult for US technology services to operate in Europe.

Summary:
Although the NSA hacking tools revealed vulnerabiliites in the Microsoft Windows operating system, they were not "zero day" exploits. For unexplained reasons, Microsoft issued patches a month before the tools became public knowledge. Nonetheless, not all Windows systems were patched.

Summary:
A hacking group released the source for many of NSA's own hacking tools, and it included a serious zero day vulnerability for Windows' users. Microsoft issued a patch, but older systems (like the 7.4 per cent of the cyberworld that runs XP) have no protection.

Summary:
On April 28 NSA issued a statement saying that it had ended a long-standing, warrantless surveillance practice. Its communications surveillance program had been collecting messages that mentioned the email addresses of foreign targets even when the sender and recipient were US citizens who never communicated with the target.

NSA had revealed this to the FISA courts previously and said that its technology could not be tuned to prevent the collection of these messages. The practice became public knowledge with the disclosure of the Snowden papers. NSA says it has corrected the problem. The result is that Americans can now mention foreign email addresses without turning the surveillance apparatus onto themselves.

On the other hand, if foreign targets mention Americans, then the Americans can then be subject to warrantless surveillance.

Summary:
In another novel use of the Internet of Things, police in Connecticut used data from a murdered woman's Fitbit as evidence to contradict her husband's account of an attack and to bring charges against him. The husband claimed that his wife walked only a short distance in the time before the attack, but her Fitbit registered 10 times as many steps.

In a separate case in Ohio, a man's alibi was undermined by his pacemaker data. He is facing charges of aggravated arson and insurance fraud.

Summary:
A Texas police detective who is also an Internet cybercrime author makes the case that local police need more training in Internet crime in order to provide effective protection for citizens. "The FBI can't do it all," he notes.

Selby would like local police to have the tools to go after the scams that hurt the ordinary person --- identity theft, credit card fraud, etc. Although the amount of loss may be small, the victim faces hours of lost time and thousands in attorney's fees in the wake of the crime. The local police don't have the ability to build a case against the cybercriminal, even when they know the perpetrator.

Summary:
Over a million people in Dallas were subjected to 90 minutes of city sirens due to a hack carried out within the city. Officials determined that someone with physical access to the siren hub caused the cacaphony.

Summary:
Cisco has been around since the Internet was in knee pants, and so has the telnet protocol. When WikiLeaks revealed that the CIA has ways to take control of Cisco switches, it turned out the source of the vulnerability was Cisco's modifications to this venerable communication service. It carries the control commands for configuring network services on the switches.

Cisco has no workaround for the problem other than disabling telnet or setting strict access controls that prevent unauthorized devices from completing telnet connections.

WikiLeaks came under criticism for not giving Cisco a chance to respond before releasing the information about the existence of a vulnerability.