Thursday, March 15, 2018

Why the local marketing vault is different

If you have been doing marketing the same way because 2010 then you have to adjust. The old ways of doing things are altering and have actually been altering, but that does not imply they are wrong. It just implies it is time to begin taking a look at things in a different way and leveraging other techniques of creating traffic. The local marketing vault is the ideal place to begin!More info here https://whackahost.com/review-local-marketing-vault/
Posted by at 2 comments:
Labels:

Saturday, March 3, 2018

Friday Squid Blogging: Searching for Humboldt Squid with Electronic Bait

Video and short commentary.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.



from Friday Squid Blogging: Searching for Humboldt Squid with Electronic Bait
Posted by at 1 comment:
Labels:

Malware from Space

Since you don't have enough to worry about, here's a paper postulating that space aliens could send us malware capable of destroying humanity.

Abstract: A complex message from space may require the use of computers to display, analyze and understand. Such a message cannot be decontaminated with certainty, and technical risks remain which can pose an existential threat. Complex messages would need to be destroyed in the risk averse case.

I think we're more likely to be enslaved by malicious AIs.



from Malware from Space
Posted by at No comments:
Labels:

Friday, March 2, 2018

Explained: SQL injection

SQL injection is one of the most common attacks against businesses, with a high rate of success. So what can you do to prevent them?

Categories:

Tags:

(Read more...)

The post Explained: SQL injection appeared first on Malwarebytes Labs.

The post Explained: SQL injection appeared first on Security Boulevard.



from Explained: SQL injection
Posted by at No comments:
Labels:

More people dying in a fire: petroleum-based skin products to blame

An investigation has started to reveal that the practice of putting a distillate of petroleum (parrafin) on your body can lead to a very painful fiery death. Firefighter Chris Bell, who is a watch commander with West Yorkshire Fire and Rescue Service, says the actual number of deaths linked to the creams is likely to […]

The post More people dying in a fire: petroleum-based skin products to blame appeared first on Security Boulevard.



from More people dying in a fire: petroleum-based skin products to blame
Posted by at No comments:
Labels:

Security Boulevard’s 5 Most-Read Stories for the Week, Feb. 26-Mar. 2

Another week has gone by with our fair share of security stories. This week Flight Simulator Passwords, IoT Security, and PCI Compliance and GDPR dominated the headlines, as well as the Recent Flash Zero-Day attacks. Missed out on any of the news this week? Here are the five most-read stories on Security Boulevard to help..

The post Security Boulevard’s 5 Most-Read Stories for the Week, Feb. 26-Mar. 2 appeared first on Security Boulevard.



from Security Boulevard’s 5 Most-Read Stories for the Week, Feb. 26-Mar. 2
Posted by at No comments:
Labels:

PhishLabs Launches Future of Cybersecurity Scholarship Program

phishlabs scholarship

Today, PhishLabs is proud to announce the launch of our new annual scholarship program that is focused on furthering professionals interested in the growing world of cybersecurity. Dubbed the Future of Cybersecurity Scholarship Program, we will be able to help fuel student’s growth into one of the most in-demand industries.

The post PhishLabs Launches Future of Cybersecurity Scholarship Program appeared first on Security Boulevard.



from PhishLabs Launches Future of Cybersecurity Scholarship Program
Posted by at No comments:
Labels:

Phishing Phish, Unicode Style

Graham Cluley, writing at his eponymous blog, educates us in protecting the browser from Unicode Phishing Attacks. Today's MustRead.

Permalink

The post Phishing Phish, Unicode Style appeared first on Security Boulevard.



from Phishing Phish, Unicode Style
Posted by at No comments:
Labels:

Is Google IdP a Directory Service?

Google has a long history of taking up arms against Microsoft with services like Gmail and G Suite. So, it makes sense that IT admins are wondering if Google’s next...

The post Is Google IdP a Directory Service? appeared first on JumpCloud.

The post Is Google IdP a Directory Service? appeared first on Security Boulevard.



from Is Google IdP a Directory Service?
Posted by at No comments:
Labels:

Global Cost of Cybercrime on the Rise

Introduction Cyber-criminal activities worldwide continue to increase, in many cases, organized crime rings operate worldwide, and their profits are very high. The consolidation of a model of sales...

Go on to the site to read the full article

The post Global Cost of Cybercrime on the Rise appeared first on Security Boulevard.



from Global Cost of Cybercrime on the Rise
Posted by at No comments:
Labels:

6 Tips for Securing Privileged Accounts in the Enterprise

Privileged-Access

Protecting privileged accounts and actively responding to any potential compromises has become a critical initiative for many CISOs. Stolen credentials are at the heart of most all modern attacks and breaches. Attackers can easily obtain credentials via phishing attacks, brute force, keyloggers, pass-the-hash techniques, or using a database of previously stolen credentials. And once an account is compromised, the attacker can see and do anything that is allowed for that user or account.

The post 6 Tips for Securing Privileged Accounts in the Enterprise appeared first on Security Boulevard.



from 6 Tips for Securing Privileged Accounts in the Enterprise
Posted by at No comments:
Labels:

Top 6 iPhone Hacking Tools for Mobile Penetration Testers

As your career in cybersecurity or computer forensics progresses, you will no doubt come across one of Apple’s most popular devices ever made: the Apple iPhone. In this article, we outline the use...

Go on to the site to read the full article

The post Top 6 iPhone Hacking Tools for Mobile Penetration Testers appeared first on Security Boulevard.



from Top 6 iPhone Hacking Tools for Mobile Penetration Testers
Posted by at No comments:
Labels:

Another Ransomware Variant Strikes Colorado DOT Days after Initial Attack

Colorado’s Department of Transportation (CDOT) has suffered an infection from another variant of the same ransomware family that attacked it just days earlier. On 1 March, a variant of SamSam ransomware targeted employees at CDOT. The attack didn’t hamper the Department’s Traffic Operations Center, the Colorado Governor’s Office of Information Technology (OIT) told KUSA-TV. But […]… Read More

The post Another Ransomware Variant Strikes Colorado DOT Days after Initial Attack appeared first on The State of Security.

The post Another Ransomware Variant Strikes Colorado DOT Days after Initial Attack appeared first on Security Boulevard.



from Another Ransomware Variant Strikes Colorado DOT Days after Initial Attack
Posted by at No comments:
Labels:

Thursday, March 1, 2018

Russians Hacked the Olympics

Two weeks ago, I blogged about the myriad of hacking threats against the Olympics. Last week, the Washington Post reported that Russia hacked the Olympics network and tried to cast the blame on North Korea.

Of course, the evidence is classified, so there's no way to verify this claim. And while the article speculates that the hacks were a retaliation for Russia being banned due to doping, that doesn't ring true to me. If they tried to blame North Korea, it's more likely that they're trying to disrupt something between North Korea, South Korea, and the US. But I don't know.



from Russians Hacked the Olympics
Posted by at No comments:
Labels:

1 in 50 publicly readable Amazon buckets are also writable – and that’s a data disaster waiting to happen

1 in 50 publicly readable Amazon buckets are also writable – and that’s a data disaster waiting to happen

Now is not the time to dilly-dally. If you haven’t already properly secured the Amazon Web Services S3 servers (known as “buckets”) storing your sensitive data in the cloud then your business has no time to lose.

The post 1 in 50 publicly readable Amazon buckets are also writable – and that’s a data disaster waiting to happen appeared first on Security Boulevard.



from 1 in 50 publicly readable Amazon buckets are also writable – and that’s a data disaster waiting to happen
Posted by at No comments:
Labels:

Tripwire Patch Priority Index for February 2018

Tripwire’s February 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft, Adobe, and Oracle. BULLETIN CVE Adobe Flash APSB18-03 CVE-2018-4878, CVE-2018-4877 Microsoft Browser CVE-2018-0763, CVE-2018-0839, CVE-2018-0771 Microsoft Scripting Engine CVE-2018-0840, CVE-2018-0860, CVE-2018-0861, CVE-2018-0866, CVE-2018-0838, CVE-2018-0859, CVE-2018-0857, CVE-2018-0856, CVE-2018-0835, CVE-2018-0834, CVE-2018-0837, CVE-2018-0836 Microsoft Office CVE-2018-0853, CVE-2018-0851 Microsoft Outlook CVE-2018-0850, CVE-2018-0852 Microsoft SharePoint CVE-2018-0864, […]… Read More

The post Tripwire Patch Priority Index for February 2018 appeared first on The State of Security.

The post Tripwire Patch Priority Index for February 2018 appeared first on Security Boulevard.



from Tripwire Patch Priority Index for February 2018
Posted by at No comments:
Labels:

Facebook’s Ad Confirmation Process Won’t Stop the Russians

Without a doubt, if you are on the advertising services side of the Facebook house you’ve been sitting in a kitchen with the oven on broil and all four burners on high—the kitchen is hot. The social network is being viewed by many as culpable in allowing the Russian intelligence services to use their advertising..

The post Facebook’s Ad Confirmation Process Won’t Stop the Russians appeared first on Security Boulevard.



from Facebook’s Ad Confirmation Process Won’t Stop the Russians
Posted by at No comments:
Labels:

AskRob: Does Tor let government peek at vuln info?

On Twitter, somebody asked this question:

@ErrataRob comments?

— E. Harding🇸🇾, друг народа (anti-Russia=block) (@Enopoletus) March 1, 2018

The question is about this blog post that claims Tor privately tips off the government about vulnerabilities. using as proof a "vulnerability" from October 2007 that wasn't made public until 2011.
The tl;dr is that it's bunk. There was no vulnerability, it was a feature request. The details were already public. There was no spy agency involved, but the agency that does Voice of America, and which tries to protect activists under foreign repressive regimes.

Discussion

The issue is that Tor traffic looks like Tor traffic, making it easy to block/censor, or worse, identify users. Over the years, Tor has added features to make it look more and more like normal traffic, like the encrypted traffic used by Facebook, Google, and Apple. Tors improves this bit-by-bit over time, but short of actually piggybacking on website traffic, it will always leave some telltale signature.
An example showing how we can distinguish Tor traffic is the packet below, from the latest version of the Tor server:
Had this been Google or Facebook, the names would be something like "www.google.com" or "facebook.com". Or, had this been a normal "self-signed" certificate, the names would still be recognizable. But Tor creates randomized names, with letters and numbers, making it distinctive. It's hard to automate detection of this, because it's only probably Tor (other self-signed certificates look like this, too), which means you'll have occasional "false-positives". But still, if you compare this to the pattern of traffic, you can reliably detect that Tor is happening on your network.
This has always been a known issue, since the earliest days. Google the search term "detect tor traffic", and set your advanced search dates to before 2007, and you'll see lots of discussion about this, such as this post for writing intrusion-detection signatures for Tor.
Among the things you'll find is this presentation from 2006 where its creator (Roger Dingledine) talks about how Tor can be identified on the network with its unique network fingerprint. For a "vulnerability" they supposedly kept private until 2011, they were awfully darn public about it.
The above blogpost claims Tor kept this vulnerability secret until 2011 by citing this message. It's because Levine doesn't understand the terminology and is just blindly searching for an exact match for "TLS normalization". Here's an earlier proposed change for the long term goal of to "make our connection handshake look closer to a regular HTTPS [TLS] connection", from February 2007. Here is another proposal from October 2007 on changing TLS certificates, from days after the email discussion (after the shipped the feature, presumably).
What we see here is here is a known problem from the very beginning of the project, a long term effort to fix that problem, and a slow dribble of features added over time to preserve backwards compatibility.
Now let's talk about the original train of emails cited in the blogpost. It's hard to see the full context here, but it sounds like BBG made a feature request to make Tor look even more like normal TLS, which is hinted with the phrase "make our funders happy". Of course the people giving Tor money are going to ask for improvements, and of course Tor would in turn discuss those improvements with the donor before implementing them. It's common in project management: somebody sends you a feature request, you then send the proposal back to them to verify what you are building is what they asked for.
As for the subsequent salacious paragraph about "secrecy", that too is normal. When improving a problem, you don't want to talk about the details until after you have a fix. But note that this is largely more for PR than anything else. The details on how to detect Tor are readily available to anybody who looks for them -- they just aren't readily accessible to the layman. For example, Tenable Networks announced the previous month exactly this ability to detect Tor's traffic, because any techy wanting to would've found the secrets how to. Indeed, Teneble's announcement may have been the impetus for BBG's request to Tor: "can you fix it so that this new Tenable feature no longer works".
To be clear, here, there are zero secret "vulnerability details" here that some secret spy agency could use to detect Tor. They were already known, and in the Teneble product, and within the grasp of any techy who wanted to discover them. A spy agency could just buy Teneble, or copy it, instead of going through this intricate conspiracy.

Conclusion

The issue isn't a "vulnerability". Tor traffic is recognizable on the network, and over time, they make it less and less recognizable. Eventually they'll just piggyback on true HTTPS and convince CloudFlare to host ingress nodes, or something, making it completely undetectable. In the meanwhile, it leaves behind fingerprints, as I showed above.
What we see in the email exchanges is the normal interaction of a donor asking for a feature, not a private "tip off". It's likely the donor is the one who tipped off Tor, pointing out Tenable's product to detect Tor.
Whatever secrets Tor could have tipped off to the "secret spy agency" were no more than what Tenable was already doing in a shipping product.

The post AskRob: Does Tor let government peek at vuln info? appeared first on Security Boulevard.



from AskRob: Does Tor let government peek at vuln info?
Posted by at No comments:
Labels:

Data Integrity: The Next Big Challenge

Many of us in the cybersecurity world have followed this general mantra: protect the data, protect the data, protect the data. It’s a good mantra to follow, and ultimately that is what we are all trying to do. But there are different ways to protect data. The obvious method is to make sure it doesn’t […]… Read More

The post Data Integrity: The Next Big Challenge appeared first on The State of Security.

The post Data Integrity: The Next Big Challenge appeared first on Security Boulevard.



from Data Integrity: The Next Big Challenge
Posted by at No comments:
Labels:

Why Cyber Security is the New Health and Safety

Many people view the Health and Safety at Work Act 1974 as unnecessary and burdensome, but its introduction has had a dramatic impact on reducing accidents in the workplace, particularly within industrial settings. Today, it controls the safety of equipment used on process plants, the time professional drivers may spend behind the wheel, and even […]… Read More

The post Why Cyber Security is the New Health and Safety appeared first on The State of Security.

The post Why Cyber Security is the New Health and Safety appeared first on Security Boulevard.



from Why Cyber Security is the New Health and Safety
Posted by at No comments:
Labels:

Book highlights: “Hit refresh” by Satya Nadella

Very telegraphically, these are my impressions after reading "Hit Refresh": 

- Impressive human being. He tells you how his personal experiences have shaped him, not only personally but also professionally.

Some of the ideas worth exploring that appear in the book are the following:

- Leadership is definitely an art.
- Empathy and compassion are skills leaders should have.
- We need to work comfortably with change and impermanence.
- "To be a leader here, oyur job is to find rose petals in a field of shit".
- The leader needs to link every employee's passion with the raison d'etre of the company.
- A sustainable ecosystem is required for a company to survive.
- Provide the environment for employees to find their personal balance.
- Other important topics: The link of technology, freedom and customers.
- The responsibility of a technology company with the world and the human beings.
- Most importantly, he also makes mistakes and learn from them.
- He is aware of the need to equally treat women and men in technology companies.

Learning every day

The post Book highlights: “Hit refresh” by Satya Nadella appeared first on Security Boulevard.



from Book highlights: “Hit refresh” by Satya Nadella
Posted by at No comments:
Labels:

Computer Forensics: Online Gaming and VR Forensics

Introduction With the expansion of technology, such as virtual reality simulators, it’s only natural that with progress comes setbacks, especially when it comes to security breaches. With the VR...

Go on to the site to read the full article

The post Computer Forensics: Online Gaming and VR Forensics appeared first on Security Boulevard.



from Computer Forensics: Online Gaming and VR Forensics
Posted by at No comments:
Labels:

Computer Forensics: ICS/SCADA Forensics

Overview Control system security is the practice of using security methods to prevent intentional or unintentional interference with the operation of industrial automation and control systems. These...

Go on to the site to read the full article

The post Computer Forensics: ICS/SCADA Forensics appeared first on Security Boulevard.



from Computer Forensics: ICS/SCADA Forensics
Posted by at 1 comment:
Labels:

Computer Forensics: Big Data Forensics

What is Big Data? In the computing world, there’s data—and then there’s big data. Described as a collection of information from traditional and digital sources of all kinds, big data is the pool of...

Go on to the site to read the full article

The post Computer Forensics: Big Data Forensics appeared first on Security Boulevard.



from Computer Forensics: Big Data Forensics
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)