Tuesday, May 28, 2013
Ten Tips for Android Security
Monday, May 27, 2013
Best Practices for Online Banking
- Passwords Matter. I understand the concerns consumers have over a multitude of passwords and the desire to use just one password for everything, but this makes it easier for the bad guys to get to your money. If they compromise your email password, for example, they now are one step closer to accessing your banking information if your passwords are the same. Your banking password should always be unique, should be complex (letters, numbers, and at least one special character) and you should change that password one a somewhat regular basis (90 days is preferred, but at least once a year). Note, if you are concerned about remembering multiple passwords in general there are several good password storage programs out there that are easy to use and highly mobile. KeePass is my personal favorite.
- Know Your Network. WiFi availability has become ubiquitous in our society; secure WiFi has not. Bad actors routinely place themselves on open networks in an attempt to capture your data; worse, many bad actors set up "free" networks with names similar to those you might be used to/searching for in an attempt to deceive you into granting them access to your system. As a general rule, do your online banking at home on your own (secure! :) ) network. If you find yourself on the road regularly or simply desire more mobility when you bank, invest in a MiFi device and the appropriate service (one which allows your to password protect the MiFi network) from your chosen carrier.
- Talk To Your Bank. Online banking is not just a convenience for you; it's a convenience for the banks as well. If a financial institution can drive more transactions and interactions to a self-services platform such as their online presence, the less overhead they need to carry in the form of branches and tellers. In exchange for this convenience, you should feel comfortable in asking some questions of your bank regarding their online banking security. Simple questions such as where they host their online presence; how they protect the online transaction data; how often they patch their systems and/or update their applications; and what they do to test their online applications, mobile apps, and their online presence overall are not unreasonable questions and should result in informed answered from your financial institution. If they don't consider finding another institution. As an example: my institution hosts its application internally; placed its online presence in beta for over a year to ensure the security is rock solid; tests its online presences quarterly for security; patches immediately for high-risk security patches; and tests its code annually as well as whenever updates are made for security issues and holes.
Sunday, May 19, 2013
Harry Potter Spell Unlocks Backdoor on Mac Chips
The Mac on your desk or on the cafe table next to you has a chip with secret functions that can be unlocked only by inputting a spell from the Harry Potter series. That fun fact was presented Wednesday at theNoSuchCon security conferenceby veteran reverse engineer Alex Ionescu.
"The attacks discussed in my presentation are attacks that likely only a nation-state adversary would have the sufficient technical knowledge to implement, and they require precise knowledge of the machine that is being targeted," Ionescu, who is chief architect at security firm CrowdStrike, wrote in an e-mail to Ars. "They are perfect, for example, at a border crossing where a rogue country may need to 'take a quick look at your laptop' to 'help prevent terrorism.' I don't suspect most Mac users would be at a high-profile enough level to warrant such level of interest from another state."
You can read the entire article and see copies of the slideshere. Enjoy!
Google Glass Alarms Lawmakers
Sunday, May 12, 2013
Pentagon Report Accuses China of Cyber Espionage
Arrests Made in $45 million ATM Breach
Comitatus
Friday, May 10, 2013
Spotlight on Big Data
This month's CSO Magazine contains a feature story on big data in which I am quoted. Nothing earth shattering in the article, but it's a good primer for organizations beginning to grapple with the pros and cons of big data analytics technologies. You can find a copy of the article here. Enjoy!
Monday, May 6, 2013
A Last Look Back at the Boston Tragedy
- We have technologies that will take imagery of certain areas and people, but you need to tell us where to point this technology. If you give me 24 hours notice, I'll task the resources where you want me to, but it'll take an additional 48 hours after that to analyze the data and render you a report.
- We also have technologies that'll allow you to intercept technical data of multiple types. We can suck up this data en masse, but we need you to tell us who to focus on and look for. Again, it'll take us 48 hours to cull through any data we've collected to find the specific targets you give us and render a report.
- ASU has three large campuses that are geographically disperse. This doesn't include its online presence and its satellite presence. We don't know which of these campuses/presences is relevant to your investigation...or even if it's only ONE campus versus multiple ones.
- You're in your late 40's (as am I), so you aren't exactly in the same age demographic as a goodly portion of the student population. This'll limit your infiltration options as well as your interactions with the student population (nothing like a large almost-50-year-old black man hanging out in the student union to shut down conversation amongst the co-eds :) ).
Reporting Season is Here
- The retail industry made up the highest percentage of their investigations at 45%
- Mobile malware has increased 400%
- The average time from initial breach to detection was 210 days, more than 35 days longer than 2011. Most victim organizations (64%) took over 90 days to detect the intrusion.
- "Password1" is still the most common password used by global businesses.
- 75% or breaches were untargeted and opportunistic.
- 78% of attacks used tactics which were rated as lowor very low on the VERIS difficulty scale
- 75% of attacks were driven by financial motives
- 19% of attacks were perpetrated by state affiliated actors for the purposes of espionage.
- Enforced heightened password complexity
- Patched vigorously and rapidly (to include addressing aggregate risk via patching low-level vulnerabilities with regularity)
- Cleaned up roles and access to systems, ensuring a least privilege model; and
- Managed(and monitored) super user accounts and privileges aggressively throughout the environment.