CyberheistNews Vol 2, #5
Editor's Corner
[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"]
[/caption]The Security Earthquake That Nobody Felt
Wow, this is actually major security news. I found this on the blog from
Coretrace, and they said: "This week, McAfee, one of the two dominant
forces in reactive, blacklist-based endpoint security, actively and
unequivocally endorsed Application Whitelisting. Ironically, in hard
coverage of Symantec’s recent problems with pcAnywhere, the industry is
actively recommending application whitelisting too." Here is the link:
http://www.coretraceblogs.com/2012-01/security-earthquake-that-nobody-felt-mcafee-endorses-application-whitelisting/
So, what is the big news? It turns security on its head. Instead of
keeping bad code out, with application whitelisting (also known as
Application Control) you only allow known-good code to run. That's
really a 180, and very, very interesting from a system admin perspective.
I have done some research in this area and have written a whitepaper
about whitelisting, and why as a system admin you should look into
this for the near future. This is a new security layer for your
'defense-in-depth'. You will hear more from me about whitelisting this year:
http://www.knowbe4.com/resources/the-endpoint-security-advantages-of-whitelisting-a-whitepaper-for-system-administrators/
Run pcAnywhere? TURN IT OFF
You may not have seen this, but Symantec has advised all its users of
pcAnywhere to literally turn it off, and wait for security patches. It's
old code and it was stolen in 2006 and was not updated much. There are
several vulnerabilities in encoding and encryption. Here is their white
paper with the recommendations:
http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf
Now, think for a moment about the fact that this code was stolen for
five years. All that time, organizations using it have been a potential
hacking victim. Why was this disclosed only now? This is not good, I see
class action lawsuits on the horizon.
Quotes of the Week
"To talk well and eloquently is a very great art, but that an equally great
one is to know the right moment to stop." - Wolfgang Amadeus Mozart
"True law is right reason in agreement with nature; it is of universal
application, unchanging and everlasting; it summons to duty by its
commands, and averts from wrongdoing by its prohibitions." - Marcus Tullius Cicero, The Republic
Please tell your friends about CyberheistNews! They can subscribe here:
http://www.knowbe4.com/about-us/cyberheist-news/
"We Discovered A Serious Human Vulnerability"
"I'm a system administrator and we regularly get user's workstations
infected with malware. Then Microsoft reported that 45% of the infections
are caused by the users being 'social engineered', so we decided to test it
out for ourselves."
"First we did the Email Exposure Check. Out of our 197 users, 87 email
addresses were found on the Internet. Then we did the Phishing Security
Test, and sent these 87 a relatively simple simulated phishing attack,
that could have been sent by any bad guy."
"We were shocked to see that our spam filters and antivirus did not
catch the phishing email, and that 24 of these 87 clicked on the link.
We discovered a serious human vulnerability." -- P.H. System Admin
Find out for yourself how big this human security hole is in your
organization. Fill out this form, you will get the results for free:
http://www.knowbe4.com/eec/
Your Video Conferencing Gear May Be Spying On You
Computerworld reported that tens of thousands of video conferencing setups,
including some in corporate meeting rooms where the most confidential
information is discussed, are vulnerable to spying attacks, researchers
said this week.
After spending months rooting around top-end video conferencing hardware
and software, and taking tours through meeting rooms himself, HD Moore
said the danger was a "perfect storm" brought on by lazy habits and
sloppy security settings.
On the Internet as a whole, Moore estimated that more than 150,000 video
conferencing setups were vulnerable to eavesdropping using the hardware's
microphone and spying via the remote-controlled camera. Better turn off
that auto-answer feature quickly. Story at:
make_espionage_easy_say_researchers?">http://www.computerworld.com/s/article/9223743/Video_conferencing_mistakes_
make_espionage_easy_say_researchers?
What Cybercriminals Do With Your Personal Data
Meridith Levinson at CIO Magazine interviewed me about cybercrime and
the ramifications of the Zappos 24 million record heist. Interesting
read, but see if you can spot the math error though!
http://www.cio.com/article/2400064/security0/are-you-at-risk--what-cybercriminals-do-with-your-personal-data.html
Hot Security Upstarts
Offering new email security technology and services to help clean up
after a breach, these new companies are leading a wave of hot security
startups. We've highlighted some young ones that we think could have
an impact on how businesses protect against and react to attacks.
Here's a quick look at what some of them do. Slideshow at NetworkWorld:
http://www.networkworld.com/slideshow/28461?
New Drive-By Spam Infects Those Who Open Email -- No Attachment Needed
Tim Wilson at Dark Reading reported that "Attackers have developed a new
way to infect your PC through email without forcing you to click on
an attachment. According to researchers at eleven, a German security firm,
the new drive-by spam automatically downloads malware when an email is
opened in the email client. The user doesn't have to click on a link or
open an attachment just opening the email is enough.
"The new generation of email-borne malware consists of HTML e-mails which
contain a JavaScript which automatically downloads malware when the email
is opened," eleven says in a news release."This is similar to so-called
drive-by downloads, which infect a PC by opening an infected website in
the browser."
The current wave of drive-by spam contains the subject "Banking security
update" and has a sender address with the domain fdic.com. If the email
client allows HTML emails to be displayed, the HTML code is immediately
activated. More at:
http://www.darkreading.com/security/attacks-breaches/232500660/new-drive-by-spam-infects-those-who-open-email-no-attachment-needed.html
Cyberheist 'FAVE' LINKS:
* This Week's Links We Like. Tips, Hints And Fun Stuff.
SUPER FAVE: Why taking an ax to your friend's car is a bad idea.
This is the Safe For Work Version, (other versions float around too):
http://www.youtube.com/watch?v=c6vfICQaRE8
This is how it really looks like: Helmet-cam pilot view of Rob Holland
flying synchronized to the music of "Pirates of the Caribbean" at the
"Daytona Wings & Waves Airshow":
http://www.flixxy.com/extreme-aerobatics-with-a-helmet-cam.htm
Secret agents can create a Wi-Fi network and hide important files with these
cufflinks. The Wi-Fi cufflink essentially acts like a miniature router:
http://www.gizmag.com/wi-fi-usb-cufflinks/21232/
Learn to ski on a giant treadmill. This is pretty cool:
http://www.flixxy.com/learn-to-ski-on-a-giant-treadmill.htm
In 1963, Jim Henson created this odd informational film for Bell System
(AT&T;), introducing this new thing called 'data communication':
http://www.flixxy.com/jim-hensons-data-communication-robot-1963.htm
A small bird lands on Josh's guitar at the “Doyle Lawson Bluegrass Festival”
while he's singing. Watch his reaction as he keeps his cool and finishes
the song:
http://www.flixxy.com/bird-flies-onstage-to-join-the-band.htm
Looking for the Bible for Windows System administration? This is the one.
It's from 2007 so needs an update, but most of the concepts are timeless:
http://www.amazon.com/Practice-System-Network-Administration-Second/dp/0321492668
How to Watch for Identity Theft Using Google Alerts:
http://www.wikihow.com/Watch-for-Identity-Theft-Using-Google-Alerts
From the 'Weird Indian Film' department: This sequence for the song
"Kilimanjaro" was filmed at Machu Picchu in Peru, making it the first
Indian film to be shot at the protected Peru World heritage site:
http://www.flixxy.com/indian-movie-endhiran-kilimanjaro-machu-picchu.htm
And now even weirder: Megan Fox and Mike Tyson in an ad for a Brazilian
language school, illustrating the importance of being able to communicate
in a foreign language:
http://www.flixxy.com/megan-fox-mike-tyson-language-school.htm
Driving in winter can have its problems. Ad for GPS vendor Tom Tom:
http://www.flixxy.com/driving-in-winter.htm
At a synagogue in Presov, Slovakia a violinist was performing a beautiful
classic piece when a very familiar Nokia cell phone tune started to ring.
Instead of getting upset, he just played along. Wait till the end:
http://www.flixxy.com/violinist-copies-cell-phone-that-rings-during-concert.htm
