CyberheistNews vol 2, #5



CyberheistNews Vol 2, #5







Editor's Corner



KnowBe4


[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"]cybercrime[/caption]

The Security Earthquake That Nobody Felt



Wow, this is actually major security news. I found this on the blog from

Coretrace, and they said: "This week, McAfee, one of the two dominant

forces in reactive, blacklist-based endpoint security, actively and

unequivocally endorsed Application Whitelisting. Ironically, in hard

coverage of Symantec’s recent problems with pcAnywhere, the industry is

actively recommending application whitelisting too." Here is the link:


http://www.coretraceblogs.com/2012-01/security-earthquake-that-nobody-felt-mcafee-endorses-application-whitelisting/







So, what is the big news? It turns security on its head. Instead of

keeping bad code out, with application whitelisting (also known as

Application Control) you only allow known-good code to run. That's

really a 180, and very, very interesting from a system admin perspective.







I have done some research in this area and have written a whitepaper

about whitelisting, and why as a system admin you should look into

this for the near future. This is a new security layer for your

'defense-in-depth'. You will hear more from me about whitelisting this year:


http://www.knowbe4.com/resources/the-endpoint-security-advantages-of-whitelisting-a-whitepaper-for-system-administrators/







Run pcAnywhere? TURN IT OFF









You may not have seen this, but Symantec has advised all its users of

pcAnywhere to literally turn it off, and wait for security patches. It's

old code and it was stolen in 2006 and was not updated much. There are

several vulnerabilities in encoding and encryption. Here is their white

paper with the recommendations:


http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf



Now, think for a moment about the fact that this code was stolen for

five years. All that time, organizations using it have been a potential

hacking victim. Why was this disclosed only now? This is not good, I see

class action lawsuits on the horizon.





Quotes of the Week









"To talk well and eloquently is a very great art, but that an equally great

one is to know the right moment to stop."
- Wolfgang Amadeus Mozart







"True law is right reason in agreement with nature; it is of universal

application, unchanging and everlasting; it summons to duty by its

commands, and averts from wrongdoing by its prohibitions."
- Marcus Tullius Cicero, The Republic









Please tell your friends about CyberheistNews! They can subscribe here:


http://www.knowbe4.com/about-us/cyberheist-news/



KnowBe4






"We Discovered A Serious Human Vulnerability"







"I'm a system administrator and we regularly get user's workstations

infected with malware. Then Microsoft reported that 45% of the infections

are caused by the users being 'social engineered', so we decided to test it

out for ourselves."







"First we did the Email Exposure Check. Out of our 197 users, 87 email

addresses were found on the Internet. Then we did the Phishing Security

Test, and sent these 87 a relatively simple simulated phishing attack,

that could have been sent by any bad guy."







"We were shocked to see that our spam filters and antivirus did not

catch the phishing email, and that 24 of these 87 clicked on the link.

We discovered a serious human vulnerability." -- P.H. System Admin







Find out for yourself how big this human security hole is in your

organization. Fill out this form, you will get the results for free:


http://www.knowbe4.com/eec/





KnowBe4






Your Video Conferencing Gear May Be Spying On You







Computerworld reported that tens of thousands of video conferencing setups,

including some in corporate meeting rooms where the most confidential

information is discussed, are vulnerable to spying attacks, researchers

said this week.





After spending months rooting around top-end video conferencing hardware

and software, and taking tours through meeting rooms himself, HD Moore

said the danger was a "perfect storm" brought on by lazy habits and

sloppy security settings.





On the Internet as a whole, Moore estimated that more than 150,000 video

conferencing setups were vulnerable to eavesdropping using the hardware's

microphone and spying via the remote-controlled camera. Better turn off

that auto-answer feature quickly. Story at:




make_espionage_easy_say_researchers?">http://www.computerworld.com/s/article/9223743/Video_conferencing_mistakes_

make_espionage_easy_say_researchers?








KnowBe4






What Cybercriminals Do With Your Personal Data







Meridith Levinson at CIO Magazine interviewed me about cybercrime and

the ramifications of the Zappos 24 million record heist. Interesting

read, but see if you can spot the math error though!


http://www.cio.com/article/2400064/security0/are-you-at-risk--what-cybercriminals-do-with-your-personal-data.html





KnowBe4






Hot Security Upstarts





Offering new email security technology and services to help clean up

after a breach, these new companies are leading a wave of hot security

startups. We've highlighted some young ones that we think could have

an impact on how businesses protect against and react to attacks.

Here's a quick look at what some of them do. Slideshow at NetworkWorld:


http://www.networkworld.com/slideshow/28461?



KnowBe4





New Drive-By Spam Infects Those Who Open Email -- No Attachment Needed





Tim Wilson at Dark Reading reported that "Attackers have developed a new

way to infect your PC through email without forcing you to click on

an attachment. According to researchers at eleven, a German security firm,

the new drive-by spam automatically downloads malware when an email is

opened in the email client. The user doesn't have to click on a link or

open an attachment just opening the email is enough.





"The new generation of email-borne malware consists of HTML e-mails which

contain a JavaScript which automatically downloads malware when the email

is opened," eleven says in a news release."This is similar to so-called

drive-by downloads, which infect a PC by opening an infected website in

the browser."





The current wave of drive-by spam contains the subject "Banking security

update" and has a sender address with the domain fdic.com. If the email

client allows HTML emails to be displayed, the HTML code is immediately

activated. More at:


http://www.darkreading.com/security/attacks-breaches/232500660/new-drive-by-spam-infects-those-who-open-email-no-attachment-needed.html







Cyberheist 'FAVE' LINKS:







* This Week's Links We Like. Tips, Hints And Fun Stuff.





SUPER FAVE: Why taking an ax to your friend's car is a bad idea.

This is the Safe For Work Version, (other versions float around too):


http://www.youtube.com/watch?v=c6vfICQaRE8





This is how it really looks like: Helmet-cam pilot view of Rob Holland

flying synchronized to the music of "Pirates of the Caribbean" at the

"Daytona Wings & Waves Airshow":


http://www.flixxy.com/extreme-aerobatics-with-a-helmet-cam.htm





Secret agents can create a Wi-Fi network and hide important files with these

cufflinks. The Wi-Fi cufflink essentially acts like a miniature router:
http://www.gizmag.com/wi-fi-usb-cufflinks/21232/





Learn to ski on a giant treadmill. This is pretty cool:
http://www.flixxy.com/learn-to-ski-on-a-giant-treadmill.htm





In 1963, Jim Henson created this odd informational film for Bell System

(AT&T;), introducing this new thing called 'data communication':
http://www.flixxy.com/jim-hensons-data-communication-robot-1963.htm





A small bird lands on Josh's guitar at the “Doyle Lawson Bluegrass Festival”

while he's singing. Watch his reaction as he keeps his cool and finishes

the song:
http://www.flixxy.com/bird-flies-onstage-to-join-the-band.htm





Looking for the Bible for Windows System administration? This is the one.

It's from 2007 so needs an update, but most of the concepts are timeless:
http://www.amazon.com/Practice-System-Network-Administration-Second/dp/0321492668





How to Watch for Identity Theft Using Google Alerts:
http://www.wikihow.com/Watch-for-Identity-Theft-Using-Google-Alerts





From the 'Weird Indian Film' department: This sequence for the song

"Kilimanjaro" was filmed at Machu Picchu in Peru, making it the first

Indian film to be shot at the protected Peru World heritage site:


http://www.flixxy.com/indian-movie-endhiran-kilimanjaro-machu-picchu.htm





And now even weirder: Megan Fox and Mike Tyson in an ad for a Brazilian

language school, illustrating the importance of being able to communicate

in a foreign language:
http://www.flixxy.com/megan-fox-mike-tyson-language-school.htm





Driving in winter can have its problems. Ad for GPS vendor Tom Tom:


http://www.flixxy.com/driving-in-winter.htm





At a synagogue in Presov, Slovakia a violinist was performing a beautiful

classic piece when a very familiar Nokia cell phone tune started to ring.

Instead of getting upset, he just played along. Wait till the end:


http://www.flixxy.com/violinist-copies-cell-phone-that-rings-during-concert.htm




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews