-
Merle Brubaker commented on the post, Progress Report for Week Ending, February 23, on the site 9 years, 11 months ago
Accuvant has just published a white paper titled “Six Forces of Security Strategy”, authored by several of their CISOs.
Although somewhat general in nature, it does give a good outline of the current forces which impact cyber security practice, and therefore a good framework for formulating a cyber security policy.
The six forces are:
1)…[Read more] -
Merle Brubaker commented on the post, Progress Report for Week Ending, February 16, on the site 9 years, 11 months ago
WireLurker – new malware affecting Apple’s iOS devices
http://www.bbc.com/news/technology-29928751
This new malware is in third-party apps which are downloaded to the Mac. From there it waits until a device running iOS is connected by USB cable, and then it infects the new device. It is affecting mostly computers in China, and it is thought…[Read more]
-
Merle Brubaker commented on the post, Blogs, on the site 9 years, 11 months ago
Is your smartphone spying on you?
This news report reveals that the flashlight app on many smartphones is really a piece of malware which may be exfiltrating some of your confidential data.
-
Merle Brubaker commented on the post, Here's a place for week 9 articles, on the site 10 years ago
Exfiltrating data by using video upload
http://www.darkreading.com/attacks-breaches/in-plain-sight-how-cyber-criminals-exfiltrate-data-via-video-/a/d-id/1316725
This article explains a clever way stolen data is sent out of a system. After a system is breached, the sensitive data is encrypted, divided into packets, and each packet is wrapped in a…[Read more] -
Merle Brubaker commented on the post, Location for Week 6 Article and Reading, on the site 10 years ago
Self-protecting Java applications
http://www.darkreading.com/application-security/how-a-major-bank-hacked-its-java-security/d/d-id/1316216?
http://www.waratek.com/Waratek/media/SiteMedia/Documentation/DataSheet-Waratek-Application-Security-vs-3.pdfBy implementing a protocol of Runtime Application Self Protection (RASP), Deutsche Bank is…[Read more]
-
Merle Brubaker commented on the post, ICE 5.1 Telling a Story through Visualization, on the site 10 years ago
Regarding fake cell phone towers:
http://www.myfoxdc.com/story/26610194/tech-company-finds-mysterious-fake-cell-towers-in-dc-area
An independent company has found a large number of ‘non-network’ cell phone towers clustered in the Washington, DC area.
This raises the obvious question: Who is putting them there? Are they for the purpose of spying…[Read more] -
Merle Brubaker commented on the post, Progress Report for Week Ending, September 22, on the site 10 years, 1 month ago
Point from the reading:
Not only is it good to be proactive in monitoring attempts to infiltrate the system, but proper reports and records must be kept to so that proper use can be made of the results of the scan. Also, the focus of the scanning tool seems to be only on infiltration, not on exfiltration. This relates to the comment made about…[Read more] -
Merle Brubaker commented on the post, Progress Report for Week Ending, September 22, on the site 10 years, 1 month ago
Last week it looked like the malware which caused the Home Depot breach was a newer version of BlackPOS. That may need to be re-considered.
This article has a list of major differences which would indicate it is not a version of BlackPOS, but another family of…[Read more] -
Merle Brubaker commented on the post, Progress Report for Week Ending, September 22, on the site 10 years, 1 month ago
An interesting article from KrebsOnSecurity about the latest breach at Home Depot.
http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/There seems to be evidence that it used the same method as last year’s attack on Target, only a newer version of BlackPOS.
This version ‘disguises the malware as a component of the…[Read more] -
Merle Brubaker changed their profile picture 11 years, 1 month ago