Category: Cybersecurity

Cybersecurity, Governance, Risk, and ComplianceLeave a comment

Increasing Attacks Against Grid Systems

SysRisk

This article over in the Dark Reading brings up an issue that power companies apparently have been denying for a long time. However, for those of you who get the weekly SANS newsletter may have seen the sideline from Alan Paller: “The data that will be discussed at the SCADA Security Summit (http://www.sans.org/scada-security-summit-2010/) will make it much harder for EEI to claim it isn’t happening.” The power companies spokespersons seem to be in complete denial, but reports are showing over 120 attacks have been carried out against such systems. Continue reading Increasing Attacks Against Grid Systems

Cybersecurity, Governance, Risk, and ComplianceLeave a comment

Saltzer and Schroeder

SysRisk

This is a great article about Saltzer & Schroeder, two 1970′s computer security researchers that published this paper. The principles in this paper are the most cited in computer security and many apply to secure coding. While many have heard of Saltzer and Schroeder or their basic computer security principles, few actually take the time to read their work. Enjoy! Continue reading Saltzer and Schroeder

Cybersecurity, hacking, SocialLeave a comment

Twitter Phishing Rampant – Today’s Flavor

SysRisk

The Twitter buzz (<- that’s funny) this morning were a bunch of postings about a phishing direct mail that would include a link which included a link to bzpharma.net (don’t click here if my blog software automatically links!!). When the end-user goes to the site, malicious software is executed that retrieves the user’s Twitter password, then spam direct messages all of their followers. Nasty and too bad. I have grown to like Twitter and other similar services as yet another networking medium. After seeing several hundred tweets (I’m up to 700-plus followers on @sysrisk), lo and behold, I received one … Continue reading Twitter Phishing Rampant – Today’s Flavor

Cybersecurity, Governance, Risk, and Compliance, Social, SocietyLeave a comment

This is big news on a cyberattack…. 75,000 Systems Breached!

SysRisk

This is big news on a cyberattack…. 75,000 Systems Breached! This Washington Post article just released details one of the biggest cyber attacks in history that has been recently revealed. The attack started in late 2008, but was just discovered last month. Again, highlighting the sophistication of hacker groups, demonstrating that they are gaining power equivalent or greater than nation states ability to protect themselves from such attacks.Read more at the link above. Continue reading This is big news on a cyberattack…. 75,000 Systems Breached!

Cybersecurity, Social, SocietyLeave a comment

Facebook, Social Networking, and Spammers

SysRisk

TechCrunch has an interesting article that claims Facebook drives 44% of social networking. This is very interesting to me in the sense that a lot has recently been chronicled about how hackers and spammers are targeting social networks more, for a couple of reasons – recent new computer users are introduced to social networks as a method of keeping interest in computing. Some even purchase computers just to social network and keep up with peer conversations. Those newer users are prime targets. Another reason is that all the user profiles are there for exploitation without a phisher, hacker, or spammer … Continue reading Facebook, Social Networking, and Spammers

Cybersecurity, SocialLeave a comment

Fight Spam With This Email Signature Image Generator

SysRisk

This is another small step toward fighting spam; especially for users that take advantage of web mail services. Go to the link above and create an image of your email and use this in your signature instead of text. Also, if your provider is not available, click on this link and select the colors that best match your web site. Enjoy! Continue reading Fight Spam With This Email Signature Image Generator

Electronics, hackingLeave a comment

Old Ham Radio Movie – A video documentary gives a glimpse of history in ham radio.

SysRisk

This movie appeared on the MAKE page a couple weeks ago and I finally got around to watching all the way through. It’s a good watch and intriguing to see how tinkering is as old as humankind!! Check it out some time. 73 JG1FSZ/NH2GX Continue reading Old Ham Radio Movie – A video documentary gives a glimpse of history in ham radio.

Electronics, hackingLeave a comment

Tinkering In The Shack – Looking at Allstar Link

SysRisk

I spent a couple of hours today researching/working on an APRS setup. Came very close but no cigar… need to make a quick trip into Akihabara tomorrow to pickup some connector components and solder them together. THEN, I will finally have an APRS (packet radio) node going with GPS output. The cool thing about this technology, however, is that it’s not just GPS information, it’s not just weather information, but it can relay just about any information as long as it fits in the designated payload. Started thinking about hooking up an APRS-enabled transmitter with weather to a high-powered sub-orbit … Continue reading Tinkering In The Shack – Looking at Allstar Link

Cybersecurity, Governance, Risk, and ComplianceLeave a comment

GMail/Picasa Identity Leakage

SysRisk

Be careful when using Picasa and other Google applications with default nickname and web address settings, since the number that Google assigns to your ID in those cases is easily decipherable. The number is just a replacement for your ID and is consistent, not random. This is not a new issue, and rather old, but I still see a lot of Picasa links that have those numbers in them. Without changing the defaults, an attacker can replace the URL in a page with javascript:alert(_user.name) to obtain the relevant ID. Read more in this Lifehacker article. Continue reading GMail/Picasa Identity Leakage