Thursday, January 30, 2014

McAfee Labs 2014 Threats Predictions Report: Cybercriminals Will Exploit Mobile Devices, the Cloud, and PCs

This doesn't sound like news, just more of the same. New technologies that enable business—-like the cloud and mobile devices-—are also attracting the attention of cybercriminals. In 2014, hackers are expected to exploit new attack surfaces and expand and refine their stealthy attack maneuvers. Think ahead and prepare your defenses now so that you can effectively safeguard your organization in the new year.

Here's McAfee's view of what's expected in 2014:
  • The BYOD trend is fueling attacks on mobile devices that will target enterprise infrastructures.
  • Cybercrime exploits will become more difficult to detect than ever before.
  • Nearly all major social media platforms will be subject to theft of user authentication credentials for the purpose of extracting user identity data.
For a copy of the report, McAfee's site.

David Kahn recounts the desperate efforts to gather information during WWII and the Cold War

In this interview, David Kahn – universally regarded as the dean of intelligence historians – recounts the desperate efforts to gather information during World War II and the Cold War. In How I Discovered World War II's Greatest Spy and Other Stories of Intelligence and Code, Kahn provides insight into the dark realm of intelligence and code. By revealing the past, this work helps guide present and future intelligence efforts. Kahn is the author of The Codebreakers and Seizing the Enigma: The Race to Break the German U-Boats Codes, 1939-1943, which was the basis for the movie U-571.

Friday, January 17, 2014

Target Breach Notification Cautions

According to security firm Sophos, "the number of Target data breach victims is increasing with rumblings of records dating back more than a decade being impacted.

"With the high number of individuals receiving data breach notifications, it's important that you remember security best practices. Beware of clicking on links received in e-mails without first checking the link to ensure it is taking you to the desired site. Hackers frequently use this phishing technique to mislead consumers and direct traffic to malicious sites.

"If you encounter a suspect link, contact the vendor directly by typing in the company address directly in the browser.

"An examination of Target’s breach notifications may confuse some consumers and could easily be mistaken for phishing.  James Lyne, global head of security for Sophos includes examples and further detail here.

"There are bound to be many copycat hackers jumping on this trend and telling good from bad content is going to be difficult for consumers."

I don't recall buying anything from Target, ever, but yesterday received an email from with the subject: Important message from Target to our guests. Guests? Does this mean anyone who has ever hit the site, or do guests=customers? The message was signed by Target's CEO and offered one year of free credit monitoring. I didn't click through for the offer.

Wednesday, January 15, 2014

The Winners and Losers in the Landmark Net Neutrality Ruling

The Winners and Losers in the Landmark Net Neutrality Ruling
Being a content creator, and seeing aggregators such as Google and Facebook as being the primary beneficiaries of Net Neutrality, I think this ruling is great. If something is worth seeing, hearing, or reading, it's worth paying for.

Monday, January 6, 2014

Resolve to Raise Privacy Awareness in 2014

In this month's Privacy Professor Tips, Rebecca Herold  provides insightful and useful commentary of privacy issues including social media and smart appliances

Thursday, January 2, 2014

District Judge Upholds Government’s Right to Search Electronics at Border

As reported in the New York Times, among with issues against the ruling was that workers might have sensitive information on their devices. The judge said workers don't have to store that information, so it isn't an issue.

Just something else information security needs to worry about.