Thursday, April 10, 2014
Enterprise Open Source Intelligence Gathering
I just returned from Infosecworld. As with RSA, threat intelligence was a big topic. The session on "Enterprise Open Source Intelligence Gathering" was eye-opening. While I was familiar with some of the techniques used by the good guys and the bad guys, it's still amazing how easy it is to gather information from the Web, much of it PII or stuff that the military might classify as SECRET or above.
This session was lead by Tom Eston, who's Manager, Profiling & Penetration for SecureState. He has a really interesting blog, Spylogic. You might want to check it out.
More on Infosecworld after I catch up.
Friday, March 28, 2014
Who knows what evil lurks in the Internet of Things?
According to a recent article in CIO, the Internet of Things is creating a scary world. And to think Cisco has started advertising it on TV.
Be frightened. Be very frightened. What you don't know can hurt you.
So, rather than curse the darkness of impending IoT doom, read Unit and Ubiquitous Internet of Things.
Written by Huansheng Ning, it
Be frightened. Be very frightened. What you don't know can hurt you.
So, rather than curse the darkness of impending IoT doom, read Unit and Ubiquitous Internet of Things.
Written by Huansheng Ning, it
- Introduces essential IoT concepts from the perspectives of mapping and interaction between the physical world and cyber world
- Outlines a fundamental architecture for future IoT, based on the IoT layered model, topological structure, various existence forms, and corresponding logical relationships
- Presents specific case studies that illustrate various application scenarios
- Establishes an IoT technology system based on the knowledge of IoT scientific problems
- Provides an overview of core technologies, including basic connotation, development status, and open challenges
Tuesday, March 25, 2014
New Zero-day Vulnerability Used in Targeted Attacks against Word
"A remote code execution vulnerability (CVE-2014-1761) in MS Word is currently being exploited in the wild. "At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010," said Microsoft, which acknowledged that the vulnerability also exists in Microsoft Word 2003, 2007, 2013, Word Viewer and Office for Mac 2011.
Dana Tamir, director of enterprise security at Trusteer, noted that the vulnerability can be exploited when Microsoft Word opens and parses specially crafted Rich Text Format (RTF) data. The exploit causes system memory corruption that enables the attacker to execute arbitrary code. An attacker who has successfully exploited this vulnerability could gain the same user rights as the current user. As a result, that attacker can infect the victim's system with malware if a user simply opens the specially crafted RTF file.
The vulnerability could also be exploited through Microsoft Outlook. This is because Microsoft Word is the default email reader in most Outlook versions. In this case, previewing the message in Microsoft Outlook is enough to successfully exploit the vulnerability and download malware on the user’s machine.
A web-based scenario can also be used if the attacker creates a webpage that contains the malicious RTF-file, or if the malicious file is provided as content to websites that accept or host user-provided content or advertisements. Attackers may use this technique for conducting drive-by downloads and watering-hole attacks that infect website visitors.
Microsoft has posted a blog that discussed possible mitigations and temporary defensive strategies that can be used while the company is working on a security update.
Papa John’s Offering a Free Pizza
Papa John’s is offering consumers a free pizza. By simply placing an order for $15 or more between today and April 7 using promo code STATS at www.papajohns.com, you can get a free pizza on your next order.
While we don't offer free books, you might want to check out these anyway:
How I Discovered World War II's Greatest Spy and Other Stories of Intelligence and Code by David Kahn; ISBN 978-1-4665-6199-1
Trade Secret Theft, Industrial Espionage, and the China Threat by Carl Roper; ISBN 9781439899380
Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud by Frank Siepmann; ISBN 9781439879092
Intrusion Detection in Wireless Ad-Hoc Networks by Nabendu Chaki and Rituparna Chaki; ISBN 978-1-4665-1565-9
The State of the Art in Intrusion Prevention and Detection by Al-Sakib Khan Pathan; ISBN 978-1-4822-0351-6
Core Software Security: Security at the Source by James Ransome and Anmol Misra; ISBN 9781466560956
While we don't offer free books, you might want to check out these anyway:
How I Discovered World War II's Greatest Spy and Other Stories of Intelligence and Code by David Kahn; ISBN 978-1-4665-6199-1
Trade Secret Theft, Industrial Espionage, and the China Threat by Carl Roper; ISBN 9781439899380
Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud by Frank Siepmann; ISBN 9781439879092
Intrusion Detection in Wireless Ad-Hoc Networks by Nabendu Chaki and Rituparna Chaki; ISBN 978-1-4665-1565-9
The State of the Art in Intrusion Prevention and Detection by Al-Sakib Khan Pathan; ISBN 978-1-4822-0351-6
Core Software Security: Security at the Source by James Ransome and Anmol Misra; ISBN 9781466560956
Monday, March 17, 2014
Critical Stuxnet-level Vulnerabilities Discovered in UK Power Plants
It was reported on Friday that three critical vulnerabilities were discovered in UK power plants.
"The security and integrity of Industrial Control Systems (ICS) should be a global concern," said TK Keanini, chief technology officer of Lancope. "The reality is that if these systems were ever vulnerable and reachable via the Internet, they are likely already compromised – simple as that. Not only should these companies patch the system but care should be taken to investigate the systems integrity. Advanced malware can sometimes install itself and fooling the patching software into thinking it has already been patched – like a Jedi mind-trick "These are not the droids you are looking for" manner.
"Infiltration of these systems is just one step of the larger picture. These industrial facilities must also make it harder for the adversary to remain hidden as they perform their operations. Raising the cost for your adversary to operate is the critical factor these days as infiltration is almost inevitable. Remember the people attacking these ICS systems are the type of people who do not want to be identified."
"These are critical vulnerabilities that allow a remote attacker to gain complete control over systems running Yokogawa CENTUM CS3000 by sending just a few packets to the vulnerable system," said Tom Cross, Lancope's director of security research. "The availability of functioning exploits in the Metasploit framework means that its easy for attackers to target these vulnerabilities. It is extremely important that operators of Yokogawa CENTUM CS3000 install the available security updates immediately.
"It's important to emphasize that the software that controls industrial plant facilities can have serious security vulnerabilities just like any other kind of software. Although we like to think that these systems aren't connected directly to the Internet, it has happened, and often, there are indirect links through back office networks that exist because of the need for the business to monitor its plant operations. Ultimately, its valuable for vulnerabilities like these to be discovered, disclosed, and patched. Identifying and fixing vulnerabilities is part of the process of making these systems more resilient to attack. Frankly, there is much more work to be done in the Industrial Control Systems area before we can have a high degree of confidence that these systems are well protected."
For more on ICS and SCADA security, see these books and articles:
Handbook of SCADA/Control Systems Security
Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS
Smart Grid Security: An End-to-End View of Security in the New Electrical Grid
Security and Privacy in Smart Grids
"SCADA Security: What Is an Industrial Control System?"
"SCADA Security"
"The security and integrity of Industrial Control Systems (ICS) should be a global concern," said TK Keanini, chief technology officer of Lancope. "The reality is that if these systems were ever vulnerable and reachable via the Internet, they are likely already compromised – simple as that. Not only should these companies patch the system but care should be taken to investigate the systems integrity. Advanced malware can sometimes install itself and fooling the patching software into thinking it has already been patched – like a Jedi mind-trick "These are not the droids you are looking for" manner.
"Infiltration of these systems is just one step of the larger picture. These industrial facilities must also make it harder for the adversary to remain hidden as they perform their operations. Raising the cost for your adversary to operate is the critical factor these days as infiltration is almost inevitable. Remember the people attacking these ICS systems are the type of people who do not want to be identified."
"These are critical vulnerabilities that allow a remote attacker to gain complete control over systems running Yokogawa CENTUM CS3000 by sending just a few packets to the vulnerable system," said Tom Cross, Lancope's director of security research. "The availability of functioning exploits in the Metasploit framework means that its easy for attackers to target these vulnerabilities. It is extremely important that operators of Yokogawa CENTUM CS3000 install the available security updates immediately.
"It's important to emphasize that the software that controls industrial plant facilities can have serious security vulnerabilities just like any other kind of software. Although we like to think that these systems aren't connected directly to the Internet, it has happened, and often, there are indirect links through back office networks that exist because of the need for the business to monitor its plant operations. Ultimately, its valuable for vulnerabilities like these to be discovered, disclosed, and patched. Identifying and fixing vulnerabilities is part of the process of making these systems more resilient to attack. Frankly, there is much more work to be done in the Industrial Control Systems area before we can have a high degree of confidence that these systems are well protected."
For more on ICS and SCADA security, see these books and articles:
Handbook of SCADA/Control Systems Security
Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS
Smart Grid Security: An End-to-End View of Security in the New Electrical Grid
Security and Privacy in Smart Grids
"SCADA Security: What Is an Industrial Control System?"
"SCADA Security"
Thursday, February 20, 2014
Shameless Promotional Plug: FREE PMP® or PgMP® Practice Exams
Take a full-length PMP® or PgMP® Practice Exam online right now.
These practice tests, developed here, let you answer questions at your own pace and save your test so you can work on it at different times. It scores your test as a percentage of questions answered correctly, as well as by domain.
PMP® Practice and Simulation Tests
PgMP® Practice and Simulation Tests
After you take the test, you can order one of these books to help you master any weak areas in your PM or PgM knowledge.
For the PMP® Exam
PMP® Exam Challenge!, Sixth Edition
PMP® Exam Practice Test and Study Guide, Ninth Edition
The PMP® Certification Exam Study Guide
For the PgMP® Exam
PgMP® Exam Challenge!
Other books to help you get ahead:
The Basics of Achieving Professional Certification: Enhancing Your Credentials
This easy-to-use guide can help you achieve professional certification make informed decisions about the many options available. It can also help avoid the pitfalls of making the wrong choice as a result of being incorrectly informed. Examining the range of professional certifications offered by associations and organizations, it explains how to select the right professional certification and outlines best practices for completing the certification process.
Determining Project Requirements, Second Edition: Mastering the BABOK® and the CBAP®
Tuesday, February 18, 2014
NSA Comedy Tour 2.0: An Evening of NSA Themed Comedy, Ethics & Tech
NSA Comedy Tour 2.0: An Evening of NSA Themed Comedy, Ethics & Tech
I almost wish I was in SF to see this. Ethics? Well, I guess ethics are situational. I'm sure the NSA believes it acts ethically, and if you don't agree, you're not a patriot (at least in its eyes).
And speaking of ethics, if you have concerns about it, here are some books and a free-to-read article:
Ethics in IT Outsourcing
Ethics and Project Management
"Introduction to Computer Ethics"
I almost wish I was in SF to see this. Ethics? Well, I guess ethics are situational. I'm sure the NSA believes it acts ethically, and if you don't agree, you're not a patriot (at least in its eyes).
And speaking of ethics, if you have concerns about it, here are some books and a free-to-read article:
Ethics in IT Outsourcing
Ethics and Project Management
"Introduction to Computer Ethics"
Subscribe to:
Posts (Atom)