January 30, 2012    /    by

DMARC Should Reduce Phishing Scams

Major technology vendors announced the formation of the Domain-based Message Authentication, Reporting and Conformance (DMARC) system today. This new email authentication framework should reduce the number of phishing scams that try to trick users into thinking emails are from someone else.

Major technology vendors announced the formation of the Domain-based Message Authentication, Reporting and Conformance (DMARC) system today. This new email authentication framework should reduce the number of phishing scams that try to trick users into thinking emails are from someone else. Participating vendors, many of which provide free email services, aim to make spoofed domains in messages a thing of the past.

Leading technology companies like Google, Microsoft, AOL and Facebook are participating in the system – which is explained and can be examined in detail at DMARC.org. Here is a quote from the new website: READ MORE

January 25, 2012    /    by

Anti-Piracy Legislation Protests Continue: FTC Cyber Awareness Site Down

The Federal Trade Commissions website at www.onguardonline.gov remained down for a second day after it had suffered a security breach.

The Federal Trade Commission’s website at www.onguardonline.gov remained down for a second day after it had suffered a security breach. According to Government Computer News (GCN.com), the group Anonymous hacked the site in protest over proposed anti-piracy laws and recent anti-piracy arrests.

Here’s a quote from GCN's story: READ MORE

January 20, 2012    /    by

DOJ Shuts Down Megaupload, Anonymous Retaliates

This is turning into a wild week for headline-grabbing cyber activity. Immediately following Internet protests of proposed new legislation to crack down on Internet piracy, the Department of Justice (DOJ) moved quickly to shut down one of the most popular websites known for illegal downloads called Magaupload.

This is turning into a wild week for headline-grabbing cyber activity. Immediately following Internet protests of proposed new legislation to crack down on Internet piracy, the Department of Justice (DOJ) moved quickly to shut down one of the most popular websites known for illegal downloads called Magaupload. READ MORE

January 17, 2012    /    by

Wikipedia Protest: Websites Plan Jan 18 Shutdown Over SOPA

On January 18, 2012, Wikipedia and a long list of other popular websites will go dark to protest the proposed Stop Online Piracy Act (SOPA).

Just when you thought you’ve seen it all online …. Along comes something else that’s new and raises plenty of serious tough questions.

On January 18, 2012, Wikipedia and a long list of other popular websites will go dark to protest the proposed Stop Online Piracy Act (SOPA). The Internet is full of stories on this topic. USA Today ran a front page story covering the fast-approaching event. Here’s an excerpt: READ MORE

January 12, 2012    /    by

Shnakule Malware Network Reshapes Views on Cyber Crime

A highly sophisticated malware network called "Shnakule" has recently been singled out as increasingly dangerous. Many security firms are rapidly reacting and even changing their views on cyber crime operations as a result of new information.

A highly sophisticated malware network called "Shnakule" has recently been singled out as increasingly dangerous. Many security firms are rapidly reacting and even changing their views on cyber crime operations as a result of new information. The Shnakule operation employs a massive network of servers to attack websites as well as compromise pages to exploit vulnerabilities and infect end user computers.

The Department of Homeland Security (DHS) Open Source Infrastructure Report, which happens to be a very good resource for cyberecurity pros to check and review daily, posted a link to this United Kingdom (UK) article on January 10. I urge readers to take time to learn more on Shnakule. Here’s an excerpt from the UK article: READ MORE

January 4, 2012    /    by

2012 Cybersecurity Trends to Watch in Government

Its that time of year when we ask: where are we heading in regards to cybersecurity in 2012? Also, where have we been?

It’s that time of year when we ask: where are we heading in regards to cybersecurity in 2012? Also, where have we been? Here’s a bit of what I’ve been reading over the past week.

There are plenty of blogs, articles and technology answers to this question. Washington Technology mentions: How you will remember 2011.  William Jackson, who I usually enjoy reading over at Government Computer News, writes about 5 cyber threats (pain points) coming in 2012 and also 3 personal resolutions that you can make to improve securityREAD MORE

December 28, 2011    /    by

Holiday Week Security Fun: From Top T-shirts to Tech Humor

But one of my children said, "Why don't you write something fun for all those people who have to work between now and New Years Eve. How about some computer jokes, funny security stories or a list of your top 5 or 10 geek/nerd or security T-shirts?"

    It’s the week after Christmas, and we finally got (a little) holiday snow in Michigan. My family went sledding this afternoon, and my son got to try out his new snowboard. I’m home with the family now on a Tuesday evening getting ready to play some board games.

   My wife Priscilla asked if I was going to write a security blog this week, and I initially said no – I’m on vacation. But one of my children said, “Why don’t you write something fun for all those people who have to work between now and New Years Eve.” READ MORE

December 18, 2011    /    by

What is the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PrECISE) Act?

A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act), the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.

A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the “Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act),” the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.

According to thehill.com, the new bill: READ MORE

December 7, 2011    /    by

Career Advice: Professionals Can Learn About Success, Humility and Endurance from Tim Tebow

Despite his weaknesses, Tebow is winning over the hearts and minds in America. We love our underdogs, because most of us have our failings and weaknesses too. Our lives are full of the critics,... We just dont see our mistakes paraded around as publically or as often as Tim Tebow.

Technology and security careers are full of ups and downs - new opportunities and unexpected challenges.

Sometimes we work hard, succeed, accomplish a series of goals, get promoted and/or receive recognition. But what happens next? Friends, close colleagues and family tell us to stay humble, but that’s easier said than done. Dealing with success can actually be a difficult challenge. As I’ve written in other blogs, security professionals often have problems in this area at some point in their careers and may need a large helping of humble pieREAD MORE

December 1, 2011    /    by

Mobile Phone Firestorm: Carrier IQ Software Causing Privacy Concerns

Privacy concerns are growing regarding the use of Carrier IQ software in many mobile phones.

 Privacy concerns are growing regarding the use of Carrier IQ software in many mobile phones. Numerous sources such as Computerworld are reporting that AT&T and Sprint use the software on handsets. Here's an excerpt:

  "Amid what's snowballing into a major privacy controversy, AT&T, Sprint, HTC and Samsung today confirmed that that their mobile phones integrate a controversial piece of tracking software from a company called Carrier IQ. READ MORE