January 12, 2012    /    by

Shnakule Malware Network Reshapes Views on Cyber Crime

A highly sophisticated malware network called "Shnakule" has recently been singled out as increasingly dangerous. Many security firms are rapidly reacting and even changing their views on cyber crime operations as a result of new information.

A highly sophisticated malware network called "Shnakule" has recently been singled out as increasingly dangerous. Many security firms are rapidly reacting and even changing their views on cyber crime operations as a result of new information. The Shnakule operation employs a massive network of servers to attack websites as well as compromise pages to exploit vulnerabilities and infect end user computers.

The Department of Homeland Security (DHS) Open Source Infrastructure Report, which happens to be a very good resource for cyberecurity pros to check and review daily, posted a link to this United Kingdom (UK) article on January 10. I urge readers to take time to learn more on Shnakule. Here’s an excerpt from the UK article: READ MORE

January 4, 2012    /    by

2012 Cybersecurity Trends to Watch in Government

Its that time of year when we ask: where are we heading in regards to cybersecurity in 2012? Also, where have we been?

It’s that time of year when we ask: where are we heading in regards to cybersecurity in 2012? Also, where have we been? Here’s a bit of what I’ve been reading over the past week.

There are plenty of blogs, articles and technology answers to this question. Washington Technology mentions: How you will remember 2011.  William Jackson, who I usually enjoy reading over at Government Computer News, writes about 5 cyber threats (pain points) coming in 2012 and also 3 personal resolutions that you can make to improve securityREAD MORE

December 28, 2011    /    by

Holiday Week Security Fun: From Top T-shirts to Tech Humor

But one of my children said, "Why don't you write something fun for all those people who have to work between now and New Years Eve. How about some computer jokes, funny security stories or a list of your top 5 or 10 geek/nerd or security T-shirts?"

    It’s the week after Christmas, and we finally got (a little) holiday snow in Michigan. My family went sledding this afternoon, and my son got to try out his new snowboard. I’m home with the family now on a Tuesday evening getting ready to play some board games.

   My wife Priscilla asked if I was going to write a security blog this week, and I initially said no – I’m on vacation. But one of my children said, “Why don’t you write something fun for all those people who have to work between now and New Years Eve.” READ MORE

December 18, 2011    /    by

What is the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PrECISE) Act?

A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act), the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.

A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the “Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act),” the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.

According to thehill.com, the new bill: READ MORE

December 7, 2011    /    by

Career Advice: Professionals Can Learn About Success, Humility and Endurance from Tim Tebow

Despite his weaknesses, Tebow is winning over the hearts and minds in America. We love our underdogs, because most of us have our failings and weaknesses too. Our lives are full of the critics,... We just dont see our mistakes paraded around as publically or as often as Tim Tebow.

Technology and security careers are full of ups and downs - new opportunities and unexpected challenges.

Sometimes we work hard, succeed, accomplish a series of goals, get promoted and/or receive recognition. But what happens next? Friends, close colleagues and family tell us to stay humble, but that’s easier said than done. Dealing with success can actually be a difficult challenge. As I’ve written in other blogs, security professionals often have problems in this area at some point in their careers and may need a large helping of humble pieREAD MORE

December 1, 2011    /    by

Mobile Phone Firestorm: Carrier IQ Software Causing Privacy Concerns

Privacy concerns are growing regarding the use of Carrier IQ software in many mobile phones.

 Privacy concerns are growing regarding the use of Carrier IQ software in many mobile phones. Numerous sources such as Computerworld are reporting that AT&T and Sprint use the software on handsets. Here's an excerpt:

  "Amid what's snowballing into a major privacy controversy, AT&T, Sprint, HTC and Samsung today confirmed that that their mobile phones integrate a controversial piece of tracking software from a company called Carrier IQ. READ MORE

November 27, 2011    /    by

Cyber Monday: Are You Shopping From Work?

Its that time of year again. Cyber Monday has arrived, and recent survey results say that 50% of Americans do some holiday shopping from work.

It’s that time of year again. Cyber Monday has arrived, and recent survey results say that 50% of Americans do some holiday shopping from work.  (This number is actually down from 52% last year.)

This topic is not new, and I find it interesting to look back at the (brief) history of Cyber Monday in America. Four years ago, Government Technology Magazine asked what government organizations should do about Grinch.exe? The five suggestions are still fairly relevant; however, new advice is offered elsewhere around smartphones. READ MORE

November 23, 2011    /    by

New Report: Illinois Water System Was Not Hacked

The Department of Homeland Security (DHS) announced that the Illinois water system in Springfield was not hacked.

  The Department of Homeland Security (DHS) announced that the Illinois water system in Springfield was not hacked.

 According to Reuters: READ MORE

November 21, 2011    /    by

Hacking Illinois Water: Seven Questions and Six Answers

The top technology story at the end of last week involved multiple news sources reporting a cyber attack that penetrated a US public water system in Illinois. Heres what we know, and what we dont.

The top technology story at the end of last week involved multiple news sources reporting a cyber attack that penetrated a US public water system in Illinois. Here’s what we know, and what we don’t.

Question 1) What happened to prompt the concern? READ MORE

November 13, 2011    /    by

Hacker Group Spends Years Developing Sophisticated Duqu Trojan

The Duqu Trojan, which is also known as son of Stuxnet, was discovered just two months ago and is getting headlines for the sense of humor that its creators have revealed in the code. According to Kaspersky Lab, the hacker group behind the Duqu Trojan may have been working on the code for more than four years.

The new Duqu malware is a sophisticated Trojan that appears to be similar to the more well known Stuxnet code. Headlines over the weekend were telling stories about both the effects in Iran, as well as offering reports that the malware was now “under control.”

According to Kaspersky Lab, the hacker group behind the Duqu Trojan may have been working on the code for more than four years. The article describes the stages of attack and actions at each stage. Here’s an excerpt, but the entire article is worth reading: READ MORE