The Bestcomputerscienceschools.net (Link HERE) provided me a infographic covering privacy and security of Facebook. I really liked the research and agree with the suggested tips to use Facebook more security. Check it out. Continue reading →
There has been a lot of press around the closing and now reopening of Silk Road. For those that haven’t heard, Silk Road is underground amazon like network for dealing illegal goods and services. It leverages the Tor or onion router concept to conceal the identity of users using the service. You can find more on silk road HERE.
Drugabuse.com created a infographic displaying details on the history of Silk Road. I found it interested and have posted it below. You can find out more about the people sponsoring the infographic HERE.
A few weeks ago Aamir Lakhani put up a blog post on how to install and configure Snort on Security Onion with Snorby. Since the release of the article He has received numerous requests on how to disable some of the rules. Here is a post on tuning by Aamir. The original post can be found HERE.
My buddy Aamir Lakhani wrote a guide on how to install a Secure Onion setup with Snort and Snorby. You can find the original on his blog at www.drchaos.com or HERE
Security Onion is a Linux distribution for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. Security Onion is a platform that allows you to monitor your network for security alerts. It’s simple enough to run in small environments without many issues and allows advanced users to deploy distributed systems that can be used in network enterprise type environments. Continue reading →
Here is a interesting post from Billy Austin found on www.drchaos.com HERE
What 3rd party apps do remote workers have installed?
Remote workers are nothing new, but the challenge of hunting down employees on-the-go and assessing these devices can be a task in and of itself. With the increase of cyber incidents triggered by remote connectivity & insecure 3rd party apps, one would think these devices are in-scope for security and compliance quarterly checkup scans. After speaking with security and auditing colleagues, it proved to be quite the opposite. Continue reading →
It is very interesting to see what the FBI could use to monitor your computer behavior. Key-loggers are typically associated with cyber criminals however it seems that the FBI leverages similar tactics (which totally makes sense … why limit the best tactics to the malicious users). Key-loggers such as the magic lantern install themselves as a rootkit meaning they burrow into the core system making it difficult to detect and remove. One interesting note some sources are calling out about the FBI version is it is whitelisted by anti-virus vendors meaning commercial security products are designed to not remove it. This means you are on your own regarding detecting and removing this software. Continue reading →
Nice post by Aamir Lakahni aka Dr. Chaos. The original post can be found HERE
The U.S. Department of Homeland Security awarded their continuous monitoring and diagnostics contract. The vendors will provide the tools, hardware, software, and professional services to implement solutions and provide continuous-monitoring-as-a-service.
A coworker of mine, Tom Cross, was featured on CBS Atlanta regarding a case where a newscast member had her credit card information stolen. An interesting aspect of this situation is the criminals obtained the card number while the victim was in another city holding the authentic card. It is undetermined how the criminals stole the card number to create the duplicate but the motive clear … purchase giftcards until the credit card account becomes locked. Continue reading →