Skip to content

In The Weeds: Weekly Info-Sec Round Up 10-25-17

Follow Casz's Fiction Farm on WordPress.com

Ouch. We’ve had 10 inches of rain in the last week here in Twin Peaks. I’m looking forward to sunshine tomorrow.

First off, I spent part of the rainy day today filling out my voter’s ballot. In King County, where my vote counts, our ballots had this little tear off dealio. It gave a QR code and said if you went to a certain website you could get a virtual/digital “I Voted!” sticker. Guess what? It’s broken. Sigh. I was kind of bummed. I wanted to put that sticker on my social media presence to remind everyone to get out and vote (especially where local positions are up for grabs!). No such luck. Dear King County, www.kingcounty.gov/elections doesn’t provide me my digital “I voted!” sticker. I feel like I’ve been robbed.

https://goo.gl/images/VRtDtp

In other weirdness…BadRabbit ransomware uses a website to drop a fake Flash update and then drops its payload. Read more here:  https://blog.malwarebytes.com/cybercrime/2017/10/badrabbit-ransomware-strikes-eastern-europe/?utm_source=twitter&utm_medium=social

Next I have a confession to make. I love “smart” devices. Currently I have an Amazon Echo Dot installed in a limited way in my home. I let it turn on and off lights, tell me the weather, let me play jeopardy, and remind me when I need to be alert for package delivery. It’s not very good in playing a browser. Here’s a recent conversation I had with “her:”

Me: “Computer, who first circumnavigated the globe?

AED: “I’m sorry I don’t know that.”

Now do I wish her capability were more like Star Trek:  NG, hell, yeah. But I’ll be damned if I’m going to up the ante in this direction:  https://www.amazon.com/b?&node=17285120011&ref=tsm_1_tw_s__1126906097&linkId=43934981. That screams, “Come Hack Me.”

You know how I went off on crappy leadership in InfoSec last week? Well, now it’s not just some Girl Noob squawking about it. There’s about 412 other professionals that are like, Yo, We Have a Problem, Houston. That lead paragraph says it all. And maybe my time in the Army has actually helped me as I dive into learning InfoSec. https://www.ixiacom.com/company/blog/lessons-conventional-warfare-can-prepare-cyber-warriors

Last week I was all excited about Google Rolling out this: https://www.esecurityplanet.com/threats/google-rolls-out-advanced-protection-for-personal-user-accounts.html?utm_source=dlvr.it&utm_medium=twitter

But then I read this:  https://www.theregister.co.uk/2017/10/26/google_play_android_malware_bad/?mt=1508979967236

I’m confused. Wait, I’m not. Yep. I am. But…

https://goo.gl/images/nfmVdm

And leave a comment and the reason why you DON’T think the people who did this hack were 12 year olds? https://nakedsecurity.sophos.com/2017/10/25/hackers-steal-compromising-photos-from-plastic-surgery-clinic/

Want your cyber giggle for the week? Because to learn we can’t take ourselves too seriously:  https://twitter.com/Bill_Gross/status/920406104911233024

As in weeks past, feel free to leave a comment here about any of those articles. Let’s learn from one another. Okay, have pity on the noob and let me learn from you.

Have another great week InfoSec geeks. See you next week.

 

 

Published inIn The Weeds

Be First to Comment

Leave a Reply