In the Weeds: InfoSec Round-Up 6-8-17

Follow Casz's Fiction Farm on WordPress.com

Sorry, a day late here. We had some technical issues, because I forgot that we migrated servers. Noob mistake. What can I say?

Regardless, here’s the latest and notable in the InfoSec realm, cobbled together by yours truly.

WannaCry is giving everyone that sobbed-all-night look around the digital security board room. Sophos takes a look at how to prevent the next:  https://nakedsecurity.sophos.com/2017/06/07/infosec-2017-how-to-protect-yourself-against-the-next-wannacry/

This here is why I despise Apple products:  http://www.techrepublic.com/article/new-ios-11-feature-automatically-deletes-unused-apps-to-free-up-storage-on-your-iphone/?ftag=TRE684d531&bhid=26093227954548321669490942282653

If you’re part of a security team, you may want to take down that “0 days since incident” sign, and go back to basics. What works for a construction safety crew or even the sales team doesn’t work in InfoSec. It was cute while it lasted, but such attitudes are too simplistic when it comes to digital security. https://www.infosecurity-magazine.com/news/infosec17-security-teams-told-to/

And another out of London’s InfoSec 2017 conference — sure wish I could have been a fly on the wall there  — trends that will impact your defense strategy. Check it out: http://www.techrepublic.com/article/report-10-trends-in-application-security-that-will-impact-your-cyberdefense-strategy/?ftag=TRE684d531&bhid=26093227954548321669490942282653

And because you know I have to find something to laugh about (But seriously, — anything connected to a network has a vulnerabilty. Hello.) https://www.wired.com/story/the-next-security-risk-may-be-your-vibrator/

As in weeks past, feel free to leave a comment here about any of those articles. Let’s learn from one another. Okay, have pity on the noob and let me learn from you.

Have another great week InfoSec nerds. See you next week.

 

One Minute of Zen: Make Your Own Waterfall

Follow Casz's Fiction Farm on WordPress.com

Sometimes you can’t get out to a waterfall and just sit and meditate. Sometimes you have to create the waterfall and sit in the tub and make the world go away for one tiny minute.

In The Weeds: Weekly InfoSec Round-Up 5-31-17

Follow Casz's Fiction Farm on WordPress.com

First of all let me apologize for my absence. I’ve been very ill with multiple infections, including pneumonia. That stuff is nothing to mess with, much like information security. I’m finally coming out of the fog; therefore, this round-up will be a bit extended, because there’s some important things I hope you all didn’t miss.

First off, in case you need any other reason to lean more paranoid in regards to infosec: What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge?

Someone told me this week they don’t understand the cloud. Tried to explain that it’s basically someone you don’t knows computer. Cloud services can present unique infosec challenges. Some folks are working to fix that. 

Disney is not immune to infosec problems. Apparently one of their productions is being held ransom. 

You’ve probably heard of phishing. But have you heard of spearfishing

Information Security includes your personal documents, most assuredly. But what do you need to hold onto, what can you shred (burn, annihilate in some manner)? Here’s a little guide.

Protecting papers is one thing, what about your server room. Here’s an example of someone who did some great planning.

What’s new for your infosec book shelf? Here’s a few titles. 

Our White Hat folks have been busy over this WannaCry Attack.

Got a Chiptole Card in your wallet? You might want to read this...another Data Breach.

If DefCon is your Mecca, you only have a short time left to submit for your demo lab breakout.

As in weeks past, feel free to leave a comment here about any of those articles. Let’s learn from one another. Okay, have pity on the noob and let me learn from you.

Have another great week InfoSec geeks. See you next week.

 

 

One Minute of Zen: A Happy Dog

Follow Casz's Fiction Farm on WordPress.com

Sorry for the absence as of late. I’ve been very ill with multiple infections to include pneumonia. It’s been a hard, hard month or so. Right about the time I was coming out of the fog, I captured this moment with my sweet Alaskan Husky, Yuki. Enjoy.

In The Weeds: Weekly InfoSec Round-Up 4-26-17

Follow Casz's Fiction Farm on WordPress.com

It’s hard cropping this past week’s InfoSec news down to a succinct list, but here goes….

There’s a few people super happy they don’t use Webroot this week, as the antivirus provider had a bit of a meltdown.

If you’re not following Martin Vigo, you may want to. His educational bent on exposing flaws is refreshing and I dig his attitude. He doesn’t act like he knows all, a tendency I’m noting from many in the InfoSec field, calls out his own mistakes, learns from them and moves forward. Good on ya, Martin.

It seems you can’t talk about InfoSec or hackers without a Russian flavor to it, especially where politics are concerned. Again, I’m so interested in the psychology of that, however, at this moment in the news Tuesday a security firm claimed that a new cyberattack against the campaign offices of the front-runner in France’s presidential race carried similar digital ‘‘fingerprints’’ to the suspected Russian hacking of the Democratic National Committee and others.

On the heels of that, people at Harvard have some ideas that maybe the government, or your own company, might want to take into consideration in order to digitally improve security.

Last Friday there were simultaneous power outages in New York City, Los Angeles, and San Francisco. The power companies say it wasn’t an attack. But it’s kind of weird and I’m not convinced. In an effort to turn this weekly posting into more of a conversation, what do you think?

As in weeks past, feel free to leave a comment here about any of those articles. Let’s learn from one another. Okay, have pity on the noob and let me learn from you.

Have another great week InfoSec geeks. See you next week.