This is a quickie collection of news chum items related to security that have caught my eye:
- Weaponized Narratives. I did a whole separate blog entry on this, but I wanted to highlight the original article again in light of the emergence of “alternate facts”. Remember: A weaponized narrative “seeks to undermine an opponent’s civilization, identity, and will by generating complexity, confusion, and political and social schisms. It can be used tactically, as part of explicit military or geopolitical conflict; or strategically, as a way to reduce, neutralize, and defeat a civilization, state, or organization. Done well, it limits or even eliminates the need for armed force to achieve political and military aims.” Alternative facts? Excuuuuuuuse me. They are yet another weaponized narrative.
- Ransomware. eWeek had an interesting article on some free software that claims to help fight off ransomware. This software is called RansomFree, from security company Cybereason. Once it’s installed (windows-only), it does three things. First it can detect the ransomware malware when it arrives on a computer if it has a signature it recognizes. But because of ransomware families rapidly evolve, it also watches the activity of the ransomware looking for attempts to encrypt files. Finally it deceives the ransomware into thinking its working, when in reality all that it’s doing is operating in a secure honey pot of a container. Think about that last point for a moment: a ransomware honeypot. Cool.
- Infrastructure Security. A number of recent incidents in Las Vegas highlighted the Strip’s vulnerability in terms of infrastructure. In November, Paris Las Vegas was evacuated after an errant drilling severed its main power line; customers were not cleared to return for nearly a day. Shortly before New Year’s Eve, an unfortunate series of events that began with an overflowing sink sparked an outage that darkened the Rio’s Masquerade Tower (the tall one). The tower wasn’t fully reopened for a week, straddling both the New Year’s holiday and the start of CES, two peak occupancy periods. Earlier this month, Palace Station fell victim to an interruption in Nevada Power service that darkened the property for about 90 minutes. A similar outage had affected power at Palace Station—also for 90 minutes—in July. The MGM/New York-New York outage this month, reportedly caused by a windstorm blowing debris into a substation, lasted just over an hour. These all demonstrate inadequate contingency planning, or more important, resiliency, in the design of the buildings.
- Phishing Attacks. There’s a new Gmail phishing attack going around, and it is one that can fool the best users. The phishers start by compromising a Gmail account, then they rifle through the emails the user has recently received. After finding one with an attachment, they create an image (screenshot) of it and include it in a reply to the sender. They use the same or similar subject line for the email, to invoke recognition and automatic trust. “You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens up and you are prompted by Gmail to sign in again,” WordFence CEO Mark Maunder warns. The phishing page is a good copy of Gmail’s login page, and its URL contains the accounts.google.com subdomain, which is enough to fool many into believing that they are on a legitimate Google page. You can take it from there. Even the smartest people, with the right page, will click on an link in an email without examining it. I’m sure you’ve done it; I know I have.
- Automotive Security. If you have a relatively new vehicle, you are driving an increasingly sophisticated computer that can be easily attacked. But fear not… or fear more. A consortium of researchers announced the development of a universal, free, and open source framework to protect wireless software updates in vehicles. The team issued a challenge to security experts everywhere to try to find vulnerabilities before it is adopted by the automotive industry.
- Password / Form Security. Passwords are often stored in places you least expect, or obscure places that you do expect because you stored them there. One way around that mess is to use a good password manager. But you need to remember to get rid of the passwords stored outside the manager when you do. Did you? Further, that form completion can also get you into trouble by completing saved personal information into fields you don’t expect. Again: use a password manager with form completion.
