This article is six pages in Word and because of the length, WordPress isn’t playing nice. The document below contains the entire article. Read more “Do the right thing – configure your HTTP headers”
International mobile subscriber identity (IMSI) devices are used to spoof cell phone towers allowing the interception of text messages and phone calls. The most well known IMSI device is the Stingray which is what police departments use for surveillance. The existence of Stingrays was denied for years and companies that produced them are under non-disclosure agreements to protect the identity of purchasers. Read more “Cell interceptors detected around Washington DC”
Myfitnesspal, owned by Under Armour, is a calorie counter system that helps people lose weight. On March 25th, 2018 MyFitnessPal “became aware” that there was unauthorized acquisition of user data. Typically, “made aware” statements are indicative of a third party finding user data somewhere on the Internet but could include the result of an audit or malicious communication being detected.
The user data that was obtained by the attackers include usernames, email addresses, and passwords hashed with bcrypt. I’m glad to see that the bcrypt hashing algorithm was used because it is considered strong, and to my knowledge, hasn’t been broken even though it has been in use for over a decade.
MyFitnessPal did as most companies do where they learn that they were breached – hired a third-party incident response team to determine the scope of the intrusion. In addition to the incident response team, MyFitnessPal is working with law enforcement and data security firms to assist in the investigation. A data security firm is brought in to remediate the vulnerabilities that were used to gain unauthorized access.
Users have been provided guidance on how to protect their data, forced password changes are in effect, continuous monitoring has been deployed to gather more threat data for law enforcement, and vulnerability remediation is underway.
Before we begin configuring Security Onion, it’s a good idea to get an Oinkcode from snort.org if you’re going to use Snort.
Snort can also use the Emerging Threat rulesets.
There are three options available to obtain an Oinkcode.
- Community Edition – the rules are updated every 30 days, no support – FREE
- Personal – the rules are released daily, can submit false positives, home network or educational environments only – $29.99 per year
- Business – the rules are updated daily, priority support for false positives and Talos (the parent company) will work directly with you, for use in businesses, colleges, government, etc. – $399 per sensor per year
Once you create an account and pay for a subscription or not, you can find the Oink code by clicking on the email address in the upper right-hand corner of the page then select Oinkcode. Read more “Security Onion Set Up Part 3: Configuration”
“Florida Virtual School (FLVS) recently learned of a potential data security incident involving certain information provided to us by students and parents. We are providing this notice as a precaution to inform potentially affected individuals about the incident and to call your attention to some steps you can take to help protect yourself. We sincerely regret any concern this may cause you.” Florida Virtual School was hacked two years, but they only “learned” about the hack this week. Read more “Florida Virtual School was hacked 2 years ago”
This article is straightforward in that if you’ve installed an operating system before this won’t be an issue. The recommended installation medium is Rufus. Rufus creates a bootable thumb drive where you can place [.]img or [.]iso images. Thumb drives have a far higher data rate transfer than DVD’s making the installation quick. Read more “Security Onion Set Up Part 2: Installation”
The technology industry and financial industry aren’t seeing eye to eye on the new security protocol TLS 1.3. The most recent implementation that is deployed is TLS 1.2 that was released in 2008, so an update to the TLS specification is due for an update.
TLS stands for Transport Layer Security and encrypts the data that is transferred between you and whichever web server you have requested a website from and is used for virtual private networks so that remote workers can access company data securely. Read more “Banks are trying to weaken a new security protocol”
The Electronic Frontier Foundation (EFF) filed a Freedom of Information Act (FOIA) lawsuit last year to get more information on the ties between the FBI and Best Buy’s Geek Squad. It turns out that Geek Squad doubles as an FBI informant.
The lawsuit was started after a California doctor was prosecuted for possessing child pornography and the doctor revealed that the FBI found out about the photos from Geek Squad in a Best Buy in Kentucky. After the EFF received the requested documents from the FOIA, they discovered that the relationship between Geek Squad and the FBI goes back ten years. Read more “Geek Squad doubles as FBI informant”