Informazioni personali

Cerca nel blog

Translate

venerdì 9 settembre 2011

A.I. Talking Points : Security Week Review

File:Icon announcer.svg

A.I. Talking Points : Security Week Review

Welcome back, after a short period of absence (but I posted anyway ) I’m back with the Weekly (more or less) Talking Points.
For the ones does not know what Talking Points is is just a short review of the salient news on Security of the last week. just to have a refresh and a short resume and being quickly updated. This is of course related to the long list of article I refer every weeks on PostOffice2 and sometimes to post on my other technical blog PostOffice.
Since it is a long time I’m not writing here is not easy to tell what happened since the last Talking Point Update (well you know vacation ) so I will do a general recap of the things that impressed me more.

A Summer review (with an eye on the last issues!)

While the world was moving summer hackers didn’t stop to enjoy their virtual environment so a lot of things happened under the sun.
Following security landscape has been quite interesting and amusing, I’ve learned new words (like Typosquatting ), discovered that an hacking group can start a fight vs.BART and I’m not referring to Bart Simpson.
Also found out that a botnet can strike from the sky. At the same time I saw a lot of things related to government Cyber activities, again Cina, US and Iran has been part of the play. But at least we should mention the recent hack to Russian Embassy website in London.

Cyber Acktivism vs CyberCrime vs. Cyber Espionage vs. Medical Equipment vs. xxxxxx

Has become clear and clear this summer that there are a lot of player under the cybersky moved by the most different reasons but sharing, most of the time, the same techniques.
So we have experienced a continuous rising of cyber acktivism, where Anonymous and Lulzsec are just 2 of the most notorious unstructured hacking group of activists who filled the news.
At the same times we discovered also that a growing cybercrime activity is hitting the new technology medias: from the “classic” attack on Social Network and Web 2.0 tools (from Facebook to twitter and so on) to the new Mobile computing world, where Android Tablets and Ipad are every day more under pressure by botnet and other bad stuffs.
Mapping cyber activities on a map is an interesting activity too, we will discover that rumors of cyber war and cyber espionage are widening, cyber warfare is not more something we read in books or science fiction movies. And sometimes the player are big corporations, sound like just a SF drama, isn’t it?

Scaring things, some returns and breaking security pillars

Above all there are a few things that disturbed me more.
First was  to realize that IT is so pervasive in our lives that even stuffs I would have hardly considered “IT security risky” needs to be put under security perspective. Have you ever thoughts of hacking a pacemaker or an insulin pump? No wonder that next predicted target are our always more cyber equipped cars.
Second things that disturbed me is that  two of the main pillars in security have suffered terrible strikes. I’m referring of course to the RSA hack witch consequences are still to be completely understood, and the recent diginotar affair that exposed once again the risks related to the certificate authority hack and relative certificate use.
Again and again people is using our feelings to scam us, and the recent Steve Jobs death scam or the ground zero twitter scam occurred yesterday made me very upset. I understand, of course, that those are the reasons and techniques of Social Engineering but I found that playing this way is very disturbing (ok I’m naïve, I agree).
Have you ever read “Sometimes they come back?”. would be a perfect title for the recent botnet news, form bitcoin to stuxnet everything turns back, even firesheep has been updated.

Well as you’ve seen lot of things happened during the quite days of summer, but now is time to get back to work and believe me I can easily predict a lot of new stuffs will come along with the rain and cold weather. so stay in touch and I’ll keep you updated.
thanks for following
Antonio Ierano

Related articles
  • Cyber-Scammers Exploit Typing Errors to Intercept Email, Phish Details (portadiferro2.blogspot.com)
  • Hacker gets 6-year sentence for ‘sextortion’ case (portadiferro2.blogspot.com)
  • Anonymous vs BART (Simpson?) (portadiferro.blogspot.com)
  • Demonstrators Fail to Appear at Anonymous’s Latest #OpBART … (portadiferro2.blogspot.com)
  • Anonymous BART Protest Shuts Down Several Underground Stations (portadiferro2.blogspot.com)
  • Talking Points – Security week review (portadiferro2.blogspot.com)
  • SpyEye Hacking Tool Now Accessible To The Criminal Masses (portadiferro2.blogspot.com)
  • The Growth of Cyber Terror (portadiferro2.blogspot.com)
  • Botnets And Google Dorks: A New Recipe For Hacking (portadiferro2.blogspot.com)
  • Cyber crime ‘costs £27bn a year’ (premierlinedirect.co.uk)
  • Cyber war between Jester and Anonymous hackers in operation payback (portadiferro2.blogspot.com)
  • Who is bart simpsons enemy (wiki.answers.com)
  • Biggest-ever criminal botnet links computers in more than 172 countries (portadiferro2.blogspot.com)
  • Talking Points – Security week review (portadiferro2.blogspot.com)
  • Naval Academy Expands on Cyber Security (portadiferro2.blogspot.com)
  • Amid social networking security issues, companies block Web 2.0 apps (portadiferro2.blogspot.com)
  • Chinese Government Beefs-up Anti Cyber Hacking Laws (portadiferro2.blogspot.com)
  • Expect More Botnets like the one that downed Twitter (portadiferro2.blogspot.com)
  • There is no Geneva Convention online (portadiferro2.blogspot.com)
  • What SMBs Can Learn from Operation Shady RAT (portadiferro2.blogspot.com)
  • Canadian Hacker Arrested for Creating Zombie Botnet (portadiferro2.blogspot.com)
  • Missile and submarine secrets ‘may have been stolen’ in cyber attack on … (portadiferro2.blogspot.com)
  • Clarke: Outdated cyber defense leaves US open to attack (portadiferro2.blogspot.com)
  • Japan’s defence industry hit by its first cyber attack (portadiferro2.blogspot.com)
  • Cyber Bandits Attack Mexican Government Sites, Closing Down Defense Websites (portadiferro2.blogspot.com)
  • Aussie war alliance extends to cyberspace (portadiferro2.blogspot.com)
  • Cyber-espionage hits defence companies (portadiferro2.blogspot.com)
  • Google Hacking: How Hackers Automate Google Hacking with Botnets (portadiferro2.blogspot.com)
  • US, China bicker over Cyber terrorism (portadiferro2.blogspot.com)
  • (Cyber) Rebels with a cause (portadiferro2.blogspot.com)
  • Corporate America Top Threat (portadiferro2.blogspot.com)
  • Comedic Mayhem: LulzSec’s Pranks Highlight Cyber Security Flaws (portadiferro2.blogspot.com)
  • What SMBs Can Learn from Operation Shady RAT (portadiferro2.blogspot.com)
  • Canadian Hacker Arrested for Creating Zombie Botnet (portadiferro2.blogspot.com)
  • Missile and submarine secrets ‘may have been stolen’ in cyber attack on … (portadiferro2.blogspot.com)
  • Clarke: Outdated cyber defense leaves US open to attack (portadiferro2.blogspot.com)
  • Japan’s defence industry hit by its first cyber attack (portadiferro2.blogspot.com)
  • Cyber Bandits Attack Mexican Government Sites, Closing Down Defense Websites (portadiferro2.blogspot.com)
  • Aussie war alliance extends to cyberspace (portadiferro2.blogspot.com)
  • Cyber-espionage hits defence companies (portadiferro2.blogspot.com)