- Comms
- Law
- Medic
- News
- Opinion
- Threat Watch
- Training
- Warrior Tools
- Accessories
- Ammo
- Body Armor
- Books
- Clothing
- Commo
- Gear
- Handguns
- Holsters
- Knives
- Long Guns
- ACC
- Accuracy International
- Barrett
- Benelli
- Beretta
- Blaser
- Bushmaster
- Custom
- CZ
- Desert Tactical Arms
- DPMS
- FN
- Forums
- HK
- IWI
- Kel-Tec Long Guns
- LaRue
- LWRC
- McMillan
- Mosin Nagant
- Mossberg
- Para
- Remington
- Rock River Arms
- Ruger Long Guns
- Sabre Defense
- Sako
- SIG Sauer
- SKS
- Smith & Wesson Long Guns
- Springfield
- Styer
- Weatherby
- Wilson Combat
- Winchester
- Magazines
- Maintenance
- Navigation
- Optics
- Sights
- Tech
- Warriors
Posts Tagged information security
Energy Companies on the Frontline of Cyber Defense
Posted by Brian in News, Threat Watch on 18/Feb/2015 07:00
From Oil & Gas Monitor:
At the heart of every oil and gas company are industrial control systems (ICS) and other operational technologies (OT) designed to efficiently, reliably, and safely process the extraction, refinement, and distribution of large quantities of fuel needed to keep global economies moving. Initially, OT systems were seen as immune to cyber security threats due to their separation from corporate IT.
However, in today’s hyper connected world, this approach is no longer realistic. In recognition of the cyber threats facing the energy sector, the U.S. Department of Energy issued its cyber security framework implementation guide earlier this year. It is designed to support organizations in the energy sector establish or align existing cyber security risk management programs to meet the objectives of the Cybersecurity Framework released by the National Institutes of Standards and Technology (NIST) in February 2014.
EFF Launches Surveillance Self Defense Site
Surveillance Self Defense will teach you how to use technology and software to protect yourself and your data online.
This is a project of the Electronic Frontier Foundation
Whole Disk Encryption At Risk
Posted by Brian in News, Threat Watch on 22/Jan/2013 08:15
Cyber Crime Ring Dismantled
Posted by Brian in News, Threat Watch on 15/Dec/2012 08:16
The FBI and its international law enforcement partners have dismantled an international cyber crime ring linked to the Butterfly Botnet, which steals computer users’ credit card, bank account, and other personal identifiable information. Details
Ironkey S200 Flash Drive Review
From: Healthy Passwords
Ironkey S200 Flash Drive Review from 2011.
The security industry has long considered Ironkey to be “the†premiere flash drive. We wondered how user-friendly Ironkey would be for non-technical users, so we decided to evaluate the drive from a non-technical perspective.
Ironkey Features
- Military-grade Hardware Encryption.
- Waterproof.
- Support for Windows, Mac OS X, and Linux.
- Portable Application Support (Apps living and running only on flash drive).
- Identity Manager for Password Management. (Windows Only)
- Verisign Identity Protection Built into Identity Manager. (Windows Only)
- Secure Sessions Service to encrypt browser traffic. (Windows Only)
- Self-Destruct after 10 consecutive invalid password attempts (just erases flash).
- Online management account to backup Identity Manager records. (Windows Only)
- Optional ability to reset hardware password online.
The iPhone Has Passed a Key Security Threshold
From: Technology Review
At the heart of Apple’s security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future—even a quantum computer—would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.
Google Approves an App that Steals All Your Data
Posted by Gary in Comms, News, Threat Watch on 7/Aug/2012 22:43
From: MIT
Google’s automated “Bouncer” for apps, which should prevent harmful mobile software from appearing in the company’s app store, appears to have serious blind spots. The system repeatedly scanned but let pass an app that stealthily steals personal data such as photos and contacts, reported two researchers from computer security company Trustwave at the Black Hat security conference in Las Vegas yesterday.
Nicolas Percoco and Sean Schulte are members of Trustwave’s “ethical hacking” research group, known as SpiderLabs, and they created the app to probe Google’s ability to vet the software uploaded to its app store. The pair said the results shows that Google needs to improve both its app-scanning system and its Android operating system.
LAPD Bails on Google Apps Because of Security & Privacy Concerns
Posted by Gary in Comms, News, Threat Watch on 16/Dec/2011 14:23
From: Cloudline
Microsoft’s Office 365 isn’t the only cloud service losing high-profile customers to security and privacy concerns. Google got a dose of the same medicine on Wednesday, with the LA Timesreporting that the LAPD is now backing out of its contract with Google so it can stick with its on-premises Novell platform for e-mail.
The LAPD and the city attorney’s office ultimately decided, some two years after deciding to move their e-mail systems to the cloud in order to save costs, that no cloud computing solution is really compatible with the federal security guidelines that the departments are required to follow.
“It will be difficult for law enforcement to move to a cloud solution until the [security requirements] and cloud are more in line with each other,†LAPD’s CIO told the LA Times.
The Cyber Security Industrial Complex
Posted by Gary in Comms, News, Threat Watch on 10/Dec/2011 14:07
From: MIT
A claim by Wikileaks that documents it released last week provide evidence of a “secret new industry” of mass surveillance was as breathless as previous pronouncements from Julian Assange’s organization. But the material does provide a stark reminder that our online activities are easily snooped upon, and suggests that governments or police around the world can easily go shopping for tools to capture whatever information they want from us.
The take-home for ordinary computer users is that the privacy and security safeguards they use—including passwords and even encryption tools—present only minor obstacles to what one researcher calls the “cyber security industrial complex.”
“There is no true privacy in any computing systems against determined government-level surveillance,” says Radu Sion, a computer scientist at Stony Brook University who directs its Network Security and Applied Cryptography Laboratory. He says that as computing systems become more complex, and reliant on components from many different suppliers, the number of vulnerabilities that can be exploited by attackers and surveillance tools will grow.
Computer Virus Hits U.S. Drone Fleet
Posted by Gary in News, Threat Watch on 9/Oct/2011 17:53
From: Danger Room
A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones.
USB Drives left at Dry Cleaners on the Rise
Posted by Gary in Comms, News, Threat Watch on 25/Mar/2011 14:59
Encrypt your USB Drives
From: SC Magazine UK
A survey of dry cleaners in the UK has found that more than 17,000 USB sticks were left behind in 2010.
More than 500 dry cleaners and launderettes in the UK were asked during December 2010 and January 2011 about removable media that was left behind. Estimated figures suggested that there was an increase on the number of USB sticks left in dry cleaners of more than 400 per cent when compared with figures from 2009, and almost double from what was found in 2008.
…With the best intentions in the world, the reality is devices are often left behind and the information they contain could be devastating if disclosed. Organizations need to plan for this when developing their security strategies.â€
China and its Double-edged Cyber-sword
Posted by Brian in Comms, Threat Watch on 10/Dec/2010 09:25
China and its Double-edged Cyber-sword is republished with permission of STRATFOR.
By Sean Noonan
A recent batch of WikiLeaks cables led Der Spiegel and The New York Times to print front-page stories on China’s cyber-espionage capabilities Dec. 4 and 5. While China’s offensive capabilities on the Internet are widely recognized, the country is discovering the other edge of the sword.
China is no doubt facing a paradox as it tries to manipulate and confront the growing capabilities of Internet users. Recent arrests of Chinese hackers and People’s Liberation Army (PLA) pronouncements suggest that China fears that its own computer experts, nationalist hackers and social media could turn against the government. While the exact cause of Beijing’s new focus on network security is unclear, it comes at a time when other countries are developing their own defenses against cyber attacks and hot topics like Stuxnet and WikiLeaks are generating new concerns about Internet security.
One of the U.S. State Department cables released by WikiLeaks focuses on the Chinese-based cyber attack on Google’s servers that became public in January 2010. According to a State Department source mentioned in one of the cables, Li Changchun, the fifth highest-ranking member of the Communist Party of China (CPC) and head of the Party’s Propaganda Department, was concerned about the information he could find on himself through Google’s search engine. He also reportedly ordered the attack on Google. This is single-source information, and since the cables WikiLeaks released do not include the U.S. intelligence community’s actual analysis of the source, we cannot vouch for its accuracy. What it does appear to verify, however, is that Beijing is regularly debating the opportunities and threats presented by the Internet. Read the rest of this entry »
Zeus Trojan Targets Government and Military Workers
Posted by Gary in Comms, Threat Watch on 17/Nov/2010 17:38
From: Angela Moscaritolo
A new campaign of the password-stealing Zeus trojan is targeting workers from government and military departments in the United States and United Kingdom, according to security researchers at Websense. The trojan is being distributed through spoofed emails claiming to come from the U.S. National Intelligence Council. The bogus messages contain subject lines such as “Report of the National Intelligence Council.” The emails aim to lure users into downloading a document about the “2020 project,” which actually is Zeus. — AM
Smartphones, Jailbreaking and the New Battle Front for Enterprise Security
From: IDGA
… So why is this so bad? First and foremost jailbreaking is a hack! Users are inviting a third party developer to hack your device. Plain and simple. Most recent versions of these tools are able to run over a simple webpage that is exploiting a few unpatched vulnerabilities in the smart phone operating system code. This risk was exposed last year when a worm “rick rolled” jailbroken iPhone users, exploiting a default password setting in secure shell daemon installed as part of the jailbreaking process.