Home
Here Password, Hear Password...
- Details
- Category: Information Security
The age old problem of Passwords rears it head again. All predictions aside, we will be dealing with Passwords for a LONG time.
I still love it when people post a note next to or neat their computer on what their password is or better yet, leave it as something simple and guessable.
Dark reading again focuses on the age old problem with Passwords again in this article. read it here
The problem is not with the passwords, keys, encryption, it's with people who ignore the teachings of Cyber Security and continue to use weak and guessable passwords. Or worse, they still walk away from their computer systems logged in at work! How many times do you see this still occurring? We need some sort of Cyber Ruler to come down and smack these people on the knuckles each time they even think about doing something in disregard to their Cyber Security Training.
That brings up another issue... the Cyber Security Trainer themselves. Are they effective ? Maybe not so much if the students continue to sluff off the subject matter the trainer is attempting to convey. I know of a couple of incidences myself, where the trainer used the sessions as an opportunity for personal self indulgence. No wonder there are repeat violations of Cyber Security Policies. No one took the Trainer serious at all. Show a movie, ask some questions, here, your training is done <yawn>.... is THAT effective ? If you convey in your Cyber Security Classes how unimpressed you are, doesn't THAT teach your attendees something ? It says big and boldy "I'm unimpressed with this and so should you be." Whoops, there goes another opportunity to train people correctly!
If you are going to be serious about Cyber Security Training especially password Management, then get the class to pay attention and be alert. Train them the right way with the right instructor.
Steve
Vendor refusing to fix backdoor
- Details
- Category: Information Security
Recently posted on a website, is a story that RuggedCom who boasts "hardened" and "industrial strength" systems, has been found to have a known backdoor into their systems.
The link to the story that I am posting here at this time contains a script to possibly exploit this vulnerability. I do not suggest you download and / or try this and suggest you stay Cyber Safe by only reading the article. I do not approve of malicious behavior.
Read the article by clicking here
I find it amazing that some people go to great lengths to protect their network and their companies where others sometimes miss the importance of "hardened systems". If this is completely true and their systems do have a backdoor, then they are not hardened at all.
Remember the old adage, the chain is only as strong as its weakest link. Is Boasting the weak link or being discovered to have a backdoor found the weak link? Personally, I think its both. if you climb up and put yourself onto a pedestal, there are a lot of people with sling-shots waiting for you to stand there and pound your chest.
be safe, be smart, be thorough !
Elite Hacker done in by his iPhone
- Details
- Category: Celll Phones and Mobile devices
Anyone ever notice that if you take a photo with your cell phone, the photo is geotagged with information. These geotagging can pinpoint where you snapped the photo, time of day, etc.
Nifty feature, right ? But it is all about tracking users, tracking your every location and what you are doing (is Big Brother really watching now ?)
Well there is an article recently posted that states that an Elite Hacker from one of the off-shoots of Anonymous teased Law Officials with more information than they should have. They sent or posted photos in the attempt to tease the Law that they could not find them. (nyah nyah, you can't find me). But the images posted contained GPS coordinates and other information associated with Geotagging of photos. Did the Hacker screw up ? Big time.
Take the time to read this article , it IS hilarious in the long run.
This is a prime example of stupidity of the smartest of us. No matter how smart they are, eventually they will do something dumb that will get them caught. I don;t care who the person is, historically the more you are wanted, eventually something stupid will trip you up. So sometimes, I guess it pays to stay stupid and not be elite ?
Having accomplished various investigations into "Cyber Happenings", the devil IS in the details and its usually something everyone often overlooks. Something we take for granted or worse, something stupid that exposes what was going on. Its that piece of the puzzle that is staring you right in the eyes. Some may say "you are looking too deeply" or "you are looking to make something out of something that is just not there". It's always there. How smart are you to catch the smallest of details or something staring you right between the eyes?
Enjoy.