It does not matter where you live or who you are.

Your best friends are a rare treasure.
Those are the people whom you most enjoy hanging out with.
The kind of people you miss the most.

And it gets even better if you both share the same professional interest (like IT and Security )

Sometimes you find out there was a great friend you should have
known, when it is too late.

And that’s what happened to me, when I heard about Matthew Shoemaker.

Matthew was one of the founders of a top notch Professional yet fun Podcast.

You must sign up to it, if you care just a bit about IT Security – it’s called InfoSec daily.

Each day you get great news, insights and top professional guests and some fun as well.

It is a treasure: http://www.isdpodcast.com/

And Matthew started it all with his friend, Rick Hayes.

Unfortunately, Matthew is not with us anymore.

You can read more about it here:
http://www.isdpodcast.com/goodbye-farewell-god-bless-2

If you look at the intro of many of the posdcast episodes, you’ll see
Matthew say:

“…This podcast is our Contribution Back to the community where we will discuss the vulnerabilities of interest, information security related news hopefully providing you a few laughs and a little knowledge….”

Now, as said, if you are interested in Security just a bit, do take the time and listen to at least one of the episodes.

And if you really liked it, and

You Feel Like Giving Back,

you can send your donation via bank transfer or paypal.

All the details are here:

http://www.isdpodcast.com/goodbye-farewell-god-bless-2
and this is the donation for Matthew’s family via paypal: isdpodcast@gmail.com

God bless you and your dear ones, and have a great week!

Bookmark It

Hide Sites

How to fight cheap malicious hack tools (methods that are not available in any IT Courses)

Reading another shocking note posted on our IT Professional Linkedin Group

(available at their blog here:

https://infosecisland.com/blogview/4160-CRiMEPACK-Zombie-Exploit-Gets-Upgrades.html )

about another easy and cheap way that criminals

can use to hack their way into your precious data, I was thinking

How can we turn this unsolveable situation around?

Here is what I cam up with…let me know what you think…

The main question for us, the good guys is how can we fight that
“ease of use”.

Looking at it from the Sun Tzu’s “Art of War” point of view
and employing “go where the crowds aren’t” and
“if you can’t fight them, confuse them”…

I’d say maybe instead of defending, maybe we should create programs that
feed false data into malicious programs.

Only “authenticaed” processes will get feeded with real data.

Not easy at all, and requires a major mind shift, but maybe worth a look at…

Another option is to spread “malicious” copies of the malicious software that
once activated, reports all the details and activity of the operator.
Let them taste a bit of their own food!

Anyway, my way out of this massive problem, is “if you want to beat them,
think like them” (like done in the wonderful “Ender’s Game” book).

Let me know what you think…

P.S.

Here are links to Audio copies of Sun Tzu’s “Art of War” and free Audio book Coupon:

Incoming search terms for the article:

• hack tools cheap way
• how to fight cheap

Bookmark It

Hide Sites

I was doing my regular daily security alert review when my eye caught this message:

Hackers have used advanced SEO (search engine optimization) techniques to have

their link appear on top of Google search results for searches related to “labor day”.

Imagine this: You live in the US, you just got your labor day vacation rolling, you pick up

a cool bear from the frig and head on to your laptop to stroll around the web, looking

for labor day deals. You always tend to buy when you are on vacation…right?

And then you see this nice link in Google search, click on it, and damn! It takes

you to web page warning you that your computer is infected with Viruses.

It then invites you to download a new Anti Virus – the best they have.

All this happens as you are pooling your credit card to get ready and buy something.

Shi*** you say, I can’t put my credit card online if I have a Virus.

Why didn’t that damn Anti Virus program I have warn me about that Virus.

And then you might actually download the new Anti Virus mentioned there and actually

get a Virus or a Trojan installed on your computer…

There are many reports showing that a large percentage of malicious computer programs

are built and set to gather personal data that will be used later on by organized crime

groups – yeh, people used to call it the “Mafia”.

My question to you is, how many times you think the Mafia takes Google each week?

How would you teach your friends get protected from those threats?

Maybe tips such as:

1. Consider shopping in web sites you already know and have in your bookmarks.

2. Even if you use Google or other search engine to look for deals, write down the details of the deal

and then search those details in the specific site they belong to (eBay, Best Buy, whatever)

3. Use tools that I sent you in the past such as Mcaffee Site Advisor.

4. Do not ACT according to websites you visit accidentally if  they warn that your computer is in danger.

I do not know a legitimate site that would do that. If you have concerns about your Anti Virus,

try out a new one, by looking in Computing Magazines

How should Google fight this using its IT Infrastructure?

Maybe incorporate Fraud Detection Tools in its search engine filter?

Create partnerships with Security Firms?

Start viewing its customer’s security as important as its search relevancy?

What do you think?

Bookmark It

Hide Sites