Posts

Showing posts from May, 2017

Weekly Infosec News Brief: 15-21 May 2017

Image
End of WannaCry Panic Should Result in Vigilance, not Relief, Experts Warn The massive WannaCry ransomware worm that spread with frightening speed the week more last fizzled out as quickly as it began. However, the story should be taken as a wake-up call for US organizations, not as cause to breathe a sigh of relief. In many ways, the WannaCry malware was amateurish and simple; the only impressive part was the use of the ETERNALBLUE exploit to enable its quick spread. It was easily disabled, and incorporated little in the way of anti-analysis and anti-detection techniques. If more determined and skillful folks leverage that same exploit (as it appears some may already be doing), we could see much more devastating results. Please ensure that all your Windows machines are fully-patched, particularly with the MS17-010 patch from March . Also, check your external network to see if you have any SMB services exposed (TCP port 445) and seek to block access from the Internet to that servic

Weekly Infosec News Brief: 01-07 May 2017

Image
Clever and Widespread Google Phishing Campaign Raises Concerns Last week a new worm spread rapidly through the Internet. It used a very convincing (because it was partly genuine) Google Docs invitation to lure Google users into giving access to their Gmail accounts, then copied itself to addresses in the victim's contacts. Repeating this process led to a rapid storm of emails. Google took action within an hour to remove the rogue app from users' account permissions and stem the tide of emails, but the success of the tactic shows the risk inherent in cloud-based accounts like this -- a quieter version of the same tactic could easily compromise a handful of people without attracting much attention. Selecting and authorizing specific file-sharing services for your organizational data is a good idea, as is ensuring users are trained in how to use them (and what NOT to do). https://arstechnica.com/security/2017/05/dont-trust-oauth-why-the-google-docs-worm-was-so-convincing/

World Password Day?

In honor of "World Password Day," we're providing some thoughts and tips to improving the security of the passwords you use. For better or worse (and in many cases it's definitely worse), passwords are still the primary authentication mechanism we use to control access to most computing resources. While multi-factor authentication is becoming more common (and it's a great thing to use if you can), much of our digital life still depends on the humble password. Really I don't even like the name, "World Password Day," because I'm trying to get people to think of them as "passphrases" -- as in multiple words separated by spaces, meaning quite a bit longer than we are used to using. A natural-languge phrase is easy to type, easy to remember, and (if it's long enough) very difficult to guess or crack. When I say long, you should be thinking at least 15 characters long. Remember, spaces are characters, too! Here are our key tips to