CSIA 459

Remember our discussion about DNS being tough to compromise? :D

This video is for your week 7 discussion.

This video is for your week 7 discussion.

Interesting product on control compliance software.

Eh, I like VMWare VCM or McAfee's HBSS (kind of a nightmare to set up though.)

Check this out. Just when you think it's safe to go into the water!

Interesting story that I'm sure some of you are already aware.

I was going to post this as well. I have done a number of projects on body sensors ad telemedicine that pointed out the type of vulnerabilities he said he could exploit up to the point of death. I sad story.

For Week 6.

For your Week 6 discussions. This is the actual report. The other bookmark takes you to an article about the report.

For your Week 6 discussion.

For your Week 6 discussion. "Verizon's '2013 Data Breach Investigations Report' Expands Types of Threats Analyzed to Present Even Broader, More Extensive Picture of Cybercrime"

For Week 6

Next time you have a passenger in the back seat of your car offering infuriatingly "helpful" advice about your driving skills, count yourself lucky that they aren't doing anything more sinister in their attempts to guide your vehicle.

I was quite amused by the picture of the man holding the Nintendo controller in the car on the front page of the article. It doesn't surprise me that a cars ECU can be manipulated. They are programmed to control specific tasks and are not complex nor secure. Most of the information they display and/or process is from various sensors within the engine or chassis. If the failure of important sensors occur, you may not even be able to start your car. It's a fragile system, although it was designed that way for safety, not system security.

Call it the cyber-attack that never happened. A false alarm that sent the Economic Development Agency scrambling. When the dust settled, the EDA had spent half of its information technology budget - or nearly $3 million - destroying hundreds of thousands of dollars worth of perfectly functioning computer equipment. Talk about using up your resources...literally.

What stood out to me was that they did not follow the incident handling procedure. Those documents are put together for a reason. I also question why there was not a manager to oversee the incident response for something of this size. I blame management for this one.

I agree with a better safe than sorry approach most of the time, but I have to agree with Bob that procedures weren't followed and equipment was unnecessarily destroyed.

This article is about an intelligent knife that allows surgeons to minimize bleeding during operations but also has a mass spectrometer that analyzes chemicals when cutting. The knife has the potential to reduce tumor recurrence.

I had read this article on the Internet and found this an amazing use of the technology. The ability to determine if an entire tumor is removed at the time it's being done eliminates risk for the patient and waiting for lab results.

I thought this was interesting. Hacking has gone to another level of automation by using robotics to brute force hack the 4 digit pin on cell phones.

It's nice to know my first thought when I started reading this of locking the phone after X number of unsuccessful attempts is what they suggested.

The U.S. Attorney's Office today unsealed an indictment charging four Russians and a Ukrainian with a multi-million hacking scheme that netted 160 million credit card numbers from several major American and international corporations.

Interesting article on how a hospitals phone network was hacked by someone using VOIP who then performed a DOS attack.

This was an interesting article. I wish it explained how the attack was carried out. I am surprised that firewalls would not be a part of VOIP installation for large institutions. The treat has always been there. I am guessing that somebody cut costs up front and paid for it later. Maybe the attacker sold them the firewalls?

Our departing top cyber official reflects on how the FBI has adapted to an evolving threat. Shawn Henry is executive assistant director of the FBI's Criminal, Cyber, Response, and Services Branch. He served as assistant director of the Cyber Division from September 2008 to January 2010, Note: Shawn Henry retired from the FBI on March 31, 2012. This is an excellent interview with Shawn Henry describing todays cyber actors

This is a good article. I though the FBI was smart in having IT people trained to be agents as apposed to the reverse.

Naked Security - Computer security news, opinion, advice and research.

This site has great daily news on a variety of security topics from malware to privacy. I like the blog post styled interface that this site incorporates. This sets it apart from standard news feed sites.

Thank you for the link. This is a good source or quick news bites.