Group items tagged

Hass and Associates: The Cyber-Risk of a Missile Attack on Syria The cyberattacks carried out by Syria last week were much more broad than initially reported, and they amounted to a warning shot of the retaliation the U.S. could expect if it should attack. Subsequent attacks would most likely go after U.S. infrastructure, and given how fragile it is and the likelihood Iran or North Korea would help out, the result could be massive. As I write this, the U.S. has deployed a battle group to Syria in preparation for a missile strike against the government there, and Russia has deployed what appears to be a counter force. What most seem not to be factoring in is that Syria has already fired its warning shot with attacks on Twitter and The New York Times, at least. I say "at least," because reporting of attacks isn't comprehensive, and other attempts may have failed, so Syria's first strike may have been far larger than initially reported. (Related cyber-attack updates: http://www.technewsworld.com/story/78848.html) The U.S. has a tendency to overreact, and it is clear there's insufficient preparation for theinfrastructure collapse that could occur when Syria responds to a missile attack -- and Russia exists as a wild card that could cause the conflict to spread rapidly out of control. It's been common knowledge for some time that the U.S. infrastructure is vulnerable to outside attack and that governments like Syria and China have been probing it and probably know exactly where and how to do the most damage. There's a very real likelihood that this time the U.S. won't go unscathed, and it may be prudent to have a plan in place should things go very, very wrong. Details: http://www.technewsworld.com/story/78848.html Related article: http://www.wattpad.com/12317622-cyber-security-hass-associates#.UibGpBunqeQ

The cyber-attacks carried out by Syria last week were much more broad than initially reported, and they amounted to a warning shot of the retaliation the U.S. could expect if it should attack. Subsequent attacks would most likely go after U.S. infrastructure, and given how fragile it is and the likelihood Iran or North Korea would help out, the result could be massive. As I write this, the U.S. has deployed a battle group to Syria in preparation for a missile strike against the government there, and Russia has deployed what appears to be a counter force. What most seem not to be factoring in is that Syria has already fired its warning shot with attacks on Twitter and The New York Times, at least. I say "at least," because reporting of attacks isn't comprehensive, and other attempts may have failed, so Syria's first strike may have been far larger than initially reported. The U.S. has a tendency to overreact, and it is clear there's insufficient preparation for the infrastructure collapse that could occur when Syria responds to a missile attack -- and Russia exists as a wild card that could cause the conflict to spread rapidly out of control. It's been common knowledge for some time that the U.S. infrastructure is vulnerable to outside attack and that governments like Syria and China have been probing it and probably know exactly where and how to do the most damage. There's a very real likelihood that this time the U.S. won't go unscathed, and it may be prudent to have a plan in place should things go very, very wrong. Details: https://www.smore.com/g263-hass-and-associates-syria More Info: http://justinblake.postach.io/post/hass-and-associates-missile-attack-on-syria http://justinblake.booklikes.com/post/148815/hass-and-associates-missile-attack-on-syria

We all live in public, at least as far as the US National Security Agency is concerned. As Internet users and global citizens become more aware of surveillance activities that the US and other countries are doing on the World Wide Web, there are those who seek to ensure that privacy and personal freedoms aren't trampled upon. Tor technology aims to help appease privacy advocates and offer a way in which the Internet can be enjoyed without the prying eyes of surveillance programs or other tracking software. This free piece of software has certainly become mainstream in light of recent events, but what is Tor and why does it matter to you, your family, neighbors, co-workers, and the rest of the Internet? Peeling back the onion layers It might surprise you that the Tor Project, originally an acronym for The Onion Router Project, was initially funded by the US Naval Research Laboratory and helped launch the development of onion routing (anonymous communication over a computer network) on behalf of DARPA. It had also received the backing from the Electronic Frontier Foundation. When users installed Tor software onto their computers, it would conceal their identity and network activity from anyone spying on their behavior. This was accomplished by separating the identification and routing information. The data is transmitted through multiple computers via a network of relays run by like-minded volunteers - almost like how users installed SETI software to look for extraterrestrial beings. Tor isn't the only service that helps you hide in the shadows away from the prying eyes of the federal government, or any other person who would do it for malicious purposes. However, some say that it's better because it works at the Transmission Control Protocol stream level. Full post: http://thenextweb.com/insider/2013/10/08/what-is-tor-and-why-does-it-matter/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+TheNextWeb+(The+Next+Web+All+Stories)

http://hassassociates-online.com/articles/sqli/ SQL injection is a tactic used in attacking a database or a server via its front-end (e.g. website). Through putting parts of SQL statements in an entry field of the website, hackers can try and get the site to run the newly-created malicious command to the database itself, for instance, dumping its contents to a remote server under the control of the attacker. This type of attack takes advantage of logical or structural loopholes in the source code through issuing a wrong or unexpected user input, resulting in a messed up execution. The 'injection' of code is to exploit a vulnerability of a website or a software. For example, SQL commands to alter or harvest information on the database would be put on the web entry form and run on the database.

The website Songsrpeople.com looks a lot like other amateur-video sites. It is wallpapered with clips featuring "the most insane amusement park ever" and "your girlfriend's six friends." The site draws tens of thousands of visitors a month, according to audience measurement firms. It also has ads for national brands, including Target Corp., Amazon.com Inc. and State Farm. But Web-security investigators at a firm called White Ops contend that most of the site's visitors aren't people. Rather, they are computer-generated visitors, or "bots," designed to fool advertisers into paying for the traffic, says White Ops, which has blacklisted the site-and thousands more like it-so that ads from clients such as Zipcar don't land there. An anonymous representative for Songsrpeople declined to discuss the site's traffic but in an email called the White Ops methodology into question. State Farm said it was looking into the matter while Target declined to comment and Amazon didn't immediately respond to requests for comment. Authorities and Internet-security experts say tens of thousands of dubious websites are popping up across the Internet. Their phony Web traffic is often fueled by "botnets," zombie armies of hijacked PCs that are controlled from unknown locations around the world, according to Internet security experts. The sites take advantage of the simple truth that advertisers pay to be seen. This creates an incentive for fraudsters to erect sites with phony traffic, collecting payments-often through middlemen and sometimes directly from advertisers. "When you walk into this world, you walk with eyes wide open," said Brian Harrington, chief marketing officer at Zipcar, which ran a recent ad campaign, assisted by White Ops to filter out bogus traffic. "You know stuff is not real." At their most sophisticated, botnets can mimic the behavior of online consumers, clicking from one site to the next, pausing at ads, watching videos, and even putting items in shopp