Searching Google Drive Is Easier than Ever
December 29, 2015
Google search is supposed to be the most reliable and accurate search, so by proxy Google Drive should be easy to search as well, right? Wrong! Google Drive is like a cartoon black hole. It has an undisclosed amount of space and things easily get lost in it. Fear not, Google Drive users for Tech Republic has posted a nifty guide on how to use Google Drive’s search and locate your lost spreadsheets and documents: “Pro Tip: How To Use Google Drive’s New And Improved Search.”
Google drive can now be searched with more options: owner, keywords. Item name, shared with, date modified, file type, and located in. The article explains the quickest way to search Google Drive is with the standard wildcard. It is the search filter where you add an asterisk to any of the listed search types and viola, the search results list all viable options. The second method is described as the most powerful option, because it is brand new advanced search feature. By clicking on the drop down arrow box in the search box, you can access filters to limit or expand your search results.
“For anyone who depends upon Google Drive to store and manage their data, the new search tool will be a major plus. No longer will you have to dig through a vast array of search results to find what you’re looking for. Narrow the field down with the new Drive search box.”
The new search features are pretty neat, albeit standard for most databases. Why did it take Google so long to deploy them in the first place?
Whitney Grace, December 29, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
New Credit Card Feature Prevents Fraud
December 28, 2015
December is lauded as the most wonderful time due to that warm, fuzzy feeling and also because retail chains across the world will be operating in the black at the end of the year. Online shopping has shown record sales this year, especially since shoppers do not want to deal with crowds and limited stock. Shopping online allows them to shop from the convenience of their homes, have items delivered to their front door, and find great deals. Retail chains are not the only ones who love the holidays. Cyber criminals also enjoy this season, because people are less concerned with their persona information. Credit card and bank account numbers are tossed around without regard, creating ample game for identity theft.
While credit card companies have created more ways to protect consumers, such as the new microchip in cards, third party security companies have also created ways to protect consumers. Tender Armor is a security company with a simple and brilliant fraud prevention solution.
On the back of every credit card is a security code that is meant to protect the consumer, but it has its drawbacks. Tender Armor created a CVVPlus service that operates on the same principle as the security code, except of having the same code, it rotates on daily basis. Without the daily code, the credit card is useless. If a thief gets a hold of your personal information, Tender Armor’s CVVPlus immediately notifies you to take action. It is ingenious in its simplicity.
Tender Armor made this informative animated to explain how CVVPlus works: Tender Armor: CVVPlus.
In order to use Tender Armor, you must pay for an additional service on your credit card. With the increased risk in identity theft, it is worth the extra few bucks.
Whitney Grace, December 28, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Islamic State Is Now a Convenient App
December 28, 2015
It used to be that if you wanted to be an enemy of western civilization you had to have ties to a derelict organization or even visit an enemy nation. It was difficult, especially with the limits of communication in pre-Internet days. Western Union and secret radio signals only went so far, but now with the Internet insurgent recruitment is just a few mouse clicks away or even an app download. The Telegraph reports that the “Islamic State Releases Its Own Smartphone App” to spread propaganda and pollute Islam’s true message.
Islamic State (Isil) released an Android app to disseminate the terrorist group’s radical propaganda. The app was brought to light by hacktivist Ghost Security Group, who uncovered directions to install the app on the encrypted message service Telegram. Ghost Security says that the app publishes propaganda from Amaq News Agency, the Islamic State’s propaganda channel, such as beheadings and warnings about terrorist attacks. It goes to show that despite limited resources, if one is tech savvy and has an Internet connection the possibilities are endless.
” ‘They want to create a broadcast capability that is more secure than just leveraging Twitter and Facebook,’ ” Michael Smith of Kronos Advisory, a company that acts as a conduit between GhostSec and the US government, told CS Monitor.
‘[Isil] has always been looking for a way to provide easy access to all of the material.’ ”
Isil might have the ability to create propaganda and an app, but they do have a limited reach. In order to find this app, one has to dig within the Internet and find instructions. Hacktivist organizations like Ghost Security and Anonymous are using their technology skills to combat terrorist organizations with success. Most terrorist group propaganda will not be found within the first page of search results, one has to work to find them, but not that hard.
Whitney Grace, December 28, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Cyber Threat Intelligence Across the Enterprise
December 28, 2015
A blog series from iSightPartners aims to help organizations make the most of Cyber Threat Intelligence. The series is introduced in, “How CTI Helps Six Groups Do Their Jobs Better: A New Blog Series!” Writer Christina Jasinski explains:
“The importance of Cyber Threat Intelligence (CTI) has become more widely recognized in the past year. But not many people realize how many different ways threat intelligence can be utilized across an enterprise. That’s why now is a good time to drill down and describe the wide range of use cases for employing threat intelligence for many different functions within an IT organization.
“Are you a CISO, SOC Analyst or an Incident Responder? Stay tuned….
“This is the first post in an iSIGHT Partners blog series that will delve into how IT security professionals in each of six distinct roles within an organization’s information security program can (and should) apply threat intelligence to their function. Each post will include 3-4 use cases, how CTI can be used by professionals in that role, and the type of threat intelligence that is required to achieve their objectives.”
Jasinski goes on to describe what her series has to offer professionals in each of those roles, and concludes by promising to reveal practical solutions to CTI quandaries. Follow her blog posts to learn those answers.
Cynthia Murrell, December 28, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Top Trends for Cyber Security and Analytics in 2016
December 23, 2015
With the end of the year approaching, people try to predict what will happen in the New Year. The New Year brings on a sort of fortunetelling, because if companies are able to correctly predict what will happen in 2016 then it serves for positive profit margins and a healthier customer base. The IT industry has its own share of New Year soothsayers and the Executive Biz blog shares that “Booz Allen Cites Top Cyber, Analytics Trends In 2016; Bill Stewart Comments” with possible trends in cyber security and data analytics for the coming year.
Booz Allen Hamilton says that companies will want to merge analytical programs with security programs to receive data sets that show network vulnerabilities; they have been dubbed “fusion centers.”
“ ‘As cyber risk and advanced analytics demand increasing attention from the C-suite, we are about to enter a fundamentally different period,’ said Bill Stewart, executive vice president and leader of commercial cyber business at Booz Allen. ‘The dynamics will change… Skilled leaders will factor these changing dynamics into their planning, investments and operations.’”
The will also be increased risks coming from the Dark Web and risks that are associated with connected systems, such as cloud storage. Booz Allen also hints that companies will need skilled professionals who know how to harness cyber security risks and analytics. That suggestion is not new, as it has been discussed since 2014. While the threat from the Internet and vulnerabilities within systems has increased, the need for experts in these areas as well as better programs to handle them has always been needed. Booz Allen is restating the obvious, the biggest problem is that companies are not aware of these risks and they usually lack the budget to implement preemptive measures.
Whitney Grace, December 23, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
New Years Resolutions in Personal Data Security
December 22, 2015
The article on ITProPortal titled What Did We Learn in Records Management in 2016 and What Lies Ahead for 2016? delves into the unlearnt lessons in data security. The article begins with a look back over major data breaches, including Ashley Madison, JP Morgan et al, and Vtech and gathers from them the trend of personal information being targeted by hackers. The article reports,
“A Crown Records Management Survey earlier in 2015 revealed two-thirds of people interviewed – all of them IT decision makers at UK companies with more than 200 employees – admitted losing important data… human error is continuing to put that information at risk as businesses fail to protect it properly…but there is legislation on the horizon that could prompt change – and a greater public awareness of data protection issues could also drive the agenda.”
The article also makes a few predictions about the upcoming developments in our approach to data protection. Among them includes the passage of the European Union General Data Protection Regulation (EU GDPR) and the resulting affect on businesses. In terms of apps, the article suggests that more people might start asking questions about the information required to use certain apps (especially when the data they request is completely irrelevant to the functions of the app.) Generally optimistic, these developments will only occur of people and businesses and governments take data breaches and privacy more seriously.
Chelsea Kerwin, December 22, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Timeline Knows Where You Have Been
December 16, 2015
We understand that to get the most out of the Internet, we sacrifice a bit of privacy; but do we all understand how far-reaching that sacrifice can be? The Intercept reveals “How Law Enforcement Can Use Google Timeline to Track Your Every Move.” For those who were not aware, Google helpfully stores all the places you (or your devices) have traveled, down to longitude and latitude, in Timeline. Now, with an expansion launched in July 2015, that information goes back years, instead of just six months. Android users must actively turn this feature off to avoid being tracked.
The article cites a report titled “Google Timelines: Location Investigations Involving Android Devices.” Written by a law-enforcement trainer, the report is a tool for investigators. To be fair, the document does give a brief nod to privacy concerns; at the same time, it calls it “unfortunate” that Google allows users to easily delete entries in their Timelines. Reporter Jana Winter writes:
“The 15-page document includes what information its author, an expert in mobile phone investigations, found being stored in his own Timeline: historic location data — extremely specific data — dating back to 2009, the first year he owned a phone with an Android operating system. Those six years of data, he writes, show the kind of information that law enforcement investigators can now obtain from Google….
“The ability of law enforcement to obtain data stored with privacy companies is similar — whether it’s in Dropbox or iCloud. What’s different about Google Timeline, however, is that it potentially allows law enforcement to access a treasure trove of data about someone’s individual movement over the course of years.”
For its part, Google admits they “respond to valid legal requests,” but insists the bar is high; a simple subpoena has never been enough, they insist. That is some comfort, I suppose.
Cynthia Murrell, December 16, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Bill Legislation Is More Complicated than Sitting on Capitol Hill
December 14, 2015
When I was in civics class back in the day and learning about how a bill became an official law in the United States, my teacher played Schoolhouse Rock’s famous “I’m Just a Bill” song. While that annoying retro earworm still makes the education rounds, the lyrics need to be updated to record some of the new digital “paperwork” that goes into tracking a bill. Engaging Cities focuses on legislation data in “When Lobbyists Write Legislation, This Data Mining Tool Traces The Paper Trail.”
While the process to make a bill might seem simple according to Schoolhouse Rock, it is actually complicated and is even crazier as technology pushes more bills through the legislation process. In 2014, there were 70,000 state bills introduced across the country and no one has the time to read all of them. Technology can do a much better and faster job.
“ A prototype tool, presented in September at Bloomberg’s Data for Good Exchange 2015 conference, mines the Sunlight Foundation’s database of more than 500,000 bills and 200,000 resolutions for the 50 states from 2007 to 2015. It also compares them to 1,500 pieces of “model legislation” written by a few lobbying groups that made their work available, such as the conservative group ALEC (American Legislative Exchange Council) and the liberal group the State Innovation Exchange(formerly called ALICE).”
A data-mining tool for government legislation would increase government transparency. The software tracks earmarks in the bills to track how the Congressmen are benefiting their states with these projects. The software analyzed earmarks as far back as 1995 and it showed that there are more than anyone knew. The goal of the project is to scour the data that the US government makes available and help people interpret it, while also encouraging them to be active within the laws of the land.
The article uses the metaphor “need in a haystack” to describe all of the government data. Government transparency is good, but when they overload people with information it makes them overwhelmed.
Whitney Grace, December 14, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Executives Have a Look but No Touch Rule
December 11, 2015
Have you ever been to a museum and the curator told you to “look, but don’t touch the exhibits?” The phrase comes into play, because museums want to protect the integrity of the exhibits and to keep them preserved for the ages. One of the draws about these new, modern companies is that all employees are allowed to engage with each other in different departments and the higher-ups are available without a hassle. Or at least that is the image they want to project to the public, especially Google. Business Pundit exposes bow Google CEOs interact with their employees in “Google’ s Top Execs Are Always Visible But Almost Never Approachable” like a museum exhibit.
Larry Page, Sergey Brin, and Sundar Pichai make themselves seen at their Mountain View headquarters, but do not even think about going near them. They are walled off to small talk and random interactions because all of their time is booked.
Company developer advocate Don Dodge wrote on a Quora Q&A that Larry Page, Sergey Brin, and Sundar Pichai are in the no approach zone, Dodge explains:
“However, that doesn’t mean they are easy to approach and engage in discussion. They are very private and don’t engage in small talk. They are usually very focused on their priorities, and their schedule is always fully booked. Larry is a notoriously fast walker and avoids eye contact with anyone so he can get to his destination without disruption.”
Get Larry a Segway or one of those new “hoverboard” toys, then he will be able to zoom right past everyone or run them over. Add a little horn to warn people to get out of the way.
Whitney Grace, December 11, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Know Thy Hacker
December 10, 2015
Writer Alastair Paterson at SecurityWeek suggests that corporations and organizations prepare their defenses by turning a hacking technique against the hackers in, “Using an Attacker’s ‘Shadow’ to Your Advantage.” The article explains:
“A ‘digital shadow’ is a subset of a digital footprint and consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary. Adversaries can exploit these digital shadows to reveal weak points in an organization and launch targeted attacks. This is not necessarily a bad thing, though. Some digital shadows can prove advantageous to your organization; the digital shadows of your attackers. The adversary also casts a shadow similar to that of private and public corporations. These ‘shadows’ can be used to better understand the threat you face. This includes attacker patterns, motives, attempted threat vectors, and activities. Armed with this enhanced understanding, organizations are better able to assess and align their security postures.”
Paterson observes that one need not delve into the Dark Web to discern these patterns, particularly when the potential attacker is a “hactivist” (though one can find information there, too, if one is so bold). Rather, hactivists often use social media to chronicle their goals and activities. Monitoring these sources can give a company clues about upcoming attacks through records like target lists, responsibility claims, and discussions on new hacking techniques. Keeping an eye on such activity can help companies build appropriate defenses.
Cynthia Murrell, December 10, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
