Facebook Number One Security Compromiser
August 18, 2015
While Facebook is a good way for a company to engage with clients and even “humanize” the business, according to Zerofox’s article, “Cisco: Facebook Scams Are Attackers’ #1 Choice For Breaches” Facebook is the number way for a criminal to learn about organization and hack into its system. Cisco conducted a 2015 Midyear Security Report that researches how cyber criminals are exploiting social media to their own advantage.
The article describes potential targets as easy and click-happy:
“Facebook’s 1.49 billion monthly active users make it the world’s largest nation-state, used by 70% of American each day. It is, for better or worse, a nation without borders. Adversaries exploit the social media giant for its sheer size and trusted nature, making it the medium of choice for both inexperienced and sophisticated network hackers alike. For the adversary, the barriers to entry have never been lower, and the targets have never been more trusting and click-happy.”
Other security organizations confirm the findings and some of it comes from people simply being too trusting such as accepting friend requests from unfamiliar people. McAfee discovered that employees became cybercrime victims on social media over other business applications.
While Facebook might be the number one platform to attract criminals. Twitter is used to attack government organizations and other popular platforms are also dealing with loads of fake profiles. It does not come as a surprise, considering Facebook is now the “Walt-Mart” of social media information. What types of scams are people falling victim too? Is it just stolen passwords and information or are they giving their personal information away?
Whitney Grace, August 18, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Open Source Tools for IBM i2
August 17, 2015
IBM has made available two open source repositories for the IBM i2 intelligence platform: the Data-Acquisition-Accelerators and Intelligence-Analysis-Platform can both be found on the IBM-i2 page at GitHub. The IBM i2 suite of products includes many parts that work together to give law enforcement, intelligence organizations, and the military powerful data analysis capabilities. For an glimpse of what these products can do, we recommend checking out the videos at the IBM i2 Analyst’s Notebook page. (You may have to refresh the page before the videos will play.)
The Analyst’s Notebook is but one piece, of course. For the suite’s full description, I turned to the product page, IBM i2 Intelligence Analysis Platform V3.0.11. The Highlights summary describes:
“The IBM i2 Intelligence Analysis product portfolio comprises a suite of products specifically designed to bring clarity through the analysis of the mass of information available to complex investigations and scenarios to help enable analysts, investigators, and the wider operational team to identify, investigate, and uncover connections, patterns, and relationships hidden within high-volume, multi-source data to create and disseminate intelligence products in real time. The offerings target law enforcement, defense, government agencies, and private sector businesses to help them maximize the value of the mass of information that they collect to discover and disseminate actionable intelligence to help them in their pursuit of predicting, disrupting, and preventing criminal, terrorist, and fraudulent activities.”
The description goes on to summarize each piece, from the Intelligence Analysis Platform to the Information Exchange Visualizer. I recommend readers check out this page, and, especially, the videos mentioned above for better understanding of this software’s capabilities. It is an eye-opening experience.
Cynthia Murrell, August 18, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Insight Into the Zero-Day Vulnerability Business
August 14, 2015
An ironic security breach grants a rare glimpse into the workings of an outfit that sells information on security vulnerabilities, we learn from “Hacking Team: a Zero-Day Market Case Study” at Vlad Tsyrklevich’s blog. Software weak spots have become big business. From accessing sensitive data to installing secret surveillance software, hackers hunt for chinks in the armor and sell that information to the highest (acceptable) bidder. It seems to be governments, mostly, that purchase this information, but corporations and other organizations can be in the market, as well. The practice is, so far, perfectly legal, and vendors swear they only sell to the good guys. One of these vulnerability vendors is Italian firm Hacking Team, known for its spying tools. Hacking Team itself was recently hacked, its email archives exposed.
Blogger Vlad Tsyrklevich combs the revealed emails for information on the market for zero-day (or 0day) vulnerabilities. These security gaps are so named because once the secret is out, the exposed party has “zero days” to fix the vulnerability before damage is done. Some may find it odd just how prosaic the procedure for selling zero-days appears. The article reveals:
“Buyers follow standard technology purchasing practices around testing, delivery, and acceptance. Warranty and requirements negotiations become necessary in purchasing a product intrinsically predicated on the existence of information asymmetry between the buyer and the seller. Requirements—like targeted software configurations—are important to negotiate ahead of time because adding support for new targets might be impossible or not worth the effort. Likewise warranty provisions for buyers are common so they can minimize risk by parceling out payments over a set timeframe and terminating payments early if the vulnerability is patched before that timeframe is complete. Payments are typically made after a 0day exploit has been delivered and tested against requirements, necessitating sellers to trust buyers to act in good faith. Similarly, buyers purchasing exploits must trust the sellers not to expose the vulnerability or share it with others if it’s sold on an exclusive basis.”
The post goes on to discuss pricing, product reliability, and the sources of Hacking Team’s offerings. Tsyrklevich compiles specifics on dealings between Hacking Team and several of its suppliers, including the companies Netragard, Qavar, VUPEN, Vulnerabilities Brokerage International, and COSEINC, as well as a couple of freelancing individuals. See the article for more on each of these (and a few more under “miscellaneous”). Tsyrklevich notes that, though the exposure of Hacking Team’s emails has prompted changes to the international export-control agreement known as the Wassenaar Arrangement, the company itself seems to be weathering the exposure just fine. In fact, their sales are reportedly climbing.
Cynthia Murrell, August 14, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Coauthoring Documents in SharePoint to Save Time
August 4, 2015
SharePoint users are often looking for ways to save time and streamline the process of integration from other programs. Business Management Daily has devoted some attention to the topic with their article, “Co-authoring Documents in SharePoint and Office.” Read on for the full details of how to make the most of this feature.
The article begins:
“One of the best features of SharePoint 2010 and 2013 is the way it permits co-authoring. Co-authoring means more than one person is in a document, workbook or presentation at the same time editing different parts. It works differently in Word, Excel and PowerPoint . . . With Word 2013/SharePoint 2013, co-authors may edit either in Word Online (Word Web App) or the desktop version.”
SharePoint is a powerful but complicated solution that requires quite a bit of energy to maintain and use to the best of its ability. For those users and managers that are tasked with daily work in SharePoint, staying in touch with the latest tips and tricks is vital. Those users may benefit from Stephen E. Arnold’s Web site, ArnoldIT.com. A longtime leader in search, Arnold brings the latest SharePoint news together in one easy to digest news feed.
Emily Rae Aldridge, August 4, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
A Technical Shift in Banking Security
July 23, 2015
Banks may soon transition from asking for your mother’s maiden name to tracking your physical behavior in the name of keeping you (and their assets) safe. IT ProPortal examines “Fraud Prevention: Knowledge-Based Ananlytics in Steep Decline.” Writer Lara Lackie cites a recent report from the Aite Group that indicates a shift from knowledge-based analytics to behavioral analytics for virtual security checkpoints. Apparently, “behavioral analytics” is basically biometrics without the legal implications. Lackie writes:
“Examples of behavioural analytics/biometrics can include the way someone types, holds their device or otherwise interacts with it. When combined, continuous behavioural analysis, and compiled behavioural biometric data, deliver far more intelligence than traditionally available without interrupting the user’s experience….
Julie Conroy, research director, Aite Group, said in the report “When the biometric is paired with strong device authentication, it is even more difficult to defeat. Many biometric solutions also include liveliness checks, to ensure it’s a human being on the other end.’
“NuData Security’s NuDetect online fraud engine, which uses continuous behavioural analysis and compiled behavioral biometric data, is able to predict fraud as early as 15 days before a fraud attempt is made. The early detection offered by NuDetect provides organisations the time to monitor, understand and prevent fraudulent transactions from taking place.”
The Aite report shows over half the banks surveyed plan to move away from traditional security questions over the next year, and six of the 19 institutions plan to enable mobile-banking biometrics by the end of this year. Proponents of the approach laud behavioral analytics as the height of fraud detection. Are Swype patterns and indicators of “liveliness” covered by privacy rights? That seems like a philosophical question to me.
Cynthia Murrell, July 23, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Quality Peer Reviews Are More Subjective Than Real Science
July 16, 2015
Peer reviewed journals are supposed to have an extra degree of authority, because a team of experts read and critiqued an academic work. Science 2.0 points out in the article, “Peer Review Is Subjective And The Quality Is Highly Variable” that peer-reviewed journals might not be worth their weight in opinions.
Peer reviews are supposed to be objective criticisms of work, but personal beliefs and political views are working their way into the process and have been for some time. It should not come as a surprise, when academia has been plagued by this problem for decades. It also has also been discussed, but peer review problems are brushed under the rug. In true academic fashion, someone is conducting a test to determine how reliable peer review comments are:
“A new paper on peer review discusses the weaknesses we all see – it is easy to hijack peer review when it is a volunteer effort that can drive out anyone who does not meet the political or cultural litmus test. Wikipedia is dominated by angry white men and climate science is dominated by different angry white men, but in both cases they were caught conspiring to block out anyone who dissented from their beliefs. Then there is the fluctuating nature of guidelines. Some peer review is lax if you are a member, like at the National Academy of Sciences, while the most prominent open access journal is really editorial review, where they check off four boxes and it may never go to peer review or require any data, especially if it matches the aesthetic self-identification of the editor or they don’t want to be yelled at on Twitter.”
The peer review problem is getting worse in the digital landscape. There are suggested solutions, such as banning all fees associated with academic journals and databases, homogenizing review criteria across fields, but the problems would be far from corrected. Reviewers are paid to review works, which likely involves kickbacks of some kind. Also trying to get different academic journals, much less different fields to standardize an issue will take a huge amount of effort and work, if they can come to any sort of agreement.
Fixing the review system will not be done quickly and anytime money is involved, the process is slowed even further. In short, academic journals are far from being objective, which is why it pays to do your own research and take everything with a grain of salt.
Whitney Grace, July 16, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Digital Reasoning a Self-Described Cognitive Computing Company
June 26, 2015
The article titled Spy Tools Come to the Cloud on Enterprise Tech shows how Amazon’s work with analytics companies on behalf of the government have realized platforms like “GovCloud”, with increased security. The presumed reason for such platforms being the gathering of intelligence and threat analysis on the big data scale. The article explains,
“The Digital Reasoning cognitive computing tool is designed to generate “knowledge graphs of connected objects” gleaned from structured and unstructured data. These “nodes” (profiles of persons or things of interest) and “edges” (the relationships between them) are graphed, “and then being able to take this and put it into time and space,” explained Bill DiPietro, vice president of product management at Digital Reasoning. The partners noted that the elastic computing capability… is allowing customers to bring together much larger datasets.”
For former CIA staff officer DiPietro it logically follows that bigger questions can be answered by the data with tools like the AWS GovCloud and subsequent Hadoop ecosystems. He cites the ability to quickly spotlight and identify someone on a watch list out of the haystack of people as the challenge set to overcome. They call it “cluster on demand,” the process that allows them to manage and bring together data.
Chelsea Kerwin, June 26, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Chrome Restricts Extensions amid Security Threats
June 22, 2015
Despite efforts to maintain an open Internet, malware seems to be pushing online explorers into walled gardens, akin the old AOL setup. The trend is illustrated by a story at PandoDaily, “Security Trumps Ideology as Google Closes Off its Chrome Platform.” Beginning this July, Chrome users will only be able to download extensions for that browser from the official Chrome Web Store. This change is on the heels of one made in March—apps submitted to Google’s Play Store must now pass a review. Extreme measures to combat an extreme problem with malicious software.
The company tried a middle-ground approach last year, when they imposed the our-store-only policy on all users except those using Chrome’s development build. The makers of malware, though, are adaptable creatures; they found a way to force users into the development channel, then slip in their pernicious extensions. Writer Nathanieo Mott welcomes the changes, given the realities:
“It’s hard to convince people that they should use open platforms that leave them vulnerable to attack. There are good reasons to support those platforms—like limiting the influence tech companies have on the world’s information and avoiding government backdoors—but those pale in comparison to everyday security concerns. Google seems to have realized this. The chaos of openness has been replaced by the order of closed-off systems, not because the company has abandoned its ideals, but because protecting consumers is more important than ideology.”
Better safe than sorry? Perhaps.
Cynthia Murrell, June 22, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Latest Version of DataStax Enterprise Now Available
June 19, 2015
A post over at the SD Times informs us, “DataStax Enterprise 4.7 Released.” Enterprise is DataStax’s platform that helps organizations manage Apache Cassandra databases. Writer Rob Marvin tells us:
“DataStax Enterprise (DSE) 4.7 includes a production-certified version of Cassandra 2.1, and it adds enhanced enterprise search, analytics, security, in-memory, and database monitoring capabilities. These include a new certified version of Apache Solr and Live Indexing, a new DSE feature that makes data immediately available for search by leveraging Cassandra’s native ability to run across multiple data centers. …
“DSE 4.7 also adds enhancements to security and encryption through integration with the DataStax OpsCenter 5.2 visual-management and monitoring console. Using OpsCenter, developers can store encryption keys on servers outside the DSE cluster and use the Lightweight Directory Access Protocol to manage admin security.”
Four main features/ updates are listed in the write-up: extended search analytics, intelligent query routing, fault-tolerant search operations, and upgraded analytics functionality. See the article for details on each of these improvements.
Founded in 2010, DataStax is headquartered in San Mateo, California. Clients for their Cassandra-management software (and related training and professional services) range from young startups to Fortune 100 companies.
Cynthia Murrell, June 19, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
SharePoint Is Back and Yammer Is Left Behind
May 28, 2015
Many old things become trend and new again, and even that holds true with software, at least in principle. The old functions of SharePoint are withstanding the test of time, and the trendy new buzzwords that Microsoft worked so hard to push these last few years (cloud, social, collaborative) are fading out. Of course, some of it has to do with perception, but it does seem that Microsoft is harkening back to what the tried and true longtime users want. Read more in the CMS Wire article, “SharePoint is Back, Yammer… Not So Much.”
The article sums up the last few years:
“But these last few years, Microsoft seemingly didn’t want to talk about SharePoint. It wanted to talk about Office 365, the cloud, collaboration, social, mobile devices and perpetual monthly licensing models. Yet no one appears to have told many of the big traditional SharePoint customers of these shifts. These people are still running SharePoint 2007, 2010 and 2013 happily in-house and have no plans to change that for many years.”
So it seems that with the returned focus to on-premises SharePoint, users are pleased in theory. However, it remains to be seen how satisfying SharePoint Server 2016 will be in reality. To stay tuned to the latest reviews and feedback, keep an eye on ArnoldIT.com and his dedicated SharePoint feed. Stephen E. Arnold is a longtime leader in search with an interest in SharePoint. His reporting will shed a light on the realities of user experience once SharePoint Server 2016 becomes available.
Emily Rae Aldridge, May 28, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
