“See, Hear & Speak no Evil”- Google Censorship Requests June 18, 2012
Posted by Chris Mark in Industry News, privacy.Tags: Censorship, cybersecurity, freedom of speech, google, InfoSec, mark consulting group, privacy, requests, satire
1 comment so far
Google today released information related to the censorship requests by Governments around the Globe. While many are familiar with China and other nations restricting access, it is interesting to see so many “Western” countries requesting censorship. An interesting example is the Canadian Government requesting the removal of “…YouTube video of a Canadian citizen urinating on his passport and flushing it down the toilet. “ To their credit, Google did NOT comply with this request. In another request, Google “…received a request from the Central Police in Italy to remove a YouTube video that satirized Prime Minister Silvio Berlusconi’s lifestyle.” Again, Google did not comply. The interesting part of these requests is that they request removal of material that is typically considered a right of free speech and protest. Satire has been used as a form of protest in West for centuries (look at Voltare, Oscar Wilde…etc.etc.) and civil disobedience (urinating on a passport, is a good example) has certainly been used as form of protest. One has to wonder whether how much more information ‘free’ governments have kept from the public. You can see the Google removal requests here.
Oh My!! More than 6 Million LinkedIn Passwords Stolen! June 6, 2012
Posted by Chris Mark in cybersecurity, Data Breach, Industry News.Tags: Chris Mark, cybercrime, cybersecurity, InfoSec, LinkedIn, privacy, security, Stolen Passwords
add a comment
Change your LinkedIn password now! According to an article on CNN, over 6 million LinkedIn passwords were stolen by Russian hackers. LinkedIn also confirmed in their own blog post that some of the posted passwords did match LinkedIn accounts. According to the story: “The 6.5 million leaked passwords were posted Monday on a Russian online forum, camouflaged with a common cryptographic code called SHA-1 hash. It’s a format that’s considered weak if added precautions aren’t taken. Roughly half of the “hashed” passwords have already been decoded and posted online in human-readable text.” You can read more about how Hashes are cracked using Rainbow tables in the awesome post here.
“Flame On!”- New CyberWeapon Discovered in Middle East May 28, 2012
Posted by Chris Mark in cyberespionage, cybersecurity, InfoSec & Privacy, News, terrorism.Tags: Chris Mark, cybercrime, cyberespionage, cybersecurity, data theft, Duqu, Flame, hack, InfoSec, Kapersky, security, Stuxnet
1 comment so far
Complementing the post CyberEspionage, researchers have discovered a new cyberweapon. First there was Stuxnet, then there was Duqu..now there is Flame. Called by a researcher: “…the most complex piece of malicious software discovered to date…” the recently discovered virus is designed to capture data but can also change computer setting and turn on integrated microphones to record what is being said in the room. Kapersky labs discovered the virus, dubbed “Flame”, which has been lurking undetected inside of thousands of computers in the Middle East for as long as 5 years. According to Kapersky, the countries with the most infections include Iran with the most infections followed by Israel/Palestine area, Syria, and Sudan. According to Kapersky senior researcher Roel Schouwenberg: “The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information”. (more…)
“Kiss My QR Code”; Symantec Releases 2011 Internet Security Threat Report May 20, 2012
Posted by Chris Mark in cybersecurity, Data Breach, InfoSec & Privacy.Tags: Chris Mark, cybercrime, cyberespionage, cybersecurity, Internet Threat Report, malware, Phishing, QR Code, Symantec
add a comment
This month Symantec released the results of their 2011 Internet Security Threat Report. It is a very compelling read and highlights just how difficult it is becoming to protect systems, and data. Some of the more interesting findings: 2011 saw variants of Malware increase from 283 million to 407 million (you read that correct…million). Additionally, data thieves have begun using QR codes to infect Android phones with malicious software. One out of every 299 emails is a phishing attempt. This is a document that I recommend you download and read.
“Wowee wow wow!”; The Costs Of CyberSecurity; Part II May 15, 2012
Posted by Chris Mark in cybersecurity, Industry News, InfoSec & Privacy.Tags: bloomberg, Chris Mark, cybersecurity, data security, InfoSec, mark consulting group, PCI DSS, ponemon
add a comment
In reading the Ponemon/Boomberg report on the costs of cybersecurity, I was shocked to see that companies would need to increase spending 700% to achieve 95% protection. In reading closer, I was even more shocked to see that financial services companies would need to increase spending over 1,270% to achieve 95% protection. Of the 48 financial services firms surveyed the average annual security investment was $22.9 million. To achieve the 95% goal, security investment would need to increase to $292.4 million per year. You can see the results in an interactive chart here.
As stated in my previous post: “CyberSecurity Cold War; Spend Ourselves Into Oblivion”, it is obvious that companies cannot increase security investment 11 fold or even 7 fold. There must be a better answer.
By the way..the “Wowee wow wow” is from Christopher Walken’ character The Continental 😉
Global Security, Privacy, & Risk Management 