Tag Archives: SANS

Anti-social media part umpteen

BBC: Children ‘blackmailed’ for sexual images in online video chats. “A surge in the use of video chats and live-streaming among children is leaving them vulnerable to abuse, the NSPCC has warned, calling for a social network regulator to be introduced.”


Graham Cluley: Facebook Portal isn’t designed to be as private as you might hope – Graham says “I doubt I’m alone in the world in thinking that allowing Facebook, of all companies, into your home with a microphone and a video camera is a pretty terrible idea.” Indeed he isn’t… And this story is not reassuring, with FB’s weaselly partial backtracking on the assertion that it would not collect data for targeted advertising.


I’m not the biggest fan of SANS and its newsletters. (That would be SANS…) But the Top Of The News section in its October 19th 2018 Newsbites newsletter includes a number of links relevant to election interference and social media that you might find worth reading.

David Harley

Advertisements

New information/resource page: [anti-]social media

[This article is itself the first entry on the new page Anti-Social Media.]

Like many others, I’ve been at least partially assimilated by the social media Cookie Monster. Once upon a time I opened accounts on sites like Facebook and Twitter, so as to find out about their implications for security. (Like many others in the security profession, I suspect.) They also quickly became integrated into my armoury as a means of exchanging and disseminating information, whether it’s a matter of hard data or work-oriented PR. And when friends, colleagues and fellow musicians (some people, of course, are members of two or all three of those sets!) found me on those platforms, it would have been churlish not to have accepted invitations to link up there. (Besides, you can’t tell as much about Facebook’s workings, for instance, if you don’t actually have any Facebook friends…)

However, I’ve always borne in mind the wider implications of membership of such platforms (sociological, psychological, and security-specific), and have often written on those topics. (I’ll probably look back at some of those posts and see if any of them are worth flagging here.) But with the excitement over the Cambridge Analytica, it’s self-proclaimed success at social engineering, and its alleged misuse of data harvested from social media, I can’t help but notice that people who’ve previously expressed no interest in privacy and security have started to voice concern. So I’m going to use this page to flag some news and resources of interest. Starting with a minor deluge of advice from various quarters:

David Harley

SANS reports ransomware impersonating voice messages

28th August 2016

Posted at SANS 23rd August by Xavier Mertens for SANS Internet Storm Center: Voice Message Notifications Deliver Ransomware. Despite coming from ‘voicemail@*’ and the attachment having the filename extension ‘wav.zip’, these are not sound files but, apparently, ransomware. A more recent VirusTotal report than that cited in the report indicates that many vendors are associating the campaign with Nemucod.

Nemucod is now broken out into its own resource page on this site.

David Harley

SANS ‘Ouch!’ Newsletter on Ransomware

The latest SANS ‘Ouch!’ newsletter is dedicated to a description of ransomware and tips on how to counter it.  And no, I have no idea why they chose the name Ouch!

Like other editions, this particular newsletter issue is presumably aimed primarily at home users rather than corporates. (Though it does include a link to the SANS Advanced Cybersecurity Learning Platform.) At any rate, it’s fairly simplistic. However, it’s accurate enough (though I’d take issue with the fact that it seems to suggest that cloud-based backups are safe from ransomware, which isn’t always true).

Anyway, anything that might help raise awareness and understanding of the issue among the general population is worth publicizing.

David Harley

Ransomware: Understanding Bitcoin

It probably hasn’t escaped your notice that ransomware gangs are fond of Bitcoin, and you may also be aware that some victims who decide to pay up are finding the Bitcoin technology somewhat daunting, to the extent that PadCrypt may be intended to offer advice on paying with Bitcoin by way of a live chat facility (offline at the time of writing). At any rate, Bleeping Computer’s Lawrence Abrams comments:

“A feature like this could potentially increase the amount of payments as the victim can receive “support” and be guided on the confusing process of making a payment.

I’m not familiar enough with Bitcoin at the moment to help much as far as that’s concerned, but I have noticed a number of articles recently that relate to it:

  • Bitcoin and Cryptocurrency Technologies assumes that ‘…you have a basic understanding of computer science — how computers work, data structures and algorithms, and some programming experience. If you’re an undergraduate or graduate student of computer science, a software developer, an entrepreneur, or a technology hobbyist, this textbook is for you.’ However, it is written using a fairly conversational tone, so it’s certainly worth a look if you’re reasonably IT-literate.
  • This primer from Princeton is about 296 pages shorter and more consumer friendly. And here’s Bitcoin’s own FAQ.
  • Richard Chirgwin points out that Bitcoiners are just like everybody else: They use rubbish passwords, which may not reassure you.
  • Imperva has published an interesting paper on ‘The secret of Cryptowall’s success‘ based Bitcoin wallet analysis.

William Hugh Murray comments in a recent SANS newsletter:

Cyber currency is too slow ever to play a major role as a medium of exchange.  It is too volatile to serve as a store of value.  However, anonymity will serve to encourage extortion.

That section of the Newsbites newsletter has a number of interesting links to commentary on the Locky ransomware, by the way.

David Harley