Friday, November 8, 2013

INSIDE JOB [AND MORE]


HOW SNOWDEN GOT HIS DATA



If you've read any security tips related to organizations over the last decade then you know that more security breaches come from the inside of a company than the outside. Once you are inside, half the battle is won.

When Snowden was sent to Hawaii he obtained over 20 different logins and passwords from other workers under the pretense he required them to do some computer maintenance. After that, we all know some of what happened. And in many cases, in some companies, it's even easier.

I once worked at a firm where my directive from above allowed users to never have to change their passwords. So while this policy was in place, I told users to make passwords difficult at the least, and they did just the opposite. The users were brainy, with a wall of degrees "piled higher & deeper" yet more than half of them chose 123456 for their password. In the security work I've done lately I've seen more-or-less the same thing, where a fairly large company all use "Welcome" for their passwords. [and they wonder why their computers were "on" when they came into work, sometimes on Porn sites? Two words: cleaning people].

HAVE YOU HAD A HANGOVER?

Operation "Hangover" is currently exploiting zero-day exploits in Microsoft Windows, and Microsoft is trying to get patches out next Tuesday. In the meantime it seems as if the attacks come via email. According to Symantec:

The attacks Symantec captured used malicious Word documents attached to emails with subject headings such as "Illegal Authorization for Funds Transfer" and "Problem with Credit September 26th 2013."

'Nuff Said,
Brian

No comments:

Post a Comment