"The Combo Breaker can guess all three numbers on its own within a few minutes, but if you manually find the first number that makes the dial get stuck when you pull on the shackle, then Samy’s device can open the Master combination lock within 30 seconds, using a maximum of only eight attempts. To be more precise, Samy’s technique will give you the exact first and third numbers of the combination, plus eight possible second numbers." - via TechnoBob's Lambert Varias
The Eight Irari Rules:
The malware used should have been detected.
The attack exploited vulnerabilities where a patch was available.
Multifactor authentication was not in use on critical servers.
Static passwords were used in attacks on critical servers.
If phishing was involved, there was no awareness program in place that went beyond phishing simulations and computer-based training.
Detection mechanisms that could have stopped the attack in progress were not in place or were ignored.
There was poor network segmentation that allowed the attackers to jump from low-value networks to critical systems.
User accounts that were compromised had excessive privileges.
News, via the Joint Task Force 505 from KATHMANDU, Nepal, May 17, 2015 – Joint Task Force 505 officials have identified the six U.S. Marines who were killed along with two Nepalese soldiers when their UH-1Y Huey helicopter crashed in the mountains of Nepal May 12.
Once identified as the crash site, Nepalese Special Forces stood watch over our fallen Marines and their Nepalese Army comrades-in-arms throughout the night, till recovery efforts could be mounted.
Capt. Dustin R. Lukasiewicz, a UH-1Y pilot with Marine Light Attack Helicopter Squadron 469, Marine Aircraft Group 39, 3rd Marine Aircraft Wing, Camp Pendleton, California, and a native of Nebraska;
Capt. Christopher L. Norgren, a UH-1Y pilot with HMLA-469, Marine Aircraft Group 39, 3rd Marine Aircraft Wing, Camp Pendleton, California, and a native of Kansas;
Sgt. Ward M. Johnson, IV, a UH-1Y helicopter crew chief with HMLA-469, Marine Aircraft Group 39, 3rd Marine Aircraft Wing, Camp Pendleton, California, and a native of Florida;
Sgt. Eric M. Seaman, a UH-1Y helicopter crew chief with HMLA-469, Marine Aircraft Group 39, 3rd Marine Aircraft Wing, Camp Pendleton, California, and a native of California;
-- Cpl. Sara A. Medina, a combat photographer with Marine Corps Installations Pacific, Okinawa, Japan, and a native of Illinois; and
-- Lance Cpl. Jacob A. Hug, a combat videographer with Marine Corps Installations Pacific, Okinawa, Japan, and a native of Arizona.
Today at approximately 10:00 a.m. Nepal Standard Time, Nepalese soldiers and service members from Joint Task Force 505 safely recovered the fallen U.S. and Nepalese service members to the Tribhuvan International Airport in Kathmandu, Nepal.
The soldiers and Marines were honorably received at TIA and will be transported to the appropriate medical facilities to be properly identified by mortuary affairs personnel.
JTF 505 Commander Marine Corps Lt. Gen John E. Wissler thanked the people of Nepal and the Nepalese armed forces for their selfless dedication in the search and recovery of the fallen service members.
"I am honored to serve alongside the Nepalese soldiers and to call them my friends" he said.
"You never hesitated in the joint effort to bring our brothers home. Everyone united -- the soldiers hiking through hazardous terrain, the pilots flying in uncertain weather conditions and the Nepalese special forces standing watch over our Marines on a mountainside at night,” Wissler said. “We honor our fallen comrades through our unselfish support to each other in this time of grief."
The fallen service members were "courageous, selfless individuals dedicated to the international Humanitarian Aid mission here in Nepal whose memories will live on through the lives they touched during this disaster relief operation and in their previous service to their countries," he said.
JTF 505 arrived in Nepal April 29 to conduct humanitarian aid and disaster relief operations following the April 25 magnitude-7.8 earthquake. The helicopter crashed about 8 miles north of Charikot, Nepal, while supporting casualty evacuations following a second earthquake of magnitude 7.3 that occurred May 12.
Familiarity Maxim: Any security technology becomes more vulnerable to attacks when it becomes more widely used, and when it has been used for a longer period of time. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
On August 31, 1949, Secretary of Defense Louis Johnson announced the creation of an Armed Forces Day to replace separate Army, Navy and Air Force Days. The single-day celebration stemmed from the unification of the Armed Forces under one department -- the Department of Defense. Each of the military leagues and orders was asked to drop sponsorship of its specific service day in order to celebrate the newly announced Armed Forces Day. The Army, Navy and Air Force leagues adopted the newly formed day. The Marine Corps League declined to drop support for Marine Corps Day but supports Armed Forces Day, too.
In a speech announcing the formation of the day, President Truman "praised the work of the military services at home and across the seas" and said, "it is vital to the security of the nation and to the establishment of a desirable peace." In an excerpt from the Presidential Proclamation of Feb. 27, 1950, Mr. Truman stated: "Armed Forces Day, Saturday, May 20, 1950, marks the first combined demonstration by America's defense team of its progress, under the National Security Act, towards the goal of readiness for any eventuality. It is the first parade of preparedness by the unified forces of our land, sea, and air defense".
Bob Knows a Guy Maxim: Most security products and services will be chosen by the end-user based on purchase price plus hype, rumor, innuendo, hearsay, and gossip.. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Evidence, says Zack Whittaker for Zero Day, of data disappearing from solid-state storage facilities, when the storage medium is unpowered for several days. Apparently, additional degradation takes place when temperatures rise...
The money quote:
"A recent presentation by hard drive maker Seagate's Alvin Cox warned that the period of time data is retained on some solid-state drives is halved for every 9°F (or 5°C) rise in temperature where its stored. That means if a solid-state drive is stored in a warm room, say 77°F (25°C), its data can last for about two years. But, if that goes up by a mere few degrees to 86°F (30°C), that data's retention period will be cut in half." via Zack Whittaker at Zero Day