The Voice Assistant Gambit →

September 11, 2017 by Marc Handelman in All is Information, Alternate Attack Vectors, Alternate Attack Analysis, Physical Security, Information Security, Signals, Communication Security, Communications, Hardware Flaws, Hardware Security

Nicole Kobie, writing at New Scientist, tells the tale of newly researched voice assistant attack vectors leveraging signalling flaws (via an ultrasound attack) within both Apple Inc.'s (NasdaqGS: AAPL) and Amazon.com Inc.'s (NasdaqGS: AMZN) voice assitant offerings Siri and Alexa, respectively. The 'Dominoe Effect' of the ultrasound flaws in these products/services traverses down the device foodchain to Alexa and soo-to-be Siri enabled third party devices... Perhaps new protective sound generating devices are in order?

All Amazon and Apple Links in this Post are Non-affiliate

USENIX Enigma 2017 — Nestan Tsiskaridze's 'Leveraging the Power of Automated Reasoning in Security Analysis of Web Applications and Beyond' →

September 01, 2017 by Marc Handelman in All is Information, Alternate Attack Analysis, AI Security, Conferences, Data That Is Big, Data Driven Security, Education, Information Security, Machine Learning

This is a joint work with Clark Barrett (NYU/Stanford University), Morgan Deters (NYU), Tianyi Liang (The University of Iowa), Andrew Reynolds (The University of Iowa/EPFL), Cesare Tinelli (The University of Iowa) and Nestan Tsiskaridze, University of California, Santa Barbara.

USENIX Enigma 2017 — Tudor Dumitras' 'FeatureSmith: Learning to Detect Malware by Mining the Security Literature' →

August 31, 2017 by Marc Handelman in Alternate Attack Analysis, All is Information, Conferences, Education, Information Security, Malware, Malware Detection, Data Mining, Data Driven Security, Data Discovery

Just 'Kuzz →

May 22, 2017 by Marc Handelman in All is Information, Criminal Enterprise, Crime, Alternate Attack Analysis, Information Security, Cybernetic Crime, Resource Theft

via Phys.org, comes a brief news item targeting the trojan exploit dubbed 'Adylkuzz', and it's mining feature. Additionally, read the highly detailed Proofpoint post, of which, contains the true gist of this trojan, as it were..

'Instead of completely disabling an infected computer by encrypting data and seeking a ransom payment, Adylkuzz uses the machines it infects to "mine" in a background task a virtual currency, Monero, and transfer the money created to the authors of the virus.' - via Phys.org

Looked it over, how shall I say, it's lacking a certain - competency?

Are Intel SGX Enclaves Secure? Nope, Not Really...

March 22, 2017 by Marc Handelman in All is Information, Alternate Attack Analysis, Enclaves, Information Security, Lack of Security Regimen

via Catalin Cimpanu, writing at BleepingComputer, comes this well-crafted piece on the folly of secure enclaves... In this case, Intel SGX Enclaves. Enjoy.

"More details on the attacks and proposed countermeasures are available in the research paper titled "Malware Guard Extension: Using SGX to Conceal Cache Attacks." via Catalin Cimpanu at BleepingComputer

Whom Done It →

January 01, 2017 by Marc Handelman in All is Information, Alternate Attack Analysis, Control Systems, Critical Thinking, Cybersecurity Competence, Defense, Electrical Engineering, Electronic Warfare, Incident Handling, Information Security, Espionage, Cybersecurity

In what wraps up to be a superbly crafted screed penned by Glenn Greenwald, laboring at The Intercept; in which, the Good Mr. Greewald details the perceived falsehoods swirling about the alleged Russian Intelligence Services hacks of the Burlington Vermont electrical generation utility. Today's Must Read.

Ктосделал? Россия и Принуждение через киберпространство →

November 02, 2016 by Marc Handelman in All is Information, Alternate Attack Analysis, National Security, Information Security

That is, "Whodunnit? Russia and Coercion through Cyberspace" a superlative blog post by Robert Morgus at War on the Rocks is today's MustRead.

PREDATOR →

October 31, 2016 by Marc Handelman in All is Information, Analytics, Alternate Attack Analysis, Machine Learning, Information Security, Cybernetic Crime

PREDATOR – Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration, described in the released paper, details the newly developed capability to predict bad-behavior (in this case criminally bad behavior), with the use of analytics at the time of domain registration. Created by Nick Feamster, Shuang Ho, Alex Kantchelian, Brad Miller and Vern Paxson. Outstanding.

"Princeton professor Nick Feamster and University of California Santa Barbara PhD student Shuang Ho worked with Alex Kantchelian (UC Berkley), Google's Brad Miller and Vern Paxson of the International Computer Science Institute to create PREDATOR – Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration...." "The important numbers are: the researchers say PREDATOR identified 70 per cent of domain registrations that were later abused; and they claim a false positive rate of just 0.35 per cent." - via El Reg's Richard Chirgwin

Attack Map →

October 04, 2016 by Marc Handelman in Cartography, All is Information, Alternate Attack Analysis, Information Security, Network Security

The newly released DDoS Attack Map tool from Jigsaw. Recommended for the minimal eye candy, and apparent accuracy...

Google, Refusenik →

September 02, 2016 by Marc Handelman in Attack Analysis, Alternate Attack Analysis, All is Information, Information Security

News, via Robert Abel, writing at SC Magazine, of the refusal of Alphabet Inc. (NasdaqGS: GOOG) to remediate a login page redirect poisoning flaw (recently discovered by Aidan Woods) on the search leviathan's primary page. Oops.

LuciuOS →

August 26, 2016 by Marc Handelman in All is Information, Alternate Attack Analysis, Information Security, Research

In which, the new malware-focused development framework for malware research and mitigation is introduced. Enjoy.

Movement →

August 20, 2016 by Marc Handelman in All is Information, Alternate Attack Analysis, Attack Analysis, Attacker Tracking

DROWN Attack, The Litany →

March 23, 2016 by Marc Handelman in All is Information, Alternate Attack Analysis, Information Security

And now, Ladies and Gentlemen, DROWN has arrvived on the scene, with significant consequences... Read about it at DarkNet, or at the reserachers DrownAttack site (also available is the paper relevant to this attack written by researchers Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninge, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni,Emilia Käsper, Shaanan Cohney, Susanne Engels, Christof Paar and Yuval Shavitt).

Ukranian SCADA Systems Malware Infection Discovered →

January 27, 2016 by Marc Handelman in All is Information, Alternate Attack Analysis, Cyberwar, Information Security

News, of reportedly SCADA malware infections have been published via Motherboard; in which, those infections (also reportedly) point to cyberattack vectors).

'“The fact that malware was recovered from the network at all, and the fact that it's newer, gives a high confidence assessment that the cyberattack on Ukraine was legitimate,” Lee told Motherboard in a phone interview. Lee said the malware was “unique,” implying that it likely wasn't something that just happened be on the grid network during the outage.' - Robert M. Lee, a former US Air Force cyber warfare operations officer as well as the founder and CEO of Dragos Security, wrote on the SANS ICS Security Blog

PhoneBoy's Existential Threat →

January 06, 2016 by Marc Handelman in All is Information, Alternate Attack Analysis, Cybersecurity Competence, Cybersecurity Economics, Information Security, Critical Thinking, Defensive Security, Education

PhoneBoy's thought provoking post, noting the unpreparedness [from a defence perspective] of our society to cybersecurity threats. Quite obviously, today's Must Read.

Russia's NAVY →

December 28, 2015 by Marc Handelman in Alternate Attack Analysis, Physical Security, Military Intelligence, Naval Intelligence, NATO

via the high talented Louis Martin-Vézian writing and designing at CIGeography, for Offiziere.ch and Cimsec.org. What a diffirence a quarter of a century can make... Good to see Cimsec.org mentioned!

Edwin T. Layton, Rear Admiral, United States Navy Ribbon Bar

Intelligence QOTD, Edwin Layton, RADM, USN →

December 14, 2015 by Marc Handelman in All is Information, Alternate Attack Analysis, World Wide War, US Navy, United States of America, Threat Intelligence, Red Team

'I want you to be the Admiral Nagumo of my staff. I want your every thought, every instinct as you believe Admiral Nagumo might have them. You are to see the war, their operations, their aims, from the Japanese viewpoint and keep me advised what you are thinking about, what you are doing, and what purpose, what strategy, motivates your operations. If you can do this, you will give me the kind of information needed to win this war.' - Edwin Layton, RADM USN, 'And I Was There', 1985, pg.357, ISBN-13: 978-5550460245, Publisher - Random House (March 1987)

Brought to my undeniably over-taxed attention by the Red Team Journal

BSidesIOWA 2015, Adversarial Testing through Unconventional Offensive Breach Techniques →

November 20, 2015 by Marc Handelman in Education, Information Security, Alternate Attack Analysis, Offensive Security, Offensive Infosec

Iron Tiger →

September 23, 2015 by Marc Handelman in All is Information, Alternate Attack Analysis, Business of Security, Database Security, Data Security, Information Security

You should know Graham Cluley, specifically because of his outstanding information security reporting; as evidenced, if you will, by his latest screed targeting the so-called Iron Tiger targeted attacks. Noted as today's Must Read.

Chuvakin, Tanks versus Tractors →

August 13, 2015 by Marc Handelman in ICS/SCADA, Information Security, ICS, All is Information, IoT, Alternate Attack Analysis

Via Gartner Research Vice President Anton Chuvakin, Ph.D., comes a superb screed prompted by JeepGate. Today's Must Read.