MARFORCYBER And The Marine Corps Cyber Auxiliary

September 02, 2019 by Marc Handelman in USMC CYBER AUX, USMC, USMC Forces Cyber Command, Cybersecurity Competence, Cybersecurity, Cyberwar, Must Read

via Nina Kollars & Emma Moore, writing at War On The Rocks, comes this outstanding, sobering analysis of both current and future cybersecurity professionalism & capabilities within the United States Marine Corps MARFORCYBER and the Marine Corps Cyber Auxiliary.

If you are at all interested in Offensive & Defensive Cyberwarfighting capabilities within the Department of the Navy, and more specifically within the Marine Corps, this, my friend, is Today's Absolutely Must Read. Information Security and Cybersecurity Professionals should email cyberaux@usmc.mil for more information or to volunteer with the United States Marines Cyber Auxiliary.

Who’s Watching The Criminal Enterprise Known As Facebook Watch You?

August 23, 2019 by Marc Handelman in Facebookery, Crime, Death of Privacy, Must Read

via Bhaskar Chakravorti, PhD - the Dean of Global Business, The Fletcher School at Tufts University, comes this thought provoking piece targeting Facebook Inc.'s (NASDAQ: FB) new 'Privacy Cop'. Certainly, today's Must Read.

'In my opinion, in order to be effective, there are three main privacy-related concerns the FTC’s newly designated cop would need to look out for: the potential for genuine violations of users’ privacy; the targeted spread of harmful content, especially resulting in election manipulation and ethnic violence; and instances of collecting and harvesting far more data than is warranted to provide services to users.' - via Bhaskar Chakravorti, PhD Dean of Global Business, The Fletcher School at Tufts University

Csaba Fitzl's 'Getting Root with Benign AppStore Apps'

July 22, 2019 by Marc Handelman in Say It Ain't So!, Apple, Application Security, Information Security, Must Read

via Objective See's 'Objective by the Sea' confab, comes enlightened security research - in this case, crafted by Csaba Fitzil (examine his presentation slides here), in the effort to garner root through curated applications downloaded via the Apple Inc. (NASDAQ: AAPL) Mac App Store. Most Certainly Today's Must Read!

Low-Hanging, The Fruits Are

July 16, 2019 by Marc Handelman in Low-Hanging Fruit, Malware, Information Security, Crime, Criminal Enterprise, Must Read

via Threatpost author Lindsey O'Donnell, come this remarkably lucid, well crafted interview piece dissecting the nature of low-hanging fruits, where the fruits under scrutiny are in fact cities themselves, specifically - Atlanta. Ensconced (if you will) in the Peach State... Most certainly Today's Must Read.

Apple, Inc. - Guardian Of All-Things Privacy 'Suspends' Leaky App

July 15, 2019 by Marc Handelman in Information Security, Must Read, Data Leakage

Dan Goodin, wielding the proverbial Pen of Truth, whilst writing of-all-things Security at Ars Technica has published a superlative piece on the privacy and security related foibles of Apple, Inc. (NASDAQ.com: AAPL). This time targeting Apple's suspension (whatever that means) of the WatchOS app monikered 'Walkie-Talkie'. Today's Must Read.

The Australian Signals Directorate's Essential Eight Maturity Model: Down Under's Security Guide

July 09, 2019 by Marc Handelman in Australia, America's Allies, Five Eyes, Information Security, Must Read

The Australian Governments' Australian Signals Directorate has released an updated version of the 5 Eyes Member country's Essential Eight Maturity Model. Today's Must Read.

State of Georgia: Jurisprudence Stymied by Ransomware

July 02, 2019 by Marc Handelman in Information Security, Must Read

Regardless of folks opinions of the current State of Jurisprudence in Georgia, news from Ars Technica's Sean Gallagher reports of the apparent successful ransomware attacks targeting the state's judicial system. Today's Must Read.

Forsooth! What Sort Of Villainy Makes It's Evil Pestilence Known?

June 10, 2019 by Marc Handelman in Corporate Evil, Secrets, Must Read

Apparently, Amazon.com, Inc. (Nasdaq: AMZN) has taken up the $10 Billion Evil Gauntlet and is running with it (kids, don't do that at home...), if reports are to be believed. Read it and weep for the Interweb's lowly bookseller, turned to the darkside... Today's Must Read.

The Unenforceables

May 28, 2019 by Marc Handelman in Corruption, Governmental Corruption, Government Incompetence, Must Read

via Nicholas Vinocour, reporting at Politico, of the apparent enforcement shortcomings evidenced by the European Union's GDPR Data Protection Commission (in this case, the entity entrusted with the enforcement of the GDPR is the Republic of Ireleand's Data Protection Commission). Today's Must Read! h/t

The Chainsplaining

May 24, 2019 by Marc Handelman in Blockchain, Information Security, Data Security, Must Read

via Matt Cutler, writing at HackerNoon, regales us with the concept of Chainsplaining (the notion of mansplaining Blockchain). Interestingly, Matt's kicked off a new series going beyond chainsplaining at BlockNative, riffing on his previous post. Friday's Must Read...

ASUS Cloud Services: Backdoor In Motion

May 20, 2019 by Marc Handelman in Cloud Security, Information Insecurity, Security Incompetence, Must Read

via the eponymous Dan Goodin, writing at Ars Technica, comes news of a cloud solution gone spuriously out-of-control. Certainly a clear-enough indication the 'Cloud' is not to be trusted, at any time, nor from any vendor - regardless of claims to the contrary. Today's Must Read.

TikTok , Privacy's Greatest Enemy?

May 07, 2019 by Marc Handelman in Death of Privacy, Information Security, Must Read

Read The Telegraph's Robin Pagnamenta's superbly-written piece on TikTok - how the company poses an ostensibly larger and insidious vectored privacy threat as compared to the measly annoyance propagated by Facebook Inc. (NASDAQ: FB); only with a People's Republic of China veneer (and counting amongst it's investors United States based KKR (retired United State Army General David H. Petraeus is a member of the management team at KKR) and Japan - based Softbank Technology Corporation (NASDAQ SFBTF) ). Today's MustRead.

'The Telegraph’s Robin Pagnamenta argues TikTok and its parent company pose a far greater global security concern for Western economies than Chinese telecommunications equipment giant Huawei Technologies. ByteDance’s suite of apps, Pagnamenta warns, “are hoovering up oodles of data on hundreds of millions of foreigners – British, American, Brazilian and Indian – many of them children.' -via Fortune Magazine's Clay Chandler and Eamon Barrett

Who's Really Testing At Microsoft?

May 02, 2019 by Marc Handelman in Must Read, Code Incomplete

Woody Leonhard, Columnist at Compterworld, questions the efficacy of code testing by Microsoft Corporation's (NASDAQ: MSFT) Windows quality assurance personnel; todays Must Read post.

"Admins, in particular, have had a tough month. April brought widespread breakdowns – bluescreens, hangs, very sluggish behavior – to hundreds of thousands of Win7 and 8.1 machines. This wasn’t a “small percentage” kind of event. For some companies, rebooting overnight on Tuesday brought seas of blue screens on Wednesday morning." Woody Leonhard, reporting at Compterworld, details patch failures in the latest Patch Tuesday event

Put A Couple Of Zeroes On It...

April 29, 2019 by Marc Handelman in Must Read, Information Security, Security Incompetence, Criminal Enterprise, Organized Crime, Cybernetic Crime

Quite likely the defining opinion piece, well-crafted by the inimitable Kara Swisher, writing at The New York Times, targeting the the entity known as Facebook, Inc. (NASDAQ: FB) (of which, in our opinion, is a classically structured and well organized criminal enterprise). Today's Must Read.

"With $23 billion in cash on hand, Facebook will see a $5 billion fine as simply the cost of doing business. Needless to say, this is not how fines are supposed to work." - via Kara Swisher's superb opinion piece at The New York Times

The Geomagnetic Jerk

April 24, 2019 by Marc Handelman in Geophysics, Chronometry, Chronoscopy, GIS, Physics, Physical Security, Information Security, Information Sciences, Must Read

Superb explanatory post - via Julien Aubert from l’Institut de physique du globe de Paris (CNRS/IPGP/IGN/Université de Paris), and writing at CNRS - focusing on the phenom of geomagnetic jerks. Today's Must Read.

Visit Graham Cluley’s Twitter Feed For A Well Executed Recording Of The Latest WIPRO Earnings Call And Questions Regarding The Security Failures Dubiously Answered By The Company. — Visit Graham Cluley’s Twitter **Feed** For A Well Executed Recording Of The Latest WIPRO Earnings Call And Questions Regarding The Security Failures Dubiously Answered By The Company.

Brian Krebs x Graham Cluley: The WIPRO Lassitude (or How Not To Execute Incident Response)...

April 22, 2019 by Marc Handelman in Information Security, Flawed Incident Response, Incident Handling, Incident Management, Incident Response, Must Read, Must Listen

Visit Brian Krebs' always well-researched and fact checked information security blog, and Graham Cluley's Twitter Feed for a superb recording of the WIPRO Earnings Call (the recent victims of a pernicous cyberattack), in which, bizarre answers to questions raised by Mr. Krebs were proffered by WIPRO 'Executives'. Todays' Must Read and Hear.

No-Tel Mo-Tel? Motel 6 Settles State of Washington Lawsuit With $12,000,000 Payment

April 06, 2019 by Marc Handelman in Death of Privacy, Information Insecurity, Governed By Imbeciles, Must Read

via Chris Morris' well-crafted reportage at Fortune, comes the story of illegal data sharing engaged in by Motel 6, and the $12,000,000 price tag the company coughed up in settlement fines to the State of Washington. I guess they might not be 'leaving the light on for you' - for a while... Today's Must Read.

"Motel 6 will take a $12 million hit for allegedly sharing the personal information of about 80,000 guests with immigration officials without the knowledge or permission of those customers. The chain has settled a lawsuit brought by the state of Washington over the controversial policy of seven of its hotels in that state between 2015 and 2017. The company has also said it will stop the practice of handing over guest information without a subpoena or warrant, unless it believes someone is in imminent danger." - via Chris Morris', at Fortune

Dark Web Two-Step

March 08, 2019 by Marc Handelman in War, Cyberwar, Must Read

Jason Rivera (a Director at CrowdStrike) and Wanda Archy (a Supervisor in RSM's security practice, targeting the Dark Web), writing at Small Wars Journal, in a remarkable tour de force of darkness - in this case, the darkness relates to the so-called Dark Web, and it's apparent suitability for nation-based and non-nation-actor warfare. I can assurte you, Mr. Rivera's and Ms. Archy's paper (in the form of a post) should be considered as today's Must Read.

"Warfare has always and will always continue to evolve – it is therefore prudent for national security professionals to be aware of this evolution and familiarize themselves with the various technological intricacies that will continue to shape the evolution of warfare. The Dark Web, like other emerging technologies, is one of those technological intricacies. " - Jason Rivera and Wanda Archy writing at Small Wars Journal

We are sure this image is not the multi-tool referred to in this posting!

If At First You Do Not Succeed... Try, Try Again: Russian VPNFilter Malware

October 23, 2018 by Marc Handelman in Jack Of All Trades, Malware, Malware Research, Information Security, Must Read

Sean Gallagher, writing at Ars Technica, regales us with the tale of VPNFilter - The Multi-Tool of Russian Cyber-Miscreants. Today's Must Read!

A New Way In: The Cloudflare IPFS Gambit

October 05, 2018 by Marc Handelman in Must Read, Infrastructure Security, Information Security

Dependent - of course - on your point-of-view - i.e, whether you are on the IPFS Hypermedia File System construct, or not. Intrigued? I was, hence the designation of Lawrence Abrams' superlative reportage as Today's Must Read!