Bennett Arron: How to Steal an Identity

Bennett Arron. Bennett is a stand-up comedian, award-winning writer and a major victim of Identity Theft. Years after having his identity stolen – which resulted in his losing everything – he wrote a comedy show about his experience.

The video shows how he takes on the identity of Peter Parker.

I did not see any controls on the page that allowed to embed the video into my blog, so you will have to go here: http://www.genieinthehouse.com/bennett/

This video would be great to show for security awareness.

Posted in Security Blog | Tagged , , , , | Comments Off on Bennett Arron: How to Steal an Identity

iRisk

Irisk_full_web

iRisk, or the iRisk equation is another quantitative analysis formula. Like most quantitative analysis models, you solve for the risk by calculating the threat and vulnerability, and lower the risk when mitigating or compensating controls are added.

Here is where you can read more about iRisk: http://community.securestate.com/index.php?title=What_is_iRisk%3F

Posted in Security Blog | Tagged , , , , , , , , , | Comments Off on iRisk

BCJs in an SSAE-16

I looked everywhere for this acronym that I found while processing a Type II SSAE-16. I guessed pretty close, but since someone helped me find it, you may have to google it one day and hopefully you will find that:

BCJ stands for Business Case Justification

Posted in Security Blog | Tagged , , | Comments Off on BCJs in an SSAE-16

Botnet Command and Control

James Lyne explains some botnet command and control.

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Botnet Command and Control

Visualize the World’s Biggest Data Breaches

Visit here to see an interactive of the graphic below
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

databreaches

Posted in Security Blog | Tagged , , | Comments Off on Visualize the World’s Biggest Data Breaches

HIPAA or HIPPA?

When professional publications, job postings, and Health related websites mess up the acronym for HIPAA, I get really ticked.

I just bought this book, they just wrote out what HIPAA stands for and they still get the acronym wrong?
What’s wrong with you people?!

hippa

Posted in Security Blog | Tagged , , | Comments Off on HIPAA or HIPPA?

Compliance’d

For the lols, I’m hopefully going to create more ridiculous meme like pictures like this.

complianced1a
P.S. I made this, if you see it somewhere else, they stole it from me.

Posted in Security Blog | Tagged , , , , | Comments Off on Compliance’d

Edward Snowden on Ted: Here’s How to Take Back the Internet

integrity
Makes you think differently about this bottle top. Read it from the perspective of the normal person, read it from the perspective of Edward Snowden, then read it from the perspective of the NSA.

Posted in Security Blog | Tagged , , , , , , , , , , , , , , , , | Comments Off on Edward Snowden on Ted: Here’s How to Take Back the Internet

The Internet of Things

the-future-of-refrigeration

 

The Internet of Things (IOT) is a concept of delivering Internet to almost anything that has a chip in it. Cool for the end user, but for the cybersecurity minded person, an inevitable nightmare.

In January, a refrigerator was used as part of a SPAM/Phishing attack. That’s right. Italicized below is from Business Insider.

In the press release, Proofpoint explains:

  • The hack happened between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting enterprises and individuals worldwide.
  • About three-quarters of the emails were sent by regular computers, but the rest, slightly more than one-quarter, were sent by hacked home appliances.
  • Hackers didn’t have to be amazingly smart when breaking into home appliances. Many times they gained access because the home owners didn’t set them up correctly, or used the default password that came with the device.

Read more: http://www.businessinsider.com/hackers-use-a-refridgerator-to-attack-businesses-2014-1#ixzz2vypg7JJa

Posted in Security Blog | Tagged , , , , | Comments Off on The Internet of Things

Bruce Schneier Facts

Bruce Schneier Facts

Bruce Schneier Fact #1: Bruce Schneier once killed a man using only linear cryptanalysis.

Bruce Schneier Fact #2 Bruce Schneier once decrypted a box of AlphaBits.

Bruce Schneier Fact #3 P = NP in Bruce Schneier’s very presence.

Bruce Schneier Fact #4 Bruce Schneier gets the jokes in the Voynich MS.

Bruce Schneier Fact #5 Bruce found a secure way to reuse a one-time pad.

Bruce Schneier Fact #6 Bruce Schneier finds collisions by banging hashes together.

Bruce Schneier Fact #7 Bruce Schneier can log into any computer just by staring down the prompt.

Bruce Schneier Fact #8 Bruce Schneier knows how to generate a digital signature. Anyone’s.

Bruce Schneier Fact #9 When Bruce Schneier does modulo arithmetic, there are no remainders. Ever.

Bruce Schneier Fact #10 Bruce Schneier taught Chuck Norris how to divide by zero as they stood silent in an elevator.

Bruce Schneier Fact #11 Bruce Schneier doesn’t use keyloggers. He’s standing right behind you.

Bruce Schneier Fact #12 The Dining Cryptographers always wait until Bruce Schneier has been served.

Bruce Schneier Fact #13 Anybody can invent a cryptosystem he cannot break himself. Except Bruce Schneier.

Bruce Schneier Fact #14 Compilers don’t warn Bruce Schneier, Bruce Schneier warns compilers.

Bruce Schneier Fact #15 When Bruce Schneier uses double ROT13 encryption, the ciphertext is totally unbreakable.

Bruce Schneier Fact #16 For Bruce Schneier, SHA-1 is merely a compression algorithm.

Bruce Schneier Fact #17 Bruce Schneier doesn’t keep secrets, they keep themselves out of fear.

Bruce Schneier Fact #18 Bruce Schneier once counted an infinite set. Backwards.

Bruce Schneier Fact #19 Bruce Schneier can conduct secure multiparty computation… on his own.

Bruce Schneier Fact #20 Bruce Schneier doesn’t have a chin under his beard, just more ciphertext.

Bruce Schneier Fact #21: Bruce Schneier writes his books by generating a random text of an appropriate length and then decrypting it.

Bruce Schneier Fact #22 There are no prime numbers. Only numbers that Bruce Schneier does not want you to factor.

Bruce Schneier Fact #23 Bruce Schneier mounts chosen-ciphertext attacks without choosing the ciphertext.

Bruce Schneier Fact #24: Every time Bruce Schneier smiles, an amateur cryptographer dies.

Bruce Schneier Fact #25: Bruce Schneier fully discloses his own vulnerabilities: none.

For more Bruce Schneier facts visit http://www.schneierfacts.com/

Posted in Security Blog | Tagged , , , | Comments Off on Bruce Schneier Facts