IT Security vs Information Security

Posted on September 18, 2016 by Carmelo

A pet peeve of mine is when Information Security is interchanged with IT (Information Technology) Security. Over the many years working this profession, I’ve heard people, clearly working in the Information Security realm, state they work in IT Security (though their job/role dictates otherwise).

People working for a CISO (Chief Information Security Officer and not a Chief Information Technology Security Officer) cannot always tell the difference.

It is accurate to say that IT security is a component of Information Security. Sometimes a CISO is tasked with giving clarity to an IT Organization regarding their role to reduce “not my job” syndrome. Hopefully this graphic helps.

14390719_1233785976642074_947622524989700611_n

Some of the technical areas are usually absorbed into IT Operations, for example Hardware Hardening. Governance will establish that hardware must be hardened, IT Operations, will follow suit and harden as they build.

Incident response should come from everybody being vigilant and reporting what they see. The police don’t just respond to what they see themselves, but they respond to what is reported by the public.

 

Posted in Security Blog | Tagged , , , | Comments Off on IT Security vs Information Security

FAA Asks Public to Not Use Samsung Note 7 on Planes

Posted on September 14, 2016 by Carmelo

Per the FAA site, the Federal Aviation Administration has asked the public not to turn on or charge the Samsung Note 7 on board aircraft and not to stow them in any checked baggage.

If you haven’t heard, there has been a massive recall on Samsung Note 7s as they were exploding on the charger. The phone retails for near $1,000 USD and the recall/exchange program is pulling back 2.5 million of them.

The issue appears to be in the construction of the battery used inside the phablet. Any damage to the internal mechanics of the cell or imperfections in the electrolyte can raise the risk of a short-circuit.

Posted in Security Blog | Tagged , , , | Comments Off on FAA Asks Public to Not Use Samsung Note 7 on Planes

USB Killer… Now Publicly For Sale

Posted on September 14, 2016 by Carmelo

It’s been some time since I last wrote about killing computers with a USB (here), and now the device is packaged nicely and available for the low price of approximately $55.

Just a note to the general public here, if you find a USB on the ground, don’t plug it into your computer. It can backdoor your system and probe your network, or even cause a fire!

Posted in Security Blog | Tagged , , | Comments Off on USB Killer… Now Publicly For Sale

Happy 87th Birthday Apung Rehing

Posted on September 12, 2016 by Carmelo

img_9181copy

img_9167copy

img_9153copy

img_9152copy

Posted in life | Comments Off on Happy 87th Birthday Apung Rehing

Lake Powell 2016

Posted on September 6, 2016 by Carmelo

We went on our annual Lake Powell vacation! It has been two years though since the last time we went. We had a blast. The album on Facebook might be better than the ones below, which are not in the … Continue reading

More Galleries | Comments Off on Lake Powell 2016

Hacking Star Wars

Posted on August 29, 2016 by Carmelo

Dubbed the Floppotron, Pawel orchestrates the imperial march.

A remote controlled AT-AT from an Arduino, an XBox controller and some ingenuity (also, where I got the photo from).

Posted in Security Blog | Tagged , , , , | Comments Off on Hacking Star Wars

Damien’s Twentieth

Posted on August 27, 2016 by Carmelo

It’s a little earlier than usual and that’s okay! We celebrated Damien turning twenty with family.

IMG_8697

IMG_8694

IMG_8695

IMG_8698

IMG_8704

IMG_8713

IMG_8711

IMG_8722

IMG_8728

IMG_8732

IMG_8731

IMG_8730

IMG_8742

IMG_8741

IMG_8740

IMG_8735

Posted in life | Comments Off on Damien’s Twentieth

What to Watch To Learn A Little CyberSecurity

Posted on August 21, 2016 by Carmelo

Do you like to be entertained? I know I do!
Here are some shows and movies that I recommend.

Brian Brushwood’s Hacking the System

This show has a LOT of thinking outside the box and social engineering.

Mr. Robot
mrrobot
This show has real life examples from the Anonymous group. The story line and some of the trippyness is a little too much, but the hacks are modeled after current real world hacks.

Blackhat…
blackhat
The hacks are good, like the “falling for a phishing email” but the story is a little dumb and overplayed. But then again it’s Chris Hemsworth and who doesn’t like that guy?

CSI: Cyber
csicyber
Actually, it’s not too bad.

A lot of cybersecurity attacks are getting really intermingled into mainstream television, which is great for raising awareness.

What shows do you like to watch?

Also, here is another list from Techworm

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on What to Watch To Learn A Little CyberSecurity

Accurate Hacking Scene?

Posted on August 18, 2016 by Carmelo

Most accurate hacking scene ever!

Don’t you just love some hacking on tv?

Posted in Security Blog | Tagged , , , | Comments Off on Accurate Hacking Scene?

Blue Cross Blue Shield of Kansas City Data Breach

Posted on August 9, 2016 by Carmelo

Ken Selzer, the Kansas Insurance Commissioner warned that members of Blue Cross and Blue Shield of Kansas City need to safeguard their financial and health information following a data breach that accessed information on their medical ID cards.

Insurance officials stressed that BCBS of KC is separate from Blue Cross and Blue Shield of Kansas and did not involve Social Security numbers, dates of birth, banking, credit card information, claims information or health information, they did urge members to be on the look-out for any suspicious activity regarding medical ID card use.

There were over 240,000 records that were affected yet 790,000 members were notified.

No word yet on who the attackers are.

Read more here.

Posted in Security Blog | Tagged , , , , | Comments Off on Blue Cross Blue Shield of Kansas City Data Breach