Tuesday, November 24, 2015

LOCK those screens!

Hi Anything Cyber community,
Whether I'm at work or waiting for an hour to be seen by my Doctor, I'm getting tired of running into a hackers gold mine, unlocked computer screens. When I see it, I'm immediately compelled to lock the screen myself. However, I have to do it fast since I don't want the computer owner coming up and wondering why I'm invading their space.

Just the other day while waiting on my Doctor, I noticed not only was the computer screen unlocked, the now unsupported ( for over a year) Windows XP was the operating system. Not only would a hacker have direct access to my Doctor's account, they also have a vulnerable operating system to hack. Being a seasoned Ethical hacker by formal training ( not all night hackathons staying wired on caffeine),I couldn't help but see some of the potentially ripe with sensitive PII data file shortcuts displayed on my Doctor's computer Desktop.

Lucky for my Doctor, I'm not one of those dreaded Black Hats.

Bottom line, with all of the threats of terrorism, identity theft, and cyber crime, we must do our part and don't forget to control-alt-del before you go out for that lunch break.

Jimmie Walker

Wednesday, September 16, 2015

A true Life Saver

Hi Anything Cyber community,

With Apple's keynote last week announcing multiple new products for Apple fanboys like myself to lust, I'd like to discuss one overlooked iOS feature that many might not know about or take for granted. That feature is called Medical ID. It's found in the Health app which is the one with the heart and white background that the controlling Apple will not let you delete. The Medical ID allows the owner of an iPhone to display information such as age, medical conditions, medications, and 1 or more emergency contacts. The emergency contact option allows the first responder to call the contact directly from the iPhone. This feature has multiple use cases. For example, if you have a chronic illness which leads to fainting in a public place, a first responder can access your Medical ID on the lock screen and know exactly what might have caused you to faint and who to contact. Another use case involves those unfortunate times when you leave your iPhone behind at a meeting, bathroom, etc.

Earlier this year I presented Cyber threats and best practices in front of an audience of business executives. After the event, a left behind iPhone 6 was discovered. Since I had knowledge of Medical ID, I tried to access the feature on the lost phone so that we could contact the owner. Unfortunately, the owner had not set up their Medical ID so we had no way to know who owned the phone.

Although security concerns are valid, you can include as much or as little information to match your comfort zone. I feel the benefits outweigh the security risks especially in the case of a life or death situation.

I'm making it a mission to tell all the iPhone owners I know about the Medical ID feature. I'd put the same challenge out to you as well.

Jimmie Walker

Monday, August 31, 2015

Account for IoT

Hi Anything Cyber following,

I'd like to discuss a topic that I just can't seem to avoid, Internet of Things. Today I saw an advertisement for IoT transportation. Not only are we equipping our fridges to be Internet connected with an increased risk of being hacked, we're also hooking vehicles weighing tons to IoT devices not knowing or in many cases caring if security is maintained on an ongoing basis.

Believe me, black hat hackers out there are studying the vulnerabilities of IoT devices even if IoT manufacturers are not. Hackers will make use of found vulnerabilities to own the IoT device and in turn compromise connected devices of even more value. Before you or your company acquire that next 'got to have' IoT device, inquire about the security measures in place and whether or not the device will be maintained for the long haul. If the manufacturer doesn't maintain it, who will and at what enormous expense?


Monday, July 27, 2015

Internet of Things Security Immaturity

Hi Anything Cyber community,
It's the end of the month and things are getting hot in the South. What better time than to discuss the immaturity of Internet of Things (IoT) security and provide an example, Jeeps getting hacked. The last few months, I've briefed local companies regarding the lack of security surrounding most IoT technologies. A few reasons for the lack of security include: hard to configure security controls; use of same encryption keys for all devices produced by a given manufacturer; and lack of security updates. Although the convenience of accessing your car via the web is very cool, hackers feel it's also cool to cause havoc. Chrysler has issued a patch to correct the zero-day vulnerability allowing Jeeps to be remotely hacked and cause dangerous safety situations for drivers.

It's a good thing that the media is covering this Jeep hacking story to bring awareness to other auto manufacturers that IoT security is just as important as IoT availability and functionality.

Jimmie Walker

Sunday, June 28, 2015

Locker ransom ware author comes clean

The author of Locker expressed his sorrow for infecting computers and released the decryption keys which can be used to decrypt files on infected computers. It is good to know that ethical hackers really do exist.

Jimmie Walker

Saturday, May 30, 2015

"Locker" ransom ware on the prowl

Hi Anything Cyber community,

Another variant of ransom ware is rearing it's destructive head. A sleeper ransom ware called "Locker" is in the wild. It works similar to CryptoWall which I discussed in an earlier post. The main difference is that Locker's ransom request is only about $20-$30 versus a starting ransom of $500 for CryptoWall. A much smaller bounty might increase the odds that victims will pay to get their files unencrypted. Another twist to locker is a warning in the ransom note that the private key used to encrypt victim files will be destroyed if attempts are made to circumvent the encryption. In other words, don't even think about reverse engineering "Locker" ransom ware or you will pay severely.

While it isn't clear of the exact infection vehicle used by "Locker" to compromise victim computers, typical vectors for ransom ware include phishing emails and malvertising.

Thursday, April 30, 2015

A password doesn't cut it for corporate social media accounts

If a password is compromised for a corporate social media presence like Facebook, LinkedIn, or Twitter, a cybercrimnal can spread spam or malware to all followers. Therefore, it's imperative to enable multi factor authentication for corporate public facing accounts. A simple compromised password is practically useless with multi factor authentication enabled.
Jimmie Walker