Saturday, April 03, 2021

Things my Computer Security students should be able to monitor in real time and respond to with pre-planned procedures.

https://www.makeuseof.com/what-does-indicators-of-compromise-mean/

What Does Indicators of Compromise Mean? The Best Tools to Help Monitor Them

Indicators of Compromise provide clues and evidence regarding data breaches. Learn the importance of monitoring them and four tools that can help.

IoCs play an integral role in cybersecurity analysis. Not only do they reveal and confirm that a security attack has occurred but they also disclose the tools that were used to carry out the attack.

They are also helpful in determining the extent of the damage that a compromise has caused and assist in setting up benchmarks to prevent future compromises.

The IoCs are generally gathered through normal security solutions like anti-malware and anti-virus software but certain AI-based tools can also be used to collect these indicators during incident response efforts.





How to simultaneously raise the stakes and dig your self a deeper hole. Their fall will be spectacular. What ever you do, don’t consider that the evidence might be overwhelmingly against your version of the story.

https://www.databreaches.net/anonymous-tries-to-get-this-sites-post-on-mobikwik-censored/

Anonymous” tries to get this site’s post on MobiKwik censored

On March 30, DataBreaches.net posted an update to a controversial data breach that MobiKwik denies (previous coverage can be found here). The controversy subsequently escalated on Twitter when people started complaining that they had found their data in the leaked database and that it corresponded to what they had on file with MobiKwik. In addition to the shock and concern consumers felt about their data being available on the internet, there was anger at MobiKwik for denying responsiblity and for trying to threaten and smear the researcher who had notified them and then pursued responsible disclosure.

In what made denial seem like an extreme sport, MobiKwik even went so far as to suggest that their customers may have uploaded all their information to multiple platforms.

The researcher, Rajshekhar Rajaharia, provides a more detailed timeline of the controversy on Medium. For his efforts to protect consumers, Rajaharia has been defamed as “media-crazed,” threatened with litigation, and censored by LinkedIn and Twitter based on complaints by MobiKwik.

And now DataBreaches.net has been targeted because on March 30, I posted Mobikwik offers master class in how NOT to respond to a breach; researchers scoff, consumers rage.

Today, I received an email from this site’s web host. They were forwarding a complaint submitted to CloudFlare from “anonymous,” and they asked me to look at it. So I did.

Before I show you what “anonymous” wrote, let me remind everyone what it says on this site’s About page:

This site is a combination of news aggregation, investigative reporting, and commentary. You may disagree with my reporting or be offended by my opinions. If you think I’ve erred in my reporting, email and let me know what you think I got wrong. If you don’t like my commentary on a situation or on your handling of an incident, you’re free to send a statement for me to consider posting.
If you want to send me legal threats about my reporting or comments, knock yourself out, but don’t be surprised to see me report on your threat, any confidentiality sig blocks you may attach notwithstanding. I have been threatened with lawsuits many times, and to be blunt: there is NOTHING you can threaten me with that will scare me even 1/10th as much as the day both my kids got their driver’s licenses within 15 minutes of each other.

Even though I had tweeted to MobiKwik on March 4 to question their claim, they never responded. And even after I emailed MobiKwik to tell them that I didn’t find their denial credible, they never responded. They never reached out to this site after the one boilerplate denial. But today, “Anonymous” complained.

You may want to look at the post “Anonymous” is complaining about so you can evaluate how accurate — or inaccurate– their claims are:

Reporter: Anonymous
Reported URLs:
https://www.databreaches.net/mobikwik-offers-master-class-in-how-not-to-respond-to-a-breach-researchers-scoff-consumers-rage/
Logs or Evidence of Abuse: The Blogger Dissent at Databreaches.net is Linking hacked/leaked personal information from Raid Forums on her blog. The sole reason for linking personal information is on the intent to maliciously shame a company so they can admit to being hacked.
This is not right for this blog to link personal information just to manipulate, harass and Shame.

This was the main part of my response to my web host:

I reviewed the post that “anonymous” found objectionable. Their complaint is almost entirely unfounded:
1. There was and is absolutely NO link to RaidForums.com in the post the “anonymous” complainant links to. The forum is mentioned but there is no data on RaidForums linked to at all.
2. There is not even one iota of personal information reproduced or leaked in the post. In fact, the post heavily redacted images to prevent anything from being revealed. That said:
3. I have removed a link to a now defunct portal that allowed consumers to find out what data the company held on them that had been hacked and leaked. Since the company claimed — and claims — that the data were not real data and were not their data anyway, I’m hard-pressed to understand how they can now claim I am leaking their firm’s customers’ personal data, but I have removed the link anyway.
But that link to a portal is all that I am willing to remove as there’s no personal info leaked or linked to in the remaining post.
They just don’t want to be embarrassed by criticism so they try to chill protected speech.
[…]

Now here’s my response to “Anonymous:”

You may have been able to censor Rajaharia on LinkedIn and Twitter, and you will probably keep trying to censor me, but I’d encourage you to learn about the Streisand Effect, and take this caution seriously: I don’t tolerate bullies or people who try to chill protected speech. I *will* fight back. And if I want to characterize your incident response to date as an EPIC FAIL, yes, I can do that, too.

Oh look, I just did.





Tis indeed a puzzlement. Who can you get if liking Google or hating Google are equally disqualifying?

https://www.politico.com/news/2021/04/02/biden-doj-nominee-silicon-valley-478934

Biden struggling to fill DOJ job that could rein in Silicon Valley

White House ethics officials are raising objections about DOJ antitrust candidates who have represented companies complaining about major tech companies, particularly Google.

President Joe Biden’s search for the Justice Department’s top trust-busting role is being bogged down by ethics concerns, both about candidates who have represented Silicon Valley’s giants and those who have represented critics of the big tech companies.





Perspective. I imagine a 15 year old hacker being offered a commission as a Major…

https://www.ft.com/content/92a63e8b-36a3-477d-9bb4-3bcfb60cc7fa?segmentid=acee4131-99c2-09d3-a635-873e61754ec6

UK military relaxes recruiting rules to attract cyber specialists

Tech experts can now be taken directly into senior ranks without having to work their way up the hierarchy

The UK armed forces have relaxed hiring rules to allow candidates from the private sector to go directly into senior military roles, in a drive to recruit more cyber specialists as warfare expands into the digital realm.

General Sir Patrick Sanders, head of the UK’s Strategic Command, told the Financial Times that while he sometimes envied Israel’s conscription model — which allows defence chiefs to find the best cyber talent from a population-wide pool — the British military was finding new ways to attract tech experts.

“I’m interested in people who may want to come in and spend a bit of time in defence, gain their credentials, their credibility and then move in and out,” said Sanders, who was speaking on the FT’s Rachman Review podcast. “And so that idea of a much more flexible approach to a career in defence, encouraging ‘lateral’ entry, and also looking at people with very different entry standards to what we traditionally expect.”



No comments: