Guest column by Citadel Information Group

 

Guest column by Citadel Information Group

Cyber Crime

Cards Stolen in Target Breach Flood Underground Markets: Credit and debit card accounts stolen in a recent data breach at retail giant Target have been flooding underground black markets in recent weeks, selling in batches of one million cards and going for anywhere from $20 to more than $100 per card, KrebsOnSecurity has learned. KrebsOnSecurity, December 20, 2013

Prosecutor Says Kate Middleton’s Phone Was Hacked: LONDON – A prosecutor in a high-profile trial on Thursday accused Rupert Murdoch’s News of the World tabloid of hacking into the voice mail of the Duchess of Cambridge when she was known as Kate Middleton, before her marriage to Prince William, second in line to the throne. The New York Times, December 19, 2013

Washington Post Servers Infiltrated, Employee Credentials Stolen: The Washington Post late today reported that its servers were hacked and employee usernames and passwords were compromised in the attack, which was detected by a contractor that monitors the news organization’s network. DarkReading, December 18, 2013

L.A. Gay & Lesbian Center Information Systems Compromised By Cyberthieves: LOS ANGELES, Dec. 10, 2013 /PRNewswire-USNewswire/ – The L.A. Gay & Lesbian Center was recently the victim of a sophisticated cyberattack that, according to data security and technology experts, was designed to collect credit card, Social Security numbers and other financial information, although there is no evidence that anyone’s information was actually accessed or acquired. Dark Reading, December 10, 2013

Cyber Privacy

N.S.A. Dragnet Included Allies, Aid Groups and Business Elite: Secret documents reveal more than 1,000 targets of American and British surveillance in recent years, including the office of an Israeli prime minister, heads of international aid organizations, foreign energy companies and a European Union official involved in antitrust battles with American technology businesses. The New York Times, December 20, 2013

$10m NSA contract with security firm RSA led to encryption ‘back door.’ As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the National Security Agency arranged a secret $10m contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned. The Guardian, December 20, 2013

Obama Is Urged to Sharply Curb N.S.A. Data Mining: WASHINGTON – A panel of outside advisers urged President Obama on Wednesday to impose major oversight and some restrictions on the National Security Agency, arguing that in the past dozen years its powers had been enhanced at the expense of personal privacy. The New York Times, December 18, 2013

Revelations That Ikea Spied on Its Employees Stir Outrage in France: PARIS – Virginie Paulin’s voice still trembles when she recounts how she was fired from what she considered her dream job at Ikea in France. The New York Times, December 15, 2013

NSA Can ‘Easily’ Break Cellphone Encryption, Report Says: The U.S. National Security Agency (NSA) has the technical capacity to crack the most commonly-used cellphone encryption technology, and in doing so it can decode and access the content of calls and text messages, according to a Washington Post report published Friday. Mashable, December 13, 2013

Help Bring Privacy Laws Into 21st Century: Lost in the ongoing media firestorm over the National Security Agency’s domestic surveillance activities is the discussion about concrete steps to bring the nation’s communications privacy laws into the 21st Century. Under current laws that were drafted before the advent of the commercial Internet, federal and local authorities can gain access to mobile phone and many email records without a court-issued warrant. In this post, I’ll explain what federal lawmakers and readers can do to help change the status quo. KrebsOnSecurity, December 11, 2013

Tech Giants Issue Call for Limits on Government Surveillance of Users: Eight prominent technology companies, bruised by revelations of government spying on their customers’ data and scrambling to repair the damage to their reputations, are mounting a public campaign to urge President Obama and Congress to set new limits on government surveillance. The New York Times, December 9, 2013

Identity Theft

Chase to Limit Use of Debit Cards From Target Breach: JPMorgan Chase on Saturday notified customers who used debit cards at Target stores during the recent security breach that it was limiting use of the cards to cash withdrawals of $100 a day and purchases totaling $300 a day. The New York Times, December 21, 2013

Financial Fraud

“But I don’t bank online!”: You might think that someone who doesn’t choose to have online access to his or her bank account would be safe from online banking fraud. ABA Banking, December 13, 2013

Cyber Warning

Botnet Enlists Firefox Users to Hack Web Sites: An unusual botnet that has ensnared more than 12,500 systems disguises itself as a legitimate add-on for Mozilla Firefox and forces infected PCs to scour Web sites for security vulnerabilities, an investigation by KrebsOnSecurity has discovered. KrebsOnSecurity, December 16, 2013

Securing the Village – ISSA-LA

Richard Greenberg, CISSP, Named ISSA Fellow: The Los Angeles Chapter of the Information Security Association (ISSA-LA) announced that Richard Greenberg has been named a Fellow by the Information Systems Security Association (ISSA). ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk, and protecting critical information and infrastructure. PR Log, December 18, 2013

National Cyber Security

Officials Say U.S. May Never Know Extent of Snowden’s Leaks: WASHINGTON – American intelligence and law enforcement investigators have concluded that they may never know the entirety of what the former National Security Agency contractor Edward J. Snowden extracted from classified government computers before leaving the United States, according to senior government officials. The New York Times, December 14, 2013

---

The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

 

Guest column by Citadel Information Group

 

Guest column by Citadel Information Group

Cyber Crime

Thieves Covering Tracks Following $100M Bitcoin Heist: As if Bitcoin malware and Bitcoin mining malware weren’t enough to worry about, there was more trouble for the users of the digital crypto-currency last week as 96,000 Bitcoins disappeared from the Sheep Marketplace. ThreatPost, December 3, 2013

Cyber Privacy

How the NSA is tracking people right now: Documents obtained by The Washington Post indicate that the National Security Agency iscollecting billions of records a day to track the location of mobile phone users around the world. This bulk collection, performed under the NSA’s international surveillance authority,taps into the telephony links of major telecommunications providers including some here in the United States. The Washington Post, December 5, 2013

Microsoft to encrypt services, notify users of gov’t data requests: Microsoft moved to reassure business and government customers worldwide that it is committed to informing them of legal orders related to their data, and will fight in court any ‘gag order’ that prevents it from sharing such information with customers. ComputerWorld, December 5, 2013

Identity Theft

How To Keep The Grinch From Stealing Your Identity: With Cyber Monday sales up 20.6% from 2012 according to the IBM Digital Analytics Benchmark, it’s clear that more shoppers will be spending online than ever before. That means more will also become victims to identity theft. While there are no guarantees, there are some smart-and not t0o burdensome-steps you can take to protect yourself from the identity thieves both online and off. Forbes, December 3, 2013

Cyber Warning

Simple But Effective Point-of-Sale Skimmer: Point-of-sale (POS) skimmers – fraud devices made to siphon bank card and PIN data at the cash register – have grown in sophistication over the years: A few months back, this blog spotlighted a professionally made point-of-sale skimmer that involved some serious hacking inside the device. Today’s post examines a comparatively simple but effective POS skimmer that is little more than a false panel which sits atop the PIN pad and above the area where customers swipe their cards. KrebsOnSecurity, December 3, 2013

Cyber Security Management

How to create security awareness with incentives: Gamification is an alternative to pushing employees to improve security awareness. Ira Winkler and Samantha Manke offer tips for making incentives work for your program. CSO, December 2, 2013

Cyber Security Management – Cyber Update

Important Security Update for D-Link Routers: D-Link has released an important security update for some of its older Internet routers. The patch closes a backdoor in the devices that could let attackers seize remote control over vulnerable routers. KrebsOnSecurity, December 2, 2013

Cyber Security Management – Cyber Defense

How Many Zero-Days Hit You Today?: On any given day, nation-states and criminal hackers have access to an entire arsenal of zero-day vulnerabilities – undocumented and unpatched software flaws that can be used to silently slip past most organizations’ digital defenses, new research suggests. That sobering conclusion comes amid mounting evidence that thieves and cyberspies are ramping up spending to acquire and stockpile these digital armaments. KrebsOnSecurity, December 5, 2013

HOW THE NSA COULD BE BREAKING SSL: In order for the National Security Agency to collect the massive amounts of communication it has from email and Web traffic, it needs to elude, leapfrog or bash through the barrier that is SSL. ThreatPost, December 4, 2013

Massive hack shows users still don’t know how to create safe passwords: Cyber security researchers recently discovered a server with about 2 million stolen Internet passwords, and as expected, many of the login credentials are no more complex than “1234.” LA Times, December 4, 2013

Securing the Village

Microsoft Launches Cybercrime Center: Microsoft expands global role supporting law enforcement, government, and businesses fighting cybercrime. InformationWeek, December 4, 2013

Cyber Law

LabMD latest to challenge FTC’s cybersecurity regulation authority: The medical testing laboratory follows hotelier Wyndham in saying the FTC can’t regulate its security measures. Inside Counsel, December 4, 2013

Cyber Calendar

ISSA-LA December Lunch Meeting: Please join us for our annual Holiday Party! Let’s gather to celebrate another successful year for ISSA-LA at our final meeting of 2013. Network. Lunch. Raffles & more! ISSA-LA, Event Date: December 18, 2013

---

The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

 

Guest editorial by Stan Stahl, Ph.D.

_________________________

I publish 6 or so essays a year in honor of the Fourth of July, Memorial Day, Thanksgiving, etc. My objective is to write in ways that bring us together around the ideals of America, rather than in ways that separate us. I am proud that readers often tell me they find my essays inspiring, for it means that I have captured that inspiration which is America.

What must it take for a man to fight for freedom with the commitment and courage Nelson Mandela showed … and … then … after 27 years in prison … forgive his oppressors? Truly forgive them. Not just some platitude about forgiveness but true forgiveness, in the deepest most heartfelt most spiritual sense of that word. What must it take for a man to do this?

For this was Nelson Mandela.

Think about how hard this is. Feel it. All around us in the world of 2013 we see hate and anger. And this man, who saw more hate and more anger and more oppression than most of us ever will found the ability to forgive. Feel in your own heart how difficult this must be.

What a lesson he is for humankind!

Mandela appreciated that South Africa could only find a better future if it was a future in which all participated. It could not be whites or blacks; it HAD to be blacks and whites.

As a species, this is our future … our only successful future … that we become as one people …. E Pluribus Unum … learning to get along in a world in which we all get to live as free as we possibly can … each of us … endowed with those inalienable rights of life, liberty and the pursuit of happiness.

And, ultimately, the primary thing holding us back – what Mandela understood – is the fear and the anger in our hearts. Mandela understood that forward progress demanded forgiveness and that forgiveness demanded truth and reconciliation. As someone once said “You will never have a better future if you insist on having a prefect past.”

We all need this lesson, both as individuals and as a species. The only way to grow beyond the past is to forgive the past.

Thank you, Nelson Mandela, for illuminating the path.

Now cracks a noble heart.

Good night, sweet prince, And flights of angels sing thee to thy rest!

Hamlet

 

Let Freedom Ring.

_________________________

By son, Jonathan, wrote this about Nelson Mandela on his Facebook page:

Nothing needs to be said. If you are not aware of what this man has done for the world you are missing out on 100% awesome. The closest I could draw a hypothetical comparison is if Martin Luther King Jr. was born a slave, gained his freedom but was still oppressed, was imprisoned for being outspoken (as he was), then goes on to become president of the country that imprisoned him AND considerably reduces segregation in his country, eventually celebrated by the world. Good night, Mr. President. You have done your part to make the world a better place AND you’ve done it better than most ever could. That smile will keep your words alive for ever. Thank you.

My friend, Shad Meshad, sent me the following collection of quotes that personify Mandela’s spirit. Shad’s another hero as he and his colleagues at the National Veterans Foundation continue to do wonderful peace-loving work for America’s veterans: www.nvf.org.

1) “Difficulties break some men but make others. No axe is sharp enough to cut the soul of a sinner who keeps on trying, one armed with the hope that he will rise even in the end.”

2) “It always seems impossible until it’s done.”

3) “If I had my time over I would do the same again. So would any man who dares call himself a man.”

4) “I like friends who have independent minds because they tend to make you see problems from all angles.”

5) “Real leaders must be ready to sacrifice all for the freedom of their people.”

6) “A fundamental concern for others in our individual and community lives would go a long way in making the world the better place we so passionately dreamt of.”

7) “Everyone can rise above their circumstances and achieve success if they are dedicated to and passionate about what they do.”

“Education is the most powerful weapon which you can use to change the world.”

9) “I learned that courage was not the absence of fear, but the triumph over it. The brave man is not he who does not feel afraid, but he who conquers that fear.”

10) “For to be free is not merely to cast off one’s chains, but to live in a way that respects and enhances the freedom of others.”

11) “Resentment is like drinking poison and then hoping it will kill your enemies.”

12) “Lead from the back – and let others believe they are in front.”

13) “Do not judge me by my successes, judge me by how many times I fell down and got back up again.”

14) “I hate race discrimination most intensely and in all its manifestations. I have fought it all during my life; I fight it now, and will do so until the end of my days.”

_________________________

Copyright © 2013. Stan Stahl, Ph.D. All Rights Reserved. Permission is granted to republish this essay provided the essay is reproduced unedited and in its entirety, its source is identified as The Agnostic Patriot at www.agnosticpatriot.org and this copyright notice is included.