Reading for 10/9/14

Dropbox, KeePass and Chrome all have updates out.
The guys who released BadUSB code also released a “patch” which only fixes one aspect of one vendor’s USB device.  They actually recommended bondo to a thumb drive to prevent physical tampering.  I’ve heard of devices that physically lock out a usb port but don’t ruin them or the case, but considering the condition of work computers I’ve seen us decommission I would just bondo it over myself. I’m sure my users would just love that.
The analytics black hole for detecting internal security threats – a breif summary of a Tech Republic article driving home the same old concepts – we do a piss poor job of user security awareness and education.
Gartner lays out its top 10 tech trends for 2015
The US Government Is Going To Store Top Secret Documents In The Cloud
Insider threat to critical infrastructure ‘underestimated’, says DHS
US Says It Can Hack Foreign Servers Without Warrants – no analysis here – just scary but apparently legal.
Obama Had Security Fears on JPMorgan Data Breach (Courtesy InfoSecNews Mailing List)
An inside look at Russian cybercriminals (Courtesy InfoSecNews Mailing List)
F-Secure’s whitepaper “BLACKENERGY & QUEDAGH: The convergence of crimeware and APT attacks”
George Kao’s “A System For Email Productivity” contains a lot of idea I’ve used in the past, but the presentation here is well worth the read.

Work In Progress – will finish updating soon!

Apple two-factor authentication for iCloud starts today!

If you haven’t setup your two-factor authentication for third party apps in iCloud yet, now is the time.  Unless you are like me, and gave Google all of those tasks already. 🙂  Kudos to Apple for finally coming down of the high horse and admitting they can be hacked…kinda sorta.  🙂

As a side note, I have to say I’m coming more and more into the dark side of fanboydom since I switch to the iPhone.  I didn’t switch by choice mind you, but I did switch.  Almost all of the annoyance from my Android days were gone, but I really miss the bigger screens and greater flexibility.  For now, I’m ok with trading the flexibility up for stability in a device more important than my laptop.

Reading 10/8/14

The SANS Stormcast mentioned the Cuckoo Sandbox for malware research, so I took a few minutes and checked it out.  Based on the About and FAQ pages, this looks like a VM style sandbox to document what malware is actually doing to a Windows machine.  How it works – I don’t know as I went tl;dr on it.  If you are interested in malware forensics, this bad boy might be just what you needed. Read more

Configuring my System i for Kerberos authentication against two AD Domains

I spent a couple days this week attempting to get my two System I’s to authenticate against the AD domain we are going to.  I thought it would be easy, but as with most things IBM it wasn’t.  My biggest hurdle was getting the AS/400’s to talk AES to the new Windows 2008 R2 domains. Read more