Posts Tagged ‘cyber security’

Putin’s game

What Putin Really Wants

Russia’s strongman president has many Americans convinced of his manipulative genius. He’s really just a gambler who won big.


(translated in Bulgarian

“They do plan,” said a senior Obama-administration official. “They’re not stupid at all. But the idea that they have this all perfectly planned and that Putin is an amazing chess player—that’s not quite it. He knows where he wants to end up, he plans the first few moves, and then he figures out the rest later. People ask if he plays chess or checkers. It’s neither: He plays blackjack. He has a higher acceptance of risk. Think about it. The election interference—that was pretty risky, what he did. If Hillary Clinton had won, there would’ve been hell to pay.”

Even the manner of the Russian attack was risky. The fact that the Russians didn’t really bother hiding their fingerprints is a testament to the change in Russia’s intent toward the U.S., Robert Hannigan, a former head of the Government Communications Headquarters, the British analogue to the National Security Agency, said at the Aspen Forum. “The brazen recklessness of it … the fact that they don’t seem to care that it’s attributed to them very publicly, is the biggest change.”


in German:

more on cybersecurity in this IMS blog

Mac OS High Sierra


ANDY GREENBERG 11.28.17 05:47 PM

THERE ARE HACKABLE security flaws in software. And then there are those that don’t even require hacking at all—just a knock on the door, and asking to be let in. Apple’s macOS High Sierra has the second kind.

malicious code running on the operating system could steal the contents of its keychain without a password.

Apple does have a bug bounty, but only for iOS, not MacOS.

bad rabbit virus

Bad Rabbit cryptoware attack: New virus hits companies in Russia, Turkey, Germany & Ukraine
Kaspersky Lab advised those who do not use anti-virus products to restrict execution of certain files (C:\Windows\infpub.dat, C:\Windows\cscc.dat) and shut down the Windows Management Instrumentation (WMI) service. My note: let the wolf in the shed with sheep.
The source of the attack remained undetermined, but earlier this month the head of Microsoft, Brad Smith, pinned the blame for it on North Korea, which allegedly used cyber tools or weapons that were stolen from the National Security Agency in the United States. The top executive, however, did not provide evidence to back his claims.

New ransomware attack hits Russia and spreads around globe

Malware WARNING: ‘Bad Rabbit’ virus causes flight delays, is YOUR PC susceptible?

Bad Rabbit ransomware outbreak

more on cybersecurity in this IMS blog

cybersecurity kaspersky

Kaspersky Lab Has Been Working With Russian Intelligence

 Emails show the security-software maker developed products for the FSB and accompanied agents on raids. July 11, 2017, 4:00 AM CDT



he General Services Administration (GSA) has ordered the removal of Kaspersky software platforms from its catalogues of approved vendors. Meanwhile, the Senate is considering a draft bill of the 2018 National Defense Acquisition Authorization (known as the NDAA, it specifies the size of and uses for the fiscal year 2018 US Defense Department budget) that would bar the use of Kaspersky products in the military.

W.H. cybersecurity coordinator warns against using Kaspersky Lab software

Kaspersky: Russia responds to US ban on software

14 September 2017




Israel and Russia’s overlapping hacks of Kaspersky complicate espionage narrative

Israel and Russia’s overlapping hacks of Kaspersky complicate espionage narrative

The whole ordeal is a nightmare for Kaspersky Lab. The company looks incompetent at preventing state-sponsored hacks in the best-case scenario and complicit with the Russian government in the worst-case scenario. However it plays out, the unfolding drama will certainly hurt the software maker’s footprint in the U.S., where Congress has already taken action to purge the government of the company’s software.

more on cybersecurity in this IMS blog

wifi cybersecurity

All wifi networks’ are vulnerable to hacking, security expert discovers

WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers, highlighting potential for internet traffic to be exposed

Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.

The United States Computer Emergency Readiness Team (Cert) issued a warning on Sunday in response to the vulnerability.

“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others,” the alert says, detailing a number of potential attacks. It adds that, since the vulnerability is in the protocol itself, rather than any specific device or software, “most or all correct implementations of the standard will be affected”.

more on cybersecurity in this IMS blog

fake emails

Why everyone still falls for fake emails

By Richard Matthews  Jul 31, 2017

Phishing is likely to get only more sophisticated.

Based on my experience in Tallinn, we will see companies become more transparent in how they deal with cyber attacks. After a massive cyber attack in 2007, for example, the Estonian government reacted in the right way.

free anti-phishing software

more on phishing in this IMS blog

safe social media

Tips Toward a Safe and Positive Social Media Experience

By Stephen Spengler 06/01/17

Family Online Safety Institute recommends that parents engage in “7 Steps to Good Digital Parenting”

1. Talk with your children.

2. Educate yourself.

3. Use parental controls. Check the safety controls on all of the Android and Apple devices that your family uses. On the iPhone, you can tap SETTINGS > GENERAL> RESTRICTIONS and you can create a password that allows you enable/disable apps and phone functions. On Android devices, you can turn on Google Play Parental Controls by going into the Google Play Store settings

parental monitoring software such as NetNanny, PhoneSherriff, Norton Family Premier and Qustodio.

4. Friend and follow your children on social media. Whether it’s, Instagram or Twitter, chances are that your children use some form of social media. If you have not already, then create an account and get on their friends list.

5. Explore, share and celebrate.

6. Be a good digital role model.

7. Set ground rules and apply sanctions. Just like chore charts or family job lists, consider using a family social media or internet safety contract. These contracts establish ground rules for when devices are to be used; what they should and should not be doing on them; and to establish sanctions based on breaches of the family contract. A simple internet search for “family internet contract” or “family technology contract” will produce a wealth of available ideas and resources to help you implement rules and sanctions revolving around your family’s technology use. A good example of a social media contract for children can be found at

Managing Your Digital Footprint

Your digital footprint, according to, is “one’s unique set of digital activities, actions, and communications that leave a data trace on the internet or on a computer or other digital device and can identify the particular user or device.” Digital footprints can be either passive or active. The passive digital footprint is created without your consent and is driven by the sites and apps that you visit. The data from a passive digital footprint could reveal one’s internet history, IP address, location and is all stored in files on your device without you knowing it. An active digital footprint is more easily managed by the user. Data from an active digital footprint shows social media postings, information sharing, online purchases and activity usage.

  • Search for yourself online
  • Check privacy settings.
  • Use strong passwords
  • Update software.
  • Maintain your device.
  • Think before you post

Keep These Apps on Your Radar

  • Afterschool (minimum age 17) – The Afterschool App was rejected twice from the major app stores due to complaints from parents and educators. It is a well-known app that promotes cyberbullying, sexting, pornography and is filled with references to drugs and alcohol.
  • Blue Whale (minimum age 10) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. It is a suicide challenge app that attempts to prod children into killing themselves.
  • BurnBook (minimum age 18) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. It is a completely anonymous app for posting text, photos, and audio that promote rumors about other people. It is a notorious for cyberbullying
  • Calculator% (minimum age 4) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. This is one of hundreds of “secret” calculator apps. This app is designed to help students hide photos and videos that they do not want their parents to see. This app looks and functions like a calculator, but students enter a “.”, a 4-digit passcode, and then a “.” again.
  • KIK (minimum age 17) – This is a communications app that allows anyone to be contacted by anyone and it 100 percent bypasses the device’s contacts list.
  • Yik Yak (minimum age 18) – This app is a location-based (most commonly schools) bulletin board app. It works anonymously with anyone pretending to be anyone they want. Many schools across the country have encountered cyberbullying and cyberthreats originating from this app.
  • StreetChat (minimum age 14) – StreetChat is a photo-sharing board for middle school, high school and college-age students. Members do not need to be a student in the actual school and can impersonate students in schools across the country. It promotes cyberbullying through anonymous posts and private messaging.
  • ooVoo (minimum age 13) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. ooVoo is one of the largest video and messages app. Parents should be aware that ooVoo is used by predators to contact underage children. The app can allow users to video chat with up to twelve people at one time.
  • Wishbone (girls) & Slingshot (boys) (minimum age 13) – Both are comparison apps that allow users to create polls, including ones that are not appropriate for children. Many of the users create polls to shame and cyberbully other children, plus there are inappropriate apps and videos that users are forced to watch via the app’s advertising engine.


Texas Teen May Be Victim in ‘Blue Whale Challenge’ That Encourages Suicide

Isaiah Gonzalez, 15, found hanging from his closet after an apparent suicide, as allegedly instructed by macabre online game

Nationally, the Associated Press reports that educators, law enforcement officers and parents have raised concerns about the challenge, though these two back-to-back deaths mark the first allegations in the United States about deaths directly linked to the online game. Internationally, suicides in Russia, Brazil, and half a dozen other countries have already been linked to the challenge.

more on social media in education in this IMS blog

girl scouts, badges for cybersecurity

Girl Scouts to Earn Badges in Cybersecurity

The education program is being developed in a partnership between the Girl Scouts and Palo Alto Networks. Jun 23, 2017

The education program, which aims to reach as many as 1.8 million Girl Scouts in kindergarten through sixth grade, is being developed in a partnership between the Girl Scouts and Palo Alto Networks, a security company, the organization said in a press release.

more on cybersecurity in this IMS blog

1 2