$32 For 32 Million Problems

August 22, 2015 — Leave a comment

The latest DefCon event witnessed one both surprising and disturbing presentation. Just when you dare to think that you are safe from harm, there is a gadget to spoil the fun. In this case, we are talking about the RollJam. So, what is this notorious and affordable gadget all about?

Well, according to his inventor and numerous successful tests conducted at Ford, Toyota, Volkswagen, Chrysler, Nissan, and Lotus models, you can unlock a car or even a garage, with this little “helper”. In other words, with something worth only $32, you can steal the other thing worth $32,000 or more.

There is only one thing we can do. We should offer a job to RollJam’s inventor as soon as possible, otherwise we are going to end up in a serious trouble. It is simply amazing that someone can make this kind of a cheap device, which can steal so efficiently our car and garage lock codes.

Luckily for us, this brilliant mind has decided to present its dangerous gadget at DefCon rather than some real Grand Theft Auto players. Such a shame, when you can collapse an entire safety and protection system with a couple of bucks worth gadget. How inconvenient, indeed.

A Smartwatch On A Watch

January 31, 2015 — Leave a comment

You know how it goes, don’t you? The ignorance is the mother of all cyber troubles. We are so blindly focused on smartwatch performances that we are completely neglecting the serious threats and potential damages in this field. Are you confused, or maybe you think that we are exaggerating?

Who in the world would hack a smartwatch and why? Well, you should know better or at least think twice. When you attack a smartwatch, you are actually after the bigger target. A smartphone is something you are trying it to reach through a smartwatch. How? Communication is the key here.

What is that supposed to mean? You do not have to be a rocket scientist to know that your smartphone and smartwatch have to communicate and exchange tones of data almost each second, do you? This is exactly what the hackers are aiming at. This is the Achilles’ heel of modern smartwatches.

What can we do about it? It is not such a bad start to be fully aware of this serious danger. Now, we are ready to do something about it for real. We need to implement some effective measures in order to prevent that our data transfers are intercepted and misused. How hard could it be? Right?

PoC Schock

January 16, 2015 — Leave a comment

We have already written about the extremely problematic security flaw with the Windows 8.1, which allows a hacker to gain administrative privileges in an almost undetectable way. To make things even worse for Microsoft the busy little bee, who has discovered this trouble, published the PoC, as well.

The PoC is actually the Proof of Concept, which gives you a step-by-step guide how to do it yourself. In the meantime, Microsoft has come up with a patch to fix this annoying problem. However, this meantime actually took three months to happen. Why? Is it a really complicated problem? What could it be?

For what is worth, Microsoft has to offer a solution for more than platform. That is why you cannot build a Rome in a day. On the other hand, some comments have pointed out that it was not an advisable thing to publish this vulnerability with the PoC. Microsoft would have reacted either way. Right?

This one comes without saying, that is for sure. We should be also aware what is happening in our brave new IT world. It seems that we are not as safe as we thought we are. We should not discourage the future cyber whistleblowers under any circumstances. Otherwise, we will end up living in the dark of harmful cyber ignorance.

Happy Hour Virus

November 23, 2014 — Leave a comment

Although, this idea is not quite compatible with our efforts to fight the unprecedented economic crisis, we cannot neglect or ignore its originality and brilliance. So, what is this app all about? In case you an urgent day off, here is a quick and simple solution. This app will give exactly what you need.

You have a several visual simulation of some of the worst computer malfunctions for your screen. This is supposed to give you a nice excuse in order to make a quick disappearance from your office. Oh no, my computer is broken, I have to go home. This is a simplified option. There are some additional options.

You can use it as a prank as well. Yet, we do not recommend it to your friends, who have some weak heart issues. On the other hand, we have even a better idea. How about the cyber security version of the Happy Hour Virus app? This is supposed to be much more effective compared to a broken computer.

Your IT staff will allow you to move away from your office much more willingly, as soon as you report a virus attack. However, this is not something you should make jokes about. So much trouble for a single day off. How about calling your office and telling them that you are under a flu attack, for a change?

Lock ‘n’ Roll

November 19, 2014 — Leave a comment

So, what is your excuse to keep forgetting to lock your smartphone? For the absolute majority of people this is an unbearably annoying thing. In addition, according to some researches and statistics you can lose up to one hour each month for locking and unlocking your smartphone. Is that all?

Some people are skeptical for a reason when it comes to the lock phone protection efficiency. That should not be much of a trouble for a skillful hacker. On the other side, a lucky finder of your smartphone could give you a call, if he can access its phonebook in the first place. Who wants to lock it after these reasonable arguments?

Now, let us move to the positive side of your smartphone being locked for the most of the time. With a password protection you are buying yourself some invaluable time to resolve your situation with a stolen or lost phone. Now, it is the right moment for you to think twice about locking your smartphone.

How hard could it be? This is a reasonable investment of your time, which can save you more time and money in advance you would have to spend in dealing the consequences of the cyber attack aftermath. Better to lose a couple of minutes each day for unlocking and locking thing, than to say goodbye to your smartphone.

Nuremberg Star

November 14, 2014 — Leave a comment

The biggest European IT security fair takes place each October in Nuremberg. If you care about the cyber security and Europe is your cyber neighborhood, you should definitely pay it a visit. If you want to hear something different, pay attention to the following story. You will be surprised.

Who says that big security names have to necessarily deliver the top cyber security solutions? On the other hand, we had a nice chance to witness the arrival some of the most unusual partners in crime. One Japanese and one Serbian IT security companies have teamed up to shake the cyber ground.

Their Tower Netdefender is an inspirational cyber bodyguard. It is very reasonable when it comes to the process requirements. On the other side, it is a fully automatized system. You can Google about the other relevant security features. We would like to use an opportunity of pointing out something else.

We have two partner companies from half across the globe, which have found a way to communicate in this matter. Quite successfully and efficiently. This should be something to follow and apply all over the world. Till the next time in the Nuremberg, and some new creative cyber partnerships and solutions.

ENISA The Goddess of Cyber Security

November 13, 2014 — Leave a comment

European Union Agency for Network and Information Security or simply the Enisa is supposed to be the backbone of the EU cyber security system. So it is, that is not an issue here. What we would like to know is what can it do in order to protect us. One of the highly appreciated contribution is an event.

We are referring to the EU month of cyber security. Which is also the great thing, as well. Yet, under the current circumstances, it would be more suitable to organize an event with the more appropriate title. The year of the EU cyber security. We are not exaggerating and there is no bitter tone in these words.

We simply need to do much more. As you have probably realized by now, we are a little bit lazy when it comes to the Google research actions. Do we have some similar agencies at the international level? How about the UN? We even have one much better idea to solve the matters here as it should be.

Each major organisation in the world should have a special cyber security department or some kind of a committee. Can you imagine what we could achieve with all of these potential months devoted entirely to our cyber security? One organization. One month. We would not have enough years for all of these cyber months.

The Malicious Money Making Machine

November 6, 2014 — Leave a comment

Is it worth it? This is a simple question we are very likely to ask the hackers all over the world. Is it worth of all the risk? Apparently, it obviously is. The recent Symantec findings in this field have shed some additional light on this matter. It turns out that hackers move in the quite usual business ways.

They are in the constant search for the profit itself. Now, prepare yourself for the huge surprise. One Android bot network, which has more than 100,000 mobile devices under its direct control, cumulates more than $3 million net profit per year. How about that for the ground shaking change?

Can you imagine what it can do with 10 or 100 million infected mobile phones? We are talking about millions and millions of dollars flowing like rivers in the cyber world. It seems that the hackers are more alike modern businessmen, than the traditional idealists and anarchists hoping to change the world itself.

We have identified the primary motive for the hacker’s actions. Now, all we have to do is to ruin their malicious business. How? In the first place, we should increase the costs associated with their businesses by improving our cyber security measures. To decrease its profitability, in order to increase our security.

Malware of Arabia

November 4, 2014 — Leave a comment

For quite some time the Arabic IT infrastructure has been spared from the malware horror. The biggest obstacle for the malicious software was the language itself. Nevertheless, according to the recent findings of Symantec in this field it seems that the things are to change in this part of the world.

Nowadays, there is more than Malware Lawrence of Arabia roaming the cyber lands in search for new victims. In this sense, the hackers are truly embracing the United Colors of Benetton philosophy. They do not care about race, color or religion. All they care and want is profit, no more no less.

What they are willing to do in order to get it is a completely different thing. On the other hand, this does not have to be a necessarily bad thing, does it? It is about time for us to unite and fight the cyber menace together as we are supposed to do from the very first moment. Learn from your enemy.

This timeless saying can be traced back all the way to the Romans. If hackers can put their differences aside, why should we act differently? It is only a matter of time, before hackers reach every single corner of the globe, regardless of the language or cultural barriers. You have been warned, haven’t you?

Online Fraud A Story Untold

November 3, 2014 — Leave a comment

Sometimes, a bad news can bring you good and unexpected results. According to the findings of one of the most recent surveys the online frauds in the UK alone cost more than £670 million. In other words, that is almost one billion dollars, give or take. Then, how come this can be a good news for us?

Well, it turns out that the strongest motivation for the most serious actions in the field of cyber security comes from our wallet, and not from our concerns. The more it costs, the more likely is that we will finally do something about it with the truly effective results. This is our point you should accept.

This is obviously a way we like to think. With no severe financial damages we do not bother even to blink. It is a paradox, but in order to improve our security, we can only wish for more devastating financial effects of the cyber attacks. That will teach us a lesson better than any cyber security course.

Finally, someone will realize that is better to invest one million in the proper IT security measures, than it is to lose one billion in the aftermath of a serious cyber attack. We do not wish for some bad cyber luck, we only want to do something about the timely, affordable and above all cyber security prevention.

IMELA Software Blog

4 out of 5 dentists recommend this WordPress.com site

Cyber Attack