The Operation Creative

August 15, 2014 — Leave a comment

The UK Police’s Intellectual Property Crime Unit or shorter the PIPCU has recently sent more than 100 letters to the owners of illegal websites demanding two things. The first option is to ensure that their sites are fully legit. The second option is to kindly remove their domain from the Web.

We are not quite sure what was the main idea for the busy little police bees when they come up with a name for this operation. It is called the Operation Creative. How appropriate, indeed. The main goal of this action is to challenge the pirate websites. So, what happened with the results?

According to the available information obtained from the Freedom Of Information the TorrentFreak has found out the following. The police in this action has requested that 75 pirate websites face suspension. However, only 5 of them actually accepted this kind of an unpleasant recommendation.

So, what is the moral of this story? Either it is a good thing to run a piracy website or the police has to change something about its approach. Otherwise, there is no much joy and success in sending the warning letters, is it? Or, maybe they should change the name of their operation.

The Cause Justifies The Means?

August 14, 2014 — Leave a comment

Here is a tricky one. When you read something like this, you usually end up with a huge question mark on your face. It seems that the FBI has been using spying programs in order to collect information about users on several websites and forums with the alleged pedophile content.

This is how we get to the point that unjustified means are being used for the justified cause. You do not have to be a rocket scientist to probably know by now that the Internet has become the most popular hideaway place and sharing mean for all kinds of cyber pedophiles. The FBI is definitely not an exception in this case.

However, the use of unauthorized or even prohibited methods in fighting some of the most troubling forms of crime is a little bit problematic. We can argue as long as we like. Pro et contra argumentation between the two parties with the opposite points of view will probably confuse you even more.

We are not saying that some of the pedophiles with a criminal record should be granted with an opportunity to sue the FBI. On the other side, the FBI and similar agencies should not be discouraged in their rightful efforts. Some acceptable modus has to be introduced. But how? We are not quite sure about?

CryptoLocker Unlocked

August 12, 2014 — Leave a comment

We sure hope you have not had a chance to deal with the misery caused by the CryptoLocker. Just imagine a situation when someone gets your precious things, puts them in a room, locks them, and then asks you to pay a ransom in an exchange for a key. Are you terrified enough?

This is exactly what happens to your files once the CryptoLocker gets its cyber hands on them. If you want them back, there is no other option than to pay money for a virtual key in order to free your precious files. Finally, someone has found a way to end your troubles with the merciless CryptoLocker.

For what is worth, the busy little bees from the Fox IT and Fire Eye give you a chance to upload your trapped files for free and release them with a proper key. Unfortunately, this option is only available for the certain versions of the KryptoLocker. Despite this flaw, we should treat one as the good news.

It comes without saying that in this case, it all comes down to the proper prevention IT security work. Better to lock your sensitive by yourself than to wait and hope someone else will not do it for you with dishonest intentions. Do not waste your time blinking, it is the right moment for some serious IT thinking.

Smart Cars. Ingenious Hackers.

August 10, 2014 — Leave a comment

The cars are getting smarter with each new day. We are literally surrounded with smart things. Everywhere you look there is smart this and smart that. Unfortunately, the hackers themselves are smart enough, or very often much smarter. The series of misfortunate events with the Tesla cars has brought to our attention the trouble of car hacking.

Nowadays, it is possible to hack a car just like any other smart device such as a smartphone or computer. The hackers have an opportunity to gain access or even control over your car through wireless tools in it such as radio, Bluetooth, navigation, and similar. What can we do about it? How safe are we in fact?

These kinds of things make you wonder, do we need an antivirus for our own cars? It is an inevitable paradox. The more sophisticated are cars become, the easier it gets to hack them successfully. Hacking on wheels – maybe this should have been the more appropriate title for our post?

For what is worth, we have some new details to take care about the next time we choose our favorite car. We are not talking only about the driver’s and traffic safety, but also about the IT security, as well. It seems that your car’s equipment just got itself an additional category. More job for IT security experts, as well.

Careless iPhone Whispers

August 6, 2014 — Leave a comment

The Open Whisper Systems, which are well-known for their safe calls app RedPhone, have come up with a new one. This time we are talking about the free encrypted calls you can make on your iPhone all over the world. You do not have to guess twice the Signal app is fully compatible with the RedPhone.

This app is simple and safe to use. In addition, you do not have to worry about complicated passwords. Both you and your contact will get a pair of words. If these words match between the parties, who are communicating, you are good to go. If not, then there is someone uninvited trying to mess your things up.

The Signal runs the ZRTP, which is a security encryption protocol developed by Phil Zimmermann. He is also known as the father of the Pretty Good Privacy (PGP) system. On the other side, it is worth mentioning that the Signal is initially designed to be an open source platform.

The Open Whisper Systems have some ambitious plans with this one. In the next stage, they plan to include Signal’s version for the text messages, as well. Definitely some good news for iPhone users. We only hope that Apple will close all open backdoors first. You know what we mean with this one, don’t you?

Cross Ideas With IBM

August 6, 2014 — Leave a comment

Maybe, this takeover is not one of those you are getting used to admire with top brand names and hundreds of millions of dollars at stake. For what is worth, the IBM has acquired one of the most promising Italian IT security startups with an indicative name – the CrossIdeas.

These Italians specialize for the most problematic moment in data processing, which includes your access to apps and data. Securing and evaluating the way you are accessing both apps and data can easily turn out to be the next big thing in the IT security field. The access risk management is the other name for it.

The IBM plans to additionally strengthen its Identity and Access Management structures and offer with this takeover. The main idea is not to allow a poor security policy to become a huge security risk. You do not have to be a rocket scientist to figure out yourself how important is to eliminate a threat at the very doorstep of your IT infrastructure.

On the other side, this can be a strong encouragement for the startups in the IT security field. It seems that a good idea for IT security measurements can easily turn out to be as profitable one as any other new cyber concept. This is definitely a win-win situation for both IBM and CrossIdeas.

Cyber War Games by Deloitte

August 4, 2014 — Leave a comment

Here is something you do not expect to see in a company, which is a synonym for white collars and strict formality. For what is worth, the Deloitte Cyber Risk Service has introduced the new cyber war-gaming and simulation service. What does it do and what is supposed to solve in the first place? Well, Deloitte brings the cyber war into your company.

The main purpose of this simulation activity is to test your defense readiness and vulnerability points to a cyber attack as the closest possible to the real life situation. So, what is the catch with this one? Why do we have to pay Deloitte to play cyber war games? How come we cannot do it on our own? Deloitte has a nice answer to these questions.

Deloitte’s cyber war games are carefully designed and earth shaking events, which include all segments of your company, including top management and CEOs including all people involved in crucial business process execution. In addition, its scenarios are the closest to the real thing you will ever get to your business.

It comes without saying that is always better to simulate a cyber attack than to participate in one or experience it first-hand. Deloitte has an offer of top class cyber wars and simulations that are crying for some attention and honest appreciation. Better to go into a virtual war with Deloitte, than into a real one with merciless hackers.

IOS Secure Insecurity

August 3, 2014 — Leave a comment

It seems that the endless debate about the security prestige between Android and IOS just got an additional intriguing chapter. We have all witnessed how every now and then some of the Apple’s representatives likes to point out the security imperfections and vulnerabilities associated with Android.

The opened IOS backdoor allowed us for the first to seriously question its security strength. For what is worth, IOS sees to be properly strong on the outside threats, and unforgettably weak on the inside. We are talking about the enemies from within. Confused?

Apple’s mobile software is intended to be used for maintenance purposes only. Who is to deal exclusively with these types of works is another question? Maybe, some of the NSA agents would be more than interested to pay a surprising visit to your iPhone’s data.

The Apple’s users are disturbed with a proper reason. On the other side, Apple’s marketing machinery will do its homework in this case with a series of justifications and calming press releases. However, the damage is already being done. The Apple has lost its self-claimed aureola of flawless safety. For how long?

Privacy Data Punisher

August 3, 2014 — Leave a comment

Let us not act surprised, shall we? It simply had to happen sooner or later. For what is worth, this bad news for our privacy protection is very likely to have a positive epilogue. How? What happened? Well, after this one there will not be any more excuses. We will never be treated as the collateral damage of security breaches.

The United Kingdom’s Information Commissioner’s Office (ICO) has ordered that the Think W3 Limited as a distinguished UK online travel service has to pay almost $250,000 for fines. Why? It seems fair for almost one million stolen credit cards related data. Could this one have been prevented?

Honestly, it is hard to say, but there is one thing that puts a blame on this agency. Since they acquired their data system in 2006 they have not bothered, not even once as a matter of fact, to run an appropriate security test. Plenty of time for hackers to prepare accordingly, indeed.

Now, these guys from the travel service have more than 250,000 reasons to thoroughly examine all of their security vulnerabilities. Just imagine for a moment how significant saving could have achieved, if they were to conduct the simplest security test a couple of years ago.

The Malware Human Rights

August 2, 2014 — Leave a comment

The things are getting serious with hacking, aren’t they? Apparently, so serious that even The European Court of Human Rights (ECHR) has to intervene. What happened? It seems that the Latvian creator of the Gozi Trojan, which is specially designed to attack banks, thought he will face some unfair treatment by the US Justice Department.

Unlucky for him, in its opinion the ECHR sent a message that Gozi’s father has to answer for his wrongdoings, and that a legal treatment across the ocean will be just fine in this case. This was his last chance to prevent the extradition to the USA, and it has failed.

This obviously talented 29 year old hacker has every right to fight his legal battles. Why? Well, he is facing a 67 years of imprisonment penalty in the USA. You can do the math, can’t you? In other words, this a lifetime sentence. And, the message is strong. Who will dare to attack the US banks after this one?

Maybe, this Latvian hacker can make some kind of a deal with the US government. He can become the US version of Nikita. Why not? In exchange for his freedom he can provide training or even his own personal hacking services to the government. Who knows? He knows too much to work in the prison’s library. Right?

IMELA Software Blog

4 out of 5 dentists recommend this WordPress.com site

IT Security