NoticeBored blog

Forensic examination of secondhand disks

2009-07-03T21:03:00.005+12:00

Used hard disks bought on an online auction site were found to contain personal and proprietary data. Some of the drives that had supposedly been erased yielded their secrets to forensic examination...

Read more ...

New awareness module on digital forensics

2009-06-30T14:28:00.002+12:00

Dear friends of NoticeBored, Digital forensics - the capture and analysis of digital evidence for use in court - is an increasingly important topic not just for law enforcement but for ordinary...

Read more ...

Writing workable infosec policies

2009-06-17T17:22:00.005+12:00

Writing in Computerworld, author Jennifer Bayuk offers some innovative suggestions on how best to write information security policies that are effective and workable in practice. I particularly like...

Read more ...

Appeals Court Protects White House Office E-mails

2009-05-21T11:08:00.001+12:00

From today's GigaLaw news: "A federal appeals court ruled that the office that has records about millions of possibly missing e-mails from the Bush White House does not have to make them public. The...

Read more ...

Pop Mechanics does infrastructure security

2009-03-26T12:50:00.002+13:00

Popular Mechanics gives the US national infrastructure a once-over from the perspective of its resilience to cyberwarfare, asking "How Vulnerable is U.S. Infrastructure to a Major Cyber Attack? Could...

Read more ...

Revised NIST security awareness/training standard

2009-03-24T11:38:00.004+13:00

I've been reading and thinking today about a revised NIST Special Publicatio SP800-16, currently released for public comment. If you are genuinely interested in making security awareness more...

Read more ...

How to fix SCADA security [not]

2009-03-24T09:40:00.004+13:00

In "A cautionary tale about nuclear change management" ComputerWorld blogger Scott McPerson discusses a few security incidents that have been linked to SCADA systems, picking out two causes: poor...

Read more ...

SCADA stories of 2008

2009-03-19T14:22:00.002+13:00

SCADA security specialists Digital Bond run an annual summary of the top SCADA security stories of the year before. Here are their lists for 2008, 2007 and 2006. In 2007, the story about...

Read more ...

Worming the Internet

2009-03-19T12:49:00.001+13:00

Unprecedented collaboration between ICANN, antivirus vendors, other malware security professionals and domain name registrars in US, China and elsewhere is seeking to neutralize the...

Read more ...

Scared of SCADA?

2009-03-04T13:02:00.004+13:00

Our latest product is a brand new security awareness module on SCADA, ICS, DCS and related acronyms - essentially industrial process control systems. I suspect few employees outside of IT will have...

Read more ...

Military systems not immune to civil (or for that matter military) malware

2009-02-20T14:21:00.003+13:00

News of the Conficker/Downadup worm rumble on. Britain's Daily Telegraph is relaying news from a French newspaper that a French naval network was infected, disrupting communications and hence...

Read more ...

Alleged Fannie Mae logic bomber denies charges

2009-02-03T10:31:00.003+13:00

Reuters says: "A 35-year-old computer programer pleaded not guilty on Friday to charges that he planted a computer virus designed to destroy all the data on 4,000 Fannie Mae computer servers the day...

Read more ...

Botnets to watch in 2009

2009-02-03T08:36:00.004+13:00

A news item about botnets from Secureworks includes some useful information about how botnets are used and protected. They are used to distribute spam (including money mule come-ons, fake...

Read more ...

Website content integrity failure

2009-02-03T08:16:00.002+13:00

While researching for our next awareness module on SCADA security, I came across the Omron PLC website and couldn't help laughing when I read their news items. They haven't been well translated from...

Read more ...

Malwareness

2009-01-29T11:51:00.003+13:00

Hi there! We've just released an updated, refreshed and extended awareness module on malware, one of those enduring "core topics" that we have covered several times in the six years or so since we...

Read more ...

"I like to learn something new, to travel, walk on a nature"

2009-01-15T10:07:00.000+13:00

I can't resist re-posting this hilarious 419 scam fresh from my inbox, allegedly from innocent Natalya pictured above from the JPG attached to "her" email - I say "her" because the sender was listed...

Read more ...

Hacker desperate to avoid extradition to the US

2009-01-13T11:24:00.003+13:00

Hacker Gary McKinnon has to date successfully avoided extradition to the US to face up to his hacking of US military systems in 2001/2002. He continues to make full use of the British and European...

Read more ...

Is hacking a governance failure?

2009-01-04T18:30:00.007+13:00

The president of a company that develops software for oil and gas exploration was sentenced to 12 months' supervised probation and fined $2,500 for hacking a competitor using an airport's wireless...

Read more ...

New awareness module on hacking

2008-12-30T21:10:00.003+13:00

What makes hackers tick? Who are they? What is the difference between hacking and cracking? Are phreaks and social engineers hackers too? And most of all what can we do to avoid being hacked? We...

Read more ...

capitally Challenged 419er

2008-12-28T19:20:00.003+13:00

Anti-Terrorist and Monitory Crimes Division. Federal Bureau Of Investigation. J. Edgar. Hoover Building, Washington D.C Telephone Number : (206) 984 - 0470 ATTN: BENEFICIARY This is to Officially...

Read more ...

Will your cellphone spill your secrets

2008-12-26T07:54:00.004+13:00

As the title suggests, Will your cellphone spill your secrets focuses on privacy exposures from lost cellphones but the same considerations apply to other gizmos of course. The loss of a gizmo is...

Read more ...

Ultraportables - are they really "special"

2008-12-24T17:33:00.004+13:00

"Ultraportable" lightweight slimline laptops are all the rage, apparently (I've been using them for years already - ahead of my time maybe, or just wary of the old luggable portables?). A...

Read more ...

HMG loses two gizmos a week

2008-12-19T09:23:00.004+13:00

In the past year, the British Government admits to having lost: 53 computers36 BlackBerrys30 mobile phones4 memory sticks; and 4 disc drives.If we assume that the devices had just 1 Gb of data...

Read more ...

Gizmo security cluelessness

2008-12-16T12:08:00.002+13:00

Looks like McCain's team need to read the latest NoticeBored module on security for gizmos ... oh wait, it's too late. They sold at least one information-packed Blackberry to a reporter ...

Read more ...

How to create a security policy for social networks

2008-12-12T17:10:00.005+13:00

The security risks associated with social networking sites such as FaceBook and LinkeDin are pointed out by a well-balanced piece on Search Security by David Sherry, CISO of Brown University. ...

Read more ...