tag:blogger.com,1999:blog-36003772167698104682012-01-09T17:44:32.897-05:00I'm a security and risk professional and my kids describe my job as 'security blah blah', so I thought what a great name for a blog. You'll find plenty of (hopefully not) time-wasting ramblings on various security topics here. Let the rambling begin...GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.comBlogger57125tag:blogger.com,1999:blog-3600377216769810468.post-10049224357604325002011-09-11T20:20:00.001-04:002011-09-13T17:47:26.888-04:002011-09-13T17:47:26.888-04:00

Have you seen a short link and wonder where it leads to, without visiting it? You never know where it will take you. We all use these services ourselves for legitimate purposes but we also know there have been and continue to be numerous attacks using these link shortening services. Well unlike Kiss' Unmasked album, where the band doesn't show their faces as promised,I recently found a very

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/09/un-stealthify-short-links.htmltag:blogger.com,1999:blog-3600377216769810468.post-49549278395452644992011-07-05T20:10:00.008-04:002011-07-23T23:08:49.790-04:002011-07-23T23:08:49.790-04:00

This past January 2011, the WEF released a report which detailed out what they see as the global risks in 2011(http://riskreport.weforum.org/). The report is called Global Risks 2011 Sixth Edition: An Initiative of the Risk Response Network(http://riskreport.weforum.org/global-risks-2011.pdf).It's an interesting read especially for those of us who deal with risk regularly in our profession.

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/07/world-economic-forum-global-risks-2011.htmltag:blogger.com,1999:blog-3600377216769810468.post-91408920430363324152011-06-27T08:58:00.003-04:002011-06-27T09:13:35.118-04:002011-06-27T09:13:35.118-04:00

Rafal Los posed the question recently in his blog: "am I too paranoid?"The context is he was speaking about a Twitter statistics website that he found which requires your login credentials in order to provide capabilities beyond statistics. Being the good security-minded chap that he is he looked into what this widget will do for you if you provide your credentials. Here's what he found.It will

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com1http://securityblahblah.blogspot.com/2011/06/would-you-grant-complete-access-to-your.htmltag:blogger.com,1999:blog-3600377216769810468.post-9712225893003645102011-06-24T22:55:00.003-04:002011-06-24T23:00:22.303-04:002011-06-24T23:00:22.303-04:00

"Honey on the way home from work pick up some milk, bread, bananas, pound of hamburger, and identity theft insurance." "Wait, what?"Bet you never heard that one before. So I was in Kroger(1) the other day picking up some of the staples and as I was walking past the end of an aisle I saw something that stopped me in my tracks. A brochure advertising identity (ID) theft protection. My jaw

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/06/get-your-milk-bread-beer-and-id-theft.htmltag:blogger.com,1999:blog-3600377216769810468.post-81513310554945060272011-04-03T23:47:00.009-04:002011-04-06T09:52:04.814-04:002011-04-06T09:52:04.814-04:00

There's been a data breach (article 1, article 2) at one of the largest marketing services companies around and your email might have been exposed. The breach occurred at a company called Epsilon which handles email communications for many big brands such as Capital One, Citi, Disney, etc. Their website boasts over 2,500 clients including 7 Fortune 10 companies.At this time the list includes

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/04/major-breach-exposed-customers-of-major.htmltag:blogger.com,1999:blog-3600377216769810468.post-42907771210579997412011-04-02T10:33:00.015-04:002011-04-02T11:04:50.708-04:002011-04-02T11:04:50.708-04:00

Several sources are reporting that the National Security Agency (NSA) is looking into the breach of the company that runs NASDAQ experienced back in October of 2010.Bloomberg News interviewed former head of U.S. counterintelligence in the Bush and Obama administrations, Joel Brenner, who stated “By bringing in the NSA, that means they think they’re either dealing with a state-sponsored attack, or

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/04/nsa-to-investigate-nasdaq-hack.htmltag:blogger.com,1999:blog-3600377216769810468.post-15622301690698175512011-04-02T09:33:00.009-04:002011-04-04T00:12:23.653-04:002011-04-04T00:12:23.653-04:00

April 3, 2011: On this day 30 years ago something occurred in the PC industry that started what I'll call a revolution: the portable PC was introduced. In 1981 journalist and book author Adam Osborne released the 24 pound Osborne 1 computer. The machine was state of the art back then with a 5-inch CRT, disk drives that stored 102KB of data, 64KB of RAM, and a full size keyboard. It could even

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/04/happy-birthday-portable-pc.htmltag:blogger.com,1999:blog-3600377216769810468.post-7698782237886969572011-03-09T12:45:00.002-05:002011-03-09T13:40:51.715-05:002011-03-09T13:40:51.715-05:00

According to Trend Micro, a ZeuS banking trojan is targeting Blackberry mobile devices. Previously ZeuS variants targeting only mobile devices running Symbian and Windows Mobile had been spotted.This story just helps bolster the point that malware's growth will occur in the mobile device world. Strap in your seatbelts, we're in for a rough ride!http://www.finextra.com/news/fullstory.aspx?

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/03/malware-targeting-blackberrys.htmltag:blogger.com,1999:blog-3600377216769810468.post-41782566630489517282011-02-09T13:11:00.007-05:002011-02-09T13:22:57.326-05:002011-02-09T13:22:57.326-05:00

I wanted to direct your attention to a great security event being held in Cleveland next week: BSidesCleveland. It's a one-day event on Friday February 18, 2011 filled with interesting speakers and topics and great opportunities to network with your peers.A local security group that I founded, the Northeast Ohio Information Security Forum, is one of the sponsors. The other local sponsor is

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2011/02/great-cleveland-security-event.htmltag:blogger.com,1999:blog-3600377216769810468.post-7536160142859512602010-11-06T09:57:00.002-04:002010-11-06T10:01:47.042-04:002010-11-06T10:01:47.042-04:00

I found some interesting research work recently. Attackers have a new technique that can be used against your websites: HTTP DDOS.Researcher by Wong Onn Chee discovered a way to cause a website to be slow and even take it down via a technique where POSTs are sent to a website slowly causing gridlocks the connection. It's similar to the Slowloris HTTP DDOS attack by RSnake, however this slow

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/11/http-ddos-may-be-in-your-websites.htmltag:blogger.com,1999:blog-3600377216769810468.post-67027685469699254162010-08-24T23:04:00.009-04:002010-08-24T23:23:05.474-04:002010-08-24T23:23:05.474-04:00

Interested in WRITING malware? Go to MalCon.Heh. I've heard it all. Now the malware authors have their very own conference where they can learn and teach about writing malware. Their website claims to bring together "Malware and Information Security Researchers from across the globe to share key research insights into building the next generation malwares." Okayyyyy.I'm not sure whether this

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/08/malware-authors-have-their-own-con-now.htmltag:blogger.com,1999:blog-3600377216769810468.post-48824768898056281142010-08-07T09:32:00.002-04:002010-08-07T09:41:27.974-04:002010-08-07T09:41:27.974-04:00

Google CEO Eric Schmidt stated in a talk at the Techonomy conference in Lake Tahoe that 'true transparency and no anonymity' are required to combat identity theft. He said the increase of information generated every day has helped social interaction but created a condition that helps identity theft thieves. He said there needs to be a verified way to identify people and that Governments will

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/08/google-ceo-says-no-anonymity-on-future.htmltag:blogger.com,1999:blog-3600377216769810468.post-28401082885974686332010-07-31T23:56:00.002-04:002010-08-01T00:09:18.055-04:002010-08-01T00:09:18.055-04:00

Whoops, it looks like the folks who developed the registration website for the Blackhat security conference have a little security issue themselves. As Michael Coates reported, the website that is used to register for access to some of the live talks from the conference is vulnerable to a hack where an attacker could obtain free access to paid content.For a fee the conference offers access to

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/07/even-security-conferences-suffer-from.htmltag:blogger.com,1999:blog-3600377216769810468.post-10445858013342771152010-07-15T23:36:00.014-04:002010-07-16T11:17:54.401-04:002010-07-16T11:17:54.401-04:00

A recent malware discovery has many of us security pros very concerned: rootkits targeting embedded devices. The discovery is a rootkit called Rootkit.TmpHider that came with a trojan that infects systems via USB drives. This in itself is not all that concerning, what *is* very concernful is that the driver files that make up the rookit have a legitimate digital signature from....wait for it...

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/07/rootkit-targeting-embedded-devices-in.htmltag:blogger.com,1999:blog-3600377216769810468.post-87565546656933902562010-06-02T22:23:00.003-04:002010-06-02T22:31:56.103-04:002010-06-02T22:31:56.103-04:00

I just recently discovered this great post by web app security guru Rafal Los about how via SQL injection he was able to (if he hit the button) compromise an internal LAN. Nice.Check out Rafal's cool blog.

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/06/using-sql-injection-to-compromise-your.htmltag:blogger.com,1999:blog-3600377216769810468.post-66209103762606595642010-05-16T07:57:00.002-04:002010-05-16T08:11:01.592-04:002010-05-16T08:11:01.592-04:00

I discovered an interesting project the other day where 4 software developers are embarking on a project this summer to develop an open source, distributed, privacy-aware social network. It sounds kind of like what Tor is for surfing this network is for socializing. In the video on the main page they complain that they don't want a central hub handling their messages to their friends.It's an

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/05/replacement-for-facebook.htmltag:blogger.com,1999:blog-3600377216769810468.post-52464658736693671792010-04-13T10:37:00.007-04:002010-04-13T10:43:47.073-04:002010-04-13T10:43:47.073-04:00

I forgot to mention in my last blog post that we are accepting submissions from presenters and trainers for the Information Security Summit on October 11-13 and 14-15, 2010.CFP submission deadline is May 15, 2010. We look forward to your participation.http://www.informationsecuritysummit.org

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/04/call-for-papers-info-sec-summit-in.htmltag:blogger.com,1999:blog-3600377216769810468.post-26401310405337872772010-04-09T13:02:00.002-04:002010-04-09T13:43:40.802-04:002010-04-09T13:43:40.802-04:00

Dates have been announced for the 8th Annual Information Security Summit. This years event will take place October 14-15, 2010 at Corporate College East in Warrensville Heights, Ohio. Pre-conference training class will take place on October 11, 12, and 13. Corporate College East is located at 4400 Richmond Road between Harvard and Emery Roads In Warrensville Heights. The facility is easily

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2010/04/8th-annual-information-security-summit.htmltag:blogger.com,1999:blog-3600377216769810468.post-52752518296951266582009-12-29T00:09:00.003-05:002009-12-29T00:21:20.855-05:002009-12-29T00:21:20.855-05:00

I just read this great piece of news over at the Sunbelt Software Blog about a top 10 botnet. The botnet, called Mega-D, was said to have 250,000 bots which has been responsible for nearly 12 percent of the world spam. Wow, this is a great win.The takedown was coordinated by a researcher at FireEye who working with others in the industry and Internet Service Providers, provided U.S. law

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2009/12/another-win-for-good-guys-bye-bye-mega.htmltag:blogger.com,1999:blog-3600377216769810468.post-40003838047595182682009-12-18T11:02:00.002-05:002009-12-18T11:03:22.008-05:002009-12-18T11:03:22.008-05:00

According to the New York Times, insurgents in Iraq are using cheap satellite sniffing software to monitor the video feed coming from Drone fighter airplanes. This was discovered when laptops from captured insurgents were analyzed. The software they used is called Sky Grabber and costs only $26. It was designed to download music and movies off of satellite transmissions.What's very

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2009/12/satellite-sniffing-software-used-to.htmltag:blogger.com,1999:blog-3600377216769810468.post-38508426800054667842009-10-28T12:45:00.005-04:002009-10-28T13:06:36.193-04:002009-10-28T13:06:36.193-04:00

It's been a long while since I've posted to my blog, it's been super busy lately. Apologies to my 3 readers - I promise to post more frequently.This week I'll be at the 7th annual Information Security Summit. This is a 2-day conference held in northeast Ohio, this year it's in Warrensville Heights at Corporate College East, and features over 30 speakers from around the US covering security

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2009/10/local-northeast-ohio-security.htmltag:blogger.com,1999:blog-3600377216769810468.post-49706073903580746012009-08-27T22:40:00.012-04:002009-08-27T23:22:20.806-04:002009-08-27T23:22:20.806-04:00

As reported by the SANS Internet Storm Center, some banks reported receiving what appeared to be letters and training materials from the National Credit Union Administration (NCUA). The training materials consisted CDs.Then you hear this over the PA system:This was a test of the emergency broadcast system. This was only a test.Closer inspection reveals that the letters were fake and the CDs

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2009/08/banks-receive-fake-training-cds-from.htmltag:blogger.com,1999:blog-3600377216769810468.post-71823586137623120472009-07-27T22:03:00.007-04:002009-07-30T17:40:58.174-04:002009-07-30T17:40:58.174-04:00

Quick post about an interesting story I just read...One day a married man (important to mention) logged into his Facebook account to check his messages. While on his page he was presented with an ad that entised him to visit a singles site. The ad said "Hey Peter. Hot singles are waiting for you!!" So what you ask? Well it just happens that along with the ad was a picture of a woman, that woman

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2009/07/advertising-on-social-media-site-raises.htmltag:blogger.com,1999:blog-3600377216769810468.post-70472198997257786482009-07-13T23:50:00.009-04:002009-07-30T17:40:18.389-04:002009-07-30T17:40:18.389-04:00

The blackhats continue to push their rogue security programs via Search Engine Optimization techniques. This time I ran across a site using US Congress House Speaker Nancy Pelosi's name. It appears to be all sorts of headlines and keywords such as: pelosi says surge did not workAnd there's also some not so flattering phrases:pelosi insanepelosi is an idiotpelosi is a communistSome well worded SEO

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com0http://securityblahblah.blogspot.com/2009/07/more-blackhat-seo-pelosi-is-target.htmltag:blogger.com,1999:blog-3600377216769810468.post-91888016189416414882009-06-18T15:35:00.007-04:002009-06-18T18:12:18.073-04:002009-06-18T18:12:18.073-04:00

The Web's most dangerous keywords to search forhttp://blogs.zdnet.com/security/?p=3457I've long known that some 75% of all screensavers found on the Internet via Google search contain malware but thought that some of these words were interesting: free games, work from home, iphone, barack obama. Something else interesting is the finding that when searching for lyrics keywords or phrases with the

GregFeezelhttp://www.blogger.com/profile/02294961259449885227noreply@blogger.com2http://securityblahblah.blogspot.com/2009/06/various-interesting-news-and-posts.html