Archive - November 2000
Is Your TV a Security Risk? Embedded Devices May be the Next Target.
The latest televisions and Blu-ray players are being shipped with more than high definition video and audio. Internet access and a host of new applications are being built in to run directly on these devices. A popular built-in feature is wireless access which enables the user to avoid plugging in an Ethernet cable. Accessing the internet and your favorite apps directly from your TV is convenient. However, what security risk does this pose?
Defending Against DDOS (Distributed Denial-of-Service)
The site is down! These are haunting words for most businesses, and today’s topic: the DDoS (Distributed Denial-of-Service) attack. This particularly nasty type of attack attempts to disrupt the availability of systems by overwhelming servers, saturating bandwidth or through other techniques. Your business is most likely heavily reliant upon specific systems and this article provides an overview of the DDoS attack that could potentially take these key systems down and techniques for combating the DDoS.
New Hacking Evidence fresh from the source
Previously, we have discussed the dangers of hacking and measures to take against an attack in the LulzSec blogs. Now we will delve into a different aspect of the wide world of hackers. We will not, however, look at a specific company or conglomerate that hacked different entities and organizations. Instead, we will observe the findings of McAfee after they accessed a server that was used for attacks since 2006. Operation Shady RAT, RAT being short for Remote Access Tool, has introduced new evidence on the targets, motivations, and frequency of hacking that are summarized below.
LulzSec Information Security Case Study Volume 3 – Sony
Eric Vanderburg
Thank you for staying tuned in to our third case study and final installment of our four part series on the Lulz Security hacks. Our first entry on the LulzSec hacks gave a broad overview of the group and what they did and how it made people aware of hacking. We then embarked on three case studies beginning with PBS and then Infragard that outlined the attacks and corporate response and lessons learned. This entry will focus on what happened to Sony. Keeping true to form, we will look at the security of the company attacked, the hack done by LulzSec, and the company’s response to that attack.
LulzSec Information Security Case Study Volume 2 – Infragard and Univeillance
This post is the third part of a four part series on the LulzSec hackers. Our first entry titled “Awareness Pains: How the LulzSec hacks influence security awareness.”, dealt with a broad overview of the group outlining their scheme and how companies and organizations were made aware of their shortcomings. Our second entry was the first of our three-part case studies, and it focused on the Public Broadcasting Service (PBS). This entry deals with the reaction of the Federal Bureau of Investigation Infraguard group and Unveillence, a security company. Our next installment will spotlight the effects of LulzSec on the Sony Corporation. Today we delve deeper into the LulzSec fiasco. Our second case study looks into Infraguard and Unveillence and their experience with the LulzSec hackers. We will look at how they operated before the attacks, what happened to them during the attacks, and what they have done since the attacks to boost their defenses against future hackers.
LulzSec Information Security Case Study Volume 1 – PBS
As promised, here is the first case study regarding the events surrounding the Lulzsec group. If you are reading that and wondering what we mean take a look at our blog entry titled “Awareness Pains: How the LulzSec hacks influence security awareness.” That entry will give you a foundation as to what approach we are taking with regard to the LulzSec group. The attack that we will focus on specifically was the attack on the Public Broadcasting Service or PBS. Today we will focus on the specifics of the attack, the preparedness of the corporation attacked, and finally their response to the attack along with the prevention of future attacks.
Awareness Pains: How the LulzSec hacks influence security awareness
Bob set down the phone with a sigh. After six hours, five phone calls, countless emails, and two meetings, it was time to go home. The exploit of a system he had been assured was safe was now front-page news. LulzSec was taking the credit but his company was taking the blame. Maybe this time we’ll fix something he joked to himself. Bob was made painfully aware of the shortfalls within his company’s security system.
Don’t let this happen to your company. Before this recent string of attacks certain security systems were thought to be safe. However, attacks such as the wikileaks scandal has catapulted hacking to the forefront, and shows that powerful governments are vulnerable to sensitive information being leaked and distributed to the public or used by an attacker. Once again there was little mentioned relating to business in wikileaks or the fallout surrounding. That all changed with the adventures of LulzSec or Lulz Security, and their hack of major corporations. LulzSec if anything raised awareness in the world if internet security. This blog is part of a series on the LulzSec hackings. There will be three follow up articles, in addition to this main entry, outlining LulzSec hacking case studies and corporate response.
