Tag Archive for: true

Can true crime stories about the internet keep individuals safe from cybercrime?

/in


If you were to visit the office of Joe Carrigan, a senior security engineer at Johns Hopkins University’s Information Security Institute (ISI), you’d notice a television screen displaying a looping slideshow. Among the featured content in the loop is a 2022 article from The New York Times, which recognizes his podcast for delving into discussions about the “dark side of the internet.”

That podcast is Hacking Humans, cohosted by Dave Bittner, who is also a producer for the pod by way of CyberWire, a B2B cybersecurity audio network. Hacking Humans focuses on the human side of cybersecurity problems.

“The idea of the Hacking Humans podcast is that it’s not a very technical podcast,” Carrigan said. We don’t talk about vulnerabilities, you know — we mention them tangentially, we mention them as necessary.”

According to Carrigan, a University of Maryland Global Campus computer science program alum, many people believe hackers are only interested in high-profile targets like nation-state actors or penetration testers. But anyone can become a target if they don’t protect themselves.

The Columbia, Maryland resident cited a country-by-county pay gap as a possible influence for those who might be employed by “scam centers” in countries like India and Nigeria — both known contributors to cyber crime, he said.

“If you look at the two countries, the average American makes around 73 times what the people in Nigeria and India make per year,” Carrigan told Technical.ly. “… If these guys [scammers] can scam somebody out of 25 bucks every day, seven days or six or seven days a week, in a year, they make three to four times what the average income is in their country, and they’re doing well.”

The podcast aims to bridge the gap between more technical cybersecurity discussions and the general public.

On a recent episode of the podcast (Season 6, Episode 262), for instance, Bittner — who is also an alumnus of the University of Maryland system — sounds surprised as Carrigan presents findings from a survey about people’s understanding of cybersecurity, including the jargon commonly used in the field. The survey was conducted by ISI and commissioned by…

Source…

True crime stories – A day in the life of a cybercrime fighter [Audio + Text] – Naked Security

/in


Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure.

[MUSICAL MODEM]

PAUL DUCKLIN.  Welcome to the Naked Security podcast, everybody.

This episode is taken from one of this year’s Security SOS Week sessions.

We’re talking to Peter Mackenzie, the Director of Incident Response at Sophos.

Now, he and his team… they are like a cross between the US Marine Corps and the Royal Navy Special Boat Service.

They go steaming in where angels fear to tread – into networks that are already under attack – and sort things out.

Because this episode was originally presented in video form for streaming, the audio quality isn’t great, but I think you’ll agree that the content is interesting, important and informative, all in equal measure.

[MORSE CODE]

[ROBOT VOICE: Sophos Security SOS]

DUCK.  Today’s topic is: Incident response – A day in the life of a cyberthreat responder.

Our guest today is none other than Peter Mackenzie.

And Peter is Director of Incident Response at Sophos.

PETER MACKENZIE.  Yes.

DUCK.  So, Peter… “incident response for cybersecurity.”

Tell us what that typically involves, and why (unfortunately) you often need to get called in.

PETER.  Typically, we’re brought in either just after an attack or while one is still unfolding.

We deal with a lot of ransomware, and victims need help understanding what happened.

How did the attacker get in?

How did they do what they did?

Did they steal anything?

And how do they get back to normal operations as quickly and as safely as possible?

DUCK.  And I guess the problem with many ransomware attacks is…

…although they get all the headlines for obvious reasons, that’s often the end of what could have been a long attack period, sometimes with more than one load of crooks having been in the network?

PETER.  Yes.

I describe ransomware as the “receipt” they leave at the end.

DUCK.  Oh, dear.

PETER.  And it is, really – it’s the ransom demand.

DUCK.  Yes, because you can’t help but notice it, can you?

The wallpaper has got flaming skulls on it… the ransom…

Source…

Samsung unfolds true productivity and flips design rules with Galaxy Z Fold4 and Galaxy Z Flip4

/in


Samsung Galaxy Z Fold4 and Flip4 bring massive upgrades and make foldable phones even more desirable. Samsung has worked on the design and internal hardware upgrades to make its uniquely positioned Fold and Flip smartphones even more appealing and make them stand out from the rest of the flagship devices. Let’s have a closer look at those significant upgrades and how they translate into a superior user experience.

A reworked hinge mechanism leads to superior ergonomics

Samsung engineers have used an aluminium-based hinge that is thinner, lighter, and yet retains the toughness and durability quotient as before. The hinge’s new mechanism brings a rotational effect to a more traditionally linear motion, allowing for a compact hinge without compromising strength and durability. As a result, the Samsung Galaxy Z Fold4 is slimmer and lighter than ever. Samsung has focussed on the idea of doing even more with the Galaxy Fold 4; they made it more compact and portable so that you can carry it anywhere you want. The device also has better weight distribution, making it feel lighter, and giving it a well-balanced feel.

The Samsung Galaxy Z Flip4 has also seen a lot of clever design changes in all the right areas. For starters, the Samsung Galaxy Z Flip4 is lighter and more compact than ever, especially from an in-hand feel perspective. Samsung has made the hinge slimmer and narrowed down the bezels to further add to the immersive experience in the most compact form factor. If you want a compact phone that easily fits in your pocket and yet delivers a flagship experience, the Samsung Galaxy Z Flip4 is a clear choice, and nothing else will fit the bill by a long way.

Sharper, brighter, faster and more efficient displays

The displays on both devices have also gotten smarter by using 120Hz adaptive refresh rate technology, both devices achieve power efficiency by intelligently using the high refresh rate only when needed, thus adding to overall battery life. The Cover Screen on the Samsung Galaxy Fold4 is also improved compared to its predecessor. It is wider than before, making it more impactful for content consumption and more convenient for one-handed usage. Another big (and…

Source…

The True Cause of Cybersecurity Failure and How to Fix It

/in


Veteran software developer David A. Kruger offered some thoughts on computer security recently at Expensivity and we appreciate the opportunity to republish them here. He starts with “Root Cause Analysis 101”

David A. Kruger

The classic line “I have a bad feeling about this” is repeated in every Star Wars movie. It’s become a meme for that uneasy feeling that as bad as things are now, they are about to get much worse. That’s an accurate portrayal of how many of us feel about cybersecurity. Our bad feeling has a sound empirical basis. Yearly cybersecurity losses and loss rates continually increase and never decrease despite annual US cybersecurity expenditures in the tens of billions of dollars and tens of millions of skilled cybersecurity man-hours. Cybersecurity’s record of continuously increasing failure should prompt thoughtful observers to ask questions like “Why are cybersecurity losses going up? Why isn’t cybersecurity technology reducing them? Are there things we don’t understand or are overlooking?”

That’s easy to answer: Of course, there are! After spending this much time, money, and brainpower on cybersecurity without managing to decrease losses, much less eliminating them, it’s painfully obvious something isn’t right.

This article explains what we get wrong about cybersecurity, how and why we get it wrong, and how to fix it. Fair warning: it’s a long and bumpy road. There a healthy dose of counterintuitive assertions, cybersecurity heresy, and toes stepped on, but at roads end you’ll know what the true cause of cybersecurity failure is and how to fix it.    

Part One – Cybersecurity Technology

The Heart of the Matter

When confronted with a chronic problem, we human beings are prone to err by trying solutions without first asking the right questions. We tend to ask, “How do we stop this now?” and fail to ask, “What’s causing this?” Then we are shocked when our fixes don’t last. This tendency is so common that safety engineers developed a formal analytical method called a root cause analysis to prevent this error. Root cause analysis is designed to find unidentified causes of recurring…

Source…