Posts

NotPetya Cyberwarfare ?

It is interesting that many are regarding this latest NotPetya attack as Cyberwarfare and not Ransomware.
The main reasons for this assumption are as follows:

Due to the nature of the infection, it would appear that Ransomware is being used to mask the true nature of the attack.
The files seem to be unrecoverable.
Similar to wiping a hard disk, the entire drive is rendered unuseable by overwriting the Master File Table.

It would definitely appear that the intention is to destroy rather than hold to Ransom.




Athena Spyware and EternalRocks

Wikileaks last week released documents detailing an application created by the CIA used to covertly monitor and control virtually any  current version of Windows.
Basically the application named Athena is spyware which  gives full rights over the PC to the control.
There is even a full user guide.HERE.

And there is also news of a rival to Wannacry called EternalRocks which has the potential to be even more destructive.  Eternal rocks makes use of seven of the NSA exploits leaked.  Wannacry used two of the exploits.  At present there is no reported activity related to this malware but it is very covert and includes serveral techniques to avoid detection.

So the question is, who are the bad guys?  The ones who leak the information or the ones who know about it but decide not to tell anyone?

We know in reality that the bad guys are already two steps ahead of the authorities when it comes to CyberSecurity so would it not be in everyones interest if the Authorities actually made a true con…

SHA-1 Certificates will be rejected by the latest browsers.

Websites and systems protected using certificates using Sha-1 algorithms will no nonger be accepted by new browsers.  IE11 and Chrome for example wont allow a user to continue on to the site regardless.

Most public CA's have been issuing more scure certificates for some time now, however many internal CA's are still using Sha-1 to sign their certificates.

Its time to check and upgrade/reconfigure  if you want your systems to keep running smoothly.

Microsoft for example has several articles on how to deal with the situation in their support site.

I recently helped a customer running Windows Server 2008 Domain to upgrade their CA to issue the higher security certs.

Is your company ready for GDPR ?

What is it ?

Put simply it is a set of new policies adding to the current Data Protection Laws in the EU.

Companies will be required to respect "the right to be forgotten". This means that you must be fully in control of your data in such a way that all digital traces pertaining to any individual must be fully deleted should the request be made.

Whats is in scope ?

Basically all of your data must be cleansed of any identifying data if requested.  This will include all past and present data including archives and backups.

What if I dont comply with a request ?

Penalties will be imposed of up to 4 percent of worldwide turnover.

How should this be implemented ?


You will need to be able to demonstrate a process which is implemented and fully documented which complies with each request.

What problems need to be overcome ?

The biggest issue is knowing your data.  In other words having fully indexed data and systems which will ensure this can be conducted in a thorough and effective ma…

Fortinet releases 5.6 FortiOS for Fortigate but Analyzer users should not upgrade yet.

The new release of FortiOS has been around for several weeks now, however many users are realising that they cannot continue to use their FortiAnalyzer running the 5.4 code.  It needs to be upgraded to 5.6 on the Analyzer as well.

One problem is that we are still waiting for 5.6 for FAZ.  Therefore people are downgrading.

In all fairness the FAZ compatibility guide is quite clear but why release one without the other.

The Governments Snooping Laws

So it looks like the Government will finally get the law passed requiring websites to retain all user browsing activity logs for a minimum of 1 year.
I really cannot understand how this will achieve much at all.  The real criminals arent going to do much "in the clear" and the odd time something does lead to conviction will be so minimal that it wont be worth all the effort.
Its a shame the logs arent protected under the data protection act by the ISP, as it would make life a little more difficult.
I guess if this concerns you, now is the time to go TOR if you arent already.

configuring the zmodo ZP-IBi-13W camera to work with Blue Iris Software.

Image
Off topic.......configuring the zmodo ZP-IBi-13W camera to work with Blue Iris Software.

Many people have had issues getting these cameras to display video in any other sotware except the supplied z-viewer.  Here is how I got it working with the Blue Iris Software.  The settings may work with other software but have not been tested.