Infosec Haiku

Anata no joho sekyuritei konshu no haiku

Google, Firefox,
Facebook, Amazon – All Say
NO to FlashJobs Wins!


### Notes ###
* Thanks to Ms. Etsuko vdH for the translation.
* Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published.

> Read More

Social Media: the Bad Guys’ Perfect Playground

October marks the 10th anniversary of National Cyber Security Awareness Month, a public education campaign spearheaded by our colleagues at the National Cyber Security Alliance. It’s somewhat disheartening to consider the lack of progress made in cyber security over the last 10 years; cyber criminals continue to wreak havoc stealing personal identities, corporate IP, and even national secrets.

> Read More

Facebook Graph Search and Social Engineering

Earlier this week, Facebook announced a major facelift for its search capabilities which will undoubtedly usher in a new era of search capabilities far more contextual and useful for Facebook’s users and advertisers. Graph Search will begin to leverage the massive amounts of information people have shared on Facebook and index it into contextually relevant search results based on natural language queries.

> Read More

Safe Social Media in 3 Steps

Social media introduces risk – no doubt about it. As security pros, our first inclination is to of course ban it’s use on our networks altogether because it’s the safest approach. But, it’s also the wrong one.

Like it or not, social media has forever changed the way we do business, for the better.

> Read More

Keys to the Kingdom

For hackers, social media is the top malware delivery vehicle of choice right now. And why not? Social networking sites are where the people are – and their information is readily available. Sadly, many unsuspecting people fail to realize that by creating a Facebook page, they are literally handing bad guys all the necessary needed to hack their bank account.

> Read More

Tiger Blood, Adonis DNA, Malware … Oh My!

As sure as night follows day, malware follows the meme. And latest meme, apparently, is all Charlie Sheen, all the time.

I don’t watch much TV (read: none), and don’t read many celebrity gossip blogs (read: none), but even *I* am painfully aware of Charlie Sheen’s seemingly wacked out 20/20 special and the sundry other interviews.

> Read More

Social App Security – An Oxymoron?

The recent Wall Street Journal investigation on the Facebook privacy breach begs a fundamental question:  Can a “social application” be secure?  This is a question bigger than just Facebook.  Popular mobile communications platforms such as Apple’s iOS and Google’s Android have also struggled with this as of late.  Here is the core conundrum – platform vendors need to provide a secure platform for developers to build consumer apps bursting with compelling functionality and innovation – so where do platform vendors draw the line between consumer privacy and innovative functionality? 

> Read More

Erosion of Privacy: An Escalating Issue for Facebook

Identity theft is not the only concern associated with the decline in privacy at Facebook. The increased publicly available personal information on Facebook will undoubtedly fuel enterprise spear phishing attacks. Why hack the enterprises’ perimeter security when you can simply trick an insider into opening a file that installs malware?

The erosion of privacy at Facebook is bad enough from a personal perspective but within the enterprise it also increases risk as it may also very well increase the likelihood of success of a social engineering attack.

> Read More

How To Reduce Your Web 2.0 Risk

95 percent of companies use Twitter and Facebook. Learn about the latest risks these web 2.0 applications bring into your organization and how to manage them.

Key Steps to Navigate Around New Facebook Privacy Settings

What’s all the fuss about the latest changes on Facebook? Simply put, the changes mean that nearly everything that you place on your Facebook page can now potentially be made available to anyone surfing the Internet.

The latest Facebook changes are purported to be an enhancement to make the social networking site easier for people who are looking for you using a search engine like Bing or Google to find you on Facebook. 

> Read More

Sesame Street Simple Facebook Guide to Surviving Malicious Attacks

It certainly seems that not a week goes by without hearing about yet another attack on Facebook users. Last week it was a phishing scam driven by a botnet, and this week, we have two new and different phishing scams — one cleverly tricking users into revealing their passwords and another installing malware that quietly waits for the user to start a banking transaction only to steal their login credentials.

> Read More

Who Owns Your Data in a Social World?

Over the past months it has been interesting to watch the furor over certain End-User License Agreements and the definition of data ownership.  Most draconian was the idea that once posted by a user, the data transferred ownership to the social networking site.  This of course has huge implications to an individual user, especially for professionals that use social sites to propagate their content. 

> Read More

Facebook Grows Up with Better Protection of User Information

Whether you want to admit it or not, social networking is a fact of everyday corporate life. In most companies, the number one social networking application used daily during work hours is Facebook. This is not a fad as it took less than 9 months for Facebook to reach 100 million users and the Apple iPhone application to reach 1 billion downloads.

> Read More