Monday, May 26, 2014

Blackshades Breakdown

Spread the word about Defence Intelligence. Sharing is caring.
Photo: FBI.gov
The last couple of weeks has been dominated by talk of Blackshades and the FBI crackdown on those using it.  We did a number of media interviews around Blackshades and here's what we think people should really be focusing on:

The price:  At $40.00, Blackshades was a bargain.  Such a low entry point is great for mass adoption and a quick payday.  Mass adoption however, stirs up attention from law enforcement.  While the FBI managed to make almost 100 arrests, I doubt that any of those are what we would consider high value targets.  

The Response:  The FBI has made a lot of noise about this operation, and rightly so.  The scale of the operation was huge, involving 300 searches in 19 countries.  With almost 100 arrests, it's clear that the FBI has gotten better at working with their counterparts around the world.

Sadly, while the FBI is bringing justice to those using the Blackshades malware, the NSA is busy doing the exact same thing that the people arrested were.  I think it's safe to say that their software cost a lot more than $40 though.


Blackshades gives people something to be scared of:  

Let's face it, the general public just doesn't care about their privacy as much as we might like them to.  If their credit card info is stolen, the bank picks up the tab.  Someone might read their emails or gain access to their social media accounts?  They're already posting most of their personal lives for all to see anyway.


What people are scared of is someone posting naked pictures of them online.  The webcam functionality of malware is usually of little concern to security folk.  It is, however, a big concern for the average citizen.  Having to replace your credit card is an annoyance.  Naked pics of you being passed around your school or workplace is something that might actually elicit a change in behaviour.

Thursday, April 10, 2014

Heartbleed: What Do I Do?

Spread the word about Defence Intelligence. Sharing is caring.
The KeePass Password Safe icon.
The KeePass Password Safe icon. (Photo credit: Wikipedia)
You've probably read a little about Heartbleed by now and you either understand the details or not. For some additional reading you can visit heartbleed.com. Either way, you are, and should be, worried if this is going to affect you directly. The answer, probably. Not all sites and software rely on the security torn open by Heartbleed but many do. For these locations which are currently vulnerable you will need to confirm that they, the site owners, have fixed the issue BEFORE changing your passwords.

How do you do that? Go to Heartbleed Test or Heartbleed Checker and type in the site you're worried about, such as your banking site.

If it comes back green it was either fixed or never had a problem. I recommend a password change anyway. You are probably overdue for one.

If it comes back red, check back again later until it comes back green. Then change your password.

I think you'll find at this point that many sites have fixed the issue, but it can't hurt to check.

For those who are interested in the related CRA website shutdown from Heartbleed, read this story as well: ctvnews.ca.
Enhanced by Zemanta

Monday, March 3, 2014

Congratulations to our big winners at RSAC 2014!

Spread the word about Defence Intelligence. Sharing is caring.
The Defence Intelligence road crew has arrived back from RSA Conference 2014 and wanted to take a moment to thank everyone who came out to to visit our little piece of Canada at the event.  It was great to see so many current and future clients and to talk to them about what makes us unique in the space.

We gave out thousands of maple syrup candies, hundreds of DI hockey pucks and got to gloat a little about the Olympic hockey wins.  We are also proud to announce the big winners of our draw:

1st Prize:  1 year FREE Nemesis Advanced Malware Protection Service (up to $25,000.00) and a signed Jean Beliveau NHL jersey

Winner:   Patrick Russ - Wells Fargo


















2nd Prize:  Free Harbinger Network Risk Assessment and a Canadian olympic hockey jersey

Winner: George Ribeiro - RingCentral


















3rd Prize:  Free Harbinger Network Risk Assessment (20 units)

Winners: Contacted via email



Thanks again to everyone who stopped by to see what the hockey jerseys were all about, we're looking forward to next year already.

A big thank you must also go out to Travis and Julie from Owly Design for tolerating our constant stream of edits and to our Taqueria Angel for keeping us fed.