0 - Mark Ciampa's Blog (Security+ 7e)

    • 28 Dec 2021

    Log4j - Part 1

    [Reading time - 2 minutes 6 seconds] A critical zero-day {Module 1 Security+ 7e} vulnerability was discovered this month (Dec 9) as threat actors used it for launching attacks at Microsoft Mindcraft game servers. It was quickly determined that this vulnerability impacts millions (yes, millions) of servers used by organizations large and small. "Critical," "severe," "red alert," and just about...
    • 10 Dec 2021

    Push or Pull?

    [Reading time - 3 minutes 7 seconds] A vendor that sells security products yesterday (Dec 9 2021) made a blog posting about the issues and vulnerabilities surrounding a particular brand of network devices. A typical first reaction would be, "Here we go again: another hardware vendor who does not care about cybersecurity." But on closer reading of the blog posting that reaction may change. And it raises a very...
    • 22 Nov 2021

    Can Automakers Design Their Own Secure Microprocessors?

    [Reading time - 3 minute 24 seconds] If you have been car shopping recently you likely have experienced sticker shock: the price of both new and used cars have skyrocketed over the past year. Part of that reason is that microprocessors used in cars have been extremely difficult to acquire due to constraints in the supply chain. Now two major U.S. automakers have announced that they are planning to develop and manufacture...
    • 10 Nov 2021

    Healthcare Under Attack

    [Reading time - 1 minute 00 seconds] While there is no part of the economy that is immune from threat actors, healthcare today is increasingly feeling the brunt of attacks. Consider the number of individual patients that are impacted by several recent attacks: 319,778 - QRS provides services for patient portals and electronic health records. They were breached over three days in Aug 2021, exposing patient names, contact...
    • 9 Nov 2021

    Have We Still Not Learned?

    [Reading time - 3 minutes 47 seconds] On Friday (Nov 5 2021) the U.S. House of Representatives passed a $1 trillion public-works bill, and it is expected that the President will sign it into law soon. The bill includes $550 billion of new spending, and much of that money is related to transportation: $40 billion to repair, replace, and rehabilitate bridges, $39 billion for mass transit modernization and expansion, and...
    • 8 Nov 2021

    Consumer Product Labeling for Cybersecurity

    You may recall that six months ago the President ordered U.S. agencies and software contractors that supply them to boost their defenses against cyberattacks. One of the new initiatives was to pilot programs for consumer product labeling for cybersecurity. Last week (Nov 1 2021) a document summarizing the research and recommendations on labeling was released, and public input is now being sought. What are the recommendations...
    • 31 Oct 2021

    Cybersecurity Pandemic

    [Reading time - 3 minutes 20 seconds] We continue to deal with the pandemic COVID-19. There is also a growing cybersecurity pandemic. And each of these are difficult to contain. Consider a pathogen's (virus) basic reproduction number (R0, pronounced "R naught"). If a pathogen’s R0 is less than one, that means an infected person with the pathogen would only be able to infect less than one other person...
    • 23 Oct 2021

    "The Gloves Have Come Off"

    [Reading time - 3 minutes 46 seconds] In the sport of boxing, why do fighters normally wear gloves? It's not to inflict more harm on the opponent, but less. Although it may seem counter-intuitive, the purpose of boxing gloves is to limit the damage to the other fighter. Fighting without gloves and using just a bare fist would cause much more serious injury. It is from this that the phrase "the gloves have come...
    • 17 Oct 2021

    Is It Worth It?

    [Reading time - 3 minutes 59 seconds] Suppose you have just finished teaching a class. After all the students have left the classroom, you are ready to turn off the lights and head back to your office when you notice something on the floor in the back of the class. As you walk towards it you realize that it is a wallet that evidently one of your students had dropped. You want to do the right thing by notifying the student...
    • 13 Oct 2021

    Apple, That's a Very Weak Argument

    [Reading time - 4 minutes 29 seconds] When you are making your case before a court you want to put up a strong argument to support your side. Evidently Apple did not get that message. Last month (Sep 10 2021) the U.S. District Court for the Northern District of California ruled in favor of Epic Games' claim that Apple had violated the California Unfair Competition Law. The judge issued a permanent injunction that...
    • 10 Oct 2021

    Tightening the Screws on Robocalls - Part 2

    [Reading time - 3 minutes 11 seconds] Due to the outcry about robocalls, the Federal Communication Commission (FCC) finally took action. Two years ago (Aug 2019) a new technology was announced to combat robocalls that had been under development and testing since 2016. It's called STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted information using toKENs). STIR/SHAKEN uses...
    • 10 Oct 2021

    Tightening the Screws on Robocalls - Part 1

    [Reading time - 2 minutes 59 seconds] In our polarized world today there is not much in which you can find universal agreement. But there is one topic that everyone agrees upon: everyone hates robocalls. According to YouMail's Robocall Index in September 2021 just over 4 billion robocalls were made in the U.S. That translates to 132 million every day, or 5.5 million per hour. The average number of robocalls a user...
    • 8 Oct 2021

    Windows 11 Security - Part 3

    [Reading Time - 1 minutes 53 seconds] What about updates and security patches for Windows 11? And also Windows 10? Microsoft has said that its "Windows-as-a-service" strategy will continue. This was an ongoing bi-annual update to Windows 10 instead of releasing entirely new versions of Windows every few years (and that's why Windows 10 was called by Microsoft as "the last version of Windows")....
    • 7 Oct 2021

    Windows 11 Security - Part 2

    [Reading Time - 3 minutes 11 seconds] In addition to the performance-based hardware to run Windows 11, there are also two additional hardware requirements that are security-based: UEFI Secure Boot supported and enabled Trusted Platform Module (TPM) v2.0 UEFI (Unified Extensible Firmware Interface) {Module 4 Security+ 7e} is the firmware on a computer that supports the initial boot process or "booting" {Module...
    • 7 Oct 2021

    Windows 11 Security - Part 1

    [Reading Time - 3 minutes 54 seconds] Microsoft Windows 11 is now available. While there are many changes and enhancements (redesigned Taskbar, new Start menu, changes to the system tray and notifications, etc.), what about security? Does Windows 11 provide a higher level of security? First, how did we get to Windows 11? Image by 200 Degrees from Pixabay When Windows 10 was released in mid-2015 Microsoft billed it as...
    • 22 Sep 2021

    tHE fIX tHAT fAILED

    [Reading Time - 1 minute 14 seconds] If you are sharp-eyed, you may have noticed that the title for this blog lacks the correct punctuation (it should be "The Fix That Failed"). That is intentional, because it highlights a problem with Apple: they tried to fix a vulnerability, but it can easily be circumvented by simply changing the case of a word. Yesterday (Sep 21 2021) the security researcher Park Minchan...
    • 15 Sep 2021

    Microsoft Passwordless Authentication

    [Reading Time - 2 minutes 12 seconds] Today (Sep 15 2021) Microsoft expanded its passwordless authentication. What exactly is this? And is it something that you should use? Microsoft has been working towards eliminating passwords {Module 12 Security+ 7e} for several years. In 2018 it started supporting physical tokens {Module 12 Security+ 7e}, in 2019 it made Windows 10 passwordless, and in March 2021 it rolled out passwordless...
    • 8 Sep 2021

    Cyberattack Victim Profile

    [Reading Time - 3 minutes 3 seconds] Most successful criminals are interested in finding the ideal victims to target. Casting too wide a net that ensnares too many victims is not always a good plan of attack. Why? Because a high percentage of those victims will likely be unable to generate enough revenue to warrant the time, effort and risk by the criminal. In other words, they are a poor return on investment (ROI). Consider...
    • 20 Aug 2021

    Apple CSAM Detection

    [Reading Time - 4 minutes 41 seconds] Earlier this month (Aug 5 2021) Apple announced the Apple CSAM Detection. What exactly is this? And what impact might it have on user privacy {Module 15 Security+ 7e}? CSAM, which stands for child sexual abuse material (CSAM), is a major concern today. Sexually explicit pornographic pictures of minors are taken and exchanged online by pedophiles. But the laws that outlaw CSAM are...
    • 11 Aug 2021

    Ransomware Update (Part 5) - Real World Parallels

    [Reading Time - 2 minutes 19 seconds] Ransomware {Module 3 Security+ 7e} is a dreadful plague today on all users and enterprises. But holding something (besides data) or someone for a ransom is nothing new (see Aug 1 2021 blog posting), and it continues even today. And when we compare real world kidnapping with threat actors locking up valuable IT data, there are several parallels that can be seen. Consider the nation...
    • 1 Aug 2021

    Ransomware Update (Part 4) - Disrupt Cryptocurrencies?

    [Reading Time - 4 minutes 14 seconds] How do we stop ransomware {Module 3 Security+ 7e} (see Jul 27 2021 blog posting)? Banning cryptocurrencies is not the answer (see Jul 29 2021 blog posting). Outlawing the payment of ransoms is not the answer (see Jul 31 2021 blog posting). Another proposal is, instead of trying to ban them, to instead disrupt cryptocurrencies. Will that work? Paying a ransom has a long history. The...
    • 31 Jul 2021

    Ransomware Update (Part 3) - Ban Ransomware Payments?

    [Reading Time - 4 minutes 50 seconds] If banning cryptocurrencies (see Jul 29 2021 blog posting) is not the answer to stopping ransomware {Module 3 Security+ 7e} (see Jul 27 2021 blog posting), then is outlawing the payment of ransoms the answer? This is what some state and even federal legislators are proposing when the victim is a government agency. But will banning the payment of ransoms stop ransomware attacks? State...
    • 29 Jul 2021

    Ransomware Update (Part 2) - Ban Cryptocurrencies?

    [Reading Time - 2 minutes 56 seconds] One of the defenses against ransomware {Module 3 Security+ 7e} that is often heard today is to ban cryptocurrencies. Because this is the means by which the ransom is paid, cutting off this technology will cut off ransomware, since there will be no viable and untraceable means to pay the ransom. But will banning cryptocurrencies stop ransomware? Image by Gerd Altmann from Pixabay...
    • 27 Jul 2021

    Ransomware Update (Part 1) - Why the Increase

    [Reading Time - 3 minutes 22 seconds] This year of 2021 is shaping up to be the Year of Ransomware. That's why we've devoted multiple blog postings to ransomware: Jan 30 2021 - Consequences of Inaction Apr 24 2021 - Continuous Evolution of Ransomware May 03 2021 - Secure, Yes. Anonymous, No. May 13 2021 - Stirring Up a Hornet's Nest May 18 2021 - Ransomware Protection (Part 1) - Backups May 21 2021 - Ransomware...
    • 22 Jul 2021

    What's Going On In Redmond?

    [Reading Time - 3 minutes 46 seconds] It's been a bad few days for Microsoft. First, they tried--but failed--to fix a vulnerability in the Microsoft Windows print spooler. Then another print spooler vulnerability was found, and we're still waiting for a patch (see Jul 19 2021 blog posting). Then Microsoft had to fix multiple software vulnerabilities that a "cyber arms dealers" was using to sell a tool...