background preloader

InformationWISE | Get Informed, Stay Wise

Facebook Twitter

InformationWISE. The online magazine for the W1SE Network.

At InformationWISE we write about the most important issues regarding cyber-security, social engineering, information security and awareness and education within those fields.



We take pride in telling the truth no matter if the facts might be controversial. Especially today when many major security magazines and outlets are controlled, manipulated and regulated, due to their need for advertisement income and partnerships. Informationwise. Heartbleed made simple. Education Published April 11, 2014.

Heartbleed made simple

The World’s First Website. Dutch army training offensive cyber-soldiers to carry out attacks. Published March 18, 2014 “It is about taking away resources from the enemy.

Dutch army training offensive cyber-soldiers to carry out attacks

If that is opening fire at heavy armored vehicles, bombing a known central-position or shutdown down their information-technology capabilities.” said Colonel Hans Folmer from the army division called Taskforce Cyber. Major-General Tom Middendorp, Chief of the Netherlands Defense staff The 15 cyber-soldiers will train for a year starting in 2014, about 200 individuals will make up the new unit of which the offensive personnel is a smaller division. W1SE Tool: Pixlr Editor. W1SE Quote: Email security and Buddhist teachings. W1SE Quote: Blackhat SEO and spray tans. W1SE Tool: Malwarebytes Anti-Malware Android.

W1SE Quote: Mother Teresa. Informationwise. Cybercrime Published March 17, 2014.

Informationwise

42 Million Accounts Including Passwords Exposed From Online Dating Site. Skype’s Official Twitter, Facebook and Blog Hacked. Published January 2, 2014 One of the messages posted on Twitter was: “Don’t use Microsoft emails (hotmail, outlook), They are monitoring your accounts and selling it to the governments.”

Skype’s Official Twitter, Facebook and Blog Hacked

This statement (and other similar posted during the hack) was most certainly done because Skype since some time back is under the Microsoft’s control. The World Wide Web is now 25 years old. Published March 13, 2013 That idea from Tim Berners-Lee at the CERN lab in Switzerland, outlining a way to easily access files on linked computers, paved the way for a global phenomenon that has touched the lives of billions of people.

The World Wide Web is now 25 years old

Hacking Tesla cars is a stark jolt of reality regarding the Internet of Things (IoT) security. Published April 4, 2014 But did they forget (or simply did not care?)

Hacking Tesla cars is a stark jolt of reality regarding the Internet of Things (IoT) security

About information-security and IoT-security whilst moving in a rapid speed to get our their product ? So it seems….. We can read in newly released documents that any attacker that wanted to, could easily gain access and remote control your Tesla car. This is another stark reality that the “Internet of Things” is growing quickly, and without clear security guidelines. The known exploit “flaw/bug” was found in the Tesla Motors official app. (!!!) All your web browsers are belong to us (Security researchers exploits your favorite browsers with 0-days during competition) Published July 16, 2014 On the list of web browsers was Chrome, Safari, Internet Explorer, Firefox.

All your web browsers are belong to us (Security researchers exploits your favorite browsers with 0-days during competition)

And of course, Adobe Flash (known and beloved waterhole for cyber criminals) was shown to still be unsafe. Security teams such as Siberas, VUPEN, HP’s own ZDI Team, Team ASRT and Keen-Team was doing good in the competition. Get Rich or /dev/null Trying. Sentimental Sunday: Whistler (From the movie Sneakers) Published November 1, 2013 IMDB describe the movie quite good with a few well elegant words: “Complex but lighthearted thriller about computers and cryptography, government and espionage, secrets and deception and betrayal.”

Sentimental Sunday: Whistler (From the movie Sneakers)

The movie poked fun at government spying, long before ECHELON and PRISM got to be public-knowledge. Sneakers have since released become a flick that computer professionals have taken to heart as a classic in the genre. What many may or might not know, is that the character Whistler played by David Strathairn, a genius blind phreaker that used his other heighten senses to elevate the group, is based on a real person. His name was Josef Carl Engressia Jr, alleged IQ of 172. Sentimental Sunday: First well-known computer bug.

Published March 23, 2014.

Sentimental Sunday: First well-known computer bug

Sentimental Sunday: AltaVista. Published March 31, 2014 Origins During the spring of 1995, Digital Equipment Corporation (DEC) Research Laboratories introduced a new computer system that was able to create and search databases much faster than other systems.

Sentimental Sunday: AltaVista

This new technology gave them the possibility to index and store every web page and every word on each page on the entire Internet in a fast searchable database. August 1995 was the launch of their first crawling of the entire web and it gave them a result of about ten million pages. W1SE Quote: Oliver Wendell Holmes. W1SE Quote: Every saint. Compromised EA server hosts phishing sites. Published March 21, 2014 The cyber-criminals first compromised a web server hosting two domains owned by the gaming company Electronic Arts Games (EA).

They then uploaded to the breached server phishing-sites to get within the EA.com domain to use in advanced phishing attacks. The phishing-sites attempts to first fools the victims into submitting their Apple ID and password. After this, it gives you a secondary request for information, asks the victim to verify their full name, card number, expiration date, verification code, date of birth, phone number, mother’s maiden name, plus other details that could become useful for the criminals. After submitting these details, the victim is redirected to the legitimate Apple ID website. Real Example of the EA.com hosted Apple-ID phishing site Using hijacked Apple ID details, hackers can gain access users personal data stored on on the Apple-network, and could even be used to access devices. New Facebook Phishing Attack: “Malaysia Airlines Missing Plane MH370 Has Been Spotted Somewhere Near Bermuda Triangle, Passengers alive!”

Published March 28, 2014 This time we see cyber-criminals faking a news story regarding the Malaysia Airlines Flight MH370 to steal Facebook credentials and further information from users. United Kingdom online vehicle fraud cost victims 17.8 million pounds in 2013. Published March 28, 2014 In that year, more than 6,600 UK residents reported online vehicle fraud to the police, with an average loss of £4,078 per victim.

The range in losses is considerable, from smaller losses of less than £50, which mainly related to holding deposits, to one unlucky victim who lost £300,000 where multiple vehicles were involved. Detective Chief Inspector Gary Miles at the Metropolitan Police commented: “Allegations of online fraud are on the increase. Criminals are exploiting a lack of awareness amongst the general public to scam them out of considerable sums of money. Retailers are making every effort to identify and withdraw, as soon as possible, fraudulent adverts. “People looking for a new car are increasingly doing their searching and purchasing online, giving them access to a much greater range of vehicles and providing them with opportunities to get the best possible deal.

Major European cybercrime syndicate using Social Engineering strategies to empty bank accounts brought to justice. Published November 25, 2014 The surgical operation against the criminal group lead to the seizure of more than €15000 in funds and crucial evidence that could directly tie them to the illegal activities. The now dismantled gang-of-crooks had developed a well planned and exceptionally successful fraud scheme, using creative deceptions and Social Engineering techniques in an innovative way to launch targeted phishing attacks.

The criminals used both email and telephone communication pathways to “gain the victims trust” and then to lure them into handing over the keys and codes to their online banking website. In this particular case the criminals had designed shrewd strategies and attack vectors, developed in several layers. 30th Chaos Communication Congress (30C3) Published January 4, 2014 The congress/conference helps providing information about technical and societal issues such as surveillance, privacy, freedom of information, data security and many other interesting things around technology and hacking issues. If you are interested in listening and seeing some of the most interesting experts within the IT world, you will enjoy this library of presentations. Get informed, stay wise.