Security Briefings

Cyber Threat Advisory: Counterfeit Hardware

By Kevin G. Coleman spyops

news_croppedOverview:Best Buy Digital Photo Frames Ship with Computer Virus

Reported Jan. 2008, the Insignia NS-DPF10A digital photo frames, which connect to PCs via USB, were "contaminated with a computer virus during the manufacturing process" according to a notice posted on the company's website.

Seagate announced in November of 2007 that it had shipped 1,800 Trojan-Horse tainted drives. The malicious software was thought to be pre-loaded, possibly in a spy effort by the Chinese government.

The Taiwanese Investigation Bureau claims that the Maxtor Basics 500G discs, which are used by government agencies, have been found to contain Trojan horse viruses that automatically upload to Beijing websites.


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Chem-Bio Threat Advisory: Chem-Bio Materials Found

By Kevin G. Coleman spyops

Ricin Found In Hotel Room

A dangerous toxin called ricin was discovered in a Las Vegas hotel on Friday, February 29th, 2008. In addition, the Anarchist Manual and firearms were also found in motel room with ricin. Ricin is made from castor beans, which were also found in the room along with a powdery substance that field tests indicated ricin. Ricin is a substance that is 6,000 times more toxic than cyanide and is considered both a chemical and biological weapon and is explicitly prohibited by the Biological and Toxin Weapons Convention (BTWC) and Schedule 1 of the Chemical Weapons Convention (CWC). According to the US Centers for Disease Control and Prevention, 500 micrograms of ricin -- about the size of a pin head -- is enough to kill an adult.

There were seven people hospitalized and one is comatose in critical condition.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Cyber Threat Advisory: SilentBanker

By Kevin G. Coleman spyops

Category:
Level of Sophistication:
Level of Threat:
Scale of Threat:
First Noticed:
Suspected Source:

         

Trojan Horse
4.2 High
3.5 Moderate
1.2 Low (400+)
Mid 2007
Organized Crime
Extremist Groups

Overview: This cyber threat has already struck over 400 banks in the U.S. Canada, France, Spain, Ireland, the UK, Finland and Turkey. The malicious code has the ability to get around two-factor authentication and the capability to distribute other Trojan software as well as to update itself. The scale and sophistication of this banking Trojan is worrying, even for someone who sees banking Trojans on a daily basis.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Career Advisor | Do You Have What It Takes to Be a Converged CSO?
Who’s the better choice to lead a newly converged organization--someone with more experience in information security or in physical security? A recruiter describes how three of his clients recently answered that question.

By Jeff Snyder                                        As seen in January 2008 CSO Magazine

When companies decide to combine logical and physical security, one of the first challenges they face is finding a leader who has been exposed to both information security and physical security. Someone has to be put in place to create change. Who is this person? What is his skill set? Where can she be found? Does he or she actually exist?

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Career Advisor: The Top Five Reasons CSO Candidates Don't Get Hired
Stuck one level below the CSO? A security recruiter shares the top mistakes job candidates make when they try to move up.

By Jeff Snyder                                                As seen in February 2008 CSO Magazine

You worked hard, finished one or more college degrees and maybe even earned multiple security certifications. In your mind, you now qualify to lead the charge on the most technically challenging security issues any industry can place in your path. But wait, you’re stuck at a professional level that is less than your dream job.

How did this happen? You probably have been paying too much attention to technical skills, and have not put enough focus on your interpersonal and business skills. In working with my clients to recruit C-level security executives, I find that security candidates often tend to come up short for one of the following reasons.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Top 10 Cyber Security Issues for 2008

By Kevin G. Coleman spyops

Information technology systems are the underpinning of our economy and nation’s security. Most of these systems rely on the Internet for communications. Security issues abound and many individuals become overwhelmed and have a difficult time assessing those issues which pose the greatest threat. The following list identifies the top ten cyber security issues for 2008.

1) Preparation for Cyber Warfare
Net-Centric Warfare is a reality and is continuously evolving. As computer technology has become increasingly integrated into modern military organizations, military planners have now come to see it as both a target and a weapon. We need to lead the world in offensive and defensive cyber warfare capabilities. In 2007 the world saw the first nation to nation cyber war between Russia and Estonia.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Job Interviews - A Tool For Espionage
Security Issue: Employees interviewing with outside firms are enticed and often pressured into disclosing sensitive, confidential and in some cases possibly classified information. Sometimes disclosure of even high level information about projects becomes the basis of derivative intelligence.

By Kevin G. Coleman spyops

The war on information assets now has a new tool and one that is hard to detect and guard against. The new tool is recruiting. Using false job postings and targeting specific individuals for bogus job interviews have become a tool for spying. The potential target is wooed by the position, salary, benefits or other enticements and, in the interviewing process, becomes comfortable and less guarded when discussing the details of the work they are doing.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

SecurityRecruiter.com
P.O. Box 398
Woodland Park
CO 80866
877-417-6830