Doug Bedell — July 19, 2017, 3:10 pm

Schools for Fraudsters – They’re Popping Up Online

They just keep on coming – security threats and word on how to counter them. Scammers are now into payment card fraud and, notes Kelly Sheridan on DarkReading, “Cybercriminals are working together to share tools, tutorials, and credit card data to scam victims.”

“It turns out, Kelly continues, “payment card fraudsters learn their skills as many professionals so: through online learning. Researchers at Digital Shadows discovered a Russian carding forum provides a course on how to commit fraud, complete with instructors, syllabus, webinars, and reading material.”

“We were surprised by the sophistication of the teaching site,” says Michael Marriott, research analyst at Digital Shadows. “There were weekly webinars, course material, links to software [students] could use, interactive Q&A sessions.” Read on, courtesy of Dark Reading, to learn details of the course offering… It’s all very professional, almost academic.

Doug Bedell — July 17, 2017, 4:10 pm

Sports Security Boosted With First ‘Innovator Award’

Ticket-taking and sports go together, of course, but you don’t often think of sports and security together, although pros in the field do all the time. As an indication, the Security Industry Association reports that Dave Tynan, of Axis Communications, received the inaugural Sports Security Innovator Award this month at the annual conference of the National Center for Spectator Sports Safety and Security (NCS4) in Orlando, Florida.

Tynan is credited with playing a key role in the creation of NCS4 at the University of Southern Mississippi in 2006, helping significantly “to develop what would become the nation’s first academic center dedicated to spectator sports safety and security research, professional development, training and outreach.”

Shown in the center of photo above, Dave is currently Axis’ business director for the Mid-Atlantic region.

Doug Bedell — July 14, 2017, 1:29 pm

Recruiting Cybersecurity Pros a Growing Challenge

Knowing how to detect and deter cybersecurity intruders is an increasingly sought-after skill. Ericka Chickowski on the DarkReading site advises that “by 2022 there will be a global shortfall of cybersecurity workers of 1.8 million people.”

Ms. Chickowski adds that “A lot of the issue comes down to the fact that there aren’t enough candidates with the right combination of specialized skills to fight the security problem at any given moment. It’s a moving target that changes day-by-day.” That makes it hard to design, say, a degree program in cyber security. She lists the six skills most desperately in demand.

Would that hackers themselves had the same sort of recruiting problems.

Doug Bedell — July 12, 2017, 11:46 am

Virginia Linking First-Responders In a Wireless Network

Virginia, Government Security News reports, is the first state to work with FirstNet and AT&T “to deliver a wireless broadband network to the Commonwealth’s public safety community.”

“FirstNet and AT&T will build, operate and maintain a highly secure wireless broadband communications network for Virginia’s public safety community at no cost to the state for the next 25 years,” GSN advises. “The FirstNet network will deliver innovation and create an entire system of modernized devices, apps and tools for first responders.”

Expected to emerge through the partnership is “an ever-evolving set of life-saving tools for public safety, including public safety apps, specialized devices and Internet of Things technologies. It also carries the potential for future integration with NextGen 9-1-1 networks and Smart Cities’ infrastructure.”

Doug Bedell — July 10, 2017, 12:20 pm

Oracle, Too, Is Hard-Pressed by Hackers

What’s involved in keeping up with computer security threats? A lot, and the challenge of besting hackers is getting ever more unnerving. That’s the impression one gets from reading the post “Oracle is patched into a software crisis” on Security InfoWatch.

“You don’t have to be a news junkie,” John Matthew Holt observes on InfoWatch, “to be cognizant of the ever-present threat of cyber attacks and the necessity for vigilant security. Cyber attacks are on the uptick and cybersecurity teams are struggling to keep up by remedying software flaws and responding to potential threats.

“With the latest Oracle patch release, we have one of the largest software vendors in the world, with expert security resources and dedicated testing and remediation teams, belatedly discovering and responding to the presence of major, known-vulnerable components buried deep in the software stacks of their core software platforms…”

Doug Bedell — June 30, 2017, 12:57 pm

Police Using New ‘Situational Awareness’ Body Cameras

From Mississippi via Government Security News comes word that police use of body cameras is expanding from clip-on push-button cameras to automatic situational awareness cameras that “turn on automatically in key situations and communicate with other officers and supervisors”.

“Both the BodyWorn camera and the Rocket IoT, singularly or in conjunction,” the Government Security post explains, “utilize their unique communication capabilities to activate specific recording triggers that automatically initiate video recording. These triggers are set by the Department’s individual recording policies—including a built-in accelerometer, prone positioning, light bar sensors in concert with door opening, rapid motion, GeoFence entry, etc.— and can be updated at any time via their video management system, AVaiL Web™. The BodyWorn camera and the Rocket IoT system offer unique integration with real-time GPS reporting of officer and vehicle, auto-related video for synchronized video playback, dockless evidence offload and more.”

Doug Bedell — June 28, 2017, 2:28 pm

Girl Scouts USA to Offer Cyber Security Merit Badges

Talk about being relevant to our digital times. Reuters reports that the Girl Scouts of the USA will be offering 18 cyber security merit badges starting in September 2018.

“The education program, which aims to reach as many as 1.8 million Girl Scouts in kindergarten through sixth grade,” Reuters adds, “is being developed in a partnership between the Girl Scouts and Palo Alto Networks (PANW.N), a security company.”

What is it that the Girl Scouts have historically been known for? Cookie sales. But these are trying times, especially for young people heading for the job market. They’d best know how to stay safe on the computer networks they’ll be using.

Moreover, women hold only 11 percent of the jobs globally in the cyber security industry. “In our increasingly tech-driven world,” says Sylvia Acevedo,” CEO of the Girl Scouts USA, “future generations must possess the skills to navigate the complexities and inherent challenges of the cyber realm…. From arming older girls with the tools to address this reality to helping younger girls protect their identities via internet safety, the launch of our national cyber security badge initiative represents our advocacy of cyber preparedness.” Kudos all!

Doug Bedell — June 26, 2017, 11:54 am

Hoax Bomb Threats Vex Universities, Businesses

In a persistent security concern, universities are being plagued with hoax bomb threats being sent to printers and fax machines on their campuses, Security InfoWatch reports.

Citing a USA Today report, InfoWatch advises that the universities affected include Vanderbilt University, University of Southern California, University of Virginia and University of Detroit-Mercy. The report adds that “Businesses around the nation have also been on the receiving end of the bomb threats, ranging in location from Asheville, N.C. and Grand Forks, N.D. to Detroit, Mich., Fairview Park, Ohio and Pompton Lakes, N.J.

The threats, some of them via email, as well, asked for sizable ransoms at the risk of explosions if they weren’t paid. Stay alert, but don’t panic upon receiving any such messages.

Doug Bedell — June 23, 2017, 10:41 am

Preview of Web Security Tools Coming Up

Ericka Chickowski on the DarkReading blog provides a preview of “8 hot hacking tools” that are expected to be “revealed and released” next month at the Black Hat USA meeting in Las Vegas.

These are tools for “white hats,” the good guys, to have and understand in the continually plaguing effort to keep the Internet safe and secure for all to use – “black hats” excepted. Ericka’s post is a preview of what’s to come. Especially if you won’t be in Vegas, it’s worth spending some time on.

Doug Bedell — June 13, 2017, 10:03 am

New York City’s Security Setting

PRO Barrier Engineer Rich Lawrence provides a PDF copy of the Spring, 2017 issue of Security Director, published by ASIS International’s New York City chapter. Get caught up on how New York is meeting its security needs – a comprehensive run-through.