Author: Griz

I have been computing since 1976-1977 starting with a SWTCP 6800 (google that piece of computing history). My career progressed to technical support ranging form OS to applications and networking. Later on my path evolved to ISP support, ISP Abuse, then into a Security Operations Center. After the chapter ended I made it into a far more mature SOC when I worked with some great minds then moving into my current roll of cybersecurity assessing.

Human Firewalls and Their Importance

Posted on by Griz

The Human Firewall: Your First Line of Defense

Imagine your workplace as a grand castle, fortified with walls, moats, and watchtowers. But amidst all the stone and steel, there exists a vital yet often overlooked defense: the human firewall. This invisible shield is composed of every employee—the knights, scribes, and jesters—who interact with the digital realm.

  1. Vigilance and Awareness:
    • The human firewall is not impervious; it thrives on vigilance. Every click, every link, every attachment—these are potential gateways for cyber threats.
    • Employees must be aware of the dangers lurking in their inboxes. Phishing emails disguise themselves as friendly missives, urgent notices, or enticing offers. But beneath the surface lies treachery.
  2. Phishing: The Cunning Deception:
    • Phishing is like a shape-shifting sorcerer. It masquerades as a trusted entity—a colleague, a bank, or even a mythical prince seeking your aid.
    • The bait? A seemingly innocent link or attachment. Click it, and you unwittingly open the castle gates.
  3. The Art of Suspicion:
    • Train your eyes to spot the signs. Is the email unexpected? Does it create urgency? Does it ask for sensitive information?
    • Beware of misspelled domains, odd sender addresses, and requests for passwords or financial details.
  4. Reporting: Your Noble Duty:
    • When you encounter a suspect email, don your armor of responsibility. Report it promptly to your castle’s cybersecurity guardians (usually the IT team).
    • They will investigate, trace the dark magic, and thwart the threat. Your vigilance could save the kingdom!
  5. Collective Defense:
    • Remember, the human firewall is not a solo act. It’s an ensemble—a symphony of cautious clicks and wary glances.
    • By reporting, you protect not only yourself but also your fellow knights and jesters. Together, you form an unbreakable chain.

Reporting Suspect Phishing Emails: A Heroic Quest

Now, let’s embark on a quest. Imagine you receive an email from “PrinceNigerianScam@notascam.com.” The subject line reads, “Urgent: Inheritance Awaiteth!” The prince claims you’re the long-lost heir to a fortune. All you need to do is send your bank details.

  1. The Call to Action:
    • Pause. Breathe. Channel your inner hero. You suspect foul play.
    • Click not the link! Instead, wield your mouse and report the email.
  2. The Reporting Ritual:
    • Seek the “Report Phishing” button (it’s usually a shield or a flag). Click it.
    • Describe the email’s malevolence: “Suspicious sender, dubious inheritance, smells fishier than a mermaid’s lunch.”
  3. The IT Wizards:
    • Your report flies to the IT wizards. They decipher its runes, analyze its hexes.
    • If it’s indeed a phish, they cast counterspells—blocking the sender, fortifying the castle.
  4. Your Legacy:
    • You’ve done it! You’ve thwarted the sorcery. Your coworkers cheer, “Huzzah!”
    • Your legacy? A safer castle, a stronger human firewall.

Remember, dear knight of the digital realm, your vigilance matters. Each reported email strengthens the castle walls, shields the treasury, and keeps the dragons at bay. So, raise your virtual sword, and may your inbox be forever free of phishing spells! 

Do you like to write on technical subjects?

Posted on by Griz

If you have a cybersecurity paper that you would like to publish here, please let me know. I would be happy to look it over and post it here as either a post, or a page. You would of course get full credit for the work under any name of your choosing. Keeping in mind that some prefer to be anonymous I am happy to accommodate.

OSINT and leveraging the internet to your favor

Posted on by Griz

More than likely even if you do not know the term OSINT, you have used it. If you have dated modern women, it has likely been used against you.

OSINT is open source intelligence. Have you ever “Googled” someone or yourself? Then you have used OSINT. Open source intelligence is using any publicly available information to gather information about a person or organization.

The reason for your search will determine what tools are best for you. Sometimes it is any number of search engines like Google, Dogpile, Bing, Duckduckgo, etc.

When my daughter started dating, she cautioned at least some of the guys that they would be background checked. Now some parents may pay for these name check sites, but my wife and I have learned to use OSINT and do the digging for free. I was able to find stuff that one of the guys did not even know existed (or wouldn’t fess too as he was a crap fest). Once you have gathered your notes form the basic web searches, you can start in with the local civil and criminal courts. I am in Washington State where we have some good searchable resources open to us. Check your area to see what you have access to. Use your own name to see what can be found (without being in law enforcement). You can piece together a fair idea of their character. Are they a felon? perhaps a sex offender, or just a ton of civil cases for not paying bills etc. You could find bankruptcies, evictions, or simple disputes. Some of these results will require a trip to the court house to get more details that are all in the public record. Leaving home may not be technically OSINT as you may have to pay for access to the data.

As you start your adventure into OSINT, I hope that you bookmark the best sites that you find. As you practice, you will go back to those favorite sites and become better with your search patterns. Before you know it, you will be a world class information excavator. (see also, the skills of a suspicious wife/girlfriend)

Can you help with my inspiration?

Posted on by Griz

With all of the hustle and bustle of my day job, it is very easy to get to the end of the day and not think about adding to the content of this site.

Of course I feel guilty about it since I know that there is so much that I could (or should) be sharing with you.

Part of the dilemma, is what to bring to your plate. The world of cybersecurity has an immense spectrum. You will find areas that you enjoy most and they may end up as your specialty.

Here is what I am asking, are there tools that you want to learn about?

Are there attack types that interest you? Perhaps a tool that has caught your attention and you would like to see it discussed.

Do you have content that you have written that you feel would be a good fit for what we are doing here?

Please speak up in the comments and I will do my best to make it happen.

Do you over share?

Posted on by Griz

A friend and colleague posted a picture this morning and I had to steal it. It has too much educational value to not share it. (You know who you are, thank you)
One of my driving hobbies is personality reading of people by their bumper stickers. I had not contemplated the potential black hat value of it. Just like any other form of social media, we share too much. There needs to be a cool name for this bumper/back glass social media… is there one yet?

https://www.wsls.com/news/local/2020/09/03/how-the-bedford-police-department-says-you-could-be-oversharing-through-bumper-stickers/https://www.wsls.com/news/local/2020/09/03/how-the-bedford-police-department-says-you-could-be-oversharing-through-bumper-stickers/

Remote Access Scams

Posted on by Griz

It always takes me by surprise when I hear of friends and acquaintances who have permitted email contacts of phone callers to have remote access to their systems.

We spend a great deal of effort to safeguard our networks and systems. We protect against hackers, malware, etc. but then pay bad actors to log into our systems and give them a master key. Why?!?

The premise is often “Microsoft” or some other well known name has detected an issue with your system. One of the reasons that I have had hopeful scammers use on me was that there was a DNS issue on my computer that they needed to fix. They only wanted $320 (or something close to that) to log in and repair the damages. With the experience that I have, I give them a fun run around. I was surprised to learn that my wife was doing the same thing when they would call her. The best part is that she would play the dumb wife card while doing it. I wish I could do that… We would run them all over the place as they tried to walk us to where we would allow remote access only to have my wife or I tell them that we were not running Windows. My wife would claim we run CentOS, or I would pick an obscure OS of the day. Sometimes it was FORTH, other days it might be FORTRAN, perhaps it was Pascal. I would call them back and burn as much time as I could so that they could not hound on someone less skilled. I have been told that I was no longer allowed to call them. That was fun.

Bottom line, these people are trying to take multiple swings at you. The first swing is to get you to pay them for their “service” then later they would access your system and get whatever information that they could to attempt access to your bank, or other services. They could also install any number of malware packages to your machine to make it a willing slave to their needs at any time of the day.

Do not…. ever grant remote access to your machine unless you are the one initiating it, or if you are working with a known entity such as your employer’s helpdesk.

Are your smart devices listening to you?

Posted on by Griz

Let’s start our posts off in a fun way. A way that you can play along at home.

I am sure that you have heard that websites use your browsing history to spy on where you browse, and what you search for. You likely know that your smart devices use GPS to track every move that you make while you carry them.

Did you know that they are actively listening to you also? Yes, they are like a little surveillance team that you willingly share some of your deepest secrets with. You know, the ones that you only tell your dog, cat, or maybe your plants as you water them? On the surface, we all must know that they listen. How else would Alexa hear your playlist request? Cortana and Siri are the same way, they are constantly sucking up the nuggets of voice and recording it.

If you want to prove that what you verbalize is being sold off for advertisers’ consumption, it is not too hard. This is where you get to play along at home. If you want, draft a partner to be your co-cyber-sleuth.

To maintain the integrity of this experiment, I am not going to suggest the subject of your test.

Here is the lab experiment:

Lab Requirements

  1. A smart device; Alexa, Siri, smart phone, or any other internet connected device with a microphone.
  2. Pen and paper
  3. If you are using a lab partner (or perhaps a group) you will need to communicate with the pen and paper to decide upon a product on the market that you have not searched for. This is going to be your target. Do not discuss it verbally at all while you decide.

Now it is time to conduct your experiment. Whether you are alone, as a pair, or team it is time to have a three to five minute discussion in the presence of your smart device about your subject. You might discuss brand names, qualities about the product, and possible vendors of the object.

Wait for thirty minutes to an hour, then open Facebook and scroll through your feed and watch the ads content. Did the test subject appear? If it did not, please drop a comment below letting me know of what your test subject was, and what device you were testing. If your test subject DID appear, please consider clicking on one or two of the ads on this page.

Does that sound fair? I look forward to hearing your results.