Friday, August 01, 2014

What I am reading 8/1/2014 - The demise of the once great social networking site Reaganbook

Ars Technica - Trolls bring down the launch of conservative social network “Reaganbook” and The Verge - The swift death of ReaganBook, the Facebook for patriots -

Rather than being truly like Facebook — where you're limited to seeing the status of your friends — ReaganBook allows you to see every status update worldwide in a single homepage stream. (The site runs on an off-the-shelf version of social networking software PHPfox. The "About" section is still lorem ipsum.) This is a disaster. It's like you're on a busy bus where you can't tune anyone out, and everyone is hostile toward the bus, because the bus holds what the passengers believe to be extreme views on foreign policy.
Now imagine this bus is filled with porn, as ReaganBook quickly, perhaps inevitably, became. Gay porn, animated porn, conservative fan-fiction porn: everything is welcome so long as it has the potential to bother others on the site.
I can't say I am surprised, and while I am sympathetic to the goals of the site founder I have to imagine that the chaos was a little funny.  I know that makes me a horrible person and I am not actually condoning what happened, but come on you know that you would have been laughing.

Infosec Island - Windows Meets Industrial Control Systems (ICS) Through HAVEX.RAT – It Spells Security Risks -
The structure of the Havex binary and its system infiltration techniques resembles very much of those found in a typical Windows malware. The ICS spying module uses publically available code and shows no means of self-protection. The fact that such a low-sophistication ICS malware can still achieve successful infections without being detected should set off alarms for most ICS operators. That the malware focuses on data exfiltration suggests that it is likely part of the reconnaissance phase of a campaign. However, we anticipate that similarly designed malware with extended ICS modules will be capable of causing a lot more damage beyond information gathering.
What can you say.  Bad guys are out there, be vigilant.

Related - Real Hacks of Critical Infrastructure are Occurring – Information Sharing is Not Working -
My database of actual ICS cyber incidents is >350 and growing. I certainly hope people wake up before it is too late.
I can't speak for anyone other than myself and even then this is only my opinion, but on the plus side, while there may still be serious problems a lot of people are very serious about mitigating them.  Considering that some of the infrastructure is decades old and still going strong that isn't always an easy or inexpensive task.

Lifehacker - 10 Malware Removal Apps Tested, Malwarebytes Comes out on Top -

Can't really say I am surprised.  I think I have mentioned my anti-Malware strategy before:

1.  Daily - MSE (Windows Defender) running
2.  Weekly - Run a Malwarebytes scan 
3.  Monthly - Download and run the ESET standalone scanner.

Call me paranoid, but it's not super-time intensive and I can be pretty sure my machines are clean.

NY Times - Gaza Cease-Fire Collapses; Israeli Soldier is Captured -
JERUSALEM — A newly agreed cease-fire in the Gaza conflict collapsed soon after it came into effect on Friday with the Israeli military announcing that a soldier appeared to have been captured by Palestinian militants who emerged from a tunnel near Rafah in the southern Gaza Strip.
Wait a minute, I thought the Palestinians were just innocent victims, who in no way had provoked Israeli action.  Was I wrong? /sarcasm







Post a Comment

OSCP first progress report

Started yesterday after belatedly receiving the email notification that my materials were ready.  I signed up for the 90 day plan and I full...