Friday, July 23, 2010

Tabnabbing

I was recently interviewed on News Channel 5 about Tabnabbing which is a new technique that can be used for phishing. Tabnabbing is where one of your browser tabs changes, usually without your knowledge, to an attacker controlled website. Usually the website changes to something that looks familiar to the victim like Gmail, Facebook or Twitter. This can usually trick the victim to think that they have been logged out of a website. If the victim enters their credentials into the phishing site they are sent to the attacker. The credentials are then harvested and the victim is forwarded to the legitimate web site.

Check out the video and article over at NewsNet5.com.

Read more!

Thursday, July 22, 2010

Be An Information Security Green Beret

Not so long ago while flipping through channels on the TV I happened upon a documentary of the United States Army’s Special Forces, also known as the “Green Berets.” Never having served myself, my perception of this group was always based more on movies like “Rambo” where the Green Beret is an unstoppable one-man army who takes on the bad guys singlehandedly. In the real world, of course, this turns out not to be the case.

The Green Berets have many different groups and many different missions. And while like Rambo they are expected to have exceptional and specialized combat skills, what was fascinating to me was the focus on “soft skills.” One of their missions is to build insurgent and counter-insurgent groups from whatever groups of people they have available. They need to be able to communicate with natives of foreign countries, train them in the use of weapons and tactics, and lead them into battle. A single 12-man “A-Team” is expected to be capable of building and leading a 200 member guerrilla force! Within the military this is called a “Force Multiplier” and it’s a very powerful concept.


Read more!