Archive januari 2019

Securing Microsoft Office

Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer responsible for others, depending on the service delivery model chosen. To ensure that a customer’s cloud workloads are protected, it is important that they carefully consider and implement the appropriate architecture and enable the right set of configuration settings.

https://cloudblogs.microsoft.com/microsoftsecure/2019/01/10/best-practices-for-securely-using-microsoft-365-the-cis-microsoft-365-foundations-benchmark-now-available/

The Federal Government Offers a Case Study in Bad Email Tracking

Bra beskrivning av ”pixel tracking” och ”link tracking”. Båda frekvent använda även av svenska aktörer såsom kommuner, banker och,,, bevakningsföretag. Mejlleverantörer såsom mailchimp och anpdm får stora mängder överskottsdata.

”We’ll break them down one at a time, using examples from the email itself to illustrate how those methods work in the common case. In addition, we’ve written guidelines for users, email clients, and email providers to protect against these techniques.”

https://www.eff.org/deeplinks/2019/01/federal-government-offers-case-study-bad-email-tracking

Difference between a vulnerability assessment and a penetration testing!

Vulnerability Assessments

A vulnerability assessment is the process of running automated tools against defined IP addresses or IP ranges to identify known vulnerabilities in the environment. Vulnerabilities typically include unpatched or mis-configured systems. 

The purpose of a vulnerability scan is to identify known vulnerabilities so they can be fixed, typically through the application of vendor-supplied patches. Vulnerability scans are critical to an organisations’ vulnerability management programme. The scans are typically run at least quarterly, though many experts would recommend monthly scans.

Penetration Tests

One of the initial phases performed by a penetration tester is to perform a vulnerability scan to learn the IP addresses, device type, operating systems and vulnerabilities present on the systems. The next phase of a penetration test is exploitation which takes advantage of the vulnerabilities identified in the system to escalate privileges to gain control of the network or to steal sensitive data from the system.

Both should be performed

Although vulnerability assessments and penetration testing have different goals, both should be performed to improve the overall security of the information system by a skilled information security professional. The vulnerability assessment should be performed regularly to identify and fix known vulnerabilities on an on-going basis. The penetration test should be performed by a skilled and experienced penetration tester at least once a year and definitely after significant changes in the information systems environment to identify exploitable vulnerabilities in the environment that may give a hacker unauthorized access to the system.

Difference between a vulnerability assessment and a penetration testing by Arthur Soghomonyan

New tool automates phishing attacks that bypass 2FA

Trust in two-factor authentication has slowly eroded in the last month after release of Amnesty International report and Modlishka tool. <…>

All attackers need is a phishing domain name (to host on the Modlishka server) and a valid TLS certificate to avoid alerting users of the lack of an HTTPS connection

https://www.zdnet.com/article/new-tool-automates-phishing-attacks-that-bypass-2fa/

Människor, myndigheter, företag och sjukhus är inte vuxna nog att skydda sig själva i cyberdjungeln

Smart-TV-apparater läcker bilder från ditt vardagsrum. Chromecast-enheter medger att hackare visar egna videofilmer. Mobiltelefoner skvallrar om position, kontakter och användning. Din webbkamera läcker bilder från sovrummet. Din internetrouter som du fått av internetleverantören läcker som ett såll och används till att bryta ny kryptovaluta. Dina konton hos de stora webbdrakarna läcker uppgifter som galningar.

Men ingen bryr sig egentligen om det.

How to Use Plus Addressing in Gmail

A great way to filter incoming messages is to use plus addressing in Gmail, eg JoeSmith+Facebook@gmail.com. You can also use this method if you are required to enter your email on a site you are afraid might sell your email to other companies: if they send you spam emails, you’ll know which site gave them your email.

Läs mer