Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Browse by Tags

Tagged Content List
  • Blog Post: I have been fighting spam for 10 years

    A week and a half ago, I “celebrated” my 10th year fighting spam. I originally joined Frontbridge in July 2004, and 10 years later I am still with Frontbridge after it was acquired by Microsoft. Since that time, it has been known as: Frontbridge (how almost everyone in the email filtering community still...
  • Blog Post: Let’s not be too smug when others are hacked because we all do things we shouldn’t

    This will be another long post. A couple of weeks ago, you may have read that the Syrian Electronic Army hacked into Forbes and posted a bunch of usernames and passwords. What you may not know is that Forbes has been fairly transparent in describing how it happened and how they plan to mitigate going...
  • Blog Post: Israel also looking to a cyber army national reserve

    The same day I wrote my blog post US potentially looking to establish a cyber army national reserve , I stumbled across another article in the Telegraph: Israel invests millions in drive for elite cyber warriors . But unlike the US national reserve cyber version, the Israeli version is more about fighting...
  • Blog Post: Is the term “cyberwarfare” overstating the case?

    At the Virus Bulletin conference last month, Andrew Lee from ESET gave a talk entitled “ Cyberwar: Reality or Weapon of Mass Distraction ?” In it, Lee talks about how the term “cyberwar” is thrown around a lot these days. However, he disagreed with the use of the term because it uses inflationary language...
  • Blog Post: Do tech-savvy readers practice what they preach?

    While at the Virus Bulletin conference in Dallas last week, Sabina Raluca Datcu and Ioana Jelea of BitDefender gave a presentation entitled “ Practise what you preach: a study on tech-savvy readers’ immunity to social engineering techiques .” In this talk, presenters spoke about a study they conducted...
  • Blog Post: Israeli officials dispute claims of Stuxnet’s joint US/Israel effort

    A few weeks ago, the New York Times published an article saying that the Stuxnet worm, which infected a large number of Iran’s nuclear power plants, was a joint effort between the United States and Israel.  The program began under former president George W. Bush and continued under President Obama...
  • Blog Post: My credit card information was leaked to the Internet and all I got was this interesting eBook

    This past December, private geopolitical analyst firm Stratfor was hacked when hackers from the Anonymous group broke into their servers and posted users’ passwords and credit card information online.  My credit card information was among them and I wrote a bunch of blog posts about my experience...
  • Blog Post: Breaking into the security field

    Brian Krebs is running a series on how to break into the Computer Security field. These are in response to inquiries that he receives and that these types of posts of his are very popular.  So, he went and started talking to people who are well known in the industry on what they suggest people do...
  • Blog Post: Cyber criminals infiltrate even small businesses

    I read an interesting article in the Wall Street Journal today entitled Cyber Criminals Sniff out Vulnerable Firms .  It’s a story of a small business owner in New York whose company was broken into by cyber criminals and stole $1.2 million from its bank accounts, although the owner was able to...
  • Blog Post: Roundup of Flame so far

    I hadn’t commented on it before, but last month the Flame malware was discovered by researchers from Kaspersky.  Here’s what we know so far: Reuters originally reported that it was designed as a cyber weapon to be used against Iran.  However, it wasn’t just computer systems in Iran that were...
  • Blog Post: Tough week to be LinkedIn

    It’s a tough week to be LinkedIn.  Today, it’s revealed that over 6 million passwords from users of the social networking site have been leaked.  From MSN : While LinkedIn stated Wednesday morning via its Twitter account that it's been unable to confirm reports that 6.5 million user passwords...
  • Blog Post: Does Stuxnet, Flame, etc., unleash a Pandora’s Box?

    In my previous post where I linked to an New York Times article, the last paragraph is the following: Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus...
  • Blog Post: New York Times: Obama Order Sped Up Wave of Cyberattacks Against Iran

    The New York Times has a front-page story today alleging that the Obama administration continued the program of cyberattacks begun by the Bush administration.  Indeed, they sped it up. In case any Microsoft lawyers are reading this post, I am alleging nothing about the US government or any malware...
  • Blog Post: Today I saw a presentation by Kevin Mitnick

    Today at work I went and saw a presentation by Kevin Mitnick, formerly known as the most wanted hacker (by the FBI) in the world.  He spent time in jail twice, the latter spending five years in prison with a full year of that in solitary confinement.  I’m going to assume that you’re familiar...
  • Blog Post: US hacks al-Qaida / US does not hack al-Qaida

    A couple of interesting stories are out yesterday and today.  Yesterday, we learned that the US had hacked Yemeni website that was run by al-Qaida in the Arabian Peninsula (AQAP) and replaced advertisements showing extremists killing Americans into ones that showed advertisements that showed the...
  • Blog Post: Wonder what China is doing with all of those APTs? Now you know.

    Did you ever wonder what China is doing with all of those Advanced Persistent Threats that they are tossing at US companies, trying to steal their secrets (allegedly)?  The answer is they give them to their own home-grown companies.  Here’s a story from yesterday’s Financial Times entitled...
  • Blog Post: How China steals our secrets

    Former US counter terrorism director Richard Clarke has another article up in the New York Times entitled “ How China Steals Our Secrets .”  It’s similar to an article that I wrote about last week.  In it, he recounts how nearly all US companies have been breached by the Chinese and many aren...
  • Blog Post: Former US counter-terrorism director speculates who was behind the Stuxnet attack, and talks about China’s role in espionage

    The title of this post is a record for my longest post title ever.  But I had to get everything in there lest you think this blog post is only on one topic. The story of Stuxnet occurred in 2010 and it seems like forever ago.  And since that time there have been numerous theories as to who...
  • Blog Post: U.S. Outgunned in Hacker War

    The Wall Street Journal has an article up today with an interview with outgoing head of the FBI’s cyber crime investigation Shawn Henry.  In it, he has a blunt assessment of the US’s capabilities when it comes to combatting online crime, especially data theft and hacking.  The article jumps...
  • Blog Post: Top Anonymous/LulzSec hacker caught

    This is an old story (where old > 2 weeks), but I still want to write about it. Nine months ago, I wrote a post where LulzSec decided, after 9 weeks of mischief, to call it quits .  This was in June, 2011. About three weeks ago, the FBI announced that they had caught one of the top hackers in...
  • Blog Post: How did WikiLeaks get the Stratfor emails?

    As a follow up to my previous post, I’d like to comment on the Reuters article where WikiLeaks is publishing hundreds of thousands of internal emails from security think tank Stratfor: WikiLeaks did not say how it had acquired access to the vast haul of internal and external correspondence of the Austin...
  • Blog Post: The Stratfor hack – the gift that keeps on taking

    I admit, I was fooled. As I’ve written previously , private intelligence service Stratfor was hacked in December, my information was leaked and since then I’ve been getting spear phishing messages.  Yesterday, I got another one and I admit, I was fooled. From : George Friedman Sent : Sunday, February...
  • Blog Post: Anonymous plans to go after DNS root servers. What will be the US’s response?

    The other day on pastebin , snippets of an email conversation were posted with members of the hacking group Anonymous discussing plans to conduct DOS attacks against the Internet’s root name servers: To protest SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world...
  • Blog Post: The Stratfor hack is not over yet

    Thanks to Anonymous and their Christmas hacking of Stratfor, I have not only had to change my credit card number and sign up for identity theft protection, I am also the target of spear phishing attacks. This past weekend, I got the following message in my personal email account: From: Stratfor To: Me...
  • Blog Post: MegaUpload disrupted; Anonymous retaliates

    In case you haven’t been following the news, the US Department of Justice seized the file-sharing site MegaUpload, taking its domain names, $50 million in assets, and coordinated with law enforcement officials in other countries to arrest key employees, as described by ars technica . MegaUpload, as the...
Page 1 of 3 (65 items) 123