For the first time, I have received, what I believe to be, SPAM through Google Talk on my Android phone. I don't use Google Talk, at all, so I'm 100% positive that this is spam. Upon looking at the notification in the notification bar, I see:
crazieannaxx3@aol.com wants to chat with you. Will you accept?
This is a vector I haven't seen before, and if anyone has more information, I'd love to hear more.
Tuesday, November 29, 2011
Monday, November 28, 2011
Apple IOS interim STIG guidance (and a mobile device draft STIG)
I happened to be checking disa.mil today and I noticed a couple of updates:
Windows 7 benchmarks were updated on November 9th.
Apple IOS interim guidance was released November 17th.
A draft for the General Mobile Device (non-Enterprise Activated) was added November 21st.
From the Apple interim guidance memo:
Regarding the General Mobile Device (non-Enterprise Activated) STIG, I noticed the following:
Windows 7 benchmarks were updated on November 9th.
Apple IOS interim guidance was released November 17th.
A draft for the General Mobile Device (non-Enterprise Activated) was added November 21st.
From the Apple interim guidance memo:
When approved by the Component CIO, the guide may be used to configure Apple iOS devices for limited deployment, pilots, and demonstrations.
Regarding the General Mobile Device (non-Enterprise Activated) STIG, I noticed the following:
The STIG requirements apply to a smartphone or tablet that does not connect to the DoDThis is as of today's date.
network or a DoD email system, and does not store or process sensitive or classified DoD
information.
Wednesday, November 23, 2011
Holiday Incident Response
I wrote about this a couple of years ago, and one of the links in the post that links to the SANS posts is one of my all time favorite reads. It's that time of the year again. Incident Responders and Forensicators will be visiting family and friends (or have guests themselves) and invariably, the question will come up: "Can you take a look at my laptop/computer/etc.? There's something wrong."
It never fails. (Disclaimer...I've already been asked by my parents.)
Education of our families and friends will go a long way in preventing the question from arising next year, or the next holiday, or next week. High on my list of education topics are automatic updates, anti-virus, and social engineering (in no particular order.)
Here's hoping you have a relaxing holiday, good times, and quick work (if you have to.)
It never fails. (Disclaimer...I've already been asked by my parents.)
Education of our families and friends will go a long way in preventing the question from arising next year, or the next holiday, or next week. High on my list of education topics are automatic updates, anti-virus, and social engineering (in no particular order.)
Here's hoping you have a relaxing holiday, good times, and quick work (if you have to.)
Friday, November 18, 2011
DISA.mil back up, but limited
As of this morning (when I checked - 11/18/2011) DISA.mil appears to be back up. However, it appears that there is still some limited functionality. From the banner on iase.disa.mil:
I'll keep checking on more functionality.
Parts of the IASE NIPR site are temporarily unavailable. We apologize for any inconvenience.
For STIG content, please go to AKO/DKO (AKO/DKO account required).
I'll keep checking on more functionality.
Tuesday, November 15, 2011
DISA.mil down (inlcuding iase.disa.mil)
I use DISA.mil for much of my guidance while testing systems and analyzing data from testing trips. It appears that DISA.mil is down. I noticed it yesterday while looking for STIGs, and now SANS has a post on it. The comments allude to a web server being down in the SAN.
Here's the SANS post.
I'll try to post again when it is back up.
Edit (11/17/2011): As of 8:30 this morning, the site is still down.
Edit (11/18/2011): Parts of the site appear to be back up, but in limited capacity.
Here's the SANS post.
I'll try to post again when it is back up.
Edit (11/17/2011): As of 8:30 this morning, the site is still down.
Edit (11/18/2011): Parts of the site appear to be back up, but in limited capacity.
Subscribe to:
Posts (Atom)
