Friday, November 25, 2011

[quick tips] Passwords

Passwords are the first line of defense against cyber criminals. It’s important to pick strong passwords that are different for each of your important accounts and to change them regularly. Here are some ideas to help create strong passwords.

  • Use a unique password for all your important accounts.
  • Use a long password
  • Use a password with a mix of letters, numbers, and symbols
  • Try using a line from a song, film or play
  • Make sure your password recovery options are up-to-date and secure
  • Keep your password reminders in a secret place that isn’t easily visible


==Extra==

The 25 “worst” internet passwords were”
  • Password    //ok, you are using capital letters
  • 123456
  • 12345678
  • qwerty      // wtf?!
  • abc123
  • monkey
  • 1234567
  • letmein
  • trustno1     // fail #1
  • dragon
  • baseball
  • 111111      // all binary
  • iloveyou
  • master
  • sunshine
  • Ashley
  • Bailey
  • passw0rd    //very complex....
  • shadow
  • 123123
  • 654321
  • superman     //nerd
  • qazwsx
  • Michael
  • Football

Wednesday, November 23, 2011

Anonymous Leaks 38,000 emails from U.S. special agent

The hacker group Anonymous released 38,000 private e-mails belonging to a retired special agent supervisor and cybercrime investigator at the California Department of Justice (DoJ), Fred Baclagan.

According to a Pastebin post, the group got their hands on and are leaking "over 38,000 private emails which contain detailed computer forensics techniques, investigation protocols as well as highly embarrassing personal information." Also, among the revealed information is the agent's home address and phone numbers.

They claim to have hacked into and hijacked two of his Gmail accounts, accessed several dozen
voicemails and SMS text message logs, his Google web history, listened to private voicemails and used his Google voice account to notify his friends and family of "how hard he was owned."

Friday, November 11, 2011

[off topic] 11/11/11 - 11:11


Sobrevivemos!! Não vi nenhum portal se abrindo (admito que fiquei frustrado...) e nenhum sinal do apocalipse... Turminha das ciências ocultas #fail...


Que venha o 12/12/12 12:12, e depois, o temido 21/12/12 dos Maias... Mas de qualquer forma, talvez valha a pena comprar presentes pro natal de 2012 com muita antecedência: dezembro parece que será um mês agitado...

E se o mundo não acabar, os numerólogos / supersticiosos / oportunistas de plantão que procurem outras datas para #mimimi, por que 13/13/13 13:13 não vai rolar =)

PS: coisinha mais irritante esse povo que tuita as horas: 09:09.... 10:10... 11:11... Até parece que quando alguém quer saber das horas, vai no twitter...

PS2: post programado... talvez o mundo tenha acabado e eu ainda não saiba... LOL

Mais info sobre o 11/11/11 11:11 aqui, aqui e aqui.

Thursday, November 10, 2011

[artigo] Porque o Brasil não investiga seus cybercrimes da maneira adequada?

Excelente artigo do Delegado Mariano sobre o porque o Brasil não consegue investigar os cybercrimes de forma eficiente:

O grande número de ataques de “malware” levados a cabo diariamente, e os truques que podem ser usados para esconder seus rastros na Internet, podem fazer parecer como se os órgãos policiais tivessem poucas chances de levar os responsáveis à justiça.Muito diferentemente do que podemos observar no Brasil, a verdade é que, embora as investigações possam levar muitos anos e cruzar muitos países, alguns cybercriminosos estão sendo levados à justiça. 
(...)

Leia o artigo completo no blog do Delegado Mariano. Em outro artigo muito interessante, o Delegado Mariano disserta sobre como Como o Brasil poderia melhorar a sua segurança digital contra as ciberameaças. Recomendo a leitura de ambos!


O Delegado José Mariano de Araujo Filho é Bacharel em Direito e Técnico em Eletrônica formado pela Fundação Paulo Souza, tendo cursado o C.E.I. “Albert Einstein”. Destacou-se quando trabalhou na Delegacia Seccional de São Bernardo do Campo, onde esteve a frente da Delegacia de Investigações Sobre Crimes Contra o Meio Ambiente, o que lhe valeu homenagem formal da Câmara dos Vereadores da cidade de São Bernardo do Campo, pela excelência de seu trabalho.




Tuesday, November 8, 2011

Charlie Miller descobre bug de segurança no iOS

Várias vezes campeão do concurso Pwn2Own, Charlie Miller anunciou que a App Store, conhecida por sua segurança, tem um falha grave que permite inserir programas nocivos em dispositivos iPhone ou iPad.


Em entrevista à Forbes, ele afirmou que programas como o popular Angry Birds, por exemplo, podem rodar códigos no iPhone sem que a Apple saiba disso. E não estamos falando de jailbreak, mas de aplicativos baixados na loja oficial da Apple. “Com esse bug, não há como saber se o que você baixou na App Store é seguro”, afirmou.

Para provar isso, ele submeteu um programa (o Instastock) , com “códigos ocultos” à Apple, conseguiu que ele fosse aprovado e mostrou o aplicativo em ação (no vídeo abaixo). Com o software instalado, ele consegue enviar comandos remotamente para o aparelho ou mesmo visualizar arquivos. Ou seja, ele controla o smartphone.

Depois que a Forbes publicou a descoberta de Miller, a Apple removeu o software e baniu o hacker da sua lista de desenvolvedores de aplicativos iOS. Miller é uma pessoa séria: embora tenha violado os termos do iOS Developer Program e tenha mostrado ao mundo uma pisada de bola da Apple, ele não se aproveitou da brecha para fazer mal algum.

Eis a carta que Miller recebeu da Apple:

Dear Charles Miller:
This letter serves as notice of termination of the iOS Developer Program License Agreement (the “iDP Agreement”) and the Registered Apple Developer Agreement (the “Registered Developer Agreement”) between you and Apple, effective immediately.
Pursuant to Section 3.2(f) of the iDP Agreement, you agreed that you would not “commit any act intended to interfere with the Apple Software or related services, the intent of this Agreement, or Apple’s business practices including, but not limited to, taking actions that may hinder the performance or intended use of the App Store or the Program”. Further, pursuant to Section 6.1 of the iDP Agreement, you further agree that “you will not attempt to hide, misrepresent or obscure any features, content, services or functionality in Your submitted Applications from Apple’s review or otherwise hinder Apple from being able to fully review such Applications.” Apple has good reason to believe that you violated this Section by intentionally submitting an App that behaves in a manner different from its intended use.
Apple may terminate your status as a Registered Apple Developer at any time in its sole discretion and may terminate you upon notice under the iDP Agreement for dishonest and misleading acts relating to that agreement. We would like to remind you of your obligations with regard to all software and other confidential information that you obtained from Apple as a Registered Apple Developer and under the iDP Agreement. You must promptly cease all use of and destroy such materials and comply with all the other termination obligations set forth in Section 12.3 of the iDP Agreement and Section 8 of the Registered Developer Agreement.
This letter is not intended to be a complete statement of the facts regarding this matter, and nothing in this letter should be construed as a waiver of any rights or remedies Apple may have, all of which are hereby reserved. Finally, please note that we will deny your reapplication to the iOS Developer Program for at least a year considering the nature of your acts. 
Sincerely, Apple Inc.





O vídeo acima é apenas uma prova de conceito, nenhum usuário foi prejudicado por isso.


Reportagem da Forbes.

Tuesday, November 1, 2011

[ArcSight] Enterprise Security Management (ESM)

Enterprise Security Management (ESM) is the main product from ArcSight, a great solution that combines security event monitoring with network intelligence, context correlation, anomaly detection, historical analysis tools, and automated remediation.

When we hear something about forensics, we imagine an investigation for a fact that has already happened, which is in the past. With this kind of solution, you can be one step ahead from fraudsters, hackers, insiders and others threats. Did your company have a firewall? Did your company have an IDS/IPS? Of course YES. Did your company have an analyst to read the logs 24 hour/day? Maybe NOT.

So, imagine that ESM is this guy that was hired to read all logs, in real time, and he can say to you, with an incredible precision, if something is wrong. Man, I really can't belive in this solution, until I see this working! And now I'm in love =)



I have found a nice video about ArcSight ESM: its an case study of how ESM helps McAfee to be PCI compliance, and other nice stuffs:





Also, SC Magazine published an nice review about ArcSight ESM, available here. Very recommended!

More info about ESM: http://www.arcsight.com/products/products-esm/