The cybersecurity landscape of today is both dynamic and complex. A new attack may occur at anytime, and new threat actors are constantly devising new ways to target businesses and consumers. Businesses need access to cybersecurity leaders who can identify risks and implement solutions accordingly to stay competitive in this ever-changing cyber ecosystem. Over the past several years, the role of a cybersecurity leader has also evolved. To achieve organizational goals, today's strategists must understand the nuances of the digital world and be able to work with various stakeholders across different departments. Here are some factors that may indicate whether a candidate will be successful as a modern CISO in today's security environment:

Has a clear understanding of end-to-end security

As a leader of an organization's cybersecurity team, the best candidates should understand how the various end-to-end security components interact. In addition, they should have experience working with the security team to identify gaps and requirements in each of these areas. Moreover, these candidates should be able to demonstrate a deep understanding of the threat landscape, including how the various threats interact with the company's assets and infrastructure. Finally, candidates with a strong knowledge of threat modelling and penetration testing will be able to assist the team in preventing security issues and ensuring compliance with regulatory requirements.

Deep understanding of threat landscape and current trends

To succeed as a CISO, a person must quickly understand a business' threat landscape and then use this knowledge to make informed decisions. If, for example, a company experiences a breach affecting an employee's record, the candidate should have a comprehensive understanding of how the latest threat landscape and trends could affect the organization. An effective candidate will be able to predict how this scenario might affect the organization, including how it might negatively affect the company's reputation or increase its risk exposure.

Demonstrates digital fluency across operations, technology and culture

A cybersecurity leader must communicate clearly with both internal and external stakeholders. Candidates who can communicate effectively in writing and through visual content (e.g., whiteboards, presentations, etc.) are more likely to succeed than candidates who rely exclusively on written communication. In addition, it is essential to assess how candidates communicate with their teammates. Leading a cybersecurity team may be challenging if candidates need help collaborating with different departments and individuals.

Demonstrates exceptional leadership qualities

The cybersecurity leader of the future must be capable of building strong relationships and fostering strong team cohesion. A candidate must be capable of identifying which stakeholders play a critical role in achieving organizational goals and demonstrate excellent leadership and communication skills to work with them effectively. Modern CISOs should be able to identify and address interpersonal issues (e.g., conflict, miscommunication) within the organization.

Wrapping up

Cybersecurity leaders must understand the various components of security from end to end, including operations, technology, and culture. Additionally, they must be able to see the big picture and utilize their expertise to make informed decisions. In addition, they should be able to communicate effectively with internal and external stakeholders and foster strong team cohesion. A successful candidate should possess a number of these qualities. The cybersecurity landscape of today is both dynamic and complex. There is always the possibility that a new attack will emerge at any time, and threat actors are continually developing new methods of targeting businesses and consumers. Business leaders must have access to cybersecurity leaders who can identify risks and implement appropriate solutions in this ever-changing cyber ecosystem. In recent years, the role of a cybersecurity leader has also evolved. The strategist of today must understand the nuances of the digital world and collaborate with various stakeholders across different departments to achieve the organization's goals.

Billions of passwords, files and cookies were leaked

June 12, 2021GeneralEdward Kiledjian

I have written about general user security several times over the last years, and the recipe is always the same:

Install a good anti-malware product
Make sure your applications and operating systems are patched
Don't click or open unexpected or unknown links/attachments.

Even with the best practices, there is malware that is stealthy enough to avoid detection.

Recently security researchers from Nerdlocker followed a trail left by sloppy hackers. To everyone's surprise, they found 1.2TB of files, cookies, 900K images, 600K word files and credentials stolen from over 3M computers. The data was obtained through malware that stole data from user desktops and downloads folders.

The data is relatively fresh, and ~30% of the cookies were still valid.
1M website logins (including the 4 horsemen of the internet) Amazon, Facebook, Twitter and Gmail.

So what next

The malware is stealthy and cannot be easily detected by antivirus products.

However, the information has been added to the HaveIBeenPwnd service.

As previously described, you visit the site, enter your email address, and it will tell you if you are part of this breach (or any other).

How do you protect yourself in the future?

Use long unique passwords for each site with the credentials stored in a good password manager (like 1Password and BitWarden)
Use a good reputable antivirus, update your software and operating system.
Make sure you regularly delete your cookies. I have written about extensions that automate this in the past.
Install a good anti-malware product
Make sure your applications and operating systems are patched
Don't click or open unexpected or unknown links/attachments.

Links:

Nerdlocker blog post
Ed's favourite things - Best Password Manager
Downloaded over a billion email addresses and passwords this weekend

OSINT - Fake ID Generator (information and even pictures)

February 9, 2021GeneralEdward Kiledjian

If you. are performing Open Source Intelligence (OSINT) or Signals Intelligence (SigInt), you may need to generate fake identification information.

The information in this article is being provided for educational purposes only. Don’t do anything illegal.

Fake Name Generator

This site generates believable fake identities with name, address, Date of birth, telephone number and much more. If you need a “complete” fake identity then this free site may be useful.

Screen Shot 2021-02-06 at 8.25.24 PM.png

Data Fake Generator also performs the same function.

Screen Shot 2021-02-06 at 8.27.02 PM.png

Fake IMEI

The International Mobile Equipment Identity (IMEI) number is a unique identification number that all mobile phones and smartphones have. If you need a fake one, this simple page may be useful. You click on generate and it creates a new one for you.

Screen Shot 2021-02-06 at 8.29.14 PM.png

Elf Wrin’s lair

This is a classic site that can generate a ton of useful fake information such as:

complete fake ID
credit card
Social Security Number
car license plate

Although the information is fake, all of the information will pass the generic algorithmic checkers.

Screen Shot 2021-02-06 at 8.34.41 PM.png

PIC/CIC Database

The site describes its usefulness as follows:

“Many PIC and CIC codes can be manually dialed before placing a long distance call by dialing 101 followed by the PIC/CIC code. This forces your call to be carried by that PIC/CIC code's carrier instead of your normal long distance carrier.”

This is a more niche service and will only be useful to a very small group of readers.

Screen Shot 2021-02-06 at 8.37.57 PM.png

Fake photo generator

There may be times when you need to create a fake profile (dating site, social media, etc) and this site will generate an AI (Generative Adversarial Network) created picture for you. Simply refresh the page to get a new image. If you like the image, save it as it may never come back. Also double check the entire image to make sure there aren’t any weird artifacts.

Screen Shot 2021-02-06 at 8.41.49 PM.png

CyberSecurity OSINT - Shodan searches for webcams

January 31, 2021GeneralEdward Kiledjian

Everyone on the internet knows what a search engine is. It allows you to find internet connected resources (webpages) quickly and easily without having to catalog the web yourself. Well Shodan.io is a search engine used by researchers and hackers to find Internet of Things devices connected to the internet (printers, webcams, industrial systems, WindowsXP, etc).

The purpose of this article is to provide some hyperlinked examples to help the Open Source Intelligence student play with Shodan and make it immediately useful.

This article will provide some examples of how to find webcams connected to the internet.

While you will find thosands that are unprotected (no username or password required) others will be protected but have the default password enabled. Where can you find webcam default passwords? Just search the net but here is one called iSpy to get you started.

Many of these searches will require a free Shodan account so make sure you create one.

I am providing this information for educational purposes only. Don’t do anything illegal.

html:"DVR_H264 ActiveX" - Security Digital Video Recorders

Screen Shot 2021-01-31 at 9.16.21 PM.png

title:camera - This is a quick search that lists anything with the word camera in it

Screen Shot 2021-01-31 at 8.55.39 PM.png

webcam has_screenshot:true - This search lists any device that self identifies as a webcam and where Shodan has a screenshot.

Screen Shot 2021-01-31 at 8.59.01 PM.png

Server: IP Webcam Server "200 OK" - android IP webcam server

Screen Shot 2021-01-31 at 9.14.42 PM.png

server: webcampxp - Looking for a very popular windows Webcam server software

Screen Shot 2021-01-31 at 9.01.00 PM.png

title:”blue iris remote view” - Webcams using the Blue Iris webcam management software

Screen Shot 2021-01-31 at 9.03.32 PM.png

product:”Yawcam webcam viewer httpd - Yet Another Webcam is a free webcam publishing server software.

Screen Shot 2021-01-31 at 9.06.16 PM.png

title:”IPCam Client” - Devices using the IPCam software

Screen Shot 2021-01-31 at 9.08.23 PM.png

title:”+tm01+” - loads of unsecured Linksys webcams

Screen Shot 2021-01-31 at 9.10.43 PM.png

Others

I will be posting more articles about other interesting Shodan searches but here are a couple extra to wet your appetite.

"230 login successful" port:"21" - Find FTP servers without logins

Screen Shot 2021-01-31 at 9.19.22 PM.png

If you live in the USA, your info is probably on this site and how to delete it

October 1, 2020GeneralEdward Kiledjian

There are lots of “less than reputable” websites that scrape the web for your information and then make it cheaply available to anyone willing to spend money.

I recently found a website that has a ton of information about many Americans including address, telephone number and even some relationship information.

Once you enter your name and state, it will show you a list of possible “victims”. You choose your listing and prepare to be astounded by the amount of information they have about you.

Now that your are properly terrorized, here is how to remove your information from Cyber BackGRound Check

Go here: https://www.cyberbackgroundchecks.com/removal
Agree to the conditions and enter his email address
Complete the CAPTCHA and then click “Start Removal Process.”
Find your records and click the Remove My Record button at the top of the page (must be on the details page of your profile to do this)
Check your email for the removal confirmation note and click the enclosed link
48-72 hours later, your information should be removed from the site

How HR can identify a strong modern CISO candidate