Silk Road and the online drugs trade - Truthloader Investigates
rburkettat May 02,2016 There is a huge gap in understanding between regular people and cybersecurity people. Most people would do the right thing to secure their environment if they knew what to do. There is a knowledge gap that needs to be bridged and it starts with anyone who owns a computer or device. It would be great if every device came with instructions about how to secure it - or even better, it should default to secure and then have the user make a conscious choice about making privacy changes.
nickat May 04,2016 The presenters humor, in my opinion, falls flat and distracts from the message. This video provided an adequate overview of the current information security landscape, although delivered with overblown enthusiasm. The attribution correlation analysis that the presenter discussed appeared to miss a key component. The presenter notes the phone numbers embedded in the html code and then seques the conversation into GPS data in mobile device pictures. It is apparent that Sophos leveraged the phone numbers to conduct OSINT and, with research, discovered the koobface gang. Attribution was achieved by linking one of the html phone numbers to and ad and then later to an attacker's friend. Some of these nuances may be lost on the casual listener. It is always rather satisfying, although, when analysis obtains enough attribution for legal action. This rarely occurs in regard to global cyber threat actors.
sbudd4at June 17,2016 Cybercrime as a Service (CaaS?), now that's the entrepreneurial spirit! Appreciated the speaker sharing how the team identified and located the threat agent. Feels like a double-edge sword though i.e. divulging means and methods for catching the bad guys. Also was enlightened to learn that smartphones send out information from previously used wifi connections.
dgroveat June 29,2016 This talk does highlight how people are naive when it comes to their mobile devices. They know to keep their computers locked down, but when it comes to the more new mobile devices they don't realize the smart phones they are carrying their pockets are actually computers. I remember a few years back a particular social media site had a weakness exposed of how when users uploaded photographs, and other users downloaded those photographs the GPS data was still embedded in the photos. Scary. However, since then the social media site has been stripping all GPS/PII data from these photos when uploaded to their site.
mikebrashierat July 14,2016 I have to admit it is very clever on the part of the hackers to download fake anti-virus software onto a users machine, then lie to the user and tell them a virus has been identified, then actually charge them to remove the fake virus, THEN actually install a real virus, Brilliant and illegal.
Toward the end he mentions the value of renaming your devices so it is not so easily identifiable on Wifi. I've done this for years. There really is no reason to advertise "Dave's iPhone" or "Lisa's macbook" to everyone in the area.
Often times when I travel I will send a picture of a sloth dressed as an astronaut to any phone or PC in my area just to let them know their bluetooth is wide open.