VPN Vulnerabilities

NSA Releases Advisory on Mitigating Recent VPN Vulnerabilities

The National Security Agency (NSA) has released an advisory on advanced persistent threat (APT) actors exploiting multiple vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review NSA’s Cybersecurity Advisory and CISA’s Current Activity on Vulnerabilities in Multiple VPN Applications for more information and apply the necessary updates or mitigations.


What are ATPs?

ATP are stealthy cyber attacks where a person or a group gains unauthorised access to a network and remains undetected.

In most cases, these attacks are conducted by nation-state, or criminal organisations (see article there). Their purposes are to extract information, intellectual property, financial data and can be used to steal cask when banks are attacked.

The Al-Gebra Movement

Friday Humour

At Auckland airport today, an individual was arrested trying to board a flight while in possession of a ruler, a protractor, a set square, and a calculator. He was later discovered to be a school teacher attempting to leave the country as unable to survive financially in the city.

The public prosecutor believes the man is a member of the notorious Al-Gebra movement. The potential terrorist is being charged with carrying weapons of math instruction.

Al-Gebra is a very fearsome cult, indeed. The members of this dangerous organisation desire average solutions by means and extremes, and sometimes go off on a tangent in a search of absolute value.

They consist of quite shadowy figures, with names like “x” and “y”, and, although they are frequently referred to as “unknowns”, we know they really belong to a common denominator and are part of the axis of medieval with coordinates in every country.

As the great Greek mathematician Isosceles used to say,

there are 3 sides to every triangle, and if God had wanted us to have better weapons of math instruction, he would have given us more fingers and toes.

Therefore, I am extremely grateful that our government has given us a sine that it is intent on protracting us from these math-dogs who are so willing to disintegrate us with calculus disregard.

These statistic scumbags love to inflict plane on every sphere of influence.

Under the circumferences, it’s time we differentiate their root, make our point, and draw the line. These weapons of math instruction have the potential to decimate everything in their math on a scale never before seen. We therefore need to become exponents of a Higher Power and begin to factor-in random facts of vertex.

However the members of Al-Gebra continue to multiply. We can only hope that their days are numbered and the hypotenuse will tighten around their necks.

Original story here

The USB scam is back

Infected USB devices

This has reappeared recently in New Zealand. If, when checking your mail box, you find a brand new USB stick, just throw it in  the bin immediately.

Scammers are placing these USBs in mailboxes pre-loaded with malicious software.  They are even going to the trouble of repacking them so they look factory fresh.  They are banking on the recipients being thankful for a free USB or being curious as to what might be on them.

If you receive one it is part of a recurring scam and most likely not spearphishing. Spearphishing means that someone is targeting you as a member of an organisation . 

If you make the mistake of connecting it to one of your devices such as a phone or a computer, it is likely that viewing the content (on a computer) will lead to a malware infection. Usually, it takes the opening of a file on a computer to activate the malware. It should not activate by connecting the device alone.

USB Drive

Simply throw the USB stick away without connecting it to any computer.

Be vigilant.

You can find more information on the Sophos blog (2016)

Magic Weapons: China’s political influence….

At a time when there is controversy about the rejection by various countries of Huawey equipment, it is interesting to find more about hacks attributed to sources within China. It is also interesting to read the report by professor Anne-Marie Brady about the influence of that country in New Zealand. For memory, her office and home were burglared following the publication of the report, and the breaks on her car were sabotaged. Probably a coincidence, as the police found nothing to incriminate anyone.

The report is very interesting, and worth the effort to read to the end. It is available on the Wilson Center web site and can also be directly downloaded from here.

I do not believe that the attacks are one way in any case.

Wanted Chinese Hackers

Opportunistic online scams and attacks : the scavengers are out!

There have been reports of opportunistic online scams and attacks after the terrorist attack in Christchurch last week. The vector used are online donation fraud, malicious video files, defacement of NZ websites, and website disruption.

The scammers and attackers use the following:

  • Phishing emails containing links to fake online banking logins, as well as fraudulent bank accounts where people can make donations for the victims of the Christchurch tragedy.
    • A phishing email is an email which is sent to a wide range of people in the hope that a few will follow the instruction to make the exercise worthy of the effort. They usually contain links to website containing malicious content
  • Sharing malicious video files on compromised websites or on social media. A shared on-line video file containing footage related to the attack can have malware embedded in it.
  • Some attackers are changing New Zealand websites to spread political messages about the Christchurch tragedy
  • Some New Zealand websites are receiving threats of denial-of-service attacks, which would take them offline.

There are official channels to donate money, please use them should you wish to make a donation.

What to do

If you receive a phishing email or have found a website hosting political messages, report it to CERT NZ.

If your website has been taken over with political content relating to the tragic events in Christchurch, report it to CERT NZ.

CERT NZ recommend you consent to share your report with the NZ Police.

More information

This is not something new: online scams and attacks frequently use disasters and tragedies as opportunities for “business”

If any of the terminology used is confusing you, feel free to comment and I will make the confusing part the subject of a subsequent posting.

scammers are about!
Mind the Scammers!

Google Chrome Security Advisory

As reported by CERT New Zealand, attackers might be able to attack and take control of your computer if you do not have the latest version of Chrome.
You need to check the version of Chrome used. Anything earlier than 72.0.3626.121 is vulnerable.

How do you check if you are at  risk?

The instructions from CERT are:

“If you are on a laptop or desktop computer, open Chrome and visit chrome://settings/help. If you are not up-to-date, visiting the page should automatically update your browser.

If you are on a mobile device, like a mobile phone or tablet, open Chrome and visit chrome://version. If you are not up-to-date, visit your app store and download the update.”

Don’t take a chance. Check if you need to update, or use the latest version of Firefox.

As a general advice, you always need to update promptly any software installed on any of you devices to minimize exposure. An attacker would try to identify what you are running, then exploit whatever unpatched vulnerability encountered, as in this example.



Guide to good passwords

Guide to good password by CERTNZ
Guide to good password by CERTNZ

Be smart with passwords

Ideally, you want to use long, strong and unique password for each of your on-line account. The issue is how to remember them all. For that, you can use a password manager that will remember all your credentials in one place. Such a piece of software should also encrypt your database (password repository) and should beable to generate long random passwords.

You can then afford to only remember one password. Make it long and complicated, and above all, don’t forget it.

Example of password repository are Keypass and Lastpass. 

If you are using any other, let us know which one and why you chose it.

Cisco courses at MIT (Auckland)

CCNA, CCNA security, CCNP, A+

Come and prepare your Cisco certification with the experts! Evening classes available for some courses, or if enough people request it.

Prepare for CCNA, CCNA Security, and CCNP at the Manukau Institute of Technology

prepare for CCNA, CCNA Security, CCNP and A+ at the Manukau Institute of Technology

More on this page.

Contact us for more details

Find Yourself In The Future of Cloud Computing

Find Yourself In The Future of Cloud Computing

 REGISTER NOW for the Find Yourself In the Future Cisco TV Series on Thursday, 18 June 2015 from 12 noon until 1 pm (UTC+8) with Evelyn de Souza, cloud compliance and data privacy leader at Cisco.

Cloud computing promises new career opportunities for IT professionals. In many cases, existing core skillsets transfer directly to cloud technologies. In other instances, IT pros need to develop new skill sets that meet the demand of emerging cloud job roles.

Evelyn de Souza’s greatest challenge professionally has been stepping into a technology career path without a technology background.   She started her career as a music teacher and made the extreme career transition into the information security technology industry. Today, she holds a dual role as Cloud compliance and Data Privacy Leader at Cisco and Chair of the Data Governance Work-group for the Cloud Security Alliance. She was named to CloudNOW’s Top Ten Women in Cloud Computing and Silicon Valley’s Business Journal 2015 Women of Influence.

Tune in to hear first-hand Evelyn’s exciting career journey and have the unique opportunity to ask Evelyn questions and seek her personal advice.

Hurry, places are limited.

Evelyn de Souza
Cisco’s Cloud Compliance and Data Privacy Leader