Author: ByteMe
-
ChatGPT Learning Possibilities
…and ways people can take advantage of this new artificial intelligence.
I’ve been hearing a lot about ChatGPT and I wanted to explore more of what it can do. I wanted to see how easy it was to use myself. I created a user account and typed in my prompt:
write an information article about software bill of materials in easy to understand terms
I published what I got as a post on this website. This strikes me as interesting initially in two ways. First, I can type in questions and have this AI produce short and easy to understand articles for me to learn more about whatever topic I want, probably cybersecurity for the moment.
Secondly, I could also have it write lots of content for this blog or any other along with google adwords or anything else. All I’m doing is posting content, and I don’t even have to write it anymore. ChatGPT comes up with the content about a subject I want it to write about and people visit the site to read the content. I mean it’s not horrible content after all. Nothing really wrong with it.
This could flood the internet with many useless sites that are written by the same AI. Yes, I’m well aware that the internet is already flooded with lots of useless content, but not all of it is generating revenue for the owners. Just an idea. This is pretty neat, but getting a little scary quickly too!
-
Software Bill of Materials (SBOM)
A software bill of materials (SBOM) is a comprehensive list of all the individual components that make up a piece of software. This list includes both the source code and any external libraries or other dependencies that are necessary for the software to function properly.
Having an SBOM is important for several reasons. First, it allows developers and other stakeholders to easily see exactly what is included in a piece of software, making it easier to identify any potential security vulnerabilities or other issues. It also makes it easier to track down and fix bugs, as well as to keep the software up to date with the latest versions of its components.
Additionally, an SBOM can help organizations comply with various regulations and industry standards that require them to disclose the components that make up their software. This is especially important in industries such as healthcare and finance, where the use of certain components may be restricted or prohibited due to security concerns.
Creating an SBOM can be a time-consuming process, as it requires developers to carefully review and document all of the individual components that make up their software. However, there are tools and frameworks available to help automate this process, making it easier to create and maintain an SBOM.
Overall, a software bill of materials is a valuable tool for any organization that develops or uses software. It allows developers to easily see and manage the components that make up their software, and helps organizations comply with regulations and industry standards.
*This article was written using ChatGPT.
-
Books about cybercrime
A guardian article was recently published covering the top 10 cybercrime books. What they didn’t do is rank them with any third-party data. Below I’m putting those 10 books plus another with their goodreads rankings (0-5 being the best), to help me, and maybe you, choose the right book to start reading first.
Book Rating The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick 3.76 People Like Her by Ellery Lloyd 3.37 The Blue Nowhere by Jeffery Deaver
I read this years ago and it is still one of my favorite books!4.10 Impostor Syndrome by Kathy Wang 3.29 Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon by Kim Zetter
This is nonfiction and has over 6,000 reviews on goodreads. It looks like a great place to start.4.16 Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth by Theresa Payton 3.91 Little Brother by Cory Doctorow 3.93 Digital Fortress by Dan Brown 3.68 DarkMarket: How Hackers Became the New Mafia by Misha Glenny 3.78 Zoo City by Lauren Beukes 3.63 Inside Jobs: Why Insider Risk Is the Biggest Cyber Threat You Can’t Ignore by Joe Payne, Jadee Hanson, Mark Wojtasiak 3.88 -
Cybersecurity Articles | Week of October 24, 2022
- TechCrunch, Inside TheTruthSpy, the Stalkerware network spying on thousands by Zach Whittaker (Oct 26) | A database containing about 360,000 unique android devices exposed.
- TechCrunch, Hive Ransomware gang leaks data stolen during Tata Power cyberattack by Carly Page, Jagmeet Singh (Oct 25) | Tata Power, which serves more than 12 million customers through its distributors, confirmed on October 14 that it had been hit by a cyberattack.
- Bleeping Computer, Medibank now says hackers accessed all its customers’ personal data by Tom Toulas (Oct 26) | All customers’ personal data and significant amounts of health claims data downloaded.
- Bleeping Computer, Dutch police arrest hacker who breached healthcare software vendor by Tom Toulas (Oct 25) 19 year old hacker being held by police while they investigate him. 19!
- CSO Online, Iran’s nuclear energy agency confirms email server hacked by Apurva Venkat (Oct 24) | Iranian hacking group Black Reward has claimed responsibility for a breach at the email server of the country’s Bushehr nuclear power plant, in support of nationwide protests over the death of a young woman in police custody.
- Wall Street Journal, ‘Deepfakes’ of Celebrities Have Begun Appearing in Ads, With or Without Their Permission by Patrick Coffee (Oct 25) | Digital simulations of Elon Musk, Tom Cruise, Leo DiCaprio and others have shown up in ads, as the image-melding technology grows more popular and presents the marketing industry with new legal and ethical questions.
- Dark Reading, Stress Is Driving Cybersecurity Professionals to Rethink Roles by Staff (Oct 24) Burnout has led one-third of cybersecurity staffers to consider changing jobs over the next two years, potentially further deepening the talent shortage, research shows..
-
Great Recent Articles
- Nature: Why scientists are turning to Rust by Jeffrey M. Perkel (Dec 11, 2020)
- Why this is interesting. RUST is seen as more secure than other older programming languages.
- The Trade Secrets Network: Struggles with Insider Risk Program Stakeholders by Stacey Champagne (Sep 9)
- Bleeping Computer: Web browser app mode can be abused to make desktop phishing pages by Bill Toulas (Oct 3)
- CSO Online: Lessons of the Sarah Palin e-mail hack by Roger A. Grimes (Sep 19, 2008)
- Dated, but an excellent example of just how easy it is to hack an poorly secured email password.
- Nature: Why scientists are turning to Rust by Jeffrey M. Perkel (Dec 11, 2020)
-
Verizon Data Breach Reports
Full disclosure I work for Verizon. Regardless of that fact, these are information packed reports that I found fascinating.
- All reports – list of cool stuff to browse through.
- Data Breach Investigations Report (DBIR) – THE report that analyzes the threat landscape. It tells the story of what is happening with data breaches across industries.
- Insider Threat Report – This report very much like the DBIR, but focuses specifically on insider threats. An amazing resource to get better acquainted with that the issues are and what is happening in this world.
-
Star Trek & Cybersecurity
These two things together. Take my money!
Hacker’s Movie Guide: The Complete List of Hacker and Cybersecurity Movies by Steven C. Morgan, Connor S. Morgan
-
Insider Threats: Building a repository of past incidents
This came up when it was mentioned to me a data dictionary for insider threats. Coming from data governance I had only considered these being about databases, tables and columns, when this was more about building a library of information around past incidents so that information can be used to help with insider threats in the future, build models, etc.
Searching for information around this I ran into Sarah Miller’s (Software Engineering Institute, Carnegie Mellon University, CERT) presentation, titled Leveraging Insider Threat Incident Data and Information Sharing for Increased Organizational Resiliency, which is a great primer and lead me to further information.
Still learning here but there are a few things I need to do further research on:
- Cyber Observable eXpression (CybOX): is a standardized language for encoding and communicating high-fidelity information about cyber observables.
- Structured Threat Information eXpression (STIX) is a standardized XML programming language for conveying data about cybersecurity threats in a common language that can be easily understood by humans and security technologies.
- Trusted Automated eXchange of Indicator Information (TAXII) is a protocol used to exchange cyber threat intelligence (CTI) over HTTPS.
- OpenIOC
OpenIOC is an open framework, meant for sharing threat intelligence information in a machine-readable format. It was developed by the American cybersecurity firm MANDIANT in November 2011. It is written in eXtensible Markup Language (XML) and can be easily customized for additional intelligence so that incident responders can translate their knowledge into a standard format. Organizations can leverage this format to share threat-related latest Indicators of Compromise (IoCs) with other organizations, enabling real-time protection against the latest threats.
https://cyware.com/educational-guides/cyber-threat-intelligence/what-is-open-indicators-of-compromise-openioc-framework-ed9dOpenIOC is about sharing information. In some cases I think it would be beneficial to store this information privately if it contains sensitive information to particular breaches that happened to your organization, that you may not want to publicize, but still use for anticipating future incidents in your organization. While sharing outside the organization is ideal, some information must of course be held back.
The others listed above seem to be all protocols or language/syntax to convey this information and not actual tools of databases containing libraries of incidents.
- ITMG Insider Threat Cases – A library of public incidents.
- NAVIGATING THE INSIDER THREAT TOOL LANDSCAPE: LOW COST TECHNICAL SOLUTIONS TO JUMP-START AN INSIDER THREAT PROGRAM – Another great document from Software Engineering Institute, Carnegie Mellon University, but I’m not sure it exactly answers my question.
Next step, further research, especially Splunk.
-
Homomorphic Encryption
This is the best video I could find on the subject and I’m still not sure I really get it. But it seems complicated so I don’t feel that bad. I’ll post more as I learn more.