Monday, October 23, 2017

Netiquette IQ Technical Alert - TA17-293A: Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors 10/20/2017


Puerto Rico Needs Your Help! Here's How



United for Puerto Rico (spearheaded by the First Lady of Puerto Rico)
Former U.S. presidents have expanded their One America Appeal to include recovery efforts in Puerto Rico and the U.S. Virgin Islands
Save the Children, which focuses specifically on the needs of families and their children.
Global Giving has a $2 million goal for victims of Hurricane Maria


Buy the books at

 www.amazon.com/author/paulbabicki
====================================================








Advanced Persistent Threats are significant security issues. Tabula Rosa Systems offers powerful and compelling solutions to these threats. Please contact us as noted below for information!
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

National Cyber Awareness System:

10/20/2017 06:50 PM EDT

Original release date: October 20, 2017 | Last revised: October 21, 2017

Systems Affected

  • Domain Controllers
  • File Servers
  • Email Servers

Overview

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides information on advanced persistent threat (APT) actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors. Working with U.S. and international partners, DHS and FBI identified victims in these sectors. This report contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by APT actors on compromised victims’ networks.
DHS assesses this activity as a multi-stage intrusion campaign by threat actors targeting low security and small networks to gain access and move laterally to networks of major, high value asset owners within the energy sector. Based on malware analysis and observed IOCs, DHS has confidence that this campaign is still ongoing, and threat actors are actively pursuing their ultimate objectives over a long-term campaign. The intent of this product is to educate network defenders and enable them to identify and reduce exposure to malicious activity.
Available files:
Contact DHS or law enforcement immediately to report an intrusion and to request incident response resources or technical assistance.
Additional information related to TA17-293A - Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors is available to authorized users of the NCCIC Portal on the Homeland Security Information Network. The NCCIC Portal provides a secure, web-based, collaborative system to share sensitive, cyber-related information and news with participants in the public and private sector. Information available to visitors is governed by the Traffic Light Protocol, used to ensure that sensitive information is shared with the appropriate audience. Supplementary information on TA17-293A is designated TLP:AMBER. For information on how to access the NCCIC Portal, email NCCICcustomerservice@hq.dhs.gov or call 888-282-0870.

Description

Since at least May 2017, threat actors have targeted government entities and the energy, water, aviation, nuclear, and critical manufacturing sectors, and, in some cases, have leveraged their capabilities to compromise victims’ networks. Historically, cyber threat actors have targeted the energy sector with various results, ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict. [1] Historically, threat actors have also targeted other critical infrastructure sectors with similar campaigns.
Analysis by DHS, FBI, and trusted partners has identified distinct indicators and behaviors related to this activity. Of specific note, the report Dragonfly: Western energy sector targeted by sophisticated attack group, released by Symantec on September 6, 2017, provides additional information about this ongoing campaign. [2]
This campaign comprises two distinct categories of victims: staging and intended targets. The initial victims are peripheral organizations such as trusted third party suppliers with less secure networks. The initial victims are referred to as “staging targets” throughout this alert. The threat actor uses the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. The ultimate objective of the cyber threat actors is to compromise organizational networks, which are referred throughout this alert as “intended target.”

Technical Details

The threat actors in this campaign employed a variety of TTPs, including:
  • open-source reconnaissance,
  • spear-phishing emails (from compromised legitimate accounts),
  • watering-hole domains,
  • host-based exploitation,
  • industrial control system (ICS) infrastructure targeting, and
  • ongoing credential gathering.
=================================================
   Good Netiquette And A Green Internet To All!  =====================================================================
Tabula Rosa Systems - Tabula Rosa Systems (TRS) is dedicated to providing Best of Breed Technology and Best of Class Professional Services to our Clients. We have a portfolio of products which we have selected for their capabilities, viability and value. TRS provides product, design, implementation and support services on all products that we represent. Additionally, TRS provides expertise in Network Analysis, eBusiness Application Profiling, ePolicy and eBusiness Troubleshooting. We can be contacted at:
sales@tabularosa.net  or 609 818 1802.
 ===============================================================
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” has just been published and will be followed by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.

In addition to this blog, I maintain a radio show on BlogtalkRadio  and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and  Yahoo I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and  PSG of Mercer County, NJ.


Additionally, I am the president of Tabula Rosa Systems, a “best of breed” reseller of products for communications, email, network management software, security products and professional services.  Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.

Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.

Thursday, October 19, 2017

Netiquette IQ Blog Of 10/17 - "Going Dark"


Puerto Rico Needs Your Help! Here's How



United for Puerto Rico (spearheaded by the First Lady of Puerto Rico)
Former U.S. presidents have expanded their One America Appeal to include recovery efforts in Puerto Rico and the U.S. Virgin Islands
Save the Children, which focuses specifically on the needs of families and their children.
Global Giving has a $2 million goal for victims of Hurricane Maria


Buy the books at

 www.amazon.com/author/paulbabicki
====================================================








Going Dark from whatis.com
Going dark is military lingo for the sudden termination of communication. The term used to describe a scenario in which communication appears to have ceased, but in reality has just moved from a public communication channel, where it could be monitored, to a private communication channel that prevents eavesdropping.
The term has been adopted by law enforcement to describe digital communication that cannot be monitored because of strong encryption. Mobile apps that use end-to-end encryption (E2EE) are designed to protect data at rest and in transit and keep the end user's text messages, emails and video chats private and secure. The same encryption technologies that protect end users from intruders, however, can prevent law enforcement and government agencies with the legal right to monitor transmissions from being able to do so.
In the United States, the question of how much help law enforcement and national security agencies should expect from vendors to make decryption upon demand available is under debate. The National Security Agency (NSA) has proposed vendors use split-key encryption to solve the problem of law-breakers and terrorists going dark.
In a split key encryption approach, also known as secret sharing, the technology vendor or service provider retains half the master key and law enforcement retains the other half. This approach places responsibility for deploying encryption in a way that supports lawful access on the vendor or service provider; it also provides a level of transparency, requiring the participation of both parties in order for lawful access to occur.
Opponents of this approach maintain that it would be prohibitively complex to implement and the complexity would provide points of entry that would ultimately endanger user data security. Another approach, which has been used in the past, is called lawful device hacking. In this scenario, the responsibility for decrypting dark communication is placed on law enforcement and government agencies, who must use exploits and/or external hardware/software to access the content of locked devices.

==================================================
   Good Netiquette And A Green Internet To All!  =====================================================================
Tabula Rosa Systems - Tabula Rosa Systems (TRS) is dedicated to providing Best of Breed Technology and Best of Class Professional Services to our Clients. We have a portfolio of products which we have selected for their capabilities, viability and value. TRS provides product, design, implementation and support services on all products that we represent. Additionally, TRS provides expertise in Network Analysis, eBusiness Application Profiling, ePolicy and eBusiness Troubleshooting. We can be contacted at:
sales@tabularosa.net  or 609 818 1802.
 ===============================================================
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” has just been published and will be followed by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.

In addition to this blog, I maintain a radio show on BlogtalkRadio  and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and  Yahoo I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and  PSG of Mercer County, NJ.


Additionally, I am the president of Tabula Rosa Systems, a “best of breed” reseller of products for communications, email, network management software, security products and professional services.  Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.

Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.

Wednesday, October 18, 2017

Netiquette IQ Blog Of 10/18/17 - Words That Identify Divisions Among Objects


Puerto Rico Needs Your Help! Here's How



United for Puerto Rico (spearheaded by the First Lady of Puerto Rico)
Former U.S. presidents have expanded their One America Appeal to include recovery efforts in Puerto Rico and the U.S. Virgin Islands
Save the Children, which focuses specifically on the needs of families and their children.
Global Giving has a $2 million goal for victims of Hurricane Maria


Buy the books at

 www.amazon.com/author/paulbabicki
====================================================







Words That Identify Divisions Among Objects
Updated October 10, 2017from thoughtco.com

In English grammar, a classifying adjective is a type of attributive adjective used to divide people or things into particular groups, types or classes. Unlike qualitative adjectives, classifying adjectives don't have comparative or superlative forms.
Function and Position of Classifying Adjectives
Geoff Reilly had this to say about classifying adjectives in his "Skills in Grammar and Style" (2004):
"Sometimes attributive adjectives show that the noun they are describing is of a particular type or class. They put the noun into a particular group. They classify the noun as being of a certain type, so they are called classifying adjectives. For example: The soldier was driving a military vehicle.
The soldier could have been driving any type of vehicle but, in this case, the vehicle was of the military class or type. The noun "vehicle" is modified by the classifying adjective "military," which describes the class or type of vehicle.
"Classifying adjectives normally come in front of the noun:
  • Atomic physics
  • Cubic centimeters
  • Digital watch
  • Medical care
  • Phonetic alphabet
The noun "physics" has the classifying adjective "atomic" in front. "Atomic" describes a particular type or class of the science of physics. Similarly, "watch" has the classifying adjective "digital" in front of it. Rather than being a traditional analog watch, this particular watch belongs to the type or class that is digital."
Identifying Classifying Adjectives
Gordon Winch, in  2005's "The Foundation Grammar Dictionary" said: "A classifying adjective is a describing word that tells us the class of the noun it describes, eucalyptus trees, Holden cars. You can pick out a classifying adjective because it will not take the word 'very' in front of it.
You cannot say a very eucalyptus tree."
Word Order With Classifying Adjectives
"COBUILD English Usage" gives some good insight into the correct order of several adjectives in a sentence.
"If there is more than one  classifying adjective in front of a noun, the normal order is:
  • Age — shape — Nationality — Material
  • ...a medieval French village.
  • ...a rectangular plastic box.
  • ...an Italian silk jacket.
Other types of classifying adjectives usually come after a nationality adjective:
  • ...the Chinese artistic tradition.
  • ...the American political system."
'Unique' as a Classifying Adjective
In "Oxford A-Z of Grammar and Punctuation" from 2013, John Seely had this to say about the usage of the word "unique":
"[ Unique] is a classifying adjective. Classifying adjectives put things into groups or classes so they cannot normally be modified by having adverbs such as 'very' placed in front of them. 'Unique' means 'of which there is only one,' so it is, strictly speaking, wrong to say, for example: He was a very unique person.
"...On the other hand there are a small number of modifiers that can be used with 'unique.' The most obvious is 'almost':
  • Britain is almost unique in continuing to charge almost all its domestic customers on an unmeasured basis. [for water]
This can be justified because it means that Britain is not the only country to do this; there are a few others. There is, however, a looser meaning frequently given (especially in informal speech and writing) to 'unique': 'outstanding or remarkable.' When it is used in this sense it is often preceded by 'very'  This use is best avoided in formal speech or writing."
Examples of Classifying Adjectives
  • "The video lasted seven minutes, which I know because Frankie was timing it on his digital watch." -- Henry Winkler and Lin Oliver,  "Barfing in the Backseat #12: How I Survived My Family Road Trip"  (2007)
  • "I had a wooden coin that my future husband had given me." Mickey Sundgren-Lothrop, "Sons of Valor" ( 2009)
  • "A giant flashing electronic sign high up on the side of a building displayed a happy family drinking Coca-Cola under the slogan 'Can't Beat the Real Thing.'" James Bartleman,  "As Long as the Rivers Flow" (2011)
  • "On the isle of Guernsey, a small French lad named Apollos Rivoire, twelve years old, was taken by his uncle to the harbor of St. Peter Port." David Hackett Fischer, "Paul Revere's Ride"  (1994)
  • "For the Germans in the Second World War, the ferocity of the  British, American, and Canadian artillery fire was something altogether new, even for veterans of the Eastern Front." Robert Engen, "Canadians Under Fire: Infantry Effectiveness in the Second World War"  (2009)
  • "In 1955, Arco, Idaho, became the first town in the United States to be powered by nuclear energy, and today there are more than 100 nuclear power plants in the United States." -- Howard S. Schiffman, ed., "Green Issues and Debates: An A-to-Z Guide" ((2011)
  • "About ten feet from where Homer was sitting grew a large eucalyptus tree and behind the trunk of the tree was a little boy." -- Nathanael West, "The Day of the Locust" (1939)
==================================================
   Good Netiquette And A Green Internet To All!  =====================================================================
Tabula Rosa Systems - Tabula Rosa Systems (TRS) is dedicated to providing Best of Breed Technology and Best of Class Professional Services to our Clients. We have a portfolio of products which we have selected for their capabilities, viability and value. TRS provides product, design, implementation and support services on all products that we represent. Additionally, TRS provides expertise in Network Analysis, eBusiness Application Profiling, ePolicy and eBusiness Troubleshooting. We can be contacted at:
sales@tabularosa.net  or 609 818 1802.
 ===============================================================
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” has just been published and will be followed by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.

In addition to this blog, I maintain a radio show on BlogtalkRadio  and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and  Yahoo I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and  PSG of Mercer County, NJ.


Additionally, I am the president of Tabula Rosa Systems, a “best of breed” reseller of products for communications, email, network management software, security products and professional services.  Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.

Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.