With these changes, being technically sound is not good enough, there are behavioural, or soft skills that will be required.

This is why beyond a technology strategy you also require a behaviour strategy, one where that no matter where the technology goes your people can be ready.

Change the behaviour and change thinking.

Here I suggest a behaviour strategy that revolves around introducing DevOps to develop these four areas that I consider to be critical for the future of work.

1. Analytical and strategic thinking

As things change quickly, you need to think ahead, and then be able to put the pieces in place to get there. For this you need to be able to look at all the trends and analyse it, then put a strategy in place to take advantage of the opportunities.

We need to employ systems thinking to see how we can increase productivity and flow through the process. And use data to make better decisions.

This aligns with the 1st Way of DevOps, thinking from left to right.

2. Think of the end customer and user-centred design

In the world of automation, the things that will make humans, well, human, is our ability to connect. We often refer to this as Emotional Intelligence.

This is going to be a key skill in the future of work. It will allow us to develop services that help the customers and not cater for ourselves, such as novel technological solutions that add little value to the customer. Yeah, that’s a pretty cool server, but did it reduce the wait times of our customers?

Take time to speak with customers, even if there are no issues or projects ongoing so we can understand them.

This aligns with the 2nd Way of DevOps, increase and amplify feedback loops.

3. Creativity and innovation

Creativity and innovation is a key part of ensuring that we can stay relevant. This means thinking of new ways to use emerging technology to meet business and personal goals. It also means doing experiments and trying new things.

This aligns with the 3rd Way of DevOps, the development of a culture of experimentation and learning.

4. Active and Purposeful Learning

In a fast-changing environment, you need to keep up with the new technologies otherwise you may get left behind. This means actively taking time to learn new things, and also learning from mistakes.

It also means not being afraid to make mistakes and developing a growth mindset, whereby you don’t believe that your abilities are fixed, but that you can change.

I’ve also encouraged my team to be purposeful with their learning, in that don’t learn as they do, which is reactive by nature, but choose to learn something even if it’s not actively in use. And also teach others so that they may learn as well.

This also aligns with the 3rd Way of DevOps, the development of a culture of experimentation and learning.

Original article: Changing Behaviours through DevOps

©2025 Interxect Services Limited. All Rights Reserved.

The Bleeding Heart Bug

The Heartbleed bug (CVE-2014-0160) was publicly disclosed on Monday and affects specific versions of the OpenSSL application. OpenSSL is a generally used open-source implementation of the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) Cryptographic method and is used on about 66% of all public websites. The bug has been present in the software since December 2011.

The bug is not a weakness in SSL/TLS itself, but rather is bug in OpenSSL implementation of it that can potentially allow attackers to access the unencrypted data stored within a server’s memory. With enough data, an attacker can find out your server encryptions keys, your passwords and any other information passed over the communication. The attackers can then use the compromised keys to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

Who are vulnerable?

Because of the widespread adoption of the OpenSSL software and the ability to be attacked without leaving a trace, it means that we are all vulnerable because you can’t tell if your data has been compromised.

Not only websites are vulnerable, as many hardware and software vendors implement use OpenSSL in their products. Cisco and Juniper has listed advisories warning of the bug in their products.

What should you do?

All businesses, website owners and users of affected services should take action on this bug.

Step 1: Determine if any of your servers may be affected.

You can use the check script on Filippo Valsorda’s web site to check your public services.

Check with vendors if any of your internal services may be affected.

C|NET has a list of the top 100 sites around the web to determine if they have been patched or may be affected

Website owners with their sites on hosted services should check with their service provider if they have taken action on the bug and if they were ever vulnerable.

Step 2: Patch services for which you are able to patch yourself.

These include any owned servers or virtual servers that you use, or internal, private servers or devices.

Step 3: Re-Key your SSL Certificates

This involves regenerating and reinstalling the private keys on your servers. While the risk may be small, the fact that you will not know if your key was compromised, this is a recommended precautionary step.

Step 4: Change your passwords

It’s important that you change any passwords that you may have on any of the affected systems AFTER you have patched OpenSSL and re-keyed your certificates. Doing so before you performed the prior steps means that if your keys were compromised, an attacked would be able to discover your new passwords.

If you are a service user and don’t run any services yourself, find out from the provider if they were vulnerable and if they patched their services (or use the check script in Step 1).

Don’t Panic

While the bug is serious, it’s important to not panic. Keep a clear head and follow the steps.

For more information about the bug and to keep updated check out heartbleed.com.

Original article: Don't let it ruin your day'">The Heartbleed Bug: What is it and what to do about it Don't let it ruin your day

©2025 Interxect Services Limited. All Rights Reserved.

Sourcefire also has in its portfolio next-generation firewalls and advanced malware protection solutions.

Cisco hopes to improve it’s security solutions with the new acquisition, although I am not very clear as to how. At the moment, I am tending to believe that this is an acquihire, for Cisco to gain Sourcefire’s strong cadre of security experts.

My concern now is what will happen to the open source solutions that Sourcefire currently provides. Snort and Clam AV have proven very popular within the security industry. Snort especially is used in many solutions to provide excellent IDS/IPS to networks. Fortunately, because it’s open source software (OSS), it can be forked to create another product based on the code, but without the right support may just languish.

Cisco used to be very open contributing greatly to the open source community, and still continues to once it deals with open standards, but from my own observations, I see Cisco closing avenues where there is direct competition. On the plus side, Cisco may have some technologies that will improve their current security offerings, so customers who are into Cisco may benefit.

I’ll adopt a wait and see approach for now, but I expect stocks of Cisco to rise with this acquisition.

Read Cisco’s announcement of the acquisition here.

Original article: Hopes to Bolster Security Strategy'">Cisco to Acquire Sourcefire, the Makers of Open Source Snort and Clam AV for $2.7B Hopes to Bolster Security Strategy

©2025 Interxect Services Limited. All Rights Reserved.

Zeus is a malicious software application (termed malware) that is designed to steal online credentials and other personally identifiable information (PII); it is geared to stealing banking credentials and information from users.

Zeus is a trojan, so it is disguised as something ‘safe’, and usually spread by links via email, comments on websites, and through social media, especially facebook.

SMBs are particularly attractive because they have more money than the average individual and often have lax security mechanisms in place to mitigate against malicious attacks. According to Symantec in its Internet Security Threat Report 2013, the largest growth area for targeted attacks in 2012 was with small businesses. As it says, “money stolen from a small business is as easy to spend as money stolen from a large business.”

Symantec had found in an earlier survey that many small businesses are not concerned about IT security and usually believe that the data that they have holds little value to attackers.  I have also had to educate some of my clients about the risks involved if their data, or even their servers, were stolen.

The Federation of Small Businesses in the UK reported that small businesses lose £785 million to cybercrime per year. The sad thing is that many a small business would go bankrupt if an attack was successful at draining their bank accounts.

Not only small businesses should be on the alert, but many small financial institutions, such as credit unions, should be aware of the threats and risks. Many of these institutions lack the resources and infrastructure of their larger counterparts and may be ill prepared for those attacks.

So what are some of the ways that small businesses can protect themselves.

1. Have up-to-date anti-virus, anti-spyware and anti-malware software installed and running.
2. Keep your PCs updated to all the latest software and security patches.
3. Use strong passwords on banking websites. If your bank offers a hardware security token, consider getting that service.
4. Train employees to recognise and avoid suspicious emails or links. Also keep an open environment that allows employees to report if they accidently click on a link; time is of the essence for these attacks.
5. If you have any suspicions about an email or message (such as snail mail) received that purports to be from your bankers, call them using the number from the phone book to verify the information. Do not use any numbers, email addresses or internet addresses from the message to contact them.
6. Use a computer account without administrative rights.
7. Always type in the internet address of the bank into your browser. Do not click any links within emails to access the online bank.
8. Limit access to computers that will be used to access online bank applications. Also limit the applications or sites that those computers will be allowed to access to limit exposure to malicious content.
9. If you can’t dedicate a computer to access online banking, then consider using a Live CD of an operating system to just access the online banking system.

For small financial institutions:

1. Make the required investments to secure your data and network.
2. Perform regular security assessments to identify and address risks.
3. Train your employees to become more aware of security risks and what they must do to reduce those risks.
4. Educate your customers as to what they can do to protect themselves.

Online banking is a huge timesaver for many a small business and with the right checks and balances can continue to be a safe way to manage your business’ finances.

Do you have any other tips that I should have mentioned? Feel free to add them to the comments below.

Original article: SMEs and Small Financial Institutions Beware'">Zeus Malware Reboot SMEs and Small Financial Institutions Beware

©2025 Interxect Services Limited. All Rights Reserved.

While the report focused more on Latin America (the only Caribbean country with significant attention was Jamaica), our close proximity to South and Latin America means that we should consistently remain abreast of the developments there.

I read the reports and have distilled some of the highlights for you.

In General

A general increase in cyber incidents were reported by most countries. However, the belief is that this was due to better detection and security mechanisms put in place, indicating that attacks were happening all the time but were previously undetected. The report noted that in many instances there was no rating or scale used for the incidents that were detected.

Growth of Hactivism

An interesting trend that was noted was the growth in hacktivism or politically motivated hacking. These instances were not driven by financial gain, but were coordinated attack campaigns in response to legislative initiatives. These attacks brought the issue of cyber security to the forefront, and may have provided some benefit by making those in authority more aware of the threats out there.

Financial Losses

The report wasn’t able to quantify the losses caused by hacking, stating that it was impossible to gather, but still said that it was very high, possibly even greater than losses of any other form of crime. I find this a rather dubious claim though, and would prefer to see more evidence before stating such.

Threat to Industrial Control Systems

Industrial Control Systems (ICS) are at an even greater risk in the region, than in many other parts of the world. I gather that the report also included financial, transportation, healthcare, and telecommunications as having ICS. Trend micro found many ICS devices connected to the Internet, possibly for remote management and administration. This may not be a problem in itself, but it found that these systems will both unprotected by a password or unpatched. I know of a few cyber scams that have hit telecommunications companies within the region, but none that have hit industrial systems… as yet!

Keeping up with Cybercriminals

Trend micro found that the hackers in the region were learning from their counterparts in other developed countries, mainly from Eastern Europe. Meanwhile, law enforcement authorities were having a hard time keeping up with the cybercrime developments. The report cited inexperienced cybercrime investigators and the shortage of prosecutors who specialize in technology related offenses. There is also a need for highly skilled professionals who can secure networks, diagnose intrusions, and effectively manage cyber incidents.

Inadequate Security and Awareness of the General Citizenry

One of the conclusions formed was that the greatest form of attack was via file infections. This is an indication of insufficient security mechanisms on personal PCs and a lack of awareness of the general citizenry of how to protect themselves from cyber threats.

Impediments to Cybersecurity within the Region

The report brought to fore some of the major issues impeding the region’s cyber security efforts.

• Lack of information being shared about security events such as breaches, intrusion attempts, or attacks.
• Lack of law enforcement or federal laws and regulations.
• Skewed data about security incidents that may not be factual or just anecdotal evidence (“I heard that this happend…”).
• Differing standards as to what constituted a cyber incidents. Some countries only counted attacks on the Government as incidents, while others count everything.
• Lack of National Computer Security Incident Response Team (CSIRT).
• Lack of highly skilled professionals in the area of cyber security.

Recommendations

The report included three recommendations for governments and organizations in the region to help improve the state of cyber security.

1. Raise awareness of safe cyber habits and general cybersecurity awareness among Internet users, critical infrastructure operators, and government employees.
2. Invest in and promote enrollment in technical degree programs to ensure an ample pool of qualified candidates from which to draw professionals that would be needed to fill the increasing number of information security careers.
3. Continue strengthening policy mechanisms to assign governmental roles and responsibilities related to cyber security and codifying information sharing and cooperation mechanisms.

I would also include that the formation of CSIRT’s at both the organizational and the national levels, even at the regional level. This would help coordinate activities in addressing cyber security. And while I do not think we need to go as far as having degree programs, we do need to increase the pool of people who deeply know information security.

I recommend that you read the report here (pdf), and please forward it to others, especially those in the position to take the cause forward.

Do you think that enough efforts are being made to improve cyber security at both the organizational and that the governmental levels? Leave your comments below.

Original article: ... and what we can do about it!'">Trend Micro – Cybercrime on the Rise in Latin America and the Caribbean ... and what we can do about it!

©2025 Interxect Services Limited. All Rights Reserved.

The attacks use bots to attempt a brute force attack on WordPress installations using the default “admin” username and a dictionary of passwords.

Many websites, including ours, run on WordPress. It is recommended that you use a different administrative username and a strong password. Even if you are using a different administrative username, you should still use a strong password. See our article – 5 Tips To Help You To Secure and Manage Your Passwords – on tips for strong password creation.

The attacks have died down over time, and many ISPs have put in measures to secure their users. Our ISP put out this notice yesterday. But this is no reason to relax. Security is about eternal vigilance, and you can bet that the next wave is coming.

Original article: Widespread Attack on WordPress Websites

©2025 Interxect Services Limited. All Rights Reserved.

This is purely an issue of work ethic, and the business is hardly to blame for the actions of the employee, however, if any damages were to occur because of it, the business may have been held accountable for it. To the business’ credit, it had performed a security audit and was able to detect the act. But how many other businesses do not do the same? What other activities are taking place within your business that you are not aware of and has the potential to bring you heavy losses, both in reputation and finances?

Unethical behaviour in IT departments is of particular concern, as there is real potential of serious damage.

How can we prevent this?

The question remains how can businesses protect themselves from unethical behaviour such as this? I have pondered this for some time as many businesses use the NDA – Non-Disclosure Agreement – as a way to keep workers honest, but this still depends on ethics. You can act like “big brother” and monitor your employees’ every move, but that will just decrease morale. A regular and consistent audit may be the best way to capture these events, but this suffers from two disadvantages – it’s a costly recurring expense, and it captures incidents after the fact, when the damage is already done.

There is one thing you can try that I think is the best option.

Another Approach

The best way to approach this, in my opinion, is to try to prevent it from happening at all. We do this by maintaining a proper and open relationship with your employees.

Be approachable to employees and allow them speak openly about their concerns. Sincerely try to address their concerns and be honest about situations – if they can’t trust you, then they will have no qualms about betraying your trust.

Create a culture of ethical habits by setting the example for the employees to follow, such as giving recognition and credit where due, by not engaging in corrupt practices, or by not pushing the envelope of what might be ethical behaviour.

The Best Way?

Will this prevent bad behaviour from ever happening? No,  I seriously doubt that. Within everyone there is a bad and good side – yin and yang – and what you need to do is create an environment where it is easier to do good, and be good. Perhaps I’m being optimistic, but I’d rather be a wrong optimist than a right pessimist.

Original article: Can you stop this from happening in your business?'">Security audit finds dev OUTSOURCED his JOB to China to goof off at work Can you stop this from happening in your business?

©2025 Interxect Services Limited. All Rights Reserved.

The latest version of Java – Version 7 Update 6 – has several vulnerabilities, one of which a proof-of-concept exploit has been released in the wild. Rapid7, owners of the Metasploit Framework, already has a working update to exploit the vulnerability.

It seems that Oracle knew of the vulnerabilities since April of this year and as of today, they remain unpatched. A lot of developers believe that Oracle has not been friendly to software projects of Sun, such as Java, MySQL and Open Office, and this is just one piece of evidence to suggest that. We would not be surprised, as Oracle acquired Sun for their hardware business.

We suggest disabling Java in your browsers until the vulnerabilities are patched and run it only on trusted, signed sites. Mozilla Firefox’s latest update is already blocking the unsafe versions of Java by default.

Be safe out there.

Update: Oracle has fixed the critical vulnerabilities. We recommend that you apply the patch as soon as possible. You can read more about the fix here.

It doesn’t appear that all the vulnerabilities identified by researchers have been addressed and we hope that those fixes will be forthcoming before the next proof-of-concept exploit is released.

Original article: Java 7 Update 6 0-Day Exploit in the Wild

©2025 Interxect Services Limited. All Rights Reserved.

Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.

The vulnerability occurs only on *NIX based systems and Microsoft Windows systems are not affected by this vulnerability.

No official patch is available for MySQL 5.0.x, because that version of thedatabase server is no longer supported by Oracle. However, some Linux vendors might backport the patch from MySQL 5.1 or 5.5. This also affects people with personal blogs on private Linux hosts that use MySQL back-ends for web applications such as WordPress, Joomla and Drupal.

Any Internet accessible MySQL database is extremely vulnerable, and those in security circles are warning of a wave of attacks. To reduce the risk, configure your MySQL databases to accept connections from only authorised IP addresses and try not to allow any public IPs access to the databases.

Original article: MySQL Vulnerability Allows Attackers to Bypass Password Verification

©2025 Interxect Services Limited. All Rights Reserved.

The vulnerability is identified as CVE-2012-0217 and stems from the way Intel 64 CPUs have implemented the SYSRET instruction. The vulnerability can only be exploited on Intel CPUs when the Intel 64 extension is in use, that is, using a 64-bit OS; 32-bit OSes are not affected.

AMD does not implement the SYSRET instruction the same way and is not similarly affected. However, systems running on AMD64 chips may lock up under an attack and may therefore pose a Denial of Service (DoS) vulnerability.

A list of vendors and their vulnerability status is shown below. Note that this list may not be updated and you should check the CERT-US website for updates.

Interxect Services advises customers to update your systems with vendor approved patches as they become available.

Original article: CERT-US Advises that 64-bit OSs and virtualization software on Intel 64 chips are vulnerable to hacks

©2025 Interxect Services Limited. All Rights Reserved.