InfoSec

The Open Enigma Project Kickstarter is Fully Funded

July 25, 2018 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
March 29, 2013

NEWS FLASH: The Open Enigma Project was the Kickstarter Project of the day on March 6th, 2014

The Open Enigma Project is now fully funded as of March 10th! All pledges will be delivered after the campaign ends as planned. So now, on to their STRETCH GOAL of $50,000 (more on that below) and let’s keep the momentum going.

This rapid success would not have been possible without the help of:

cyberarms.wordpress.com infosecnews.org www.theopenforce.com www.hackedgadgets.com www.boingboing.net www.geekerskeep.com www.geeky-gadgets.com www.tomshw.it www.heise.de www.open-electronics.org www.hackaday.com http://techcrunch.com

When The Open Enigma Project hits their $50,000 Stretch Goal, this will give them the opportunity to focus on and deliver some Enigma Software enhancements (M3 emulation, Telex behavior, Cloud connectivity) and a new hardware version that uses the physical Plugboard.

Documentary to be filmed on the life of the last original Navajo Code Talkers, Chester Nez

July 25, 2018 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
March 24, 2013

Chester Nez, the last surviving member of the original 29 Navajo Code Talkers, will be the subject of filmmaker David DeJonge‘s upcoming 30-minute documentary.

“Chester is the last link from the Navajo people who forged a secret code that helped win the Second World War. Their code led to the training of 400+ additional Navajo code talkers. To record his story in first hand is critical to American and military history.” DeJonge said.

DeJonge who is well known for his work with the last WWI veteran Frank Buckles, and also his documentary “Pershing’s Last Patriot”, began producing the documentary on Nez after a visit to Gallup, New Mexico. Nez served with the United States Marines in the Pacific and helped defeat the Japanese by creating a code, using the Navajo language, that was never broken.

Sent to a boarding school as a child, Nez and other Navajo children were discouraged from speaking their native language and instructed to only use English, but that didn’t stop them from whispering Navajo to each other in secret. In 1942, Navajo was recruited from boarding schools to join the Marines and use their unique skills to develop an unbreakable code to pass messages. The film will tell Nez’s story from childhood through today.

Nez’s recently published memoir, written with Judith Avila and titled Code Talker, is the only book about the code talkers by one of the 29 original Navajo Marine volunteers. Avila also will be a consultant on the film.

“Most people think that the famous and unbroken Navajo code consisted of simply speaking Navajo. But that wasn’t the case. Even other Navajos could not crack the code – unless they had been trained as code talkers,” Avila stated.

In addition to filming Chester Nez, DeJonge will be interviewing several additional codetalkers who used the code that Chester’s team developed. DeJonge hopes to record several conversations of Chester Nez speaking the codes that he helped develop and used during WWII.

Filming will continue this spring. An initial grant from the Dennis and Phyllis Washington Foundation of Montana is supporting the project. DeJonge is seeking an additional $37,000 in donations to complete the project. Interested parties should contact him through this website. – www.survivorquest.org/

Photo credit: Northland College/Northland.edu

DDoS Attack on InfoSec News

July 25, 2018 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
March 18, 2013

InfoSec News has been mitigating a prolonged distributed denial-of-service (DDoS) attack from a large globally distributed botnet that has lasted over a week.

We apologize for any minor disruptions this may have caused and continue to monitor and mitigate the attack. Thank you all for your continued support, and we aren’t going to let this impact our mission to send out timely and relevant information security news to the community.

For EC-Council, Mum’s the word

July 25, 2018 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
March 12, 2013

We have been following the compromise, Web defacement, and subsequent silence of EC-Council for a couple of weeks now. On February 22nd the Albuquerque, NM-based EC-Council Web site was broken into and defaced three separate times. If you hold a certification from EC-Council your confidential information is rumored to have been stolen during this period.

After the EC-Council administrators wrested back control of their site the first time, a known password was used to deface the Web site again. The second defacement showed the mail from Edward Snowden’s Yokota Air Base email address requesting an exam code, along with a copy of his U.S. Passport and a letter signed by John A. Niescier, an Information Security Officer with the Department of Defense Special Representative, Japan.

All told, the website was compromised three times in a single week.

Conspiracy rumors abound about who attacked the EC-Council Web site. Foreign training companies, Secret Squirrels, The Chinese, The Russians, Non-state actors were all considered possible suspects. However, the folks at r000t’s blag did some digging and their conclusions provide pretty damning evidence identifying the likely culprit.

Since the attack, EC-Council has kept a very low profile, InfoSec News has reached out several times to Founder Jay Bavisi for a comment, but the attempts have fallen on deaf ears. Now nearly three weeks later, the EC-Council finally commented on the attack.

InfoSec News asked Mark Bernheimer, Former CNN correspondent and founder of MediaWorks Resource Group, a media training and consulting firm, for his insight into what the EC-Council should be doing.

“If there’s even an appearance that a Web site has been hacked, particularly a security company’s site, the only way to manage the crisis is to address the issue candidly and immediately.”

“Once a website has been hacked, and user data potentially compromised, it is too late to change that reality. The company can only manage the crisis through a careful, responsive public relations strategy. Ignoring inquiries isn’t the ideal approach.”

“A data breach –or even the perception of a data breach– demands an immediate, proactive PR strategy on the part of the victimized company. Get all the bad news out immediately, rather than encouraging rumor and speculation. This is the approach Target undertook after it suffered its own breach late last year.”

Brian Klug via Compfight