IBM Verse: Day One Usage

April 16, 2015

IBM has (finally) provisioned my Verse Basic account. How did Day One of Verse go for me?

Attempt One to log on to Verse resulted in this:

versebasic1

Hmm, refresh the browser.

Now, I see the login page. Again.

Attempt Two to log on to Verse resulted in this:

versebasic2

This appears in Chrome, version 41.0.2272.118 m, Firefox, version 37.0.1, and IE, version 9.0.36.

Now, I understand Tom’s post:

noverseforyou

*sigh*

This isn’t as easy as I had hoped. Nor is it a “#NewWaytoWork.”


IBM Verse: It’s Started for Me

April 15, 2015

Nearly three months have passed since I signed up for the Verse program. Today was a milestone as I received an e-mail from IBM with a link to create my Verse Basic account.

versebasic

Let the fun begin.


It’s Your Fault Cybercrime is Getting Easier

April 9, 2015

Interesting article from The Register.

. . . Around one in three (30 per cent) of end-users click through a malicious URL in an email even though they have been warned of the danger. “End users are increasingly desensitised from the warnings, don’t feel responsible and still lack enterprise-driven education,” according to Websense.

More >

For all the work that enterprise Information Security performs, it certainly appears to me that training the end-users to NOT click on suspicious email is not very high on their list. In fact, I would venture to guess that hardly any of the “Ivory Tower” Info Sec people even think to train their users, let alone send out fake spearfishing mail to see who is actually clicking on those links. Who better to train than the miscreants that continue to blindly infect their own workstations and the network, and who open the enterprise up for attack?


FAQ about IBM Verse Basic

April 6, 2015

“All” your questions about IBM Verse Basic have been answered in the FAQ about IBM Verse Basic.

There are some exceptions to this list, like the answer to Question 16:

Q16. How can my friends and family sign up for IBM Verse Basic?

Oh, it’s easy to sign up, but good luck with the acknowledgement, welcome e-mail, and a user name/password. I still haven’t received mine. And it’s been at least two months.

Thanks, Bruce, for the link.

 

 


IBM Alert: ‘Dyre Wolf’ Cyber Gang Uses Spear Phishing For $1 Million Cyberheists

April 6, 2015

Last week, IBM Security reported on an active cyberheist campaign using a variant of the Dyre Trojan that has successfully stolen more than $1 million at a time from targeted enterprise organizations.

This is not an issue with any IBM software, rather an interesting innovation from the once-simple Dyre malware by adding advanced social engineering tactics geared to circumvent two-factor authentication. In recent incidents, organizations have lost staggering amounts of $500,000 and $1.5 million to this sophisticated criminal cyber gang.

It’s the “social engineering” portion that shows organizations that no matter how sophisticated your defenses, your users are now, and probably always will be, the weakest link in your security efforts. I’m sure that training your users against social engineering is not a very high priority, but it should be at the top of your security efforts.

IBM is very clear as to what you need to do to combat spearfishing and social engineering:

Organizations will remain only as strong as their weakest link. Proactive end-user education and security awareness training continue to be critical in helping prevent incidents like the one described in this advisory. It is highly recommended to have periodic training for end-users on the types of threats they are likely to encounter and what actions they should or should not take, especially those users with access to corporate banking credentials. Users should be informed of the common techniques used by attackers, SPAM and phishing campaigns, as well as what actions the organization expects of them if and when they receive unusual emails, phone calls or other communications. Users should know how and who to contact to quickly report anomalies.

Consider doing periodic unannounced mock phishing exercises where the users receive emails or attachments that simulate malicious behavior. Metrics can be captured on how many potential incidents would have happened if it had been real.

You may read the full report here.


Old is New: Muting Threads or Conversations in IBM Verse

April 2, 2015

I was reminded this week that people have short attention spans.

IBM has released IBM Verse and one of the major features that IBM tours is muting threads or conversations in e-mail. That is, basically, if you are tired of being on an e-mail thread, you can “mute” it so that it does not appear.

This feature is not new.

From May 2010, I present to you how to mute threads and conversations in GMail and Outlook.

My fraternity mailing list is home to a great group of people, including some great entrepreneurs and some great investors. But when you get 400 opinionated MIT grads on a single mailing list, and the topic shifts to anything controversial, the discussion might explode. We’ve had well over 125 emails come through in the last three days after someone brought up the health care bill, and several folks have emailed to get off the discussion list list.

Don’t do that! Instead, use these super easy techniques to mute or filter the discussion out of your Inbox in less than 30 seconds. It’s faster than removing yourself from the mailing list, and better too, because when this discussion peters out, you’ll still be on the list in case something interesting comes up later.

Having some sort of parity with GMail and Outlook is good. Touting this as “new” is a bit disingenuous.

Thanks for the reminder, vowe.