hmm - this isn't good!
Banks, Credit Card Firms Wait For The Other Shoe To Drop Amid Reports Of Another Payment Processor Breach - DarkReading
Thursday, February 26, 2009
Monday, February 2, 2009
Web identity hijacking on the rise - vnunet.com
The computer industry is a strange place. I remember back in the day where memory was so expensive we were taught to write our code to use cryptic variables and short hand names so it could run faster, and store less. Ultimately this led to the y2k problem - so now everyone is encouraged to store just what you need - not more. Likewise, years ago privacy professionals were advising to put as little as possible online. By not sharing anything, then the baddies couldn't steal it - right? sort of.
With the rise in web identity theft - officials are now advising people to *join* the social networking boards before the baddies do it pretending to be them! (huh?) I've heard how HR departments are now using LinkedIn almost exclusively to check up on potential new hires - but really - who believes the 'myspace' profile when it comes to jobs or banking?
you read - you decide!
Web identity hijacking on the rise - vnunet.com
With the rise in web identity theft - officials are now advising people to *join* the social networking boards before the baddies do it pretending to be them! (huh?) I've heard how HR departments are now using LinkedIn almost exclusively to check up on potential new hires - but really - who believes the 'myspace' profile when it comes to jobs or banking?
you read - you decide!
Web identity hijacking on the rise - vnunet.com
Thursday, January 15, 2009
patch cycles?
I know a few people who don't trust Microsoft. Everytime they see a patch available from our friends in Redmond, they happily ignore it! "probably just a scam. probably Bill wants to know how much I'm using firefox and google!"
... uh - no.
Setting your computer to automatically accept patches from well established vendors like Microsoft, Adobe, and your Anti-virus vendor is a wise thing to do. EXACTLY for the reason shown in the article below!
Researcher: Worm infects 1.1M Windows PCs in 24 hours
Hmm, let's do the math - m'soft issued a patch in October - so that's about 70 days later someone has put together a nice attack based on it. That's a pretty long time to be sitting still without patching, but apparently there are millions of target boxes available!
... uh - no.
Setting your computer to automatically accept patches from well established vendors like Microsoft, Adobe, and your Anti-virus vendor is a wise thing to do. EXACTLY for the reason shown in the article below!
Researcher: Worm infects 1.1M Windows PCs in 24 hours
Hmm, let's do the math - m'soft issued a patch in October - so that's about 70 days later someone has put together a nice attack based on it. That's a pretty long time to be sitting still without patching, but apparently there are millions of target boxes available!
Tuesday, January 13, 2009
Credit Card News: Consumer Tips Regarding Identity Theft for 2009
There is a book called the world is flat, and Disney has haunted millions with that song 'it's a small world afterall. But there really are 2 worlds. One that is physical - the other that is cyber.
Identity theft in the cyber world is primarily where I work - this article regards the physical world. It's a good 'cheat sheet' for tips regarding what to do to first prevent identity theft, and then what to do if it happens anyhow.
Credit Card News: Consumer Tips Regarding Identity Theft for 2009
Identity theft in the cyber world is primarily where I work - this article regards the physical world. It's a good 'cheat sheet' for tips regarding what to do to first prevent identity theft, and then what to do if it happens anyhow.
Credit Card News: Consumer Tips Regarding Identity Theft for 2009
Sunday, December 28, 2008
Russian hackers target U.S., Europe for profit and politics
When I saw this title, I said to myself - isn't that what I've been saying for over a year now??
Russian hackers target U.S., Europe for profit and politics -- chicagotribune.com
it is, but I'll give it up to this writer, he said it better!
Russian hackers target U.S., Europe for profit and politics -- chicagotribune.com
To ply online banking accounts, Russian hackers rely on viruses that record keystrokes as customers type log-ins and passwords. Russian-made viruses are believed to be behind several major online heists, including the theft of $1 million from Nordea Bank in Sweden in 2007 and $6 million from banks in the United States and Europe that same year.
it is, but I'll give it up to this writer, he said it better!
Monday, December 15, 2008
secure that laptop!
Recently I met with a couple of companies that assured me they didn't have any security concerns. They had a good IT guy, a firewall on every laptop, and a guard at the door. Certainly they were OK.
... not really!
Both firms I spoke with had a highly mobile workforce where they met with many clients while using their laptop as their primary computer. They'd enter in client NPI into the laptop, and then send it across the web to their corporate based application.
A couple thoughts occured to me - if there was a rootkit like infostealer on these boxes, they'd be easily compromised. Likewise if they were using non-secured hotspots for internet access. BUT the single biggest hole in the papers today is much more low tech - it's just stealing the whole laptop. Once in the hands of the badguys, they can take their time to harvest all the great NPI from files, emails etc
Here's a recent article describing options on how to secure these
New solutions to remotely secure a stolen laptop | IT Security | TechRepublic.com
... not really!
Both firms I spoke with had a highly mobile workforce where they met with many clients while using their laptop as their primary computer. They'd enter in client NPI into the laptop, and then send it across the web to their corporate based application.
A couple thoughts occured to me - if there was a rootkit like infostealer on these boxes, they'd be easily compromised. Likewise if they were using non-secured hotspots for internet access. BUT the single biggest hole in the papers today is much more low tech - it's just stealing the whole laptop. Once in the hands of the badguys, they can take their time to harvest all the great NPI from files, emails etc
Here's a recent article describing options on how to secure these
New solutions to remotely secure a stolen laptop | IT Security | TechRepublic.com
burn me once, shame on you
burn me twice - shame on me!
Bottom line to the story below is simple - use Firefox as your browser (or any alternative to IE).
Hackers are in this to make a living, and for their new tools to have the biggest impact (IOW infect the most desktops) then they go after the most popular OS and browser. While Firefox is very popular, millions are still using Internet Explorer every day even though it has the most vulnerabilities!
New zero-day IE7 exploit is in the wild | Network Administrator | TechRepublic.com
Bottom line to the story below is simple - use Firefox as your browser (or any alternative to IE).
Hackers are in this to make a living, and for their new tools to have the biggest impact (IOW infect the most desktops) then they go after the most popular OS and browser. While Firefox is very popular, millions are still using Internet Explorer every day even though it has the most vulnerabilities!
New zero-day IE7 exploit is in the wild | Network Administrator | TechRepublic.com
Subscribe to:
Comments (Atom)
Posts
