The U.S. Department of Justice sent a formal request to independent news site Indymedia, ordering it to provide details of all reader visits on a certain day. The order included IP addresses, times, and identifying information including e-mail addresses, physical addresses, registered accounts, and Indymedia readers' Social Security Numbers, bank account numbers, and credit card numbers.The U.S. Department of Justice sent a formal request to independent news site... more
Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred in the US v. Khan case, and has been the focus of many other cases of procurement fraud within the LOGCAP project. Since combat operations began in 2001, DCAA has referred to criminal investigators 32 cases of suspected fraud that were associated with all wartime-support contracts. Of those, the vast majority were related to the Logistics Civil Augmentation Program.
Once a predator uses your Internet connection to go to into the bowels of the web, your Internet Protocol address, which is connected to your ISP billing address, is now considered one that is owned by a criminal. If law enforcement happens to be chatting with that person, who’s using your Internet connection to trade lurid porn, then someone may eventually knock on your door at 3 AM with a battering ram. And in freakish and relatively new twist, hackers can use a virus to crack your network and gain remote control access, and then store illicit porn on your hard drive.
Hackers are spreading their operational bases further around the world, according to threat analysis from managed security firm, Network Box. Not only should we all be wary about what links we click on in emails, social networking sites and IM, but we should examine what data we put online.
The short answer for persons leaving a company is to be very careful and to have a very clear understanding with the employer about what can and cannot be taken. The increasing involvement of government authorities in enforcing remedies involving trade secrets certainly signals a new level of risk for those who may be considering taking or copying trade secrets.
Forget about vampires, ghouls and zombies. You were much more likely to receive a fright this year from something lurking in your e-mail. There were the usual crop of Trojan horses and phishing expeditions, and as the surprising list points out, some of the scares go all the way up to White House and the FBI.
After calling out of work because of a "family emergency", a young bank intern gets caught in a lie after a photo of him is found on Facebook. His boss CC'd the picture to everyone in the company, and the intern was fired.
Sure, this is hilarious, but does the boss have the right to do that? Is this a violation of Facebook's terms of service?After calling out of work because of a "family emergency", a young bank intern gets... more
Is privacy still possible? For a lot of people, the answer is no, as companies collect personal data in ever-increasing volumes.
Take a site like NextMark.com.
It's a sort of "Google" for mailing lists, where more than 1,400 data vendors offer lists of names — hundreds of thousands of names at a time — all sliced and diced and searchable. If you're looking for a list of people with heart disease, you can find it here. Heart disease plus Hispanic plus over 50? Also available.
This type of data has been for sale for a long time; even some public radio stations sell lists of their donors through the site.
What's changed is the speed with which information flows into databases like these. It used to come from sources such as magazine subscriptions and warranty cards. Now it's flowing from online sources — thousands of them — everything from gambling Web sites to dating services.First in a four-part series
Is privacy still possible? For a lot of people, the... more
An intruder could eavesdrop on sensitive data sent across the Internet, manipulate the DNS address that redirects traffic from trusted sites to malicious ones, and possibly even infect other routers automatically. Chen says he informed Time Warner’s security department of the hole; they responded that they were aware of the problem but couldn’t do anything about it.An intruder could eavesdrop on sensitive data sent across the Internet, manipulate the... more
Many internal clouds will run on the back of VMware, but not all, and VMware alone will not satisfy all of the business’s requirements for running an effective internal cloud. Why not? I can think of several reasons…Many internal clouds will run on the back of VMware, but not all, and VMware alone... more
The first major hurdle that must be addressed to ensure information security and privacy policies are implemented and managed properly is that of upper management support. Beyond upper management buy-in, there are six other critical factors that will determine whether or not security policies are effective.The first major hurdle that must be addressed to ensure information security and... more
An attorney defending against a music-piracy lawsuit didn’t cross ethical bounds by filing motions broadly attacking the recording industry and posting them on his blog, a magistrate judge has ruled, rejecting demands from the RIAA for monetary sanctions.
picture-19Attorney Ray Beckerman was “less than forthcoming at times” in defending a client against an RIAA lawsuit, but the music industry’s concerns were “largely overstated,” New York Magistrate Judge Robert M. Levy wrote Friday (http://beckermanlegal.com/pdf/?file=/Lawyer_Copyright_Internet_Law/umg_lindor_091009MagistrateDecision.pdf) (.pdf).
“Although defendant’s counsel took an unusually aggressive stance and, at times, veered into hyperbole and gratuitous attacks on the recording industry as a whole, I do not find clear evidence of bad faith on counsel’s part,”
Levy also ruled that the RIAA, which has sued 30,000 individuals, was not a vexatious litigant, shooting down Beckerman’s counter-complaint against his courtroom opponents. “Plaintiffs have doggedly pursued their copyright infringement claim, but I find no evidence of undue vexatiousness or ill motive on their part,” Levy wrote.An attorney defending against a music-piracy lawsuit didn’t cross ethical bounds by... more
Whilst the recent news that Microsoft has released a free computer security package to the public is reassuring, it does not detract from the fact that the world’s most popular operating system still has serious security flaws.Whilst the recent news that Microsoft has released a free computer security package to... more
The root cause of application security vulnerabilities is usually design bugs, and often there are implementation defects. The empirical data showed that software bugs accounted for over 55% of the contributing vulnerability to the event (see the Business Threat Modeling study).The root cause of application security vulnerabilities is usually design bugs, and... more
I’m not arguing for an eggshell model of security - crunchy on the outside, squishy on the inside - but it makes things much easier to be able to address an application server’s security requirements without the need to assume that whatever security you implement on an application level is all you will have.I’m not arguing for an eggshell model of security - crunchy on the outside, squishy... more
The seeming inconsistency between the perception of being immune from data breach risks with the rapid growth in data breach incidents, led us to think about whether organizations can actually quantify their level of breach risk. We were somewhat surprised that there is not much available to organizations to help them in scoring their vulnerability.The seeming inconsistency between the perception of being immune from data breach... more
As part of their storage security strategy, enterprises must understand the value of such intellectual property in combination with the risk tolerance of the organization before they can address how to appropriately secure it and store it. Moreover, because the value of information changes over its lifetime, so should its storage.As part of their storage security strategy, enterprises must understand the value of... more
In Estonia the State Department has arranged for a series of meetings/lectures and discussions for Mr. Clinton. In addition to visiting the NATO Center Mr. Clinton will meet with representatives of the Estonian government, private sector entities, law enforcement, university and primary education professionals.In Estonia the State Department has arranged for a series of meetings/lectures and... more
Many social media sites are set up so that a participant needs to endorse others in order to gain credibility; however, such endorsements may give the appearance that the company is actually giving the endorsement. Thus, the company has an interest to protect in connection with any social media account used that identifies an employee of the company.Many social media sites are set up so that a participant needs to endorse others in... more
Infected users are often spreading additional malware by having infected Web sites posted on their Webpage without their knowledge. Friends are then more apt to click on these sites since they appear to be endorsed by their contacts. Tips on avoiding these tactics…Infected users are often spreading additional malware by having infected Web sites... more
