tagged w/ conficker
-
-
In a stream of RSS and Twitter feeds, news captions, headlines, water-cooler-talk and the occasional lunch crunch and nightly news reports, it's hard to visualize a snapshot of what's really going on in the world and how seemingly random data may or may not fit together with malicious attacks and how they transform. Take a look at this attempt to visually put some random events together. http://cyy.be/b3Qb07In a stream of RSS and Twitter feeds, news captions, headlines, water-cooler-talk and... more
-
-
Once an agency crosses over into social media interactions with other agencies and non-governmental organizations, the guidance gets diluted. The guidelines point to five government agencies, none of which are the definitive resource for social media implementations. These guidelines are a must read for any organization that is considering a foray into the Web 2.0 sphere…
http://information-security-resources.com/2010/02/25/federal-guides-for-social-media-security-pii/Once an agency crosses over into social media interactions with other agencies and... more
-
-
Over a billion people visited social networking sites such as Facebook and Twitter last month so it’s not surprising that hackers have these sites in their cross-hairs. In fact, according to recent research from Breach Security Labs, social networks were the most targeted category in 2009, accounting for 19% of all malicious attacks last year. By using simple data encryption and password protection tools, you can ensure that your personal information and online identities remain secure and private…
http://information-security-resources.com/2010/02/14/how-to-protect-your-social-network-identity/Over a billion people visited social networking sites such as Facebook and Twitter... more
-
-
Fraud as a service or FaaS for the acronym collectors, has been a topic of concern for security professionals since 2008. Gone are the days where the primary theft is being perpetrated by the sociopath lone-wolf in the basement. The major player is now organized crime, responsible for 70 percent of online fraud and billions in ill-gotten gains…
http://information-security-resources.com/2010/02/01/faas-the-emergence-of-fraud-as-a-service/Fraud as a service or FaaS for the acronym collectors, has been a topic of concern for... more
-
-
We are observing an incredible rise in cybercrime. New profiles of attackers arrived in the so-called hacking underground, and the hacking world – sometimes – is meeting with organized crime and State-sponsored attacks. The world is changing and, basically, the keyword is the information. In today’s world Information is the Power that’s the sole reason why all of this is happening.
http://information-security-resources.com/2010/01/25/un-crime-justice-institute-fights-hackers/We are observing an incredible rise in cybercrime. New profiles of attackers arrived... more
-
-
-
While similar to a confidence trick or simple fraud, Social Engineering typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim. But in many cases the attacker certainly does come in contact with the victim. You may be doing all you can and should to protect yourself from hackers and scammers. But a response to a simple email that looks exactly like your expected monthly bank e-statement can completely drain your bank account.
http://information-security-resources.com/2010/01/14/how-to-recognize-social-engineering-scams/While similar to a confidence trick or simple fraud, Social Engineering typically... more
-
-
Ethical hackers are the tech industries white nights, also known as white hat hackers. Steve Stasiukonis from Secure Network Technologies is such a person, hired by by companies CIO’s to penetrate an organizations network to determine where its vulnerabilities are. The process of a white hat starts with a permission based hack that often leads to results that make the CIO nauseous. In Dark Reading Steve writes about how he did it with a fake badge and a Facebook profile…
http://information-security-resources.com/2010/01/12/hacking-a-corporate-network-with-facebook/Ethical hackers are the tech industries white nights, also known as white hat hackers.... more
-
-
The Boston Channel reports a Lynn couple was accused of selling the identities of at least 16 Transportation Security Administration workers at Logan International Airport. Police said the ID data was allegedly taken by a female TSA contract worker who is related to one of the two Lynn suspects. A TSA spokesman said the agency takes the ID theft very seriously. Well, that’s a good start…
http://information-security-resources.com/2010/01/10/pair-arrested-for-selling-tsa-employee-ids/The Boston Channel reports a Lynn couple was accused of selling the identities of at... more
-
-
The hacker I contacted immediately returned my email. I told him I was a journalist and wanted to do a story on him. I couldn’t have been more upfront with my intentions. I even provided him my website, but that didn’t seem to matter. He just wanted my money. First he wanted me to open up my IM and connect with him via his Yahoo email. That way we could chat. But I wasn’t about to let him in via IM because there are known hacks that can allow a bad guy into your IM then onto your PC. So I set up a private chat at tinychat…
http://information-security-resources.com/2010/01/05/robert-sicilianos-conversation-with-a-hacker/The hacker I contacted immediately returned my email. I told him I was a journalist... more
-
-
Here we are again, getting ready to face a new year. Time to set those dreaded New Year’s resolutions. You know, lose the 10 pounds, give up the chocolate, quit smoking, and win the Nobel Peace Prize. Along with the breaking of some bad habits, now is the time to take on some new habits to protect you against identity theft. The Identity Theft Resource Center offers the following top resolutions you can make in 2010…
http://information-security-resources.com/2010/01/03/identity-theft-prevention-checklist-for-2010/Here we are again, getting ready to face a new year. Time to set those dreaded New... more
-
-
In 2003, an estimated 1.5 million laptops were stolen worldwide. Today, that number has climbed to 2.6 million. That’s a 70% increase in just a few years. That’s one stolen laptop every 12 seconds. Laptop computers have been the source of some of the biggest data breaches of all time. Unfortunately your security, or lack thereof, is in the hands of others.
http://information-security-resources.com/2009/12/22/basic-laptop-security-prevents-identity-theft/In 2003, an estimated 1.5 million laptops were stolen worldwide. Today, that number... more
-
-
-
The problem with social media identity theft is that when it takes over your account, all the people that you communicate with within your account may believe the identity thief is you. And when that identity thief begins to ask for money, from your friends and from your family and your coworkers, then they may actually pull money out of their pocket and send it via Western Union to the imposter. They think that you’ve actually come into the trouble that the identity thief is saying you’re in.
http://information-security-resources.com/2009/12/20/facebook-stung-by-social-media-id-theft/The problem with social media identity theft is that when it takes over your account,... more
-
-
If a company wants to have a social media presence, then the people involved in the usage will need to have the training to understand what to and not to post and what is acceptable use (no Facebook apps). The Internet is full of regrettable stories of CEOs and other high-ranking employees discussing inappropriate topics that immediately plunge themselves and their firm into hot water.
http://information-security-resources.com/2009/12/13/exploring-the-social-media-security-quandary/If a company wants to have a social media presence, then the people involved in the... more
-
-
Clearly communicate that, in fact, there are secrets. Once employees understand that they have a responsibility to protect the enterprise, the chasm between the security professional and the rest of the staff not only shrinks, it disappears. Far too often, security policies arrive as a reaction, as opposed to a proactive management of risk. Through this process, the enterprise will acknowledge security as forethought, not an afterthought.
http://information-security-resources.com/2009/11/19/effective-security-policy-messaging-important/Clearly communicate that, in fact, there are secrets. Once employees understand that... more
-
-
-
People who generally have to much time on their hands read my posts. Or they simply enjoy my train wreck world view. Anyway there are some fantastic resources that I draw from that help me to break down the complicated issues revolving around how to keep the bad guy from draining your bank account. The following make me look good (not to insult them):
http://information-security-resources.com/2009/11/15/increase-your-information-security-iq/People who generally have to much time on their hands read my posts. Or they simply... more
-
-
