tagged w/ Business Intelligence
-
“Fraudsters have definitely proven that strong two-factor authentication processes can be defeated,” said Avivah Litan of Gartner. “Enterprises need to protect their users and accounts using a three-prong layered fraud prevention approach that uses stronger authentication, fraud detection and out-of-band transaction verification and signing for high-risk transaction.”
http://information-security-resources.com/2010/01/03/hackers-conquer-two-factor-authentication/“Fraudsters have definitely proven that strong two-factor authentication... more
-
-
In 2003, an estimated 1.5 million laptops were stolen worldwide. Today, that number has climbed to 2.6 million. That’s a 70% increase in just a few years. That’s one stolen laptop every 12 seconds. Laptop computers have been the source of some of the biggest data breaches of all time. Unfortunately your security, or lack thereof, is in the hands of others.
http://information-security-resources.com/2009/12/22/basic-laptop-security-prevents-identity-theft/In 2003, an estimated 1.5 million laptops were stolen worldwide. Today, that number... more
-
-
Security of biometric ID’s like biometric passports is a very frequent topic of discussion and we all know there are issues. But most of those issues are related to encryption, materials and generally anything that requires a lot of technical knowledge. Here is an example of the possibility to create a fake Biometric ID…
http://information-security-resources.com/2009/12/22/simplified-analysis-forging-a-biometric-id/Security of biometric ID’s like biometric passports is a very frequent topic of... more
-
-
-
The problem with social media identity theft is that when it takes over your account, all the people that you communicate with within your account may believe the identity thief is you. And when that identity thief begins to ask for money, from your friends and from your family and your coworkers, then they may actually pull money out of their pocket and send it via Western Union to the imposter. They think that you’ve actually come into the trouble that the identity thief is saying you’re in.
http://information-security-resources.com/2009/12/20/facebook-stung-by-social-media-id-theft/The problem with social media identity theft is that when it takes over your account,... more
-
-
-
-
Security professionals intuitively think proactively. Our job is to predict and prevent what the bad guy will do next. My job specifically is to instill this mindset into you, the consumer, SMB or large corporate enterprise. Bob Russo, General Manager and Rockstar of the PCI Security Standards Council reminds us all in this Business Week article that it’s not all about prevention.
http://information-security-resources.com/2009/12/15/pci-council-advice-on-threat-management/Security professionals intuitively think proactively. Our job is to predict and... more
-
-
Every new form of war drives changes in technology. Conversely the technology causes the change in the methods and outcomes of wars. Effective cyber war is driven by the cyber equivalent of an arms race. The attacker discovers and devises new attack methodologies while the defender shores up his defenses by blocking ports, patching systems and deploying technology. There are eleven areas of development in offensive technology to be brought to bear on the problems of cyber war.
http://information-security-resources.com/2009/12/15/technology-and-the-advent-of-cyber-war/Every new form of war drives changes in technology. Conversely the technology causes... more
-
-
Criminals set up fake websites and then go through the same process legitimate eTailers do in regards to search engine optimization, search engine marketing and online advertising via adwords. They use key words to boost their rankings on Internet searches to show up along side legitimate sites. These same processes are also being used to infect unsuspecting users with malware. Here are ten tips for secure online shopping.
http://information-security-resources.com/2009/12/12/10-holiday-tips-for-secure-online-shopping/Criminals set up fake websites and then go through the same process legitimate... more
-
-
Are companies assuming that a data security breach is cheaper than security? If PCI is a failure, it is not because it doesn’t prevent credit card theft; there is no such animal as a perfect set of countermeasures. PCI is a failure because it does not force a business to use it’s common sense and ask practical, common-sense business questions.
http://information-security-resources.com/2009/12/10/data-breaches-show-pci-dss-ineffective/Are companies assuming that a data security breach is cheaper than security? If PCI is... more
-
-
Ever forge your husband’s signature? Wife’s? Parent’s? Client’s? Do you think the clerk behind the counter at Walmart is skilled in handwriting analysis? The fact is, a handwritten signature provides zero proactive security. If someone signs your name to a check, and you call the bank and say it wasn’t you, they look at the signature and determine whether it’s yours or not. From there they assign liability. That’s dumb.
http://information-security-resources.com/2009/12/09/signature-authorization-is-stupid-security/Ever forge your husband’s signature? Wife’s? Parent’s?... more
-
-
Let’s say you are a bad guy and have some “dirty” money to launder. Cards might be a good idea. First of all, there is no limit to how many cards you can buy. You can buy them with cash. You can sell them on an online auction site, transfer the value to a nonbank, and liquidate it by asking for a debit card you can use anonymously at an ATM. Or you can use pre-paid Visa cards to purchase items which you can then sell. And the law change makes this method even more lucrative.
http://information-security-resources.com/2009/12/09/new-gift-card-laws-also-benefit-terrorists/Let’s say you are a bad guy and have some “dirty” money to launder.... more
-
-
The Internet is filled with free information, from search engines, to answer portals, to e-learning portals. However, something is missing. Every person has knowledge that they possess that another person may want, and to gain this knowledge there might have to be a personal relation. GenApple seeks to create a marketplace where people can sell that knowledge and information.
http://information-security-resources.com/2009/12/06/genapple-boasts-first-information-brokerage/The Internet is filled with free information, from search engines, to answer portals,... more
-
-
-
-
Swatting is an attempt to trick an emergency service into dispatching an emergency response team. Caller ID spoofing technologies are used to send law officers on bogus calls along with social engineering and phone phreaking techniques. Most people trust caller ID and are unaware of caller ID spoofing. This is obviously a flawed system ripe for fraud.
http://information-security-resources.com/2009/12/01/swatting-exploits-use-technology-to-harm/Swatting is an attempt to trick an emergency service into dispatching an emergency... more
-
-
According to recent reports, a Chinese company just agreed to a $200 million settlement of a trade secret case in California. Associated Press has reported that a former Home Depot manager has been criminally accused of passing trade secret information. These issues are extremely serious and should be considered carefully by any company large or small.
http://information-security-resources.com/2009/11/30/trade-secrets-and-confidential-information/According to recent reports, a Chinese company just agreed to a $200 million... more
-
-
-
