Archive for April, 2009
Pentagon Fighter-Jet Breach
There has been a lot of discussion about the recently disclosed Pentagon breach where classified plans regarding the 300 Billion Joint Strike Fighter Project were compromised. Most of the posts and articles I have been reading have discussed this in terms of the risk around those specific plans getting into the wrong hands. [...]
Lost or stolen laptop incur $50,000 loss
In a recent study by the Ponemon Insitute (see article) found that losing a laptop costs a firm on average $49,246 dollars after accounting for data loss, intellectual property, replacement, lost work time and legal expenses. Executives that lost laptops cost organizations about half that while managers who lost a laptop cost the company about [...]
The Botnet Threat
There is a great post on the threat from Botnets here. The text is below:
Botnets have been around for a long time. For those not familiar, a botnet is a number of compromised computers put under the command and control of a single individual or group. Individually compromised computers are known as [...]
H1N1 Swine Flu Pandemic Scams
Beware! Anytime there is big news or things that concern people, there always seems to be an immediate barage of SPAM and phishing attacks using those subject lines. The latest big news that cyber criminals will hope you will want learn more and click a link or open an attachment? The Swine [...]
Criminals Register Domains Like Yours
The Anti-Phishing Working Group (APWG) performed some analysis around the use of registering domains to be used for the purpose of Phishing attacks. What criminals do is register a domain name that looks similar to yours. For example, if your domain was myfinance.com they might register myf1nance.com (where the i has been changed [...]
Analysis of Conficker
Researchers at SRI International have published a comprehensive breakdown of the deep workings of Conficker, the malware worm. Their analysis reveals that Conficker is 1) a best-of-breed piece of malware that uses cutting edge cryptography 2) pushes the envelope on using the DNS system for “meeting point” style communications 3) implements a sophisticated peer-to-peer command [...]
Red Flags Rule … Ready or not, here I come!
Text from a post at security.perimeterusa.com by Kevin Prince.
———————–
There is a lot of talk about Red Flags. A lot of confusion because the date it goes into effect changed and a lot of people still don’t know if they are subject to it or not.
I was reading an article recently about Red Flags [...]
Financial Data Breach Sources
Some good analysis from a post on Perimeter.
“In the study we just released on financial institution data breaches between 200 and 2008 we analyze the breach sources.
Hacking accounts for 42 percent of incidents but 55 percent of records compromised. This is the largest percent of incidents and records which is why financial [...]
Record Breaking Malware Growth
According to the latest report by F-Secure, malware has had explosive growth during the last half of 2008 with trends continuing into 2009.
The report sites that 2007 doubled over the previous 2006 records, and 2008 more than tripled the 2007 numbers in total malware instances found. The database with signature based definitions [...]
Want to see what other people TXT? Don’t Fall For It.
Websense has recently detected a new scam aimed at infecting systems with malware. The scam includes an email that tells people that by clicking a link and installing and application, they can see other peoples SMS messages. So slooths and wood be snoops are in danger of infection if they aren’t careful. [...]