Data Loss Prevention Has Jumped the Shark
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
The FTC sending a warning to 100 companies and agencies that their employees are leaking client and sensitive data on the web via Peer to Peer file sharing (P2P) is the single most pathetic and embarrassing communication to come across the desk of an IT professional. It’s over, Johnny IT’S OVER…
Fatal System Error - Be Afraid, Be Very Afraid
By Richard Stiennon, Chief Research Analyst, IT-Harvest
It is hard to believe upon reading Menn’s account that the night before Barrett had excused himself from the rehearsal dinner to secretly pass off a key fob with a digital audio recorder that he had used to capture a day’s worth of conversation with one of the Prolexic partners to an FBI agent waiting around the corner in a dark sedan…
The Dismal State of Information Security
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
The sheer volume of potential targets coupled with the vast amounts of money to be made has captured the attention of the global criminal hacking community. Enterprise networks are becoming hardened and they are still vulnerable. We are fragmented and all over the place with an incredible array of interdependent technologies that are set up with convenience in mind and security second…
Top Cyber Defense Vendors to Watch in 2010
By Richard Stiennon, Chief Research Analyst, IT-Harvest
The security industry is poised for its biggest upheaval ever in 2010. While defense contractors move into the space (redubbed “cyber”), and the big players adjust their product portfolios by making strategic acquisitions and large IT vendors (HP) break into the space, there are many small companies offering innovative products and services. Here is a list of just a few that are on IT-Harvest’s rada…
Banks Fail to Provide Effective Online Security
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
So, if my PC is compromised because I don’t have adequate security and $800,000 goes missing from my account, whose fault is it? At first glance some may say the victims, others may say the banks. The fact that there are so many ways passwords can be compromised and accounts can be taken over, and banks know this, it should motivate banks to have redundant security in place. Hacks like this undermine people’s confidence in the system.
Targeted Sequel Injection Attacks on the Rise
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
SQL injections have evolved in their purpose and sophistication. Originally meant as a tool to attack a merchant’s database and steal data. The attack was reconfigured last summer to install viruses on users’ computers that contain a remote control component. The bad guys are going after high-profile, high-volume websites, instead of going after the smaller websites, which are easier to inject code into…
Police Make Arrests In ATM Skimming Ring
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
Police believe they may have uncovered an international ATM “skimming” ring responsible for stealing money from hundreds of local accounts. It was not too long ago that I bought an ATM north of Boston from a dude named Bob at a bar and rolled it through the streets of Boston nabbing unsuspecting users who entered their debit cards and PINS. I performed this crazy stunt to demonstrate how easy it is and how vulnerable we are.
China: Internet Freedom Is Culturally Relative
By Richard Stiennon, Chief Research Analyst, IT-Harvest
We have had a few weeks to absorb the implications of wide spread Chinese supported attacks against Google and thirty or so other organizations. The US Secretary of State made one of the most affirmative statements on Internet freedom yet articulated by a government. Various policy analysts have chimed in as well. Some thoughts on what they have said…
Pet Lovers are Target of Latest Online Scams
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
Scammers will say and do anything to get a person to part with their money. At first they had a sob story that sounded like a legitimate issue, new housing, can’t have a pet. When posted in a classified ad, it looks legitimate. Then they involved a “shipping company” that was a front for the scam. Once the victims were asked to send money via Western Union, that should have been a red-flag.
Behavioral Based Email Security Systems
By Simon Heron, CISSP Internet Security Analyst
There needs to be a change to email security if we want to stop seeing high profile security breeches such as the ones that hit Hotmail and Google in 2009, and the America law firm Gipson Hoffman & Pancione more recently. The problem is, most email filtering systems will trust the email address and therefore allow it through.
