P2P networks rife with sensitive health care data, researcher warns Data leaks over P2P networks involving the health care sector pose a significant threat to patients, providers and payers, a study by a Dartmouth researcher finds. Read more...
----------
With economic slump, concerns rise over data theft
January 29, 2009 (IDG News Service) Is the worsening economic situation going to turn some employees into data thieves?
That's a top concern amongst IT decision-makers, many of whom say that laid-off employees are the biggest security threat created by the economic downturn. In a McAfee Inc.-sponsored worldwide survey (registration required) of 1,000 IT decision-makers, the company found that 42% of respondents felt that laid-off employees represented the biggest IT security threat caused by the recession. That's more than were worried about outside intruders. And 36% said that they were worried about security problems caused by employees in financial stress.
Crime rates spike during hard times, and with thousands of workers being laid off each week lately, there may be an added incentive for laid-off employees to take intellectual property with them to bolster their chances of getting hired with a competitor, to use with a start-up company of their own, or maybe even to sell.
----------
Feds allege plot to destroy Fannie Mae dataAP - 34 minutes ago
HAGERSTOWN, Md. - A fired Fannie Mae contract worker pleaded not guilty on Friday to charges he planted a virus designed to destroy all the data on the mortgage giant's 4,000 computer servers nationwide, according to federal prosecutors.
----------
About 90 Percent of All Corporate Email is Spam
----------
AVG Notes Rise in Number of Malicious Web Sites
Web sites rigged with malicious code are becoming more numerous by the day, according to new research from security vendor AVG...
----------
Third-Party Cookie Use on WhiteHouse.gov Questioned
Privacy advocates are concerned about a new waiver to Web site's privacy policy.
----------
SQL Server Database Hack Tricks ForensicsJan 29,2009
Black Hat researcher will show how the bad guys can use a database's own features against it
----------
Microsoft Study: Users Worry About Privacy But Know Little About Threats
----------
Worm Floats Obama's Head on your Desktop
Should a floating head of U.S. President Barack Obama pop up on your desktop Monday morning, know this: You've been hit with the Obama worm.
Read more
----------
Google Earth reveals two-acre field of weed to Swiss police
----------
Posted at 12:59 PM ET, 01/30/2009
Troubled Ukrainian Host Sidelined
A Ukrainian Web hosting provider that, according to published reports, has long served as home base to a prolific and invasive family of malicious software has been taken offline following abuse reports from Security Fix to the company's Internet provider.
Since at least 2005, and perhaps earlier, an entity known as UkrTeleGroup Ltd. has hosted hundreds of Web servers that control a vast network of computers infected with some variant of "DNSChanger," according to security software vendor McAfee, which monitors worldwide malware. DNSChanger is a Trojan horse program that changes the host system's settings so that all of the Internet traffic flowing to and from the infected computer is sent through servers controlled by the attackers.
In a report issued last month, McAfee said it found more than 400 DNS servers on UkrTeleGroup's network that appeared to be set up to to re-direct Web traffic for systems infected with DNSChanger.
UkrTeleGroup has been sharing Internet address space with a customer of Miami-based FPL FiberNet LCC, a subsidiary of FPL Group, a publicly-traded (NYSE:FPL) company that claims roughly $15 billion in annual revenues. FPL is not accused of wrongdoing.
Permalink
----------
Google fixes security vulnerabilities in Chrome
----------
It seems that the DRM on the PC version of Gears of War came with a built-in shut-off date; the digital certificate for the game was only good until January 28, 2009. Now, the game fails to work unless you adjust your system's clock. What is Epic's response? 'We're working on it.'
----------
Microsoft neuters UAC in Windows 7
Adrian Kingsley-Hughes: In an attempt to make Windows 7 generate fewer UAC (User Account Control) prompts Microsoft has neutered the mechanism to the point where it's next to useless.
----------
Lawyer Sues Citibank For Not Stopping Him From Losing Money In Nigerian Scam
from the blame-goes-around dept
A lawyer in Houston is suing Citibank after he got scammed in a variation on the classic Nigerian email scam. There are a few interesting tidbits here that are worth discussing. First, the details: the lawyer, who does collections work, was contacted via email by a company that claimed to be a Japanese company that was trying to collect money from four clients in the US -- offering a contingency fee to the lawyer for help in getting the customers to pay up. Soon after that, the "Japanese company" claimed that one client had agreed to pay some of what it owed -- and it sent the law firm a check for $367,500. Citibank said the check cleared, and the law firm wired $182,500 to the company. Of course, it later turned out that the check was fraudulent, and the law firm was out the $182,500.
This is a variation on a popular version of the Nigerian email scam. The way it usually works is that the scammer buys something that's for sale... and then sends a check that's for significantly more than the purchase price using some sort of excuse. Once the check "clears," the seller is asked to wire back the excess money. This version is interesting in that it's slightly more sophisticated -- carefully going after law firms that do collections. Rather than being a totally "out of the blue" situation, they worked hard to make it seem like business as usual until the scam is done. Sneaky.
While it's easy to mock the lawyer for getting tricked, the basic version of the scam and this more sophisticated version both rely on a very unclear part concerning check processing. Most people assume that once a check "clears" it's confirmed as valid. That's not true. Banks clear the check before it's actually validated, and the scammers exploit both the time between these two events and the fact that most people assume (or are told) that once a check clears, the money is definitely theirs. There are a few ways to solve this that banks could take. They could not clear the check until it's absolutely declared valid. Or, they could make it much clearer that, while the money is available, the check has not been validated and the money could be pulled. Since most banks do neither, the guy's lawsuit against Citibank is at least somewhat understandable -- though, it's unlikely a court will agree with him.
----------
6-Month Sentence in Prostitution Case
MANHATTAN (CN) - Cecil Suwal was sentenced to 6 months in prison on Thursday for his part in the Emperors Club VIP online prostitution ring that brought down Gov. Eliot Spitzer. Suwal, 24, was sentenced for conspiring to promote prostitution and to launder money. He ran the company's Web site, the U.S. Attorney's Office said.
----------
CIA Spy Enlisted Son to Collect Espionage Debts, Feds Say
The son of a disgraced CIA agent convicted of funneling classified information to the Russians was indicted Thursday on allegations of helping his imprisoned father collect overdue bills for his dad's nefarious activities.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment