Whilst this kind of technique has many challenges the concept of monitoring reflective surfaces with a telescope is a classic.
Thursday 30 April 2009
Can hackers steal your data from your glasses?
Very interesting article about the threat from side-band attacks.
Tuesday 28 April 2009
US burglars target small business PC's in mass robbery
In one of the first reported cases of its type a business centre in Los Angeles has been the victim of a systematic robbery where over 60 small businesses have lost there computers.
The overnight theft has left an array of different businesses (including attorneys, real-estate management and talent agencies) trying to assess the damage.
For some occupants this may well be terminal event for their business.
It is probably safe to assume that this kind of targeted computer theft will increase, it you want to know how to avoid becoming a victim contact FaberBrent.
UK identity theft up 40%
The first quarter of 2009 has shown a 40% increase in identity theft according to Cifas, the UK's fraud prevention organisation.
We all need to keep a keen eye out for scams, phishing and unsolicited requests and if in doubt, shred.
Sunday 26 April 2009
Lost business laptops cost the company an average of $50,000 each
A new survey has attempted to quantify the average cost of lost business laptops.
In a survey covering 138 seperate lost laptop incidents losses were calculated using several factors including data breach cost, loss of productivity, investigative costs and other variables.
The minimum damage in the survey was $1,200 and the biggest loss was just short of $1M!
London workers will sell company secrets - for a price
One in three London workers (out of a survey of 600) said they would be prepared to sell their company data and information for the right price.
The amount of access they have is a real eye-opener. Levels of access include; customer data bases (83%); business plans (72%); accounting systems (53%); human resources databases (51%); and IT admin passwords (37%).
The amount of access they have is a real eye-opener. Levels of access include; customer data bases (83%); business plans (72%); accounting systems (53%); human resources databases (51%); and IT admin passwords (37%).
Thursday 23 April 2009
Luxury car dealers accused of spying for commercial edge
3 senior employees of luxury car dealership Universal Autosports in New York have been accused of illegally accessing the e-mail system of a rival dealer.
Cash prize for smart mobile design
There is now a cash incentive for designers to come up with a design for secure mobile phones.
The Design Council has recognised the considerable crime associated with mobile devices and this has driven the initiative.
UK considering hardwireing to provide on-demand wiretapping
Lord West (the security minister) told Parliament on Monday that the government are considering installing hardware that would provide instant information on demand for all Internet traffic in the UK.
The technology under consideration is Deep Packet Inspection (DPI).
Welsh trial to track schoolkids with GPS to start in May
A trial will be starting in wales in May to track school children during their journey to and from school.
Parents will be able to use a web portal to see their children's geographical location.
Tuesday 21 April 2009
The British Council has been ordered to encrypt all portable data
Following a loss of a disc containing data on 2,000 people including trade union membership and banking details the British Council has been ordered to encrypt all data by the Information Commissioner's Office (ICO).
We say ENCRYPT ALL PORTABLE DATA NOW, the campaign starts here. How many more 'horses bolted' stories do we need?
Monday 20 April 2009
The FBI have been using homebrew spyware for years
Recently declassified documents have revealed that the FBI have been using their own brand of spyware to install on targets computers and gather wide range of data to send back to Virginia.
Thursday 16 April 2009
Tramp has phone numbers of Cabinet ministers on stolen Blackberry
A journalism student purchased the Blackberry device while working on an assignment about the homeless.
He discovered phone numbers several cabinet ministers and other sensitive data.
Now Blackberries have pretty good security.... as long as it is switched on! more here...
Fraudsters discover how to decrypt banking PIN numbers - is this the end of PIN's as we know it?
Hackers have discovered how to decrypt the algorythm that protects
bank card PIN data.
The best way to explain this is the Kentucky Fried Chicken anology.
Previously they could loiter at KFC and steal 1
piece of chicken at a time (perhaps a full bucket on a good day),
now they have the Colonel's secret recepie!
SAS laptop containing confidential information is unencrypted and missing
The Telegraph are reporting that a laptop belonging to the Signals Regiment attached to the SAS has gone missing.
The laptop containing counter terrorism and military data was discovered missing during an equipment audit. Unbelievably the laptop was unencrypted.
Employees still have access to company data after they leave
A new survey has highlighted a very common problem. when an employee leaves they frequently still have access to systems, login's and data.
The figures are shocking, read the full article here...
If you want help designing an effective policy for departing staff contact FaberBrent.
Monday 13 April 2009
Coronation Street producers sweep for bugs to combat leaks
Coronation Street producers have been sweeping for bugs as part of
their security measures to combat plot line leaks.
Senior production staff have been asked to provide mobile phone
records and other data to try to identify where leaks may have
happened.
This comes as cost and wage cutting hangs over the heads of both
actors and production staff at ITV.
When times are hard we see an increase in unscrupulous activity such
as this. If you are concerned about industrial espionage contact FaberBrent.
Sunday 12 April 2009
Watching a burglary live on web cam
Great video of a live burglary watched by a Florida woman live on her own covert security web cam.
Our mobile phones are self-inflicted surveillance
Great article on The Register detailing how our phones are effectively surveillance tags giving away endless data about our movements and behavior patterns.
Another delay for ICO data breach powers
Once again this government has failed to deliver on deadlines to bring in new powers for the Information Commissioner's Office (ICO) to fine companies who lose personal data. There has been no comment on why they missed the deadline, or when they now plan to publish the secondary legislation.
Perhaps they need time to gather the funds required to meet all the fines that will be leveled against government departments.... or just to try to get their own house in order?
Report shows decline in UK business mobile security
The report claims that more than half of UK business workers have to access remote sensitive data on an ongoing basis.
The report claims one in three businesses do not have sufficient security for this process.
In our experience this is very true. Many companies don't know how to implement better security for fear of compromising efficiency. If you need help finding the balance contact Faberbrent.
Key Brown advisor still doesn't understand emails are 'published documents'
Damian McBride had to resign after sending “juvenile and inappropriate” emails from his Downing Street email address.
How can someone who works in a senior public position have such a fundamental gap in their understanding of information security.
Thursday 9 April 2009
Police Chief Bob Quick Resigns - UK's most senior counter-terror officer resigns because of stupidity!
Assistant Commissioner Bob Quick, Britain's most senior anti-terrorist policeman has resigned after walking into Downing Street carrying papers detailing 'Pathway', an undercover operation to arrest al-Qaeda suspects planning a major terrorist attacks in the UK.
As a result the raids were brought forward and 12 people were arrested last night.
When will people realise that security has to be holistic, a piece of paper is just as dangerous as an electronic document or conversation.
Lets hope the operation (and the safety of the officers involved) was not compromised for the sake of an envelope!
Monday 6 April 2009
Big brother is recording you right now viewing this page - UK go live today with new EU directive
Quietly, and to some degree by the back door, a new EU directive has gone live today in the UK. It is now law that all Internet usage, websites visited, emails and web phonecalls will be recorded and stored for at least 12 months.
The idea is for police and security services to have easy access to the data to combat crime and terrorism. Be aware that many other bodies including local councils will also be able to access the data.
Why has there been so little media attention to this?
more here...
UKBA set to share fingerprint data with US, Canada and Australia
We are soon going to see cross-border information sharing from the UK Border Agency. This appears to be the first major move from the organisation (that has achieved full executive agency status from 1st April).
I wonder how long until all biometric data will be freely exchanged between border agencies?
more here...
Friday 3 April 2009
Scottish hospital leaves medical records in corridor for days!
The BBC have reported that Southern General in Glasgow had boxes of medical records unsecured for days.
The records were spotted by a concerned member of the public but nothing was done.
Perhaps someone would like to tell all the people who's records were there if anyone has accessed their data....oh sorry, they can't as they have no idea!
Yet another example of the powers that be really not caring about our information security. The second problem for Scotland's health bodies in recent weeks.
Full story here...
Photochaining - Great art, terrible security
Photochaining.com is a new website that encourages the sharing of random memory cards.
Whilst this may provide a fantastic variation of images and input it presents a very significant security problem.
'Seeding' memory devices (including memory cards and USB keys) is a classic way to covertly install spyware such a keylogging software. It is now a common practice by the criminal fraternity (or unscrupulous Private Detectives) to leave 'seeded' usb keys in your target companies favorite Starbucks. People will often take a found memory key and plug it into their computer 'to have a little look around'. when you put the 'seeded' USB key in you may find something like a PowerPoint presentation called 'honeymoon pics, open in private, i love u'. If you open it you will see some apparently private and intimate pictures. Unfortunately at the same time keylogger software will be installed on your machine recording and reporting back everything you ever type.
If you think this is the realms of super-criminals you should be aware that these kind of programs are readily available for about £50.00.
Vista and XP password recovery using Backtrack 4
Have you ever wondered how passwords are recovered. One way is to boot from a Linux Live CD/DVD/USB device running special software such as Backtrack 4
This is readily available software and whilst a little outside the average users skill-set, anyone who has a basic understanding of command line code should be able to use it.
The link here is from Cybexin's blog (one of my favorite's). He posts many informative video's about how-to which can be quite shocking if you ever thought your information was secure. If your information has value and you want to know how to protect it from these kinds of attacks contact FaberBrent.
Backtrack 4 video here. Warning do not try this at home kids.
Another article about workstation security
As reported recently there is finally a trend towards awareness of physical endpoint security.
The following article talks about some of the risks including bootable Linux Live CD's with programs such as Backtrack (read more about Backtrack here)
Are people beginning to grasp that security needs a holistic approach to be effective?
Article here...
Thursday 2 April 2009
Enterprise becoming aware of keylogger threat
The threat from hardware keyloggers is beginning to gain some more awareness. this is a very significant problem that will not be detected by any kind of software system. The only solution is an expert physical search.
Interesting article here...
Wednesday 1 April 2009
Google maps, CCTV and the FBI come together
The FBI and other law enforcement agencies are starting to utilise online networks to publish virtual 'Wanted' posters. How long until we can watch the robbery live?
Read more here...
Remote laptop Kill-Switch from Ericsson
Ericsson's F3607gw module working with Intel's Anti-theft technology will allow a computer to be rendered inoperable by remote command.
Lets hope know one discovers how to hack this function - can you imagine being held to ransom if you want your laptop to work.
Also watch out if you got a 'free' laptop as part of a broadband deal. I wonder what the small-print says if you default on the bill or change providers?
Conficker virus update - Day Zero
So we were all waiting for the world to end (anyone remember Y2K) but so far nothing much has happened.
The vast bot army has yet to show its hand but there is still time. Conficker is no different to other computer viruses so the usual precautions should keep you clean. Keep your OS and Anti-Virus fully patched, don't visit dodgy websites and don't accept unknown external devices (like USB keys).
More on the story here...
Attempted sale of MP's expenses receipts
The Times has a detailed article on how they were approached by a 'businessman' to sell them a copy of the past 5 years of MP's expense receipts. this information is stored by the Stationary Office. He claims and 'inadvertent copy' of the data was made covering all expenses for the last 5 years.
Why do people find it surprising that data can be copied. The defence seems to be that there was no 'official' data copies missing. if you want to know how to prevent 'unofficial' copies of your data contact FaberBrent.
Subscribe to:
Posts (Atom)
Posts
