Whilst it seems very unlikely there is a real problem it is an interesting to think of how many companies and individuals are reliant on a service with no contracts, SLA's or comebacks. One could imagine that this story is more about fundraising than anything else.
Wednesday, 20 May 2009
Could GPS fail?
The Global Positioning System (GPS) is a free satellite service run by the US military.
Tuesday, 19 May 2009
Secret taping in Valeo boardroom by former Chief Exec
Accusations and denials are flying regarding the 'secret' recording of boardroom meetings at major French car parts manufacturer Valeo.
Thierry Morin, the former chairman and chief exec does not deny the recording system but claims it was "unthinkable that no one else was aware".
Thierry Morin, the former chairman and chief exec does not deny the recording system but claims it was "unthinkable that no one else was aware".
French Radio station RTL says that digital recording devices connected to the boardrooms conferencing system automatically activated when the mics switched on. The memory cards were then covertly removed after the meeting. Sounds a lot like a bugging device to us.
Conferencing equipment is a major vulnerability to your business privacy. It doesn't take much imagination to understand that several high-sensitivity microphones connected to a phone line (in other words a conference phone) can easily be manipulated to record/broadcast all of your meetings. Look out for the warning signs and contact FaberBrent to find out how to mitigate this risk.
Teens see hacking as a casual pastime
A report of 4000 14-18 year-olds shows some very surprising data.
20% have some 'advanced' hacking knowledge and a third of them sat they have used it.
66% say they have successfully hacked instant messaging and/or social networking accounts of people known to them.
Even allowing for teenage braggadocio these are still significant figures. What will it mean as this generation grows up?
Monday, 18 May 2009
Controversial children's database ContactPoint launches today
The government today launched ContactPoint, the much debated and delayed database of children's information.
The idea of the database is to allow all agencies involved in children's welfare to share information. There has been a very mixed reception to the database from child welfare bodies and charities.
Our fear is with the current track record of major government IT projects it is only a matter of time before the first breach/failure of the system, lets hope we are proved wrong.
MoD loses 32 computers and 20 USB memory sticks so far in 2009!
Some pretty shocking numbers that seem to have got very little press.
In the first 131 days of 2009, 4 desktop and 28 laptop pc's are missing from the MoD. Additionally 20 USB devices are missing. No mention is made regarding data but one could probably assume that at least some of these 52 devices contained sensitive information.
Saturday, 16 May 2009
Financial districts are wide open for Wifi hacking
A new survey of 6 US cities and London discovered an alarming number of unsecured and poorly secured wireless networks.
A shocking 57% had either no encryption or were using the older WEP system that can be easily cracked. If you want to know how to secure your systems contact FaberBrent.
Friday, 15 May 2009
Another reason why you should never use pirate software
Whilst I am sure none of you ever use pirate software, can you say the same for your employee's or children.
Apart from the legal and moral issues there is a very real threat of compromising your data from malicious code.
A recent pirate release of Windows 7 contained malicious code to build a bot-net army and was infecting more than 200 machines per hour.
10,000 medical records may have been compromised
Police are investigating a string of identity theft cases that all appear to have a common thread; the victims all had records at Johns Hopkins hospital in Maryland.
Once again the breach appears to be caused by an insider threat.
$500K netted in NYC ATM fraud
It seems that we still do not close the doors even when a threat is well known.
Another skim and cam ATM fraud has been committed in NYC netting $500K.
Intelligent CCTV to spot retail fraud
StopLift Inc are trialing a new system that claims to be able to mathematically spot the signs of "sweethearting". This is when the checkout person obscures the bar code of some of the items, passing them free of charge to their accomplice.
This sounds like quite a challenge for a piece of software and the accuracy of its decision making will be under great scrutiny but there can be no doubt that we will see more behaviour based CCTV systems.
EU looses nerve for data breach disclosure law
The EU have been unable to agree a new disclosure law. Even though this legislation was only for communication and Internet providers they were still unable to reach an agreement.
We say DISCLOSE ALL DATA BREACHES NOW, the campaign starts here.
Despite increase in cases there is no increased budget for e-crime unit
Once again the goverment demonstraits that it puts no priority on our privacy by refusing to increase the budget for the (already underfunded) Police Central e-crime unit.
Social engineering and confidence tricks - the easiest way to obtain passwords?
This is a great article on the BBC showing how easy it is to obtain passwords and other confidential information by using basic social engineering and confidence tricks.
A recent report by PGP showed that 70% of all data breaches were down to insider failings, not outside hackers.
Sunday, 10 May 2009
Scope Phase II scrapped - multi-million pound secret IT communications system scrapped by British government
It has been revealed that the government have had to scrap another major IT project. This one was a secret communications network called Scope and the plug has been pulled during the attempted implementation of phase II.
Friday, 8 May 2009
US top secret missile defence system details on EBay hard drive
For the fourth time BT's information research team have carried out a random study of second-hand computer equipment to see if there is any significant data to be retrieved.
Some of the data found included patent medical records, security logs from embassy's, trading figures for a major fashion house and automotive manufacturer and details of a 50 billion proposed currency exchange.
Companies still do not grasp the importance of hard-drive disposal, if you need help contact FaberBrent.
Wednesday, 6 May 2009
Medical details hacked and held for $10 million ransom
In a shocking (but inevitable) development of cybercrime, a criminal group have claimed that they have stolen and encrypted 8.3 million patient records from the Virginia government.
Whilst this claim remains unsubstantiated at the moment (including claims they have stolen their back-up data) there is no doubt that this type of crime will increase.
1,258,862 email addresses; 1,235,122 windows passwords; 8,300 banking login's...this is what the Torpig botnet achieved in 10 days
The University of California took control of a well known botnet for 10 days with some shocking results.
They were monitoring over 180,000 hacked computers and this gave a facinating and very worrying insight into the data that the criminals have access to.
Yet another call for mobile data encryption
Computing magazine have written a full article calling for the encryption of all public mobile data storage.
Lack of security awareness and training is the cause of most data breaches
At Infosec 2009 John Colley (managing director of ICS2) confirmed what we have been saying for a long time; the biggest risk to information security is people, not systems and the most effective thing you can do to minimise this risk is to educate.
Sounds like he has been reading our recent article on Security International.
Sounds like he has been reading our recent article on Security International.
Subscribe to:
Posts (Atom)
Posts
