• My Tweats

    • Flickr Photos

    Weekend Information Security Links

    (ht Dark Reading) Anti-Phishing.org has an excellent PDF –> The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond:

    “Crimeware” is software that performs illegal actions unanticipated by a user running the software, which are intended to yield financial benefits to the distributor of the software.

    SecuritTeam: Money Mule Recruitment Over IM:

    Today was the first time we observed a money mule recruitment happening on instant messaging.

    Dark Reading: New Email Malware:

    There is less hard data about Haxdoor, which uses a rootkit to hide from the user and from most antivirus applications that might be running on the PC. Once installed, it hunts for passwords for popular Internet services — such as eBay, PayPal, or Web Money — and for popular email clients such as Outlook Express. The attacker can then use the passwords to carry out online fraud or identity theft, Panda says.


    Dark Reading: People Aspects of Information Security:

    Interestingly, however, organizations are finding it difficult to locate skilled security staff to work on the problem. While the number of security professionals increased 8.1 percent worldwide in the past year, “you can look at any jobs site and see that there are a lot of open positions out there,” Carey noted. As a result, many organizations are giving more responsibility to junior-level staffers and security outsourcing organizations, the report says.

    Well duh. Supply and Demand. Pay more for people who have the the skills and more people will get the skills.

    Financial Cryptography: E-Tradecraft:

    Someone’s paying attention to the tracking ability of mobile phones. Darrent points to Spyblog who suggests some tips to whistleblowers (those who sacrifice their careers and sometimes their liberty to reveal crimes in government and other places)…

    Bruce Schneier.com: Chemical Residue Detectors

    Schneier on Security and Botnets:

    The trick here is to not let the computer’s legitimate owner know that someone else is controlling it. It’s an arms race between attacker and defender.

    Botnets are hard to shutdown once established. The best thing, is to have proper controls in place to begin with to prevent takeover and to start forcing infoSec Lawfare (economic incentives) against those who allow their networks to be used.

    Security Focus: An Information Security Lawfare Example:

    Federal prosecutors charged on Tuesday a 32-year-old Florida man with computer trespass in connection with the creation of a bot network and the targeting of Internet service provider Akamai with a denial-of-service attack more than two years ago.


    WatchYourEnd: Los Alamos Nuclear Weapons Data Found on Three USB Flash Drives During Drug Raid

    …police found classified nuclear data on three USB flash drives during a search of the trailer she shares with another man who was being investigated for drug charges. The information is believed to be classified as Secret Restricted Data which indicates it involves nuclear weapons data and…

    WatchYourEnd on Homeland Security and EndPoint Security: here and here:

    …Federal Homeland Security officials in Portland, Oregon are trying to find a lost USB thumb drive that may have held personal information on more than 900 current and former employees. This information included your standard “destroy a person’s life” data…

    and

    …the Port of Seattle is reporting that six computer disks containing personal information for almost 7,000 people who work at the Seattle-Tacoma Airport are now missing. At this time they do not know if the disks were “misplace” or if they have been removed from Port property. No mention of encryption or other endpoint security measures and/or policies.

    Security Focus: Fraud Costs

    Two American brokerage houses have written off $22 million in fraud losses on their third quarter financials, citing spyware, stolen identities and hacker fraud as the cause.

    Security Focus: Spammers continue Lawfare against spam-fighter Spamhause

    e360 is going after Spamhaus again, this time trying to use the US Marshall service to seize http://www.spamhaus.org from Tucows, Inc.

    Schneier on Security: Links to Paleo-Security Article:

    Prehistoric evidence indicates that people have always been concerned with detecting whether others have tampered with their belongings. Early human beings may have swept the ground in front of their dwellings to detect trespassers’ footprints. At least 7,000 years ago, intricate stone carvings were…

    Security Humour Spotted by Securiteam:

    FLUNKY: Well, he says it’s bad security to create a privileged low-security channel for a lucky few.
    CEO: He isn’t a socialist, is he?

    CEO: Not interested. Let’s cut to the chase. What does he want my password changed to?
    FLUNKY: dF3#(~!pk40%L/sD:@
    CEO: This is a prank, right?

    Securiteam: A Wormboy’s Story

    When I came to work the next morning, all you could hear around the office was the sound of mutley, you would hear that laugh at least 3 times once every half hour. There were about 50 computers in the office. The Jig was up. The IT dept. had no clue what was going on, because norton didn’t detect it. Honestly they never had a clue.

    Jeff Hayes: Network Access Control:

    NAC is a very powerful tool. It allows a network to follow a predefined set of policies. It is policy-based networking at its finest. However, deploying it properly requires some detailed networking and security skills and knowledge.

    One Response

    1. Very entertaining issue. I haven’t heard of this one. It will be necessary to visit you on a thicket!

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out /  Change )

    Google photo

    You are commenting using your Google account. Log Out /  Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out /  Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out /  Change )

    Connecting to %s

    %d bloggers like this: