Friday, September 30, 2011

ISC Diary | More on Google image poisoning

The activities behind the scenes to poison Google’s image search are actually (and unfortunately) relatively simple.

ISC Diary | More on Google image poisoning

Thursday, September 29, 2011

Code Signing Certificate for Microsoft Authenticode - Code Signing Certificates from Thawte

With code signing from Thawte, you can assure users that your code and content is safe to download, and protect your most valuable business asset: your reputation. Code signing authenticates the code’s source and confirms the integrity of content distributed online. Thawte� Code Signing Certificate for Microsoft� Authenticode� (Multi-Purpose) offers maximum flexibility with a single certificate to sign code developed on multiple platforms.

Code Signing Certificate for Microsoft Authenticode - Code Signing Certificates from Thawte

Code Signing for Developers

Code signing adds a digital signature to software files. Digital signatures can identify the software publisher, and verify that the software users receive over the Internet has not been altered or corrupted since it was created and signed by a third party.

Code Signing for Developers

Tuesday, September 27, 2011

Feds seize $15m from scareware monger's Swiss account • The Register

Feds seize $15m from scareware monger's Swiss account • The Register:

Last year, the US Attorney's office in Chicago accused Jain of selling more than $100m worth of rogue antivirus software.

The programs carried titles such as WinFixer, WinAntivirus, DriveCleaner, and ErrorSafe and sold for $30 to $70 for each copy. The US citizen and former resident of Mountain View, California, was believed to have fled to Ukraine, authorities said at the time.

Feds seize $15m from scareware monger's Swiss account • The Register

Feds seize $15m from scareware monger's Swiss account • The Register:

Jain had originally surrendered to ICE agents, but was declared a fugitive in January 2009 when he failed to appear for a scheduled appearance in federal court in San Jose, California.

Hackers breach Sony's password reset system | Security | News | PC Pro

Hackers breach Sony's password reset system | Security | News | PC Pro:

“A new hack is currently doing the rounds in dark corners of the internet that allows the attacker the ability to change your password using only your account’s email and date of birth,” the website reported. “Without any shadow of a doubt this is real.”

Monday, September 26, 2011

Modern Warfare, Too - by Michael Tanji - Tablet Magazine - A New Read on Jewish Life

Modern Warfare, Too - by Michael Tanji - Tablet Magazine - A New Read on Jewish Life:

"If you’re not actually going to bomb your adversaries back into the Stone Age, you don’t want to destroy the power plant, you just want to turn it off, because eventually you want the lights to come back."

Sunday, September 25, 2011

Masterminds of far-reaching scareware scam charged - SC Magazine US

Masterminds of far-reaching scareware scam charged - SC Magazine US:

A trio of men have been indicted for their alleged role in a highly profitable, Ukraine-based "scareware" scheme that tricked unwitting users into purchasing more than one million fake anti-virus programs, resulting in an estimated $100 million in losses to victims.

Shaileshkumar Jain
Bjorn Sundin
James Reno
Chicago

CyberCrime & Doing Time

CyberCrime & Doing Time:

We've already seen nearly 500 copies of the new Government-related Zeus spam campaign so far this morning in the UAB Spam Data Mine. As has been typical in this campaign that we first started tracking on July 13th, the detection has been fairly horrible each morning for the new malware version.

(ISC)2 Security Transcends Technology

(ISC)2 Security Transcends Technology:

There is an immediate need from the public to better understand information security safety issues

Security sector on the attack - The Irish Times - Fri, Sep 23, 2011

Security sector on the attack - The Irish Times - Fri, Sep 23, 2011:

At the opposite end of the spectrum, attacks are now being created specifically to exploit flaws in just one organisation’s systems, or to target particular individuals.

Wednesday, September 21, 2011

Cyber-Security Can't Ignore Human Behavior - James Fallows - Technology - The Atlantic

Cyber-Security Can't Ignore Human Behavior - James Fallows - Technology - The Atlantic:

Here's a quote we can't agree with:

"On the positive side, the cyber-universe can be thought of as reduced to the 0s and 1s of binary data. Actions in this universe consist of sequences of changes to binary data, interleaved in time, and having some sort of locations in space. One can speculate as to why mathematics is so effective in explaining physics, but the cyber-world is inherently mathematical."

Noooo, cyber-world is inherently human, humans doing things with binary data.

Tuesday, September 20, 2011

Health Data Management: Security

Data Security: With increasing federal scrutiny of health care data breaches, maintaining a secure network and clinical infrastructure is crucial for both payers and providers. Topics here include: data breaches, data encryption and other security techniques, access and authentication issues, and regulatory requirements.

Craigslist Apartment Scams Target Renters Seeking Deals | Internet Scams & Phishing | Identity Theft & Online Fraud | SecurityNewsDaily

This particular listing in question, in San Diego, was spotted by Stephen Cobb, who came across it while looking to relocate from upstate New York for a new job that began Sept. 1 in the sunny Southern California city.
It's the job Cobb was moving to take, as a researcher for the cybersecurity firm ESET, that helped him recognize and avoid falling victim to the alluring apartment scam.


Craigslist Apartment Scams Target Renters Seeking Deals | Internet Scams & Phishing | Identity Theft & Online Fraud | SecurityNewsDaily

Sunday, September 18, 2011

Forget 2012 end of the world, the PC apocalypse comes in 2015

Forget 2012 end of the world, the PC apocalypse comes in 2015:

"Forget what we have taken for granted on how consumers use the Internet", Karsten Weide, IDC research vice president, says in a statement. "Soon, more users will access the Web using mobile devices than using PCs, and it's going to make the Internet a very different place".

Windows XP PCs breed rootkit infections - Computerworld

Windows XP PCs breed rootkit infections - Computerworld:

Machines running the decade-old Windows XP make up a huge reservoir of infected PCs that can spread malware to other systems, a Czech antivirus company said today.

Windows XP computers are infected with rootkits out of proportion to the operating system's market share, according to data released Thursday by Avast Software, which surveyed more than 600,000 Windows PCs.

While XP now accounts for about 58% of all Windows systems in use, 74% of the rootkit infections found by Avast were on XP machines.

XP's share of the infection pie was much larger than Windows 7's, which accounted for only 12% of the malware-plagued machines -- even though the 2009 OS now powers 31% of all Windows PCs.

What if the Secret to Success Is Failure? - NYTimes.com

What if the Secret to Success Is Failure? - NYTimes.com

Very stimulating article on education.

UBS Says Trading Losses Were Closer to $2.3 Billion - NYTimes.com

File under unbelievable?

UBS Says Trading Losses Were Closer to $2.3 Billion - NYTimes.com:

“The true magnitude of the risk exposure was distorted because the positions had been offset in our systems with fictitious, forward-settling, cash ETF positions, allegedly executed by the trader,” the UBS statement said. “These fictitious trades concealed the fact that the index futures trades violated UBS’s risk limits.”