I'm not sure if this is a good thing but it deals with privacy. Whether or not this is being used for good purposes or not, it is time to do further analysis on TomTom and other GPS devices to see what other data they're transmitting besides GPS signals.
Back fire: TomTom sold user data to police, motorists then targeted with speed traps
The article is here
Saturday, April 30, 2011
Friday, April 29, 2011
Has anyone used CleanMyMac?
CleanMyMac (v1.9.5) is a cleaning tool for Macs that combines Universal Binaries slimming, removal of unneeded Languages, cleaning Logs and Caches, Quick and Secure erasing, Extensions Management, Application Uninstallation, removal of trash left from previously uninstalled applications and more.
More information is here
More information is here
What's up with DSL Reports? = 9000 accounts breached
Another breach now involving DSL Reports below.
"DSL Reports - the information and review site on high speed Internet services which operates over 200 forums - has been hit with a blind SQL injection attack, which resulted in the compromise of at least 9000 accounts.
Founder Justin Beech posted a notification about the intrusion on the forum dedicated to the site, in which he specified that no login names, zip codes and private posts were compromised.
The attack went on for four hours on Wednesday and it was blocked before it had completed more than 8% of its work. All the same, the attackers managed to obtain a large number of email/password pairs."
More information here
"The ones they obtained were basically random. So they cover the entire 10 year history of the membership but sprinkled randomly. Some are very old accounts, some are new accounts, some inactive or deleted," says Beech.
"DSL Reports - the information and review site on high speed Internet services which operates over 200 forums - has been hit with a blind SQL injection attack, which resulted in the compromise of at least 9000 accounts.
Founder Justin Beech posted a notification about the intrusion on the forum dedicated to the site, in which he specified that no login names, zip codes and private posts were compromised.
The attack went on for four hours on Wednesday and it was blocked before it had completed more than 8% of its work. All the same, the attackers managed to obtain a large number of email/password pairs."
More information here
"The ones they obtained were basically random. So they cover the entire 10 year history of the membership but sprinkled randomly. Some are very old accounts, some are new accounts, some inactive or deleted," says Beech.
Wednesday, April 27, 2011
What is up with the Sony Playstation Network? Breach = 77 million members
UPDATE: Sony is saying that the credit card information was encrypted now. This should be interesting.
"Sony admitted that hackers broke into its PlayStation Network online gaming network made off with the personal information of more than 77 million members in what would be one of the largest reported data breaches in history.
A message posted on the PlayStation Network Web site informed customers that the thieves like obtained the name, address, e-mail address, birthdate and PlayStation Network and Qriocity password and login. They may also have obtained financial information including customers' billing address and account security questions and answers may have been taken. Sony, which is working with "an outside, recognized security firm" said it doesn't have evidence that credit card data attached to members' accounts was stolen but "we cannot rule out that possibility."
The news came less than a week after Sony first detected the breach and took its PlayStation Network offline. The company had been mum about the extent of the breach while it investigated the incident.
With 70 million members, the PlayStation Network breach is the fifth largest ever, according to Datalossdb.org. Sony advised customers who had given their credit card to PlayStation Network or Qriocity were advised to watch out for email, phone or mail scams seeking personal information and to change their account password as soon as the PlayStation Network is restored.
The company has provided the names of affected customers to U.S. credit bureaus and offered credit fraud monitoring services to them.
In the meantime, Sony says it has a "clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week."
Speculation about the attack has focused on Anonymous, the loose collective of hackers and online mischief makers. Although the group has denied responsibility for the breach, Sony had been a target of Anonymous denial of service attacks in retaliation of the company's legal actions against hackers who have cracked content protection technology for its PS3 and other products."
(As posted on Threatpost)
More information and direct link to article here
"Sony admitted that hackers broke into its PlayStation Network online gaming network made off with the personal information of more than 77 million members in what would be one of the largest reported data breaches in history.
A message posted on the PlayStation Network Web site informed customers that the thieves like obtained the name, address, e-mail address, birthdate and PlayStation Network and Qriocity password and login. They may also have obtained financial information including customers' billing address and account security questions and answers may have been taken. Sony, which is working with "an outside, recognized security firm" said it doesn't have evidence that credit card data attached to members' accounts was stolen but "we cannot rule out that possibility."
The news came less than a week after Sony first detected the breach and took its PlayStation Network offline. The company had been mum about the extent of the breach while it investigated the incident.
With 70 million members, the PlayStation Network breach is the fifth largest ever, according to Datalossdb.org. Sony advised customers who had given their credit card to PlayStation Network or Qriocity were advised to watch out for email, phone or mail scams seeking personal information and to change their account password as soon as the PlayStation Network is restored.
The company has provided the names of affected customers to U.S. credit bureaus and offered credit fraud monitoring services to them.
In the meantime, Sony says it has a "clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week."
Speculation about the attack has focused on Anonymous, the loose collective of hackers and online mischief makers. Although the group has denied responsibility for the breach, Sony had been a target of Anonymous denial of service attacks in retaliation of the company's legal actions against hackers who have cracked content protection technology for its PS3 and other products."
(As posted on Threatpost)
More information and direct link to article here
Tuesday, April 26, 2011
Has anyone used DropDMG?
It looks like DropDMG is a new tool that looks at MAC disks. At first glance, it looks like the utility is very easy to use. More information is here
Monday, April 25, 2011
Interesting tools from SourceBoston
Don't forget to read the Verizon DBIR 2011 Report
"The Verizon 2011 Data Breach Investigations Report (DBIR) is the third annual report issued by Verizon and the U.S. Secret Service (USSS). It covers incidents of data breaches that occurred in calendar year 2010 and comprises incidents investigated by Verizon's professional services division and those reported to the USSS. The report's tally of stolen records is a oft-cited benchmark of the prevalence and seriousness of cyber attacks.
That number has been on a steady - even precipitous decline since the first Verizon DBIR in 2008. After peaking in that first year at 361 million, the number of total records compromised dropped to 144 million in 2009 and just 4 million in 2010. That leaves Verizon in the uncomfortable position of having to try to explain - rather than merely interpret - the results of its own report." (ThreatPost)
More information here
That number has been on a steady - even precipitous decline since the first Verizon DBIR in 2008. After peaking in that first year at 361 million, the number of total records compromised dropped to 144 million in 2009 and just 4 million in 2010. That leaves Verizon in the uncomfortable position of having to try to explain - rather than merely interpret - the results of its own report." (ThreatPost)
More information here
Policies Development
It's been a while since I've written policies. Actually, after you create your first one and you get the hang of them, they're not all that bad. Now I have been creating one after the other, nonstop.
Sunday, April 24, 2011
BeaCon
BeaCon was also a wonderful experience. The talks were incredible and it really motivated me to check out and do new things. Thanks again to all the people that made this happen and looking forward to next year!
SourceBoston
SourceBoston was wonderful this week. Got to meet a lot of old friends and new individuals in the industry. This is a great place for networking. The volunteer experience was awesome as well and I can't say enough positive things about this. Thanks again to all those that made this happen and can't wait until next year!
Subscribe to:
Posts (Atom)