Sunday, December 16, 2012
Week 3- New ‘Dexter’ malware strikes point-of-sale systems
Many
of us use our credit and debit cards to make purchases at many stores to
include hotels and we do so sometimes not really thinking about the risk
associated with doing so. We assume that
point-of-sale systems are secure and safe and we don’t think about the fact
that these systems can be attacked like any other system. Why?
Because they contain credit and debit card data of every card that has
been swiped for purchases. According to an article titled “New ‘Dexter’
malware strikes point-of-sale systems” written by Charlie Osborne hundreds of
POS systems have been affected with malware.
The malware called “Dexter” has affected systems in over 40 countries
with 30% of the infections taken place in the US. Dexter is designed to steal credit card
numbers and data. Dexter is designed to
target POS systems by injecting itself into the iexplore.exe in Windows Server. It then takes credit card data from the server
and sends it back remotely. At this
point the hackers can produce fake credit cards using the credit card numbers
retrieved from the server. Majority of
the operating systems infected have been Microsoft products with Windows XP
being the most targeted. So far the
names of the business affected have not been released. The article can be found at: http://news.cnet.com/8301-1009_3-57559171-83/new-dexter-malware-strikes-point-of-sale-systems/
Sunday, December 9, 2012
Week 2- Credible Sources
Not all web sites on the Internet are a credible source of information when it comes to threats, vulnerabilities, updates, and security news. You can’t believe everything you read, watch, or hear on the Internet. When there is a conflict within a source the best way to check it is to weight it against known reliable sources. If the sources list vulnerabilities within specific software, the best way to check the source is to visit the venders’ web page. This is true for patches as well. In order to stay on the safe side I would recommend using governmental, libraries, known organizations, and universities as sources for information. Vender sites are usually very helpful at providing credible information about securities issues associated with their products. The following is a list of sites that consider to be credible sources because they are from professional organizations or have proven over the years to be credible sources for information.
The sites listed above are just a few of the many sites that I think are credible sources. If you stick to sites such as the ones listed above the information you receive should be reliable. If you are unsure about a source you can also do some research on the author and check any references that he/she may have used in their article or document.
Monday, December 3, 2012
Week 1 - Managing Threats in the Digital Age
The digital age has opened the door to more threats due to increased Internet usage. We use the Internet to conduct business, work, education, travel plans, entertainment, and personal use. The devices used to access the Internet have increased as well. Not only do we connect to the Internet via desktops but we can also use our cellphones, iPods, iPads, notebooks, PDAs, and other mobile devices. The use of these devices along with the increased use of the Internet has created many security challenges. These challenges can be categorized into three categories and they are external threat, internal threats, and compliance requirements. These challenges make managing threats a big priority especially for governmental and major organizations like financial institutes and hospitals. They all collect and store a lot of sensitive, classified, or personal information that could cost them billions of dollars in losses. These loses can range from ruined reputation, legal fees and penalties, and revenue due to system downtime. I found this article titled “Managing threats in the digital age” that covers a lot of important information about managing threats. The article talks about how you need to be proactive when it comes to security. In other words when it comes to security organizations should implement real-time monitoring for identifying, tracking, and addressing threats. This would include real-time audits and monitoring of employee usage. I must say that I agree with the article. Many security threats are usually detected after the fact and not during. Most of the breaches are usually detected days or months after the breach. It’s the same for monitoring employee actions. It usually takes a few months or days before they discover that and employee was copying files. It would be nice to be able to monitor employees for system misuse.
The article can be found at: http://public.dhe.ibm.com/common/ssi/ecm/en/gbe03423usen/GBE03423USEN.PDF
Saturday, November 17, 2012
Week 12- Blog Summary
First I would like to say that I had fun learning how to
create a blog and add entries to it weekly.
The whole idea of having to find articles and create summary of them
helped me become more aware of the different threats we face while utilizing the
Internet. We use the Internet for
business and pleasure not realizing the potential threats that come along with
using the internet. Most of my blog
topics consisted of a variety of topics such as system/software issues, user errors,
security awareness, and threats. When it
came to deciding on what to blog about I just did a Google search on the latest
security breaches. I would also
sometimes come up with a subject and then use Google to find articles that
supported my subject. I think security
blogging is a great awareness tool that gives others the chance to read and
apply their thoughts and comments to the subject matter. It’s a great way to learn more about
security.
Monday, November 12, 2012
Week 11 Security Entry
In this week’s security blog I’m going to talk about an article that was written by Chris Poulin called “BTOD: Once Size Risks All”. In this article Chris talks about how we as a people have become very reliant upon the Internet. We as a people can access the Internet from just about anywhere we go. Just to get our brain juices flowing think about all the places that offer Wi-Fi. Just to name a few we have McDonalds, Wendy’s, Coffee shops, hotels, etc. For those of us who have cell phones Internet access is located in our pockets. With that said we can surf, shop, and conduct business and bank from anywhere. This article focuses on the fact that work and personal devices should be separated. In other words you should not use your business devices to surf the web, shop, bank, etc. Personal devices should only be used to conduct personal business only. Some companies allow their employees to use their own devices instead of company issued devices. I must say that I agree with the author I think business and work should be separated as well. If companies separate the two I think that it would limit the amount of threats they face daily. If companies allow employees to use their own personal computers they compromise the security of the network. Companies will have no way of determining what programs, software and data users may have stored on their computers. Are users required to have anti-virus software? Are there any policies in place to dictate acceptable use?
Monday, November 5, 2012
Week 10- Automatic User Logins
According to Zack Whittaker a writer from ZDNet and CNET Facebook had a flaw that could have put over 1 million Facebook accounts at risk of unauthorized access. This flaw would have allowed unauthorized users to login to others Facebook account without the use of a password. The flaw was centered around a user’s e-mail address. Facebook would e-mail links to users that when clicked would automatically give them access to that Facebook account without the need for a password. There was also a flaw that allowed you to automatically access your Facebook account without a password if you were logged in to g-mail. This can be a big issue and lead to many problems if your e-mail account was compromised in anyway. If your e-mail account was compromised someone would automatically be able to access your Facebook account and any other accounts that are linked with goggle via your g-mail. Many of my android apps are also automatically connected and liked with my g-mail as well. I think this is a big issue because there are a lot of applications that are linked with Google that can be assessed with a single login. Here are a few steps that should be taken each time you access a site or application that requires a login:
1. Always log out of a system or website when you are done.
2. If you are accessing a site from a public computer make sure you delete all cookies and browsing history.
3. Never click no or never when asked if you want the browser to save or store your login information.
4. Change all your passwords to social media, e-mail, banks, and e-commerce websites often.
5. Use different hard to guess passwords for each account.
6. Always make sure the “remember me” checkbox is unchecked.
Article can be found at: http://news.cnet.com/8301-1009_3-57544933-83/facebook-password-bypass-flaw-fixed/
Monday, October 29, 2012
Week 9- Top Secret Service agent helps kick off cyber-crime campaign in South Florida
According to Ihosvani Rodriguez from Sun sentinel, South Florida is “leading the nation in identity theft” and in other cybercrimes. Since 2010 identity theft in South Florida has increased 76%. Listed amongst the other cybercrimes was credit and debit card theft via illegal devices such as card readers or skimming devices. Skimming devices can be used to capture credit card numbers and pins. These devices can be set up on ATM machines to read the magnetic strips and take pictures of pin numbers.
Credit and debit cards are often used by many people as forms of payment for online and in store purchases and is something that we all should be concerned about. We also use our debit and credit cards at payment terminals, gas pumps, car wash, red box (movie rental Kiosk), gift card kiosk, and any other vending machine that accepts credit and debit cards as forms of payment. These are all systems that can be modified by criminals to steal our credit and debit card information to commit fraud. Store employees have also been known to commit fraud by writing down or taking pictures of customers credit/debit card numbers. They have also been known to attach illegal devices to credit/debit card readers to steal information. Once criminals obtain your credit card numbers and pin they can create fake cards with those numbers to make purchases and steal money. Listed below are a few tips to remember the next time you use your debit and credit card especially during the Holiday Season:
1. Check system for any signs to tampering before using.
2. If you see anything unusual about a system, don’t use it.
3. Check your statements often for unauthorized purchases.
4. Never use your cards on unfamiliar sites.
5. Be aware of online advertisements, SPAM, and phishing attempts.
Credit card fraud can be easily fixed if caught in time. Debit card fraud cause more damage because a criminal can drain your bank accounts leaving you without any money. The bank may or may not credit your money back to your account. If they do it can take a long time before they replace it leaving you frustrated and without any money.
Monday, October 22, 2012
Week 8 White House Confirms Security Breach By Chinese Hackers (But It's Not As Bad As It Sounds)
Over the past few months there seem to be a lot of security
breaches that stems from phishing attempts.
Business and organizations have been requiring that all employees take
some form of security training on an annually basics. The training usually warns
users of virus, phishing attempts and other information security aspects. I’m just curious as to why users are still
falling prey to phishing attempts especially those who are associated with the
government or military. About a month
ago the white house suffered a breach on their unclassified network via a
phishing e-mail. As government employees
you are constantly warned about phishing e-mails and yet there is a breach via outsider
gathering information from a phishing e-mail.
Is there something wrong with the training? Does it need to be revamped?
Or is it that users are just not thinking?
This is another example of an “insider threat”. The article can be found at: http://www.businessinsider.com/white-house-confirms-security-breach-by-chinese-hackers-2012-10#ixzz2A5hQ1lJA
Monday, October 15, 2012
Week 7- TD Bank data breach hits 260,000 customers
Another insider threat has occurred at TD Bank in Jacksonville where unencrypted backup tapes have been misplaced affecting over 260,000 customers. The backup tapes contained customers social security numbers and account information. Incidents such as this make you wonder if your personal information really protected. Not only do we have to worry about protecting our own information but we also have to worry about how business are protecting our information. How do you misplace unencrypted tapes? What kind of security procedures do they have in place to protect against this kind of incident? Do they contain measures for keeping and storing backup takes? The story can be found at: http://www.bizjournals.com/jacksonville/news/2012/10/15/td-bank-data-breach-hits-260000.html
Monday, October 8, 2012
Week 6- U of Pennsylvania Confirms Data Breach
It seems like the number of Universities being hacked are
starting to climb the chart in data breaches.
So far about twelve schools have been breached where hackers have stolen
data. Hackers are starting to come together
and create hacker groups. Hacker groups
are more effective at breaching systems than working alone. The hacker group responsible for the
University of Pennsylvania data breach is known as “Team GhostShell”. They claim their motive was to show how changes
made to the education system by politics have affected us as a whole. They did not steal any data that could lead
to identify theft. They only stole data
that shows student debt and posted it on a few websites. My question is: Is there such thing as a good hack? Is this a justifiable hack? Do these hacks show that there may be a
security flaw in the Universities system?
Are hackers becoming smarter or is security software and hardware behind
the curve? These are just a few questions
that ran across my mind as I read this article.
The article can be found at: http://www.upi.com/Science_News/Technology/2012/10/04/U-of-Pennsylvania-confirms-data-breach/UPI-38071349378891/
Monday, October 1, 2012
New Threats
When it comes to protecting personal data we sometimes only
think of protecting personal data on our home computers but we never stop and
think about protecting our mobile devices.
Mobile devices are just as vulnerable to attacks as our personal
computers. Mobil devices can be used to
do just about anything. They can be used
for online banking, check e-mail, shopping, booking flights, booking hotels and
much more. Malware can easily be
downloaded to our mobile device via android apps or any other type of
download. Not only do we have to worry
about computers and mobile devices but there has also been a huge increase in
malware being found in external drives such as thumb drives. Thumb drives/pen drives are known for
carrying viruses and malware. As users
of these devices we need to mindful of the potential risk associated with each
of these devices and protect ourselves.
Running virus scans on all external storage devices and installing virus
software on our mobile devices will provide some level of protection. McAfee released an article about a month ago
titled “McAfee Threats Report Shows Largest Malware Rise in Four Years”. This rise is due to thumb drives and mobile
devices being infected with malicious software. The article can be found
at: http://www.mcafee.com/sg/about/news/2012/q3/20120904-01.aspx
Monday, September 24, 2012
When it comes to security most of the time we always think
about keeping an unauthorized user out of the system. We never really think about the internal
threats to networks. These threats
consist of employees writing their passwords on their desk calendar or putting
it on a sticky not and placing it under their keyboard. They also consist of an employee or employees
banding together to steal money, customer data, products, etc. We also never think about employees bring in
infected media and running it on company computers or the IT department cutting
corners in security. All these things
can be damaging to a companies’ system. I
found this article titled “Security is not just external- Don’t Forget the “Other”
Security”. This article talks about a
few security incidents that took place internally and not externally. Most of the incidents noted in this article can
be contributed to lack of awareness, bad judgment, and stupidity. I must say that I agree with his article. Most external hackers are usually after
money. What’s the different between them
stealing data to commit fraud or to sell on the black market for money and an
employee or employees banding together to steal thousands to millions of
dollars from business. Employees steal from companies by taking products,
customer records and company secrets to sell on the streets. They also take from companies when they
introduce infected e-mails or files to the organizations network. Depending upon how bad the situation is, the
company can lose money in downtime while the situation is being contained and
cleaned-up. I considered this to be bad
judgment especially if your company has information awareness training and you
choose to ignore it. The article can be
found at: http://www.securityweek.com/security-not-just-external-dont-forget-other-security
Monday, September 17, 2012
Miami Hospital Suffers Second Breach within a Year
The University of Miami Hospital suffered another patient
breach this year where two of its employees are suspected of stealing patient
data from the hospital. The information stolen
during the breach includes names, last four of socials, date of birth,
addresses, insurance policy numbers, and medical history of each patient. At this point they don’t know how many
patients were affected by the breach. The hospital is also offering two free
years of credit monitoring for all those who may have been affected. This
Miami hospital may want to consider employee screening before hiring and revamp
their security policy. Most of the times
when we think about breaches you assume that someone from the outside has hacked
into a system and caused harm. We never
think about a breach taken place from inside the company by employees who are
authorized to view and handle your information.
It’s kind of scary when you think of all the places that have your information
and all the different people that have access to it. This article can be found at: http://www.scmagazine.com/miami-hospital-hit-by-second-patient-breach-this-year/article/258895/
Sunday, September 9, 2012
Gamecock Data Breach
University of South Carolina suffered a breach on June 6th that may have compromised about 34,000 students and staff personal information to include their socials. The school is unsure when the breach took and place however they suspect that the breach originated overseas. The article can be found at
http://threatpost.com/en_us/blogs/gamecock-data-breach-affects-34000-082212
http://threatpost.com/en_us/blogs/gamecock-data-breach-affects-34000-082212
Friday, August 31, 2012
Cancer Center Data Breach
A cancer center in Indianapolis had a laptop stolen from one of its employees vehicle containing 55,000 patients information. The information stolen contained medical records, socials, insurance documents, and other patient information. The laptop had not yet been recovered. My question is what was the backup laptop containing that kind of information doing outside the facility? Article can be found at: http://threatpost.com/en_us/blogs/info-55k-patients-stolen-indianapolis-cancer-practice-083112
Subscribe to:
Posts (Atom)