Young Australians are learning about online security thanks to a new federal government program.
Category: users
Recent trouble at the Sky News message board shows that a little common sense goes a long way in security development. It seems Sky’s system had a simple defense mechanism against spam or DOS attacks. If it received a handful of invalid login attempts on an account within a short space of time, it suspended the account. Which was fine, until someone discovered this, and started using it to disable the accounts of active posters on the board. After someone posted how to do it on the board, others seem to have joined in the ‘fun’, and the social fabric of the board collapsed. Sky News failed to inform their users as to why their accounts were suspended, and users[…]
Good blog post here about how to hack passwords. See if he mentions yours right-out. Let’s see… here is my top 10 list. I can obtain most of this information much easier than you think, then I might just be able to get into your e-mail, computer, or online banking. After all, if I get into one I’ll probably get into all of them. 1. Your partner, child, or pet’s name, possibly followed by a 0 or 1 (because they’re always making you use a number, aren’t they?) 2. The last 4 digits of your social security number. 3. 123 or 1234 or 123456. 4. “password” 5. Your city, or college, football team name. 6. Date of birth – yours,[…]
Dentists, doctors, lawyers and other professionals in the Pittsburgh area have been targeted by a “hit man” e-mail scheme, receiving messages that tell them to pay up to spare their lives, the FBI said. No one has reportedly lost money or been harmed in the scam, but some recipients were unnerved by the messages, said Special Agent Bill Shore, who supervises the computer crime squad in the Pittsburgh FBI office. “You think, ‘What did I get into? What do I gotta do to get out of this?’ “ Shore said. Who worries about hit men ?? The more people learn not to click on links in emails, the more enticing spammers, phishers, and the like will have to make them.
Good article on SecurityFocus about the rise of targeted attacks with specially designed trojans. A similarly themed story is running on CNET news.com.com. Bruce Schneier has posted about it on his blog as well. “If you haven’t noticed these attacks and you are a big company, you have likely already been attacked,” [MessageLabs security researcher Alex] Shipp told attendees at the Virus Bulletin 2006 conference. “Your problem is no longer how do I avoid being attacked, but how do I find where I’ve been compromised.” Scary but accurate. If one wanted infiltrate a network, a trojan specifically crafted for that purpose which had never been seen before would probably be your best bet. OK, maybe not as good as free[…]
Via lifehacker, found these 10 Top Tips for Protecting Yourself at Hot Spots. Some good suggestions in there: 1. Disable Wi-Fi ad-hoc mode 2. Use a wireless Virtual Private Network (VPN) 4. Use a personal firewall 5. Turn off file sharing 6. Make sure the hotspot is a legitimate one 10. Don’t leave your laptop alone. There are also some suggestions that will give you a false sense of security: 3. Use an encrypted USB flash drive 7. Disable or remove your wireless adapter if you’re working offline 8. Use email encryption 9. Look over your shoulder An encrypted flash drive could help… if most flash drive encryption programs weren’t so dumb (once it’s unlocked, anyone on the system can[…]