Category Archives: Security - Page 2

Romance scams plague UK: 200,000 victims

Posted by on September 30, 2011 No comments

Research out of the UK today says that perhaps as many as 200,00 people in that country have been victims of online romance scams and the same study says over 1 million people personally know someone who has been scammed by one of these heartless fraudsters.

The online research was conducted by the UK’s University of Leicester found that 52% of people surveyed online had heard of the online romance scam when it was explained to them and that one in every 50 online adults know someone personally who had fallen victim to it. The results confirm the law enforcement belief that this type of crime is often not reported by those affected, in many cases due to embarrassment at having been duped, or through a continuing hope that there will eventually be a genuine romance, the study found.

According to the FBI’s IC3, scammers use poetry, flowers, and other gifts to reel in victims, the entire time declaring their “undying love.” These criminals also use stories of severe life circumstances, tragedies, deaths in the family, injuries to themselves, or other hardships to keep their victims concerned and involved in their schemes. Scammers also ask victims to send money to help overcome a financial situation they claim to be experiencing. These are all lies intended to take money from unsuspecting victims, the IC3 says.

The romance scam is particularly cruel in that perpetrators spend long periods of time grooming their victims, working out their vulnerabilities and when the time is right to ask for money…

via Layer 8: Romance scams plague UK: 200,000 victims?.

How Researchers “Stole” 20GB of E-Mail from Fortune 500 Companies

Posted by on September 19, 2011 No comments

Two researchers who set up doppelganger domains to mimic legitimate domains belonging to Fortune 500 companies say they managed to vacuum up 20 gigabytes of misaddressed e-mail over six months.

The intercepted correspondence included employee usernames and passwords, sensitive security information about the configuration of corporate network architecture that would be useful to hackers, affidavits and other documents related to litigation in which the companies were embroiled, and trade secrets, such as contracts for business transactions.

via Doppelganger Domains stories – Gizmodo.

The Purpose of Security…

Posted by on September 18, 2011 No comments

Great quote:

The entire purpose of security is to support your ability to do business in a secure manner. Security is an enabler, not a limiter. If security is a limiter, you are using it wrong/abusing it.

by Jon-Louis Heimerl in this article in Security Week.

Windows 8 to offer built-in malware protection

Posted by on September 18, 2011 No comments

Microsoft is including a beefier version of its malware protection in Windows 8.

The company is tweaking its Windows Defender tool, which has been part of the last few versions of Windows, by essentially adding some of the more robust features from its free Security Essentials product. Launched in 2009, Security Essentials has garnered generally positive reviews but requires a separate download, while the built-in Windows Defender has lacked certain key elements as a defense against malware.

At a demo of Windows 8′s security at Microsoft’s Build conference on Tuesday posted by The Register, Steven Sinofsky, president of the Windows and Windows Live division, said that “we’ve taken Defender, and we’ve actually built a whole new range of protection, all the way up through anti-malware, antivirus, all that is built into Defender.”

via Windows 8 to offer built-in malware protection | Security – CNET News.

Tell-all telephone

Posted by on May 24, 2011 No comments

By pushing the play button, you will set off on a trip through Malte Spitz’s life.

A cool but chilling demonstration of a life reconstructed using the online data added to location data.

Tell-all telephone | Data Protection | Digital | ZEIT ONLINE.

May 2011 Patch Tuesday Security Bulletins | eEye Digital Security

Posted by on May 11, 2011 No comments

This month, Microsoft released 2 patches which repair a total of 3 vulnerabilities. Both of these patches address Remote Code Execution vulnerabilities.

via Patch Tuesday Security Bulletins | eEye Digital Security.

Out-of-band patch: MS warns of hack attempt on major sites

Posted by on March 24, 2011 No comments

Microsoft issued a warning today that nine fraudulent digital certificates were issued by root certificate authority, Comodo Group. Although the certificates were quickly revoked, their initial release still poses a threat to browser users, including users of Internet Explorer. This is not a security flaw in Microsoft software, the company says, but it released a security update for Windows all the same.

The nine fake certificates affect the following Web sites, Microsoft says:

  • login.live.com (Windows Live)
  • mail.google.com
  • www.google.com
  • login.yahoo.com (3 certificates)
  • login.skype.com
  • addons.mozilla.org
  • “Global Trustee”

Fraudulent certificates give hackers the ability to spoof content, phish, or insert themselves in man-in-the-middle attacks, collecting information that users think is being sent over a secure link from browser to Web site.

via Network World.