Articles filed under Security Threats
-
June 7, 2010
True life tale of Corporate Identity Theft - It could happen to you!
Identity theft is a sore subject to those it has happened to. For most of us, we either fear it; or we think it will not happen to us. This is an all too true recount of a local business owner who discovered that her company website had been hacked. A day by day timeline based on a blog authored by Linda W. Fitzgerald is included here, told as the events materialized.
Days One & Two: I used to think that the phrase "cold sweat" was just an expression. But I was wrong, as I discovered yesterday when I sat at my desk, reading an email that a media buyer had forwarded to me. It was supposedly from someone who wanted to purchase advertising on her company's website.
The cold sweat started when I ...0 comments -
May 27, 2010
And you thought Facebook was bad!
So I came into work this morning and shortly after I had settled in at my desk, my coworker starts calling for me in a panicked voice.
I went to his desk, and apparently a friend of his had alerted him to some of his personal information on a website. Not just any personal information either. Information about his neighbourhood, people in his house, income, age, birthday, interests, you name it. Of course, being me, I went and looked myself up.
What I found just about made my heart skip a beat. The website in question, www.spokeo.com, spiders social networking sites, blogs, and any other repository of public information and aggregates it. This is just plain scary people!
Spokeo is a search engine ...
1 comment -
May 17, 2010
Facebooks Privacy Policy - Reasons to be afraid
Got a Rand McNally Handy? Because that's what you are going to need if you want to adjust your privacy settings!
You may or may not have read my rant on Google Buzz, but as a webmaster for a security company - I take security and privacy issues reasonably seriously. For that very reason, I am about to vent a bit about Facebook.
Now, anyone who knows me, knows my detest for Google and Facebook - yet I still use them. Some might call me a conformist. Some might even call me a hypocrite. I do not like to think of myself this way, I just use it as a method of staying connected to friends and family; on the other hand - as a webmaster, it would be sil...
0 comments -
March 9, 2010
Security Trends - RSA 2010
ANX sent four delegates (including our CEO) to the RSA conference this year with learning in mind; learning more about what our competition is up to, learning more about potential business partners, and learning more about emerging trends in security. Here are some of my takeaways from the conference:
Attendance
According to Tom Heiser (of RSA) attendance was up 20% this year. After a disappointing 2009 this is refreshing news and hopefully the sign of a recovering economy.
Themes
Cloud Security: The Cloud Se...
0 comments -
March 3, 2010
RSA Discussion with Richi Jennings about Targeted Attacks
Targeted attacks are one of the hot topics at RSA this week. A targeted threat is a class of malware destined for one specific organization or industry. The primary objective is to capture sensitive user information. The January attack on Google gmail, termed Operation Aurora, is the most recent highly visible targeted attack.
During the show, I caught up with Richi Jennings who is an independent technology and security consultant and we discussed targeted attacks. Check out the highlights from our conversation in the video blog below:
-
February 18, 2010
Botnet invasion at 2,500 companies underscores need for comprehensive managed security approach
The broadly reported disclosure today that nearly 2,500 companies have been victimized by carefully planned botnet attacks should come as no surprise if you're following this type of threat (http://bit.ly/dj7U2v). The ZeuS spyware is widely available to hackers and can escape detection by many standard antivirus programs.
What is surprising is the number of companies that haven't adopted a more comprehensive and multi-layered approach to information security. Too many companies believe that desktop antivirus programs alone are sufficient to protect against the growing scope of threats. They aren't. The same can be said about basic firewall protection.&nb...
0 comments -
February 11, 2010
Privacy Warning! Google Buzz Flaw
Maybe not as much a security threat as a privacy threat, but a recent article posted by Business Insider outlines a serious Privacy Flaw in their new application.
When you sign up to use Google Buzz, you are automatically set up with followers and people to follow, according to a spokesperson from Google. In all actuality, this is a great usability feature - until you get to the accessbility to your...
0 comments -
November 15, 2009
Get Safe Online Week
According to their blog, the UK based initiative “Get Safe Online.org is a free public service from HM Government, the Serious Organised Crime Agency (SOCA) and partners from the private sector. We help individuals and micro-businesses use the internet safely.” Their website has a beginners guide, some down to earth videos, and great advice for small businesses. Check out their video on
0 comments
-
November 23, 2009
ANX PositivePRO Customers Protected from Recently Discovered SSL Vulnerability
ANX PositivePro Customers Protected from Recently Discovered SSL Vulnerability
SSL authentication gap allows a man-in-the-middle attack, affecting the majority of SSL-protected servers
SOUTHFIELD, Mich. (Nov. 24, 2009) - ANXeBusiness Corp., a leading provider of networking and security managed services, today announced that customers of the company’s cloud-based remote access product, ANX PositivePRO, are protected from the recent Secure Sockets Layer (SSL) vulnerability discovered by researchers at PhoneFactor, a leading global provider of two-factor security services. ...
0 comments -
November 18, 2009
SSL/TTS Vulnerability Response (CVE-2009-3555)
There's been much coverage and discussion of recently disclosed SSL vulnerabilities. ANXeBusiness is jumping into the discussion with the help of a special guest blogger, Steve Dispensa. Marsh Ray, who is on Steve's development team, is credited with discovering this vulnerability.
Steve is currently the CTO of PhoneFactor and is one of the founding partners and original developers of our cloud-based remote access product, PositivePRO. The idea behind PositivePRO ...
0 comments -
November 21, 2009
National Data Breach Notification Laws Getting Closer
Political momentum is building for a nationalized approach to data breach notification. I think it's just a question of "when" this will become the law of the land.
Here's a quick summary of the laws under consideration:
The U.S. Senate Judiciary Committee recently approved two bills that would require organizations with data breaches to report them to potential victims.
The first bill is called the 1 comment
-
November 12, 2009
War on Cyber Terrorism
Have you seen the story by 60 Minutes on cyber threats? I highly recommend you watch it:
The Story In a NutshellCyber terrorism has crossed over from the realm of potential into the realm of likely. The story provides examples of how power grids, financial networks, government agencies and even defense systems are already being compromised. State sponsored cyber attacks are proving to be the new battle field.
Here's My Take:
<...0 comments -
November 9, 2009
60 Minutes Segment on Cyber Terrorism
60 Minutes ran a highly informative story on cyber terrorism yesterday (11/8/09). If you ever wondered how severe cyber threats are to national security, be sure to watch.