TriGeoSphere

Grandma Got Hacked for Christmas

Nothing quite says "Happy Holidays" like discovering that a family member's bank account has been hacked. Everyone believes that some malware found its way to an unprotected system, spotted the on-line banking activity, captured the credentials and dutifully transmitted them or awaited further instructions from whoever had control of this machine.  What's interesting about this case is that the bank has asked for the hard drive of the compromised PC.  What would you do?

Continue reading...

PCI Security - The Devil is in the Details

Joshua Corman, research director for enterprise security at The 451 Group, renewed debate recently on the role that PCI plays in network security in an article featured in CSO Magazine. The article contains a number of Corman quotes from a recent 451 Group client conference. From the excerpts, it's clear that the Corman is trying to sound the alarm, and it may be falling on deaf ears.

Continue reading...

Knock, Knock…Who’s there? Ilomo. Ilomo who?

Call it Ilomo, Clampi, Rscan, or Ligats—whatever you call it, it’s getting a fair share of the security spotlight due to recent discussions at Black Hat.  So what is Ilomo?  Ilomo is essentially an “old” botnet Trojan dating back to 2007, which primarily targets the banking industry...

Continue reading...

A Worm is a Worm by any Name

While Conficker uses a variety of methods to reach new heights of evil, the methods themselves are not new. As with most viruses and worms, the process for escalating privileges, exploiting hosts, and gaining unauthorized access remains much the same: exploit a weakness, stop the services that may prevent the nefarious deed, and then spread the love via email, network shares, peer to peer communications, or removable devices.

Continue reading...

Governator Vetoes Bill

Clearly, the most meaningful consumer data protection comes from taking responsible and prudent steps to prevent data loss. Even under the best of circumstances, no one can guarantee that a loss will never occur and that's where California led the way in disclosure legislation.  In my opinion, this legislation was ill-conceived and I hope it won't be back.

Continue reading...