Category Archives: Thoughts

After the hack According to published reports, Visa and MasterCard recently warned card-issuing banks that a third-party payments processor suffered a security breach. This breach may have exposed the Track 1 and Track 2 data needed to counterfeit cards. The compromise, according to both KrebsonSecurity and The Wall Street Journal, happened sometime between January 21 and February 25. It’s not clear if attackers had access for that entire period. Source Here is where the driving force is to tame the internet. To turn it into the merchant’s wet dream. The idea of having a store with unlimited shelf space, without having to meet all the requirements of a brick and …

Continue reading →

ABCs for ISPs The Anti-Bot Code of Conduct for Internet Service Providers A Voluntary Industry Code to Help Reduce End-User Bots The Federal Communications Commission’s CSRIC Working Group #7 released a new voluntary code of conduct for ISPs and network operators on March 22, 2012 as a cooperative industry-government initiative. The Anti-Bot Code of Conduct for Internet Service Providers (ABCs for ISPs), included in the FCC CSRIC Final Report of March 2012 includes the opportunity for participating network operators to be listed publicly on their own and official industry websites. Source The spammers and bot-herders will have to come up with a new method should this take hold. Those ISPs …

Continue reading →

Maybe some of you have met the next weird situation: you want to download a trial of a program, a shareware, from a well established downloading site but when you click the download button instead of the wanted program, another little program is downloaded and executed in the computer, it’s the so-called “download manager” which in its turn downloads the desired program. Nobody fully understands this scheme, why is needed by this “download manager” instead of offering directly the wanted program but a lot suspect this program of “grey” missions. The concerns are raised when the antivirus software detect these “download managers” as adware or spyware and there must be …

Continue reading →

Critical Windows bug could make worm meat of millions of high-value machines Microsoft has plugged a critical hole in all supported versions of Windows that allows attackers to hit high-value computers with self-replicating attacks that install malicious code with no user interaction required. The vulnerability in the Remote Desktop Protocol is of particular concern to system administrators in government and corporate settings because they often use the feature to remotely trouble-shoot e-mail servers, point-of-sale terminals and other machines when they experience problems. RDP is also the default way to manage Windows machines that connect to Amazon’s EC2 and other cloud services. That means potentially millions of endpoints are at risk …

Continue reading →

I don’t know many malware able to give so many headaches as DNSChanger trojan. Briefly, beginning with 2007 year a cyber crime group based in Estonia, a former Soviet republic, starts to spread a malware called DNSChanger sniffing some financial gains. The spreading process started by tricking the unaware users to download and run a video codec(fake of course) or a special web browser(NetBrowserPro) that helps to watch online porn movies. When a computer is infected, the malware tries to change the DNS settings of the compromised system and of the home or small office routers if the default username and password used to configure it are not changed. There …

Continue reading →

Nortel hit by suspected Chinese cyberattacks for a decade The hackers – who appeared to be based in China – had unfettered access to the former telecommunications giant as far back as 2000, according to Brian Shields, a former Nortel employee who launched an internal investigation of the attacks, the Wall Street Journal reports. They “had access to everything”, Shields told the Journal. “They had plenty of time. All they had to do was figure out what they wanted.” Source A decade ago, the Chinese were stepping up their internet attacks as a way to steal patented technology, insider information, industrial sabotage, and research theft. Here it appears we had …

Continue reading →

I have received an email about an infographic related to online privacy threats and released by frugaldad.com, it shares in an easy to understand way the best tips for keeping users safe online. The graphic says it all, no more need of comments.     Source: frugaldad.com