Your grandmother could run a botnet. Really? You probably thought hacking skills and technical know-how were needed to be botmaster. Nope – just $2500 US, an email address, and a desire to do some evil. Don’t worry – Nana’s (probably) not herding bots, but it’s not because she lacks the necessary skills.
This may explain why cyber crime losses almost doubled last year. The number of web-based botnets doubled in the second half of 2009 and web-based bodnets now outnumber the “old school” irc-based botnets. Really? Yeah, really.
You might want to hold off on Firefox 3.6 for a while. Really? There is a known vulnerability that will not be patched until March 30.
100% guaranteed malware detection? Really? That is the claim that Dr. Markus Jakobsson makes for his new technique. He is being taken seriously by some major companies, too. This is a nerdy read, but an interesting one.
Humans are still the weak link in security. Really? That’s not exactly big news, but it is worth repeating.
Lock down the security on that……copier? Really? Think about it – high end all-in-one office machines are copiers, scanners, and printers. They often have hard drives containing TONS of sensitive data and they are generally not on the radar screen when it comes to security. Permissions are often wide open. The next time you visit your SME clients, CHECK THE COPIER! If it has a hard drive, there is probably a lot of stuff on there that your client would like to keep private.
Takin’ names and kickin’ a** – Really?Publicizing the names of ISPs that allow their clients to do mischief is one way to get them to stop taking money from the bad guys – at least in places where people care about that sort of thing.
One more time – be careful where you put that payment card. Really? Here is another case of credit card fraud involving fake PIN pads that were planted in a chain of stores in the UK. Actually, the fake pads were visually identical to real ones, so no amount care would have saved you. Some are now arguing that credit cards are safer than debit cards, since the crooks cannot empty your bank account and credit card companies provide more protections against credit fraud than against debit fraud, especially if a PIN number was entered. This article explains further.
Dennis H in West Virginia, US
March 23, 2010