Noreen Seebacher

There's No Holiday From Security Threats

NO RATINGS
View Comments: Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
Lyndon_Henry
User Rank
Blogger
Re: Fake links
Lyndon_Henry   7/8/2012 9:33:12 PM
NO RATINGS
..

Daniel writes


We have to take atmost caution about the genuinty of GUI before inputting the credentials. Now a day's lots of spam mails are flooding to inbox asking for login to social media networks for different offer and other things. It seems that in most cases, the links are redirecting to fake login pages, similar to phishing. So I think it's always better to have a look for the IP address, before inputting any details.


 

This seems an appropriate point to post a little warning (which many of you may have already seen) about the DNS Changer malware issue, which has involved infecting PCs worldwide to redirect server link requests to "counterfeit" sites. 

The Apocalypse arrives tomorrow, so be forewarned that you should check to ensure that either you're not infected, or you've used the proper disinfectant.  It's kinda complicated, involving the FBI usurping and appropriating the malicious servers and maintaining re-routing for the convenience of victims, but the FBI is gonna shut down the hijacked servers  (are you still following me on this?), but anyway, don't worry about the details...

The important thing is, there's an excellent article in the LA Times which provides several alternatives for checking out your system:

Here's how to check your computer for the DNS Changer Malware

http://www.latimes.com/business/technology/la-fi-tn-dns-changer-malware-20120706,0,2973272.story

Just for convenience, both the ABC and NBC news tonight gave the following website as a good way to check and, if necessary, remedy your own situation:

dcwg.org

It's easy to remember, in case you want to tell somebody (my mnemonic is "DC Water Gas, but whatever...)

It worked for me...

 

MDMconsult
User Rank
Prospector
Data Protection
MDMconsult   7/8/2012 8:02:47 PM
NO RATINGS
It may cost an organization millions to protect all their data. A practical way to look at the situation is to focus on protecting the most critical data first. Management should be educated and know where there most critical data is as well be able to maneuver the right security measures that are to be implemented, testing systems

 

kicheko
User Rank
Blogger
Re: Fake links
kicheko   7/4/2012 12:29:49 PM
NO RATINGS
Another avenue through which facebook logins could pose a security threat is the third party logins where you can enter a site using your facebook login. This means if you log into a dubious site using your facebook password it could get tapped from there. Potentially a risky feature ...on most sites i do not know, i rather go the long route and create an account.

On the notification emails, it is sometimes tempting since they could be a shortcut to seeing what's on FB without logging in, but i guess it worth the trouble to log in for you own safety.

WaqasAltaf
User Rank
Data Doctor
The gap
WaqasAltaf   7/4/2012 9:56:16 AM
NO RATINGS
I feel that organogram in many organizations is such that CISO isnt either powerful enough or lacks coordination with the CEO due to the stated structure. May be the reason for that is that the CISO's role is a specific one and CEO feels that the role doesnt have widespread implications in the organization hence there is no need for a direct reporting line. I have seen CIOs are relatively in a better position to communicate with CEO compared to CISO. 

However, when security breaches causing large-scale disasters occur, CISOs are deemed to be involved with the organizational leadership so that consequences can be avoided. 

SethBreedlove
User Rank
Data Doctor
Re: What a disconnect!
SethBreedlove   7/3/2012 10:08:40 PM
NO RATINGS
@ Noreen, I think hiring hackers is a two edge sword.  I think of those individuals in Russia who will illegally hack into something, then freely advertise their services.  I know corporations will hire former criminials to hack them, but I often wonder, how do they know that hacker isn't doing something behind the scene? On the other hand, you need those talents to test a system. 

On another note, the thing that people need to be aware is that if their is only a 1% chance of something happening, that is actually a big number.  And that 1% chance isn't someone else, but it's you. 

SaneIT
User Rank
Data Doctor
Re: What a disconnect!
SaneIT   7/3/2012 7:29:17 AM
NO RATINGS
Unfortunately, security isn't one of those things that CEOs want to talk about.  Their concern is placed on availability, usability and project status.  Security is usually a small part of those bigger containers.  That doesn't mean that the issues aren't being addressed it just means that the focus typically isn't that narrow.


Now as far as using white hats to counter black hats, I think it's important to follow what the white hats are doing and to understand how the projects they are working on might impact your company, I don't think it's necessary or wise to actively employ a white hat.  The legal issues of reverse engineering someone's software package for example isn't an area too many companies want to get involved in.

Daniel
User Rank
Data Doctor
Fake links
Daniel   7/3/2012 4:47:27 AM
NO RATINGS
1 saves
Noreen, you are right.  We have to take atmost caution about the genuinty of GUI before inputting the credentials. Now a day's lots of spam mails are flooding to inbox asking for login to social media networks for different offer and other things. It seems that in most cases, the links are redirecting to fake login pages, similar to phishing. So I think it's always better to have a look for the IP address, before inputting any details.

tinym
User Rank
Data Doctor
Re: What a disconnect!
tinym   7/2/2012 10:54:39 PM
NO RATINGS
This is a growing trend in IT defense, isn't it? I've been reading about such defenses on other blogs. I think using Honeypots and other mechanisms might be better suited to gaining predictive insight. Counterstrikes are probably not such a good idea considering the potential for collateral damage on the system you're trying to defend.

Callmebob
User Rank
Master Analyst
Re: What a disconnect!
Callmebob   7/2/2012 1:52:23 PM
NO RATINGS
Interesting disconnet between the to different "C" people. Perhaps the disparity can be explained that the CISO focuses on the company's IT and knows the nuts and bolts behind the network and risk threats. The CEO on the other hand has multiple worries to dwell on, i.e., revenue and the bottom line.

Of course, if the company's system is hacked and piles of customers' passwords are stolen that can put a damper on the bottom line results. In assessing the practice to employ white-hat hackers to combat the bad guys, it falls into the category of, "it takes one to know one."

Noreen Seebacher
User Rank
Blogger
Re: What a disconnect!
Noreen Seebacher   7/2/2012 9:33:33 AM
NO RATINGS
Let's ask the community to weigh in. How do you define the words "hacker" and "hacking"? Are they by definition "bad"?

Page 1 / 2   >   >>
Information Resources
More Blogs from Noreen Seebacher
Everyone is talking about big-data as an HR solution, so why doesn't it seem like we're any closer to solving the people problem?
Even at a trade fair better known for seminars on information technology, big-data was too significant to ignore.
All Analytics readers have serious issues with the data hidden in digital photos.
The system we use to select American courtroom juries is riddled with delays, frustrations, and inefficiencies.
It was actually a little too easy to slip a cellphone past security at a federal courthouse.
VIDEO BLOGS
VIDEO BLOGS
Quick Poll
Quick Poll
Radio Show
Radio Shows
UPCOMING
James M. Connolly
Survive the Digital Transformation


8/18/2015   REGISTER   0
ARCHIVE
James M. Connolly
Health Analytics: Find Data Beyond the Hospital Doors


7/28/2015  LISTEN   47
ARCHIVE
James M. Connolly
Finding Answers Through Prescriptive Analytics


7/21/2015  LISTEN   117
ARCHIVE
James M. Connolly
Visualization: How to Bring Data to Life


6/22/2015  LISTEN   55
ARCHIVE
James M. Connolly
Learn Why Analytics Are at Home in the Cloud


6/15/2015  LISTEN   26
ARCHIVE
James M. Connolly
Analytics: Your Defense Against Cyber Threats


5/27/2015  LISTEN   60
ARCHIVE
James M. Connolly
Big Data & Big Pharma: How Analytics Might Save Your Life


5/19/2015  LISTEN   37
ARCHIVE
James M. Connolly
Live Interviews From SAS Global Forum


4/28/2015  LISTEN   11
ARCHIVE
James M. Connolly
How to Hire Great Analytics Talent


4/23/2015  LISTEN   51
ARCHIVE
James M. Connolly
Sports Analytics Mean Fun and Business


3/24/2015  LISTEN   3
ARCHIVE
James M. Connolly
Secure Your Big Data in the Cloud


2/26/2015  LISTEN   114
Information Resources
Infographic
Infographic
It Pays to Keep Insurance Fraud in Check
While 97% of insurers say that insurance fraud has increased or remained the same in the past two years, most of those companies report benefits from anti-fraud technology in limiting the impact of fraud, including higher quality referrals, the ability to uncover organized fraud, and improve efficiency for investigators.
Follow us on Twitter
Follow us on Twitter
Like us on Facebook
Like us on Facebook
About Us  |  Contact Us  |  Help  |  Register  |  Twitter  |  Facebook  |  RSS