Security researchers announced on Thursday the release of a network sniffing tool that conveniently categorizes the data leaked by laptops and other devices during routine operation.
The tool, dubbed Ferret, analyzes information that computers and other network devices regularly send out as a matter of course--a problem that Robert Graham, CEO of startup Errata Security, called data seepage.
Source: Internet News.com - Posted by Benjamin D. Thomas
Google's YouTube and a company called Live Digital will offer no refuge to users who uploaded pirated copies of Fox Television's "24" and "The Simpsons" onto their video platforms.
In an e-mail to internetnews.com, a 20th Century Fox Television spokesperson said that Google and Live Digital complied with subpoenas issued by the U.S. District Court in Northern California and disclosed to Fox the identities of two individuals who illegally uploaded entire episodes of "24" prior to its broadcast and DVD release.
NEW YORK (Reuters)—Americans lost about $49.3 billion in 2006 to criminals who stole their identities, an 11.5 percent decline that may reflect increased vigilance among consumers and businesses, a study released on Thursday shows.
Losses declined from a revised $55.7 billion in 2005, according to the third annual study by Javelin Strategy & Research. They had increased in each of the prior two years.
Most sophisticated computer users know about “phishing” — the act of sending an e-mail to a user claiming to be a legitimate enterprise in an attempt to scam the user into giving information that will be used for identity theft and fraud. But the Better Business Bureau says scam artists are the first to take advantage of new technology, and now there’s “vishing,” which is short for voice fishing. It’s come about because of the proliferation of Voice over Internet Protocol (VoIP) phones.
In previous posts on web application email harvesting, and the distributed email harvesting honeypot, I commented on a relatively less popular threat - the foundation for sending spam and phishing emails, namely collecting publicly available email addresses. The other day I came across an email harvester and decided to comment on its configuration file.
PayPal announced last week that it will soon support a key fob to provide its customers with two-factor authentication. Costing $5 for personal accounts--and free for business accounts--people can get a One-Time Password (OTP) device that displays a new six-digit code every 30 seconds. The intent is to provide customers with another line of defense against identity theft and the continuous onslaught of PayPal-based phishing attacks.
If you’re in a certain income bracket, you might get an e-mail threatening your life. A new group of spammers, posing as professional hit-men, claim that recipients have been targeted for assassination and ask for up to $80,000 to drop the contract on their lives. Recipients are warned against contacting the police or FBI. Internet security firm Sophos said it had received a number of reports about the scheme and issued a statement today.
Source: NewScientist - Posted by Benjamin D. Thomas
Leaking a sensitive government document can mean risking a jail sentence - but not for much longer if an online service called WikiLeaks goes ahead. WikiLeaks is designed to allow anyone to post documents on the web without fear of being traced.
The creators of the site are thought to include political activists and open-source software engineers, though they are keeping their identities secret. Their goal is to ensure that whistle-blowers and journalists are not thrown into jail for emailing sensitive documents. That was the fate of Chinese journalist Shi Tao, who was sentenced to a 10-year term in 2005 after publicising an email from Chinese officials about the anniversary of the Tiananmen Square massacre.
The facts are staggering... Spam emails are estimated to cost anywhere between US$10 to $87 billion per year in direct costs and lost productivity. What's more, 90% of computer viruses are spread by email attachments. Spam has become so insidious that every company has to consider the cost and means of reducing its impact. Sometimes it's as simple as implementing a basic spam filter and applying best practices-- i.e., following a few rules for recognizing and eliminating spam.
We've now seen several phishing web sites that are using flash-based content instead of normal HTML. Probably the main to reason to do this is to try to avoid phishing toolbars that analyze page content. Two recent examples, both targeting PayPal: www.ppal-form-ssl.com and www.welcome-ppl.com.
