Sister CISA CISSP:

March, 2010

1

March 31, 2010  11:53 PM

A Trojan as a “Value-Add” for a Battery Charger



Posted by: Arian Eigen Heald
Data Breaches, information security, Stupid Technology, TCM (Truly Clueless Management)

I'm really not sure why a USB battery charger would need software to be hooked up to a computer, or a coffee-maker, for that matter. As much as I like computers, using a computer to charge batteries appears a...

March 26, 2010  2:52 PM

Update on Medical Identity Theft



Posted by: Arian Eigen Heald
Data Breaches, information security, medical identity theft

A report released by Javelin (requires an expensive membership) has updated statistics for 2008: There were more than 275,000 cases in the U.S. last year of medical information theft, twice the number in 2008, The average fraud cost...


March 24, 2010  12:35 PM

Painfully Educational



Posted by: Arian Eigen Heald
ACH Fraud, Banking Fraud, Data Breaches, information security

I've talking a fair amount about ACH fraud and how they are committed by banking Trojans. At a recent forensic exam I discovered not one, but three banking Trojans on a CFO's hard disk. Want to know (I know you don't not really...but) exactly how they work? Here's a down-to-the-code analysis...


March 17, 2010  8:26 PM

What Constitutes “A Lot of Money?”



Posted by: Arian Eigen Heald
Data Breaches, data security, information security

There's always a lot of discussion on the Internet about how much "security" (by which they usually mean IT security) costs, and whether it's a good ROI. (Return on Investment - another candidate for Acronym dismemberment.) There's a lot of factors to consider, but for small to medium sized...


March 12, 2010  12:59 PM

Update on Wyndham Hotel Breaches – “Only 37″



Posted by: Arian Eigen Heald
Data Breaches, data security, information security

Comes the latest news via CSOOnline: Wyndham Hotels and Resorts experienced a computer security incident in late 2009. As a result of that incident, an unauthorized user may have gained access to credit card...


March 6, 2010  3:59 AM

Wyndham’s 3 Breaches in 1 Year = PR Nightmare



Posted by: Arian Eigen Heald
Data Breaches, DataManagement, Eigen's Rules of Thumb, information security, TCM

The Wyndham chain of hotels includes Ramada, Days Inn, Super8, Howard Johnson and Travelodge. None of which I have stayed at in the last year, and frankly, I am really glad. Not one, not two but three breaches have been disclosed to the public by Wyndham management in the last year. Because they...


March 2, 2010  6:18 PM

I.E. Help Files and F1 Function Key = Vulnerability



Posted by: Arian Eigen Heald
Data Breaches, Heads Up, information security, programming

A new alert came out from Microsoft on March 1st. When a user is online with Internet Explorer, they have to press the F1 function key when a pop-up is displayed. Not that users commonly use this key in IE, but some...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: