09/11/2007 - A Chronology of Data Breaches Reported Since the ChoicePoint Incident outlines many of 2005’s breaches and their causes, from 250 individuals who were put at risk when computers at East Carolina University were hacked to the millions at risk from breaches at CardSystems.
09/11/2007 - Trojan horse programs—those pieces of malware designed to infiltrate a computer and then steal information to be sent back to an attacker—accounted for more of the malicious code in 2005 than worms. This indicates, according to researchers at antivirus firm Sophos, that criminals may be moving away from large-scale bombardments in favor of targeted attacks that could yield passwords, credit card information, and bank login credentials. @ The Sophos Security Threat Management Report is at SM Online
09/11/2007 - New computer worms are carrying software agents called bots that can use your network to send spam, launch attacks, and infect other computers. Find out how these bots work and how to keep them out of your network.
09/11/2007 - There are seven steps in a phishing attack, from preparation through successful infection of a victim to the fraud committed using stolen information. Fortunately, there are countermeasures available for each stage. For example, organizations should monitor call volumes and the type of questions customers are asking; a large number of calls regarding password problems can signal a phishing attack. To interfere with the use of compromised information, organizations can use two-factor authentication devices such as biometrics. Instituting delays in some types of money transfers can provide time to detect and void phishing-based transactions. @ Online identity theft: phishing technology, checkpoints and countermeasures, from the identity theft technology council is at SM Online.
09/07/2007 - Do you use the same password for all the different sites you visit that require one? If you do, you’re in the majority, according to a poll of 100 people conducted by UPEK, a manufacturer of biometric products. Half of those who use the same password say that it is based on the name of their spouse, pet, hometown, or favorite baseball team—and it is never changed.
@ More from the UPEK survey, which also considers the public’s acceptance of using biometrics instead of passwords, is at SM Online.