blog trackingRealtime Web Statistics Sensitive Archives - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘Sensitive’

How to protect sensitive business data and mitigate the risk of mobile malware


Halifax, Nova Scotia – Information technology supervisor explains cell phone restrictions in secure areas. Episode 333 For more information on the Canadian A…

________________________

http://gregorydevans.com – http://gregorydevans.wordpress.com – http://hackerforhire.com – http://hackerforhireusa.com

Two Colombian government employees arrested for selling sensitive information

Mark Rockwell Top Priority Sector:  border_security A former prosecutor and a clerk in Colombia’s office of attorney general have been arrested for selling sensitive information about U.S. narcotics prosecutions in New York. The two Colombian nationals were arrested on Nov. 16 in Bogotá and charged with obstruction of justice, said U.S. Immigration and Customs Enforcement’s […]

View full post on The Cyber Wars

NASA says no sensitive information breached in Unknowns hack

NASA acknowledged an attack on one of its websites by “The Unknowns,” a group that has been publicly trickling information on websites it has hacked over the last few weeks.

View full post on Techworld.com security

View full post on National Cyber Security » Computer Hacking

ProtectMyID: Beyond #buttdials, your #smartphone has a big mouth. Take steps to ensure you don’t leave a trail of sensitive info. http://t.co/wI796BBU

ProtectMyID: Beyond #buttdials, your #smartphone has a big mouth. Take steps to ensure you don’t leave a trail of sensitive info. http://t.co/wI796BBU

View full post on Twitter / ProtectMyID

View full post on National Cyber Security

Syria Blocks Protesters’ Text Messages Containing Sensitive Terms

Like us on Facebook

By narrowing down modes of communications with filters, the government has effectively minimized protesters’ ability to organize and fuel dissent.

However, AdaptiveMobile has denied any involvement in the human rights violations carried out using its equipments.

In a statement to TheJournal.ie, AdaptiveMobile refuted the Bloomberg report and said that it never had a relationship, provided services or engaged with the Syrian government or associated organizations.

The Irish company, distancing itself from the controversy, said that it “does not condone the unlawful use or abuse of any software and/or technology and condemns any abuse of telecommunications networks to abridge human rights.”

Cellusys, meanwhile, said it is unaware of how its equipments are put to use by the Syrian government.

“Once they have the systems, they control it,” Cellusys CEO Dawood Ghalaieny told Bloomberg. “If it is used for something else, there is not much that can be done,” he said.

To report problems or to leave feedback about this article, e-mail:
To contact the editor, e-mail:

Article source: http://www.ibtimes.com/articles/299588/20120216/syria-blocks-protesters-text-messages-containing-sensitive.htm

View full post on National Cyber Security » Spyware/ Cyber Snooping

ProtectMyID: Is your WiFi secure? If not, an #identitythief could slip into your network and poach sensitive info. http://t.co/khxRjQHJ #cybersecurity

ProtectMyID: Is your WiFi secure? If not, an #identitythief could slip into your network and poach sensitive info. http://t.co/khxRjQHJ #cybersecurity

View full post on Twitter / ProtectMyID

View full post on National Cyber Security

ProtectMyID: Is your WiFi secure? If not, an #identitythief could slip into your network and poach sensitive info. http://t.co/khxRjQHJ #cybersecurity

ProtectMyID: Is your WiFi secure? If not, an #identitythief could slip into your network and poach sensitive info. http://t.co/khxRjQHJ #cybersecurity

View full post on Twitter / ProtectMyID

View full post on National Cyber Security

ProtectMyID: Need a last-minute gift? Give the gift of protection – a cross-cut shredder. @ITRCSD says it’s perfect for destroying sensitive documents.

ProtectMyID: Need a last-minute gift? Give the gift of protection – a cross-cut shredder. @ITRCSD says it’s perfect for destroying sensitive documents.

View full post on Twitter / ProtectMyID

View full post on National Cyber Security

Lax security blamed for 100,000+ sensitive files found on Manning’s PC

The fourth pretrial hearing for Army Pfc. Bradley Manningday put the spotlight on more than 100,000 sensitive documents and conversation logs between Manning. This case raises the question of how organisations can contain the considerable risk presented by rogue employees? Lax security blamed for 100,000+ sensitive files found on Manning’s PC, Blog, Security, Found, files, Sensitive, blamed, Manning’s, 100000+

View full post on Naked Security – Sophos

View full post on National Cyber Security

Underground calling service extracts sensitive info for £6 per call

Researchers from security vendor Trusteer have come across a professional calling service that caters to cybercriminals. The business offers to extract sensitive information needed for bank fraud and identity theft from individuals.

The security company spotted an advertisement for making on-demand calls in English and other European languages to private individuals, banks, shops, post offices and similar organisations. At a cost of £6 (US$10) per call, cybercriminals were offered the possibility of obtaining the missing pieces of information they needed to pull off attacks.

Fraudsters can either use malware to steal personal and financial information or buy it from the underground market in bulk, said Amit Klein, Trusteer’s chief technology officer. However, sometimes this information is insufficient to perform fraud, he added.

Cybercriminals are commonly faced with this problem because a large number of financial institutions have implemented advanced anti-fraud mechanisms. For example, many banks require one-time-use passwords (OTPs) to authenticate customers on their websites. Others require unique codes sent to mobile devices (mTANs) to authorise transactions.

One of the easiest ways to obtain information from a target is social engineering – convincing someone to provide it. However, not every cybercriminal is skilled in such techniques and those who are capable of pulling off these attacks are often faced with a language barrier.

Establishing trusting relationships with victims

This is where call services like the one found by Trusteer come in. Their staff is trained to impersonate bank employees, computer technicians, travel agents, recruiters and other people to whom targeted individuals are likely to disclose information.

The callers receive background information about the targets from cybercriminals and use it to establish trusting relationships with the victims.

For example, if a fraudster wants to log into an account by using stolen online banking credentials, but is prompted for an OTP because he uses a different IP address than the real account holder, he can give a caller the information needed to impersonate a bank employee.

Armed with things like the victim’s name, account number, birth date and other personal information, the caller can claim that he’s performing system checks and ask the targeted individual to read back the code sent to their phone.

Illegal call services are not new. In September 2010, a 26-year-old Belarusian man named Dmitry M. Naskovets was extradited to the US to face charges related to operating CallService.biz, a service that allowed cybercriminals to bypass phone verification checks enforced by US banks. However, the number of rogue call centres has increased in recent years.

Calls re-routed through compromised phone systems

This year security companies reported cold-calling campaigns throughout the UK, Canada, US, Australia and other countries, in which the callers impersonated computer technicians from ISPs (Internet service providers) or Microsoft to trick people into installing malware on their computers. Some of the schemes were tracked back to India, where because of low-cost labour, these businesses are very profitable.

In this case the advertisement was seen on a Russian forum, so there is a high probability that the service is managed by Russian-speaking individuals. “In addition, since the service is available during American and European working hours, it might indicate that the group is operating in these regions,” said Trusteer security researcher Ayelet Heyman.

According to Heyman, the service is still operational at this time and Trusteer is not aware of any types of actions taken to shut it down. There is also a possibility that the people behind it are routing the calls through compromised phone systems in order to decrease the costs of the operation, she said.

Users should treat all unsolicited calls with caution, regardless of what kind of information the person on the other end of the line has about them, Klein advised. They should also confirm any suspicious requests with the organisation the caller is claiming to represent, but they should do so by calling its publicly listed numbers, not those provided by the caller.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/19fc2bb2/l/0Lnews0Btechworld0N0Csecurity0C33174490Cunderground0Ecalling0Eservice0Eextracts0Esensitive0Einfo0Efor0E60Eper0Ecall0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Gregory Evans | LinkedIn

Interview With Gregory Evans

Gregory Evans Security Expert

Gregory Evans on Cyber Crime

Page 1 of 212»

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!