Wednesday, April 08, 2009

...so is it more than 50,000? What proves data safe in a situation like this?

http://www.databreaches.net/?p=2853

Mitsubishi UFJ says 49,159 customer records leaked

April 8, 2009 by admin Filed under: Financial Sector, Insider, Non-U.S.

Junko Fujita of Thomson Reuters reports that Mitsubishi UFJ Financial Group’s brokerage unit experienced a data breach when a former employee took records on 1.5 million customers home. Records on 49,159 customers, including personal and salary details, were sold to data list agents.

The firm says that most of the records have been retrieved.



Small, but close to home.

http://www.coloradoconnection.com/news/news_story.aspx?id=283799

Man indicted for identity theft and check fraud in 10 counties

Tuesday, April 07, 2009 at 9:27 a.m.

DENVER, COLO. -- Colorado Attorney General John Suthers announced today the Statewide Grand Jury has issued a 25-count indictment against Timothy Kuskowski (DOB: 7/20/1963) who is suspected of stealing the identities of nearly two dozen Coloradans and using them to pass fake checks in 10 counties across Colorado.



CyberWar You always scout/probe before launching an attack.

http://www.bespacific.com/mt/archives/021044.html

April 07, 2009

WSJ: Electricity Grid in U.S. Penetrated by Spies

"Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials... But protecting the electrical grid and other infrastructure is a key part of the Obama administration's cybersecurity review, which is to be completed next week. Under the Bush administration, Congress approved $17 billion in secret funds to protect government networks, according to people familiar with the budget. The Obama administration is weighing whether to expand the program to address vulnerabilities in private computer networks, which would cost billions of dollars more. A senior Pentagon official said Tuesday the Pentagon has spent $100 million in the past six months repairing cyber damage."

  • See also North American Electric Reliability Corporation letter to Industry Stakeholders, April 7, 2009: "...as we consider cyber security, a host of new considerations arise. Rather than considering the unexpected failure of a digital protection and control device within a substation, for example, system planners and operators will need to consider the potential for the simultaneous manipulation of all devices in the substation or, worse yet, across multiple substations... One of the more significant elements of a cyber threat, contributing to the uniqueness of cyber risk, is the cross-cutting and horizontal nature of networked technology that provides the means for an intelligent cyber attacker to impact multiple assets at once, and from a distance."

[The WSJ article: http://online.wsj.com/article/SB123914805204099085.html?mod=googlenews_wsj

The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.

… The espionage appeared pervasive across the U.S. and doesn't target a particular company or region, said a former Department of Homeland Security official. "There are intrusions, and they are growing," the former official said, referring to electrical systems. "There were a lot last year."



If this was in fact a federal requirement, wouldn't more than one state be impacted? Or don't people in other states have concerns?

http://www.pogowasright.org/article.php?story=20090407110152369

Student privacy bill spurs debate in Augusta

Tuesday, April 07 2009 @ 11:01 AM EDT Contributed by: PrivacyNews

Students, parents and school administrators all told lawmakers the Department of Education should stop collecting the names of students disciplined by schools and keeping them in a database, but Commissioner Susan Gendron warned that could jeopardize all federal funds for education that come to the state.

Source - Politicker.com



Get 'em while they're young!

http://news.cnet.com/8301-13639_3-10214182-42.html?part=rss&subj=news&tag=2547-1_3-0-5

Intelligence agency hosts kids' Web sites

by Mark Rutherford April 8, 2009 6:00 AM PDT

It's never too early to know your organs of state. To this end, the Office of the Director of National Intelligence is hosting what it calls the Intelligence Agency Community Kids' Page.

The page offers roughly a dozen links to U.S. intelligence and law enforcement agency sites, where children can learn about the institutional layout and various skill sets of each department.

For example, the NSA offers a primer on cryptology, led by a collection of trademarked characters like Crypto Cat and Decipher Dog.



More bad stuff, go figure.

http://news.cnet.com/8301-1009_3-10214586-83.html?part=rss&subj=news&tag=2547-1_3-0-5

Microsoft: Scareware, PDF exploits rise

by Elinor Mills April 8, 2009 12:01 AM PDT

The use of scareware and exploits that take advantage of common file formats like PDF, Excel and Word rose in the second half of last year as online scammers realized people are getting smarter about recognizing spam and phishing e-mails, according to a Microsoft security report to be released on Wednesday.

There was a significant increase in rogue security software, which falsely informs people they need to buy security software and instead either does nothing or steals personal information, the Microsoft Security Intelligence Report found.



May be a bit more than my Intro to Computer Security students need, but could be a mandatory reading for my graduate students.

http://www.pogowasright.org/article.php?story=20090408045755132

Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society

Wednesday, April 08 2009 @ 04:57 AM EDT Contributed by: PrivacyNews

Edited by: Ian Kerr, Valerie Steeves, and Carole Lucock ... This book has been informed by the results of a multi-million dollar research project that has brought together a distinguished array of philosophers, ethicists, feminists, cognitive scientists, lawyers, cryptographers, engineers, policy analysts, government policy makers, and privacy experts. Working collaboratively over a four-year period and participating in an iterative process designed to maximize the potential for interdisciplinary discussion and feedback through a series of workshops and peer review, the authors have integrated crucial public policy themes with the most recent research outcomes.

The book is available for download under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 Canada License by chapter below. Hard copies are available for purchase at Amazon & at Oxford University Press.

Source - On the Identity Trail hat-tip, EPIC.org



...but this isn't a farm subsidy – it's an “anyone but the rich” subsidy, where rich is determined by your income without regard to profit or loss.

http://www.pogowasright.org/article.php?story=20090407110337174

ND farmers say federal form invades their privacy

Tuesday, April 07 2009 @ 11:03 AM EDT Contributed by: PrivacyNews

The Associated Press reports that some North Dakota farmers claim that a new federal farm program form invades their privacy by requiring them to authorize the release of personal tax information to determine their eligibility for federal farm programs.

Source - Grand Forks Herald



Something fishy here – the FBI can't be as ignorant as this make them seem.

http://blog.wired.com/27bstroke6/2009/04/data-centers-ra.html

FBI Defends Disruptive Raids on Texas Data Centers

By Kim Zetter April 07, 2009 3:22:52 PM

The FBI on Tuesday defended its raids on at least two data centers in Texas, in which agents carted out equipment and disrupted service to hundreds of businesses.

The raids were part of an investigation prompted by complaints from AT&T and Verizon about unpaid bills allegedly owed by some data center customers, according to court records. One data center owner charges that the telecoms are using the FBI to collect debts that should be resolved in civil court. But on Tuesday, an FBI spokesman disputed that charge.

… According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. [What evidence would they provide? Bob] Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner's business accounts, $1,000 from his teenage daughter's account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.



How would the government refute these charges if they can't mention the election in the national media? Did they even monitor Twitter enough to know this was coming?

http://news.slashdot.org/article.pl?sid=09/04/07/148257&from=rss

Organized Online, Students Storm Gov't. Buildings In Moldova

Posted by timothy on Tuesday April 07, @10:23AM from the no-emoticon-for-what-I-feel dept.

An anonymous reader writes

"Reacting to allegedly fraudulent election procedures, students are storming the presidency and parliament of the small eastern European country of Moldova. It is reported that they used Twitter to organize. Currently twitter and blogs are being used to spread word of what is happening since all national news websites have been blocked. If the 1989 Romanian revolution was the first to be televised, is this the first to be led by twitter and social networks?"

Jamie points out this interesting presentation (from March 2008) by Ethan Zuckerman about the realities of online activism, including how governments try to constrain it.



Quick and easy. Even a caveman could do it.

http://www.atthebreach.com/blog/the-easiest-way-to-detect-conficker-compromised-systems/

April 07, 2009

The Easiest Way to Detect Conficker Compromised Systems

I was impressed with a method that some have developed to detect (in a very simple way) if your system is infected with Conficker. Certainly there are many tools out there, but nothing quite as simple as this. Go out to this website. Click on the “Eye Chart” link. Based on the images you see, you can detect if you are infected with Conficker and even the variant strain. Very simple. Very easy.



The question is, “Secret from whom?” Did the RIAA have a chair at the table?

http://yro.slashdot.org/article.pl?sid=09/04/07/2212227&from=rss

US Gov. Releases Six Pages On Secret ACTA Pact

Posted by kdawson on Tuesday April 07, @07:00PM from the one-thousand-two-hundred-ninety-four-to-go dept. Censorship Government

narramissic writes

"Change is afoot at the Office of the US Trade Representative. New details have been released about an anti-counterfeiting trade agreement that has been discussed in secret among the US, Japan, the European Union and other countries since 2006. Although the six-page summary (PDF) provides little in the way of specific detail about the current state of negotiations, the release represents a change in policy at the USTR, which had argued in the past that information on the trade pact was 'properly classified in the interest of national security.'"

Michael Geist has a timeline that puts together more details about the ACTA negotiations than any government has so far been willing to reveal.



Lawyers Tweet? A website for lawyers who don't use websites? How can a lawyer say anything in a mere 140 characters (other than “Let's sue!”)

http://www.killerstartups.com/Comm/tweetlaw-com-twitter-for-law-professionals

TweetLaw.com – Twitter For Law Professionals

http://tweetlaw.com/

This site is all about Law. If you are a legal professional on the lookout for information related to your profession, you should take a look at this website. This online resource is based on Twitter. In fact, this solution can be defined as a Twitter for Law professionals.

… After you create an account (for free) you can start browsing through more than 30 categories in order to find attorneys and lawyers, as well as small law firms. Investigators and other law-related professionals are also accounted for.

No comments: