Sunday, April 03, 2011

A third party breach is similar to what we would expect from a Cloud Computing provider breach. I would expect lots of Phishing emails, if I gave my email address to these clients. I deal with several, but very few have anything but a disposable email address.

http://www.securityweek.com/massive-breach-epsilon-compromises-customer-lists-major-brands

Massive Breach at Epsilon Compromises Customer Lists of Major Brands

Due to the growing list of brands disclosing that they have been compromised as a result of this breach, I’m going to go ahead and tag this as a massive breach. And I only expect it to get bigger as more announcements come out from Epsilon customers.

… Epsilon sends over 40 billion emails annually and counts over 2,500 clients, including 7 of the Fortune 10 to build and host their customer databases.

SecurityWeek has been able to confirm that the customer names and email addresses, and in a few cases other pieces of information, were compromised at several major brands including the following:

• TiVo

• Marriott Rewards

• Ritz-Carlton Rewards

• US Bank

• JPMorgan Chase

• Capital One

• Citi

• McKinsey & Company

• New York & Company

• Brookstone

• Kroger

• Walgreens (Again!)

Some may dismiss the type of data harvested as a minor threat, but having access to customer lists opens the opportunity for targeted phishing attacks to customers who expect communications from these brands. Being able to send a targeted phishing message to a bank customer and personally address them by name will certainly result in a much higher “hit rate” than a typical “blind” spamming campaign would yield. So having access to this information will just help phishing attacks achieve a higher success rate.

As the initial disclosure by Epsilon occurred late in the day on Friday, [Slow news day... Bob] I expect several more brands to be announcing that they’ve been affected by the breach as well. When asked to comment, Epsilon has refused to provide additional details on what other brands may have been affected.


(Related) Clearly not every client is on the list above...

http://www.databreaches.net/?p=17335

The College Board makes notifications after the Epsilon breach



I can see the Defender of Rights in a mask and cape...

http://www.pogowasright.org/?p=22184

French Data Protection Act Amended

April 2, 2011 by Dissent

A new French law containing several key amendments to the French Data Protection Act and creating a new public authority referred to as the “Defender of Rights” (Loi n°2011-334 du 29 mars 2011 relative au Défenseur des droits, or the “Law”) came into effect on March 30, 2011. The Defender of Rights, whose role is to defend civil rights and liberties, to promote children’s rights and to fight against discrimination, also will serve as a member of the CNIL’s plenary committee.

Read more on Hunton & Williams Privacy and Information Security Law Blog.



The music industry never liked the idea that you might create a backup copy of your music (rather than buy another copy) Have they have convinced someone independent or is this another “industry controlled” organization?

http://entertainment.slashdot.org/story/11/04/02/1625241/CD-Ripper-Incites-Law-Breaking-Says-British-Regulator?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

CD Ripper 'Incites Law Breaking,' Says British Regulator

"A British firm has been banned from advertising a CD ripping device because it 'incites law breaking.' The Brennan JB7 is 'a CD player with a hard disk that stores up to 5,000 CDs.' The adverts for the Brennan highlight the convenience of ripping your entire CD collection to the device – much like we've all been doing for years on our PCs, iPods and other MP3 players. The Advertising Standards Authority has banned the ads after concluding 'that the ad misleadingly implied it was acceptable to copy CDs, vinyl and cassettes without the permission of the copyright owner.'"



Justice goes Hollywood! Court TV now Court YouTube.

http://www.bespacific.com/mt/archives/026900.html

April 02, 2011

US Court of Appeals - 9th Circuit YouTube Channel

"This is the official YouTube Channel for the US Court of Appeals for the Ninth Circuit. In addition to these video recordings, you may find audio recordings of our hearings on our internet site at http://www.ca9.uscourts.gov."



How large a share of the market will it take to keep RIM from bankruptcy?

http://mobile.slashdot.org/story/11/04/02/2159217/Android-Passes-BlackBerry-In-US-Market-Share?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Android Passes BlackBerry In US Market Share

"69.5 million people in the US owned smartphones during the three months ending in February 2011, up 13 percent from the preceding three-month period. For the first time, more Americans are using phones running Google's Android operating system than Research In Motion's BlackBerry, according to comScore. Having passed the iPhone in the preceding three-month period, this now means that Android has been crowned king in the US."



For my Intro to IT students

http://graphic.is/videos/how-large-is-a-petabyte/

How Large Is a Petabyte

A Petabyte is equivalent to:

1024 Terabytes,

1,048,576 Gigabytes,

1,073,741,824 Megabytes,

1,099,511,627,776 Kilobytes,

1,125,899,906,842,624 Bytes,

9,007,199,254,740,992 Bits.

As a rough guide, you can fit 0.00002 Petabytes (or 25 Gigabytes) on a single-layer Blu-ray disc, 0.000048 Petabytes (or 50 Gigabytes) on a dual-layer Blu-ray disc, 0.000004 PetaBytes (or 4.7 Gigabytes) of information on a full size (12cm) DVD and 0.0000005 Petabytes (or 0.7 GigaBytes) of information on a standard (12cm) CD.

[Or, looked at from the other direction:

There are 8 Bits in a Byte, 1024 Bytes in a Kilobyte (KB), 1024 KiloBytes in a MegaByte (MB), 1024 MegaBytes in a GigaByte (GB), 1024 GigaBytes in a TeraByte (TB), 1024 TeraBytes in a PetaByte, 1024 PetaBytes in an ExaByte, 1024 ExaBytes in a ZettaByte and 1024 ZettaBytes in a YottaByte.



An interesting InfoGraphic for my Ethical Hackers...

http://www.smashingapps.com/2011/04/02/current-state-of-freedom-on-the-internet-infographic.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SmashingApps+%28Smashing+Apps%29

Current State Of Freedom On The Internet (Infographic)


No comments: