Identity Theft II…

Security Cartoons…

SecurityCartoon.com – Please observe the licensing conditions!!!

Security Humour…

Guys, let me know what you think of this site…

Bill Gates bids a teary farewell to Microsoft (Photo Gallery)…

With CEO Steve Ballmer looking on, Bill Gates has a last laugh with Microsoft employees on his last full day on the job.

Ballmer and Gates.

On June 15, 2006, Microsoft Chairman Bill Gates, Chief Research and Strategy Officer Craig Mundie, Chief Software Architect Ray Ozzie and CEO Steve Ballmer pose after Bill announces his plans to phase himself out of the company.

Bill Gates bids a teary farewell to Microsoft…

Bill Gates said a teary goodbye to Microsoft, the software maker he built into the world’s most valuable technology company based on the ambitious goal of placing a computer on every desk and in every home.

Full story: http://news.zdnet.com/2424-9595_22-208815.html

Your DBA has his/her hand in the till!

I have written and pontificated often enough on the dangers of trusted employees. One of the biggest shifts underway in the threatscape is due to the increased value of personal identity information and the emergence of markets for that information. This change means that traditional security measures which were focussed on keeping viruses and worms out, and the occasional malicious hacker, are not going to protect you from today’s threat: your own employees and contractors.

Full story: http://blogs.zdnet.com/threatchaos/?p=460

Information Security…

Identity Theft…

Out-of-office Messages…

Automatically generated out-of-office messages, like the kind created by Microsoft Outlook, are continually seen as potential security risks.

But what are the risks?

You may think is seems silly that a simple message informing someone that you are not in the office to respond to their message can pose a security risk, but these risks are very real for many organizations.

We have detailed the top 3 reasons why these handy helpful messages can be bad for you:

1) Physical absence: For small office or home office environments, an out-of-office message can easily alert someone to the fact that you may not be physically present at your location. Paranoia? Possibly, but letting people know that your premises may not be staffed is not necessarily the wisest thing to do in these trying and crime filled times. Larger businesses might not need to be as concerned about this particular issue unless their existing security does not sufficiently cater for unknown entities walking around the workplace. A very real threat is that people knowing you are away and for how long can plan to take advantage of the fact that your desk, workstation and files will be unattended for a set period.

2) Social engineering: Out-of-office messages with too much detail can give an outsider that much information to perform a “social engineering” attack – i.e. penetrate the security of your organization by working through your co-workers and exploiting their human nature, using the information you provide in your out-of-office message to easier convince them that they and their requests are legitimate.

3) Dictionary attacks: If a spammer tries to use dictionary attacks (randomly-generated e-mail names) on an organization, an out-of-office reply is proof that a given address is good, and a spammer could add that to a list of known-valid addresses for future spamming runs.

UK government to tap white hat hackers in security probe…

Some seven months after Britain’s Revenue and Customs department lost data records from 25 million families, reports on the overall security practices of the British government are beginning to come in-and they aren’t pretty. Cabinet Secretary Gus O’Donnell has called for a variety of reforms and changes including a plan to use “white hat” hackers to attack government networks.

Full story: http://arstechnica.com/news.ars/post/20080626-uk-government-to-tap-white-hat-hackers-in-security-probe.html