Posts Tagged 'security'

Korean Data Leak Courtesy of Chinese Hackers

They just never quit do they? South Korea is the latest victim of a major data breach courtesy of Chinese hackers. Korean retailer Shinsegae, in addition 24 other companies, reported the theft of approximately 20 million customer accounts and private data. Police tracked down 3 South Koreans for attempting to sell the information online. The original Chinese hackers are still at large.

The government security agency plans on launching a probe into whether the corporations implemented adequate security measures to prevent such a theft. Otherwise, somebody gonna get fired. To date this has been the worst data breach in the country’s history.

“Shinsegae issued a statement of apology after data on 3.3 million of its customers was leaked from its online shopping mall.” (link)

Security News

So Conficker‘s big day rolled around and  a little dust stirred up. April 1st was the date the worm was to update itself by contacting a few websites for further instructions. A few reports have streamed in but little has happened. A few government facilities hit DEFCON3 temporarily as their systems were on the fritz but were quickly put back under control. Other than that, nothing has happened. Security experts continue to worry what the creators have in store for the future.

How about remotely disabling computers for unpaid Internet bills or if your laptop was stolen? Ericsson has developed a module which can perform such a task. Several manufacturers are currently using the modules: LG Electronics Inc., Dell Inc., Toshiba Corp. and Lenovo.It’s unlikely that ISPs would cut you off for missing a payment however the technology does exist and might show up in a computer near you. The real use comes into play when it comes to data protection. Stolen laptops and preventing sensitive data from falling into the wrong hands. Ever had a laptop stolen and had to resort to your backup? And then have that fail and need data recovery? Yeah, it’s a real pain. Trust me, you don’t want to go through it.

DNS tops black hat discussion

With the Black Hat security conference drawing to a close, it’s a good time to take a look at the various topics that dominated this year’s seminars. Security researcher Dan Kaminsky’s presentation on the DNS exploit he discovered months ago was a standing-room only event, and while we’ve covered the vulnerability several times here at Ars, Kaminsky provided additional details and some back history on his discovery. Cisco was also discussed at Black Hat this year, after several years of silence, and the EFF announced its own Coder’s Rights Project.

Kaminsky has made the slide deck from his presentation available (PPT); the slides are thorough enough to get a sense of his presentation. According to his talk, DNS and the infrastructure of the Internet itself remain fundamentally vulnerable in ways that will not be easy to correct. Kaminsky refutes the idea that SSL is an antidote to these DNS vulnerabilities, as SSL certifications are themselves dependent on proper DNS functionality. (link)

Only TSA laptop approved bags

There’s a new option for people annoyed at having to take their laptops out of their bags at airport security. The Transportation Security Administration will now allow travelers to leave their computers inside “checkpoint friendly” cases.

The new rules, announced Tuesday and set to take effect Aug. 16, are intended to help streamline the X-ray inspection lines.

TSA said it reached out to bag manufacturers this year to design laptop cases that would provide a clear, unobstructed image of the computer as it passed through an X-ray machine. The agency said the new bags will be available for purchase this month. (link)

Spam clogging up the Intertubes, 80% of email traffic

Almost everyone hates spam. The only people that don’t hate it are the ones that make vast amounts of money from sending it. The profits they turn are so large that regardless of what spam fighters do, the amount of spam keeps increasing. According to web security firm MessageLabs, spam accounted for 81.5 percent of all e-mail traffic in June.

This number, which is calculated based on 3 billion e-mail connections that MessageLabs scans every single day, more or less corresponds with US-specific data. An analysis of year-to-date spam rates for individual US states shows that the percentage of e-mails that were spam range from 77 (Montana) to 91 percent (Illinois). In other words, in every single state in the US, over three quarters of e-mails sent are junk. The average spam level in the US was 86 percent in June. (link)

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 29 other followers

Technorati – Blog Search

Add to Technorati Favorites

submit express