Is Facebook Running Slow For You?

Scareware scammers are staking advantage of rumours about an “unnamed app” that supposedly poses a security risk to Facebook users in order to trick users into sites slinging rogue security software packages.

Searching on Google for the term “Facebook unnamed app” leads to numerous hacker-poisoned search engine results prepared for the scam, which redirect to malware distribution portals. A blog posting by Rik Ferguson of Trend Micro explains that the Facebook unnamed app security threat is just a rumour, but the threat of searching for the term is all too real.

Check out the article - [The Register]

Top 10 tips for protecting business data

According to the Federal Trade Commission, approximately nine million Americans have their identities stolen each year. Data theft is a growing issue that can cost consumers and businesses millions of dollars repairing the damage to their name and credit record.

Check out the article – [Help Net Security]

Imperva Releases Detailed Analysis of 32 Million Breached Consumer Passwords

Imperva, the leader in Data Security, announced today the release of study analyzing 32 million passwords recently exposed in the Rockyou.com breach. Imperva’s Application Defense Center (ADC) analyzed the strength of the passwords in a report, Consumer Password Worst Practices, that analyzes 32 million passwords to help consumers and website administrators identify the most commonly used passwords they should avoid when using social networking or e-commerce sites.

You can can download the report here, or check out the article and get the report. [Imperva]

3D Secure Credit Card Authentication

Researchers at the University of Cambridge Computer Laboratory, say the 3D Secure (3DS) authentications system branded as the “Verified by Visa” and “MasterCard SecureCode” schemes are “a text book example of how not to design an authentication protocol”.

Check out the article – [The H Security]

How PDF and Word Attacks Happen

Oil Companies Hit By Cyber Attacks

At least three US oil companies were victims of highly targeted, email-borne attacks designed to siphon valuable data from their corporate networks and send it abroad, according to a published report citing unnamed people and government documents.

Check out the article - [The Register]

PCI Press Release: Bruce Rutherford Named New PCI Security Standards Council Chair

Today, the PCI Security Standards Council, a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) Security Requirements and the Payment Application Data Security Standard (PA-DSS), announced that Bruce Rutherford, group head, fraud management solutions, payment system integrity, MasterCard, has been appointed as the new chairperson of the PCI Security Standards Council.

Read the entire Press Release – [PCI SSC]

The Security Pub

Random Thoughts About Security

Monthly Archives: January 2010