It’s hard to miss all of the news headlines about hacker groups and security intrusions. These attacks now seem to be unavoidable even for Government agencies. For weeks now the public has been following the Sony Incident, which now appears to have been only the tip of the iceberg. Even the State Senate computers have fallen victim to a group of hackers known as Lulze Security.
Anonymous
In the past week both the Lulze Security group as well as the cyber group “Anonymous” have taken responsibility for several attacks. Lulze Security have claimed responsibility for the attacks on the Sony Picture’s website, PBS.com, Fox.com, and the DDoS attacks on game company Bethesda. According to thier LulzSec Twitter Page they are now apparently taking hacking request through a messaging hotline. As for Anonymous they have claimed to be responsible for the Bank of America attack, the Spanish Police Department attack, and are thought to be behind the Sony PSN disaster. To prove their infiltration on the Senate network Lulze Security has posted a list of files online along side their other postings. However, it was said that none of the data taken from the Senate’s network contained sensitive information. Although it’s not completely clear whether or not sensitive files were actually obtained, the intrusion itself displays the group’s capabilities and malicious intent.
Compared to last couple months, it seems that these types of attacks have changed direction moving from the acquisition of personal information to the infiltration of high powered and influential organizations. Besides gaining access to personal or financial information, perhaps these attacks are based on retaliation, display of power, or reputation. Speculation aside what’s truly concerning is the lack of security or the… Read the rest
Tags: anonymous, cyber attack, hack, hacker, Hackers, Information Security, lulze security, network access, system vulnerabilites Posted in Information Security | No Comments »
This week major companies have taken to the stage to introduce their new and future products. Having the E3 Expo and the Worldwide Developers Conference scheduled for the same week certainly provided a week full of exciting news and entertainment for customers. At E3 companies like Sony, Microsoft, and Nintendo all provided insight into their latest developments that included PlayStation Vita, Nintendo 3DS, and Nintendo Wii U. Apple was the first to publicly display their future software products at the Worldwide Developers Conference that took place on June 6, 2011.
from http://www.apple.com/ios/ios5/, June 2011
There had been a lot of talk leading up to Apple’s announcements, even more so than usual since this year they went so far as to provide an outline of key topics prior to the conference. Among the announcements made by Apple was the new iCloud, OS X Lion, and IOS 5. We have been hearing rumors for some time now about Apple’s new iCloud product which for the most part have all been confirmed. To learn more about iCloud you can visit our “Apple iCloud Rumors to Be Addressed at the 2011 WWDC” blog post and to learn more about OS X Lion check out 9 Things to Know about Apples latest OS. Bringing us back to IOS 5, like OS X Lion this software version introduces a ton of new features. Here is a round-up of some of the key features that IOS 5 will have to offer when it becomes available later this year.
IOS 5 will offer over 200… Read the rest
Tags: Apple, iCloud, IOS 5, Ipad, iPod, mac, mobile device, Operating Systems, OS X Lion Posted in Mac, Software | No Comments »
It has been over a month since Sony announced that the reason for the shutdown of their PlayStation Network service on April 20, 2011 was due to an external intrusion. On May 4, 2011 Sony had confirmed that the PSN Attack was able to obtain the personal information from over 100 million users. Following the hack, Sony remained confident and projected a short downtime for the network. Although Sony initially stated that they would fully restore their services by the end of the week, the recovery process experienced unforeseen problems.
from http://us.playstation.com/psn/, June 2011
After being disabled for approximately 23 days, on May 15, 2011 the Sony PlayStation Network began restoring parts of their service country by country. At this time the sign-in for the PSN/Qriocity services, online gameplay, rental content, third party services, friends list, and chat functionality were all restored. Missing from the services that were brought back online was the PlayStation Store. Once back online the network again faced an issue concerning the password reset page. It was discovered that the password reset process was enabling unauthorized users to change the passwords of other users provided that they had knowledge of their email address and date of birth. After the discovery of this exploit the network disabled the password reset pages and resumed working to restore the PlayStation Store.
Sony announced that they will be offering customers free content as a part of a “Welcome Back Program”. The free customer appreciation content will be available sometime shortly after full restoration. Sony has also stated that the cost of the network outages and restoration was $171 million which includes the costs of security enhancements, customer reimbursements, and loss of content sales.… Read the rest
Tags: hack, Information Security, PlayStation, PlayStation Network, PlayStation Store, PSN, Sony, Sony PlayStation, Sony PSN Posted in Information Security | No Comments »
Recently the MacDefender Malware has created a lot of concerns for Mac users all around the world. Quickly spreading, the MacDefender Malware is a phishing scheme that presents a message that informs users that their system has been corrupted. The ploy goes on to tell Mac user that the only way to remove the viruses is to utilize the MacDefender app. The MacDefender malware can also appear as MacProtector and MacSecurity. The malware does not infect a user’s machines with viruses or monitor keystrokes. Their sole purpose is to frighten and persuade users to purchase the MacDefender application thus gaining access to the customer’s credit card information.
from http://www.Apple.com, May 2011
Mac has estimated that between 60,000 and 125,000 Mac users have already been exposed to this malware. Most users have encountered this problem through poisoned Google images. When users access a poisoned link, a page will launch and display a virus scan. After being transferred to the infected webpage the software begins to download and informs users of an infection. Previously the malware required permission to install but despite the efforts made by Mac a newer version of the malware has been created, which no longer needs the user’s permission. This MacDefender version automatically installs on a machine during the fake scan process.
Mac has yet to take action against the initial malware but has stated they will have a resolution with their next OS X Update. Mac states that they will “deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. Mac however has not addressed the new version of the malware and has also informed their support staff Not to assist users with MacDefender removal. Although… Read the rest
Tags: Information Security, mac, MacDefender, MacDefender Malware, malicious software, Malware, malware removal, phishing, virus removal Posted in Information Security, Internet, Mac | No Comments »
In case it wasn’t bad enough that Facebook was discovered to be behind the recent Google smear campaign they now have to also deal with looming government regulations. Although it has only been a couple of days since it was announced that Facebook hired PR firm Burson-Marstellar to smear Google’s name, both companies have teamed up to take on the Social Networking Privacy Act (SB 242). Along with Google and Facebook, Twitter and Skype were also mentioned to have cosigned a letter strongly opposing the new bill.
This isn’t the first time that we have heard of the bill that was introduced by California Senate Majority Leader Ellen M. Corbett. The bill previously addressed the privacy and security for users under 13 but has since been amended to incorporate all users after initially facing heavy opposition. The motivation behind the legislation was to protect underage users, it’s estimated that although the Facebook age limit is set at 13, over 7.5 million users are under that age and 5 million of those users are even under the age of 10. The Polly Klaas Foundation found that over 42% of teens post personal identifiable information on social media sites which provides a solid foundation to Corbett’s concerns.
The Social Networking Privacy Act would require users to select and acknowledge their privacy settings before submitting their user registration. The default privacy setting would list only a user name and city of residence until that user decides to adjust their user settings. In Senate Majority Leader Corbett’s words “you shouldn’t have to sign in and give up your personal information before you get to the part where you say ‘please don’t share my personal information.”
Facebook CEO Mark Zuckerberg states that “making personal data public is… Read the rest
Tags: Facebook, government, government regulation, Networking, privacy, privacy policy, regulation, social networking Posted in Information Security, Social Networking | 1 Comment »
Online security threats and system vulnerabilities will always be an issue on the Internet regardless of the amount of security we implement. As the security for major online companies gets smarter the hackers and computer viruses get more inventive as well. This balance is unlikely to disappear because there will always some kind of benefit for people who perform these destructive actions. Whether it is for notoriety, money, or information the effects of these actions require companies to be forward thinking and remain focused on the protection of their users.
Following the largely publicized PlayStation Network Hack a couple weeks ago, two other major websites experienced their own misfortune. For Google it was discovered that their images were replaced with malware and Facebook was also notified that their applications were unintentionally leaking information to third parties. Although these two incidents are completely different with one being pure mischief and the other being an oversight the two cases highlight severe vulnerabilities for major websites.
After weeks of user complaints Google identified that some of their Google Images search results were pointing users to webpages that forced misleading anti-virus scans and security alerts. The attackers apparently infiltrated high trending Google Image search results and planted their own PHP scripts to generate their own malicious content. Once their own PHP scripts were implemented the Google bots crawled and eventually displayed thumbnails for their bogus web pages. When clicked on, the image redirected users to a bad page. Google is currently working hard to remove all of the bad links. For more specific details on how and what was affected visit More on Google Image Poisoning.
Shortly after Google realized their security flaw, Facebook was notified by Symantec regarding their security issue. On Tuesday May 10, 2011 Symantec published that Facebook applications have… Read the rest
Tags: Facebook, google, google images, Information Security, Malware, security threats, users, vulnerabilities, website Posted in Information Security | No Comments »
As helpful as technology may be to businesses it can also present certain challenges. If poorly managed, business technology can often prove to be just as harmful as it is beneficial. This is why we have IT professionals or IT departments. Regardless of how much equipment a company may have the role of an IT department is a full time job especially when you consider the possible strain most companies place on their technology and their need to prevent any malfunctions.
Whether it is a single computer and printer or ten networked computers running off of a server it is mostly the IT department that handles the purchasing, installation, updating, management, and repair of company technology. In order for an IT department to be successful and maintain the integrity of the technology it should possess the following characteristics.
- Qualified and motivated staff
- Appropriate IT resources
- Effective department management
- Proper IT procedures
- Regular meeting, documentation, and review
It is the goal of an IT department to not only fix and manage the company equipment but to also ensure the security of information. To do so an IT department should be performing routine tasks, that includes establishing policies and procedures, updating equipment, and running diagnostics. The majority of work done by these departments should be preventive measures so that when problems do arise they already have procedures in place that detail immediate solutions. Now of course most IT departments cannot predict every incident that has the can occur however they should come pretty close to being able to recognize the most frequent or detrimental threats. Various simple but overlooked tips for a company and IT departments include,
- Password Policies, many users choose to utilize a password that is easy to remember rather than one that is sufficient to protect critical information. A company or IT department should implement a password policy that details and
… Read the rest
Tags: computer, equipment, Information Technology, IT, IT department, Maintenance, small business, technology Posted in Information Security, PC Maintenance | No Comments »
On Friday April 22, 2011 the Sony PlayStation Network stated that as of April 19 th they had become aware that PlayStation and Qriocity user accounts had been hacked. Prior to this notification they have made several announcements, none of which providing the exact details for the disruption in network services.
During the time leading up to the official public disclosure Sony had disabled their system which left many PlayStation Network users in the dark about the true circumstances surrounding the event. It wasn’t until April 26, 2011 that Sony offered the full explanation that user account information and potentially their financial information had been unlawfully acquired during an intrusion. The unauthorized intrusion of the network accounts left over 70 million users as well as their personal and financial information at risk. For a full timeline visit PlayStation Network Hack Timeline.
Because Sony had waited a full 6 days after the time of discovery to present a fully detailed announcement most people are wondering why the delay with informing the public. Typically when a breach does occur it is not uncommon for some amount of time to pass before the public is fully informed, this is usually to confirm the facts, consider solutions and prevent public panic. However during this time users could have been taking their own preventative measures by informing their credit card companies, monitoring credit reports, and avoiding phishing scams. For a great article concerning the legality of informing the public in the event of a security breach visit PlayStation Network hacked, data stolen: how badly is Sony hurt?
The PlayStation Networks Official Website released a statement detailing what efforts are being made to rectify this unfortunate situation and promises that it is a temporary… Read the rest
Tags: Information Security, network attack, PlayStation, PlayStation Network, Sony, user, user accounts, user protection Posted in Information Security, Web Tips | No Comments »
As technology becomes ever more prevalent in our society so does the amount of electronic waste. Each year a number of new gadgets or devices are produced leaving the outdated models to be discarded. The production of new devices is not a bad thing especially since advancements in technology keep us moving forward and increases our productivity. However the same can not be said for how we handle the disposal of our old electronics. The short life span of electronic devices causes us to continuously dispose of more and more electronic waste each year.
Due to the amount of e-waste most states have already put in place standards against dumping electronic devices. Similarly in 2010 the Federal Government enacted the Electronics Recycling Act. This Act states that any organization that is found to be exporting their non-useful e-waste to developing countries will receive heavy penalties and fines. Many companies have recently begun to focus their efforts on establishing guidelines to reduce their amount of e-waste and ensure their compliance with green standards. Although these types of companies are providing the groundwork for a successful reduction in electronic waste it is really up to the individual consumers to follow through with this proposal by disposing of their old devices appropriately.
There are four main ways that we currently handle our electronic waste which is through landfills, recycling, reusing, and incineration. While certain methods may be more suitable than others each of them can still produce negative impacts on our health and environment. Approximately 14-20 million PC’s are discarded making up a huge portion of the 20-50 million tons of electronic waste that we produce annually. From that 20-50 million tons only around 14% of the old products are actually recycled which leaves the rest of the millions of electronics to accumulate and be disposed in a counterproductive manner.
Landfills:
The major problem associated with e-waste is the composition of… Read the rest
Tags: devices, disposal, e-waste, electronics, environment, harmful electronic waste, recycling, tech Posted in Electronics | No Comments »
Recently we published an article on our internet marketing blog detailing various techniques for increasing the speed of a website. In our posting “Simple Modifications That Produce a Faster Website and Boost Rankings!” we provided statistics on what qualifies as a fast website and several suggestions that could potentially increase a website’s loading time. Some of these suggestions included website compression, image optimization, and properly structuring website code.
Each of these methods carries critical importance when attempting to enhance a website page speed. Website compression groups information and sends it using packets of data which mean more information is sent at one time and does not continuously flow item by item. Limiting and optimizing images avoids clutter and reduces the time the images take to display. Ensuring proper code layout also increase page speed because the page knows what elements to load first therefore keeping the visitor occupied and aware that the site is functioning properly until fully loaded.
It is important to first check the speed of your website using one of the many page testing tools found on the internet. Some of the tools are Pingdom Load Time Test and GTmtrix, however recently Google has launched its very own tool called Page Speed Online.
Page Speed Online was released on March 31, 2011 and was previously available only as a browser add-on. Google Labs newest launch now enables users to test the speed or load time of any website from any location. Google Online Page Speed is simple and convenient to use and provides an immediate review of your site and its speed. To use Google’s website speed assessment tool all a user has to do is as follows:
- Navigate to the
… Read the rest
Tags: google, Google Page Speed, load time, online, performance, site, speed, tool Posted in SEO, Web Tips | No Comments »
|