Archive for April, 2008
Author: Dave Lewis
April 30, 2008 at 11:29 am · Filed under Administravia
Well, after six years working in the critical infrastructure vertical I have decided to move on. I tendered my resignation yesterday and will be moving on the new adventures in a few weeks. I’ll let slip my new day job at that time. It has been an interesting ride to say the least. There have been high points such as my appearance on the front cover of “Information Security” magazine.
And there were low points as recently as two weeks ago. All in all it has been a helluva ride and I made a lot of great friends along the way.
So, now I will have to write my “tell all” book about the true state of critical infrastructure security in North America.
Wait for it…
Hear that thud? I just gave some DHS folks a stroke.
I’m kidding of course. No book on that subject.
This site will go on. Thanks to all of our readership.
Author: Dave Lewis
April 30, 2008 at 7:57 am · Filed under Airline Security, Mobile
I wonder if Christopher Soghoian had tried this one? A blogger by the name of Gerald Buckley used his iPhone to provide his boarding pass at a American Airlines gate.
From gwhiz:
I was travelling yesterday to San Antonio. An all-day, down and back.
Last week I went to Houston via Southwest Air and had Twittered I wanted to use my iPhone as my boarding pass. Their gate agent wasn’t playing along. So, had to use the paper ticket. (What they do with those is anyone’s guess).
But, yesterday, I prepared to try it again only this time with American Airlines. The morning flights to Dallas and then on to San Antonio were packed. So, I didn’t want to be the one to cause a ruckus. On the way back (San Antonio to Dallas) I asked the gate agent if he thought the PDF of my boarding pass would scan. He said, “I don’t know. Let’s try it.”
And, it worked great!
No word if he tried this with TSA.
Read on.
Article Link
Author: Dave Lewis
April 30, 2008 at 7:28 am · Filed under News
This one got past me last week.
From Search Security:
Responding to a wave of criticism and confusion surrounding the imminent deadline for a new section of the PCI Data Security Standard regarding Web application security, the PCI Security Standards Council has released documentation intended to clarify the requirements for securing Web applications.
The clarification is meant to settle some of the confusion regarding the pending enforcement of PCI DSS Requirement 6.6 , which covers application firewalls and code reviews.
Security practitioners and industry observers had criticized the language in the new requirement, saying that it was unclear whether organizations needed to perform a code review and deploy a Web application firewall, or whether one or the other is sufficient. The new document explains that companies can do either the code review or install the application firewall, but that the council would ideally like to see them do both.
Read on.
Article Link
Tags: PCI, PCI Compliance, PCI Web Security
Author: Dave Lewis
April 30, 2008 at 7:18 am · Filed under Humour, Spy Game
This is funny.
Over on the “Thoughts of a Technocrat” blog there is a posting that I recommend you see for yourself. It’s one of the hundreds of sites that I read on a regular basis. It’s worth reading.
Now, I won’t ruin it for you.
Go check it out.
Article Link
Tags: CIA Humour, Funny, Amusing
Author: Dave Lewis
April 29, 2008 at 7:35 am · Filed under Crime, Malware
Microsoft releases botnet hunting tool to law enforcement.
From Network World:
Botnet fighters have another tool in their arsenal, thanks to Microsoft.
The software vendor is giving law enforcers access to a special tool that keeps tabs on botnets, using data compiled from the 450 million computer users who have installed the Malicious Software Removal tool that ships with Windows.
Although Microsoft is reluctant to give out details on its botnet buster — the company said that even revealing its name could give cyber criminals a clue on how to thwart it — company executives discussed it at a closed door conference held for law enforcement professionals Monday. The tool includes data and software that helps law enforcers get a better picture of the data being provided by Microsoft’s users, said Tim Cranton, associate general counsel with Microsoft’s World Wide Internet Safety Programs. “I think of it … as botnet intelligence,” he said.
Read on for the full article.
Article Link
Author: Dave Lewis
April 29, 2008 at 7:27 am · Filed under Geek, Malware
From the Register:
Gamers desperate to get their mitts on Grand Theft Auto IV are being targeted in an opportunistic spyware scam. Spam emails offer prospective marks free entry to a draw offering a PlayStation 3 loaded with the much-anticipated game as a prize.
In reality, these illicit emails are loaded with spyware designed to swipe personal financial information from compromised PCs.
Grand Theft Auto IV for the PS3 and the Xbox 360 was released today to delirium from avid gamers. But some wouldbe buyers have been left disappointed as game stores have been unable to fulfill demand to the extent that even a minority of fans who pre-ordered the game have been left empty-handed.
Spammers are seeking to exploit this disappointment with a carefully targeted spam scam.
Be aware.
Article Link
Tags: Spyware, GTA IV, Grand Theft Auto
Author: Dave Lewis
April 29, 2008 at 7:17 am · Filed under Apple, Mobile
OK, I have to admit that I have been waiting for this for a while now. Today brings word that Rogers will be carrying the iPhone here in Canada. The release date has yet to be made public.
From Rogers Press Release:
TORONTO, April 29 /CNW/ - Ted Rogers, President and Chief Executive Officer of Rogers Communications Inc. today issued the following statement:
We’re thrilled to announce that we have a deal with Apple to bring the iPhone to Canada later this year. We can’t tell you any more about it right now, but stay tuned.
Just a few short hours before the announcement folks were dismissing the idea.
From Gizmo Republic:
Another hopeful but naïve iPhone-Canada rumors has reared its head again. Until pigs sprout wings and sail across the sky or Canada shows signs of coming out of the telecommunications dark-age … iPhone is NOT coming to Canada!
Whoops.
Well would you look at that.
Next entries »
Explore
Security Bloggers Network
