Michael Gracie

A Newton, Mass doctors office had its phone system hacked, and the perps took advantage of the situation to make international calls.

According to the office manager at the office, more than $26,000 in calls have been made since February.

Either the phone calls were allowed in order to try and track down the line thieves, or this office needs a manager that pays more careful attention to the phone bills.

A laptop containing more that 11 million customer account records was recently snatched from Nationwide Building Society. What the hell is a building society, you ask?

Well, for Americans who don’t have a clue what goes on anywhere but within a three block radius of where they live and work (exception being what the news media reports on the Iraq War), they are in luck this time around. A building society is kind of like a cross between a savings & loan and a credit union (tossing in a splash of mutual insurance company, just without the insurance part). So, you can associate building societies with real estate debacles if you like, or you can just consider allowing 11 million customer records to be a minor disaster - the customer is the only one who is going to lose, just like in the States!

Nationwide has issued an apology, but in grand corporate fashion they are announcing it only three months after the incident occurred. Doesn’t that sound like familiar procedure too?

The recent barrage of pump-and-dump spam is being linked to Russian botnet herders.

Check out the slide show, which de-constructs a pump-and-dump spam trojan, here.

It is nothing more than leveraging technology to replace those day trading operations than market manipulators prey on everyday (although the regular ol’ day traders don’t get free anti-virus software with their tickets).
Read more »

Spam levels have risen from 31 billion messages per day in 2005 to 61 billion in 2006, according to Ironport. It is shifting form too, with more than 25% now being represented by image spam (up from less than 5% a year earlier).

Image attachments will quickly become fodder for spam filters, if Newton’s Third Law holds true. This means your silly little image based signatures (the ones with your logo and big title on them, that you send to your mother-in-law) will be allowed no more, and you won’t be able to share porn either.

Is any of this a bad thing (besides the spam levels, that is)?

Microsoft released six security patches yesterday (it was Tuesday, for god’s sake - what did you suspect?).

Along with those patches, IE7 will be automatically rolled out. I hear IE7 is a bit tighter (although it still comes in behind Firefox on the anti-phishing front). Still, I wonder how the auto-update will effect everyone.

Security is by its nature ever-evolving. Just as one threat is apparently locked down, another springs up to take its place - or an old one rears its head in a new form. Grappling with this malicious hydra it’s no wonder the security space spawns new terms and phrases at a rate of knots - and you’re supposed to keep up with them all.

With that in mind, introduce yourself to
the A to Zs of security, compliments of Silicon.com.

(h/t to Slashdot)

In the war against phishing, there are brains, and then there are browsers. Assuming everyone has no brains, right now Firefox stand above IE 7 in protecting against phishing attacks.

Of course, there is no IE7 for Linux or OS X, so that whole “no brains” thing might be a self-fulfilling argument in its own right.

That is the question Techdirt asks.

I think it takes a lot longer to straighten out internal policies and procedures than it does to hire a lobbyist, pay a big fine, drum up some good press, and juggle a few positions.

Now everyone can browse in harmony!

Microsoft has “released” it’s own version of Firefox (and someone released a few laughs this morning as well).

Among the requirements for the new, improved browser:

- A quad-core 4.6 Ghz CPU (for Hotmail)
- 5 GB of RAM
- Microsoft peripheral integration (or else)
- Spyware-laden Powerpoint plug-in

The company is accepting all major credit cards for purchase of this new/improved version of otherwise free software.

Heh.

It really is more like the 99.99/.01 rule, but you get the idea. Better than 80% of the spam created is the work of just a few hundred spammers.

This goes to show you how unbelievably insecure the network is. While most of this spam originates at the 200 sources, it certainly isn’t all sent out by them - it is home PCs turned into spam-spewing zombies that take care of distribution.

I take it that is Windows PCs, as I haven’t heard anyone say otherwise (to date).
Read more »