|Compliance and Privacy News|
We have a packed newsletter for you today with articles ranging from Wi-Fi to the latest techniques for beating Chip and PIN. But perhaps the most disturbing of all is the article on Metafisher Trojans. These are ultra-sophisticated, incredibly professional and a real threat to everyone. We think this will be one of the most interesting and valuable webcasts we've yet seen. And, as always, registration is free.
No sooner did we post an article on Chip and PIN on the website than we got some spam in the discussion forum. We couldn't believe what was on offer - and neither will you! If you wondered whether Chip and PIN was all it's cracked up to be, wonder no more. Not only is it not safe, anyone can skim your card and PIN anywhere you use it!
As always, we welcome your feedback - do take part in the discussion forums. The more we get from you, the more we can tailor the content we're providing!
Hundreds of thousands of businesses, large and small, world-wide now use Wi-Fi to connect PCs to their network. Millions of homes have Wi-Fi to connect their PCs to the Internet and, of course, millions more use laptops, with Wi-Fi in public places the length and breadth of virtually every country. From where I'm sitting, writing this right now I have no less than nine wireless networks I could connect to.
So, what's the problem?
Wi-Fi uses an easily interceptable frequency to transmit/receive data to and from a PC - if it didn't it wouldn't work without huge antennae. So anyone could easily intercept whatever you send or receive to or from your PC. Secondly when you connect to a network via Wi-Fi you are then dependent on the security of that network to protect you from anyone trying to access your PC. In your office or at home the chance are you have a Firewall between your PC and the network.
The Metafisher family of Trojans are now showing an
unprecedented level of sophistication. This type of
phishing attack is
carried out using a botnet, which is controlled
though a Web-based command-and-control server.
gives the operators of the botnet the
ability to control numbers of bots several orders
of magnitudes greater than could be done via
IRC-based control structure.
This live webcast will, we think, be absolutely fascinating! Your active participation is requested.
The webcast scheduled for 24th May 2006 at 2pm US Eastern Standard Time. That's 7pm UK time, 8pm European time. To take full part you need a fully audio equipped computer. Don't miss out, participation is free.
Intrusion Detection Systems (IDS) detect inappropriate, incorrect or anomalous host or network activity. This presentation provides information about common techniques used to evade IDS detection. The goal is to answer the question: To what extent should network administrators rely upon IDS detection systems for security and advanced warnings of attacks?
The webcast lasts for 22 minutes and is streamed to your desktop. An audio equipped PC is required.
If you knew that the unit you put your Chip and PIN card into could be transmitting your details to a fraudster, how happy would you be to use the card ever again? Just how secure is Chip and PIN? Has this new technology simply played into the hands of the fraudster? And where will that leave Smart Card based ID Card Systems like that proposed for the United Kingdom?
In fact, just how smart is it to enter your PIN nowadays, and just what is waiting to catch you out?
We're not talking about technology that is simple but "old hat", here. While it's well known that cameras can be aimed at ATMs to snoop on our keystrokes and on our card number when we key the data in, these are the crude end of the current advanced technology offerings.
VeriSign has asked us to let you know about the Chief Security Officers' Dinner at the conference this year.
We know it's short notice, but, if you are a senior IT Security professional, and if you are in Edinburgh on the 25th May 2006, and you really should be there, then VeriSign has a very few places remaining available for dinner guests.
The opportunity to network with your peers is first class.
We could not believe it. Right after we published the article on Chip and PIN and Skimmers a spammer found it.
We get spammers all the time. We keep the discussion forums clean, but we still get them. And I was just running down the spammers, blocking IPs, deleting spam when I found......
Someone selling skimmers to skim Chip and PIN cards! We're going to edit the message as soon as the authorities have finished with it, but we're featuring it!
Readers should note that references to VeriSign's sponsorship are historical. That sponsorship ended on 28 February 2007, and is simply included here for context and historical purposes. VeriSign is not formally associated with this site in any manner, and has asked us to emphasise this point.