RSSHack Report Audiocast: Insider Threat, PCI and TJX
August 6th, 2007
Tune in to this weeks Audiocast to get the latest scoop on:
This weeks audiocast features:
[click on the play button below to start]
Tune in to this weeks Audiocast to get the latest scoop on:
This weeks audiocast features:
[click on the play button below to start]
We’ve already discussed the sorry state of affairs for server security along with the related compromise of the perimeter of the network. Gartner recently predicted that 75% of enterprises will be infected by bots by the end of THIS year. Yet no one is shocked. My how the world of network security has changed as we get increasingly interconnected and hackers get increasingly sophisticated.
I suspect that at least half of the few thousand who typically read this column will have received at least one “you’ve been breached” notice. Whether the data was on a laptop, stolen via a hack attack or sold by a frustrated employee the effect is the same. Your identity is exposed. It is a sad reality that we accept these exposures as a part of our increasingly interconnected and commercial lives.
Full article…
When Visa on Monday released its latest PCI compliance statistics, it showed small but steady progress, with slight increases in most areas. But it also showed that there is still a small handful of major retailers who are still retaining prohibited credit card information.
Visa stressed in its statement that the vast majority (96 percent) of Level 1 and Level 2 merchants—a category including virtually all of the nation’s largest retailers—have written to Visa that “they are not storing sensitive account data” including credit card security codes and PINs.
Full article…
For those who still argue that TJX is being bloodied by their data breach problems, here’s the latest tidbit, with a major financial firm increasining its stock price target for TJX, “encouraged by the discount retailer’s strong business trends and defensive business model.”
Full article…
If you are like me and have several different mail accounts you have probably noticed an increase in new unfiltered spam massages in your inbox. The latest scam in spam technology is called pdf-spam. It’s the next generation of pump and dump schemes where spammers inject the content of a typical image-spam message into a pdf file and send it out.
MX Logic a company that offers managed email and web security services, actively monitors what’s going on with their email systems. As a result they saw an increase of 25% compared to their usual spam volume. All of this new wave of spam attacks are directly attributed to new pdf-spam messages.
Full article…
After more than $75 million in bogus credit card charges, several Cuban nationals in Florida have been arrested with more than 200,000 credit card account numbers, many of which came from the TJX and Polo Ralph Lauren data breaches, according to U.S. Secret Service officials, commenting on Monday’s announced arrests.
The numbers were sent to the Florida defendants—who specialized in manufacturing bogus credit cards complete with embossing, logos, holograms and properly encoded magnetic strips—from a group of Eastern European residents who specialized in collecting the stolen credit card numbers, the Secret Service said.
Full article…