Friday, March 26, 2010
Monday, March 15, 2010
Salmonella outbreak tracked by shopper cards
What do you think - good thing or bad? Can certainly see the good use, but what if used for the wrong reasons? A witch hunt of sorts...
Health authorities in the U.S. have for the first time used department store credit cards to help trace the source of a recent salmonella outbreak that left hundreds of Americans ill.
Investigators at the Centers for Disease Control and Prevention were scrambling to find the source of the outbreak when they hit upon the idea of tracking grocery purchases of those who became ill.
With permission from the patients, health authorities followed the trail of grocery purchases to a Rhode Island company that makes salami, then zeroed in on the pepper used to season the meat.
Read more: http://www.cbc.ca/health/story/2010/03/12/consumer-salmonella.html#ixzz0iFhw2XUI
Health authorities in the U.S. have for the first time used department store credit cards to help trace the source of a recent salmonella outbreak that left hundreds of Americans ill.
Investigators at the Centers for Disease Control and Prevention were scrambling to find the source of the outbreak when they hit upon the idea of tracking grocery purchases of those who became ill.
With permission from the patients, health authorities followed the trail of grocery purchases to a Rhode Island company that makes salami, then zeroed in on the pepper used to season the meat.
Read more: http://www.cbc.ca/health/story/2010/03/12/consumer-salmonella.html#ixzz0iFhw2XUI
Saturday, March 13, 2010
Friday, March 12, 2010
Thursday, March 11, 2010
Rainbow Tables hosted on an SSD
SANS/CWE Top 25 Dangerous Programming Errors list
SANS/CWE released a top 25 dangerous programming errors list. It contains their list of the most common errors that developers are likely to make. The intention is to raise awareness to these problems and help prioritize the order of importance for organizations new into the security game. Their blog has been covering each of the Top 25 problems and provides some commentary on each of them. They are up to #13
Read all about it here.
Read all about it here.
Wednesday, March 10, 2010
Friday, March 05, 2010
Wednesday, March 03, 2010
Report: The Command Structure of the Aurora Botnet: History, Patterns, and Findings
Did the "experts" get it wrong? Were the attacks on Google by amateurs?
"Many security vendors have explained the operation against Google, dubbed “Operation Aurora,” using a military vernacular. However, based upon analysis of exhaustive data surrounding these attacks and examination of both the malware and the CnC topologies used by the criminals behind Aurora, it appears that this threat can best be classified as a just another common botnet attack – and one that is more amateur than average."
Read the report from Damballa here.
"Many security vendors have explained the operation against Google, dubbed “Operation Aurora,” using a military vernacular. However, based upon analysis of exhaustive data surrounding these attacks and examination of both the malware and the CnC topologies used by the criminals behind Aurora, it appears that this threat can best be classified as a just another common botnet attack – and one that is more amateur than average."
Read the report from Damballa here.
Monday, March 01, 2010
Defrauding and Hacking Ticketmaster
This really a hack?
"To defeat the Online Ticket Vendors' technologies, the defendants worked with computer programmers in Bulgaria to establish a nationwide network of computers that impersonated individual visitors to the Online Ticket Vendors' websites, the indictment alleges. The network – described as the "CAPTCHA Bots" in the indictment – gave Wiseguys the ability to flood the Online Ticket Vendors' computers at the exact moment that event tickets went on sale."
Full story here.
"To defeat the Online Ticket Vendors' technologies, the defendants worked with computer programmers in Bulgaria to establish a nationwide network of computers that impersonated individual visitors to the Online Ticket Vendors' websites, the indictment alleges. The network – described as the "CAPTCHA Bots" in the indictment – gave Wiseguys the ability to flood the Online Ticket Vendors' computers at the exact moment that event tickets went on sale."
Full story here.
