Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafemuddy

Post to this Thread - Sort Descending - Printer Friendly - Home

Tech: IT's 9 biggest security threats

Stilly River Sage 27 Aug 12 - 12:52 PM
JohnInKansas 27 Aug 12 - 01:26 PM
JohnInKansas 27 Aug 12 - 02:32 PM
Share Thread
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:

Subject: Tech: IT's 9 biggest security threats
From: Stilly River Sage
Date: 27 Aug 12 - 12:52 PM

As people start threads about popups and malware and software crashes and such they are each looking at just one aspect of what is a very large range of security threats on the Internet.

IT's 9 biggest security threats

Hacking has evolved from one-person crime of opportunity to an open market of sophisticated malware backed by crime syndicates and money launders
By Roger A. Grimes, InfoWorld
August 27, 2012 06:20 AM ET

Years ago the typical hacking scenario involved a lone attacker and maybe some buddies working late at night on Mountain Dew, looking for public-facing IP addresses. When they found one, they enumerated the advertising services (Web server, SQL server, and so on), broke in using a multitude of vulnerabilities, then explored the compromised company to their heart's content. Often their intent was exploratory. If they did something illegal, it was typically a spur-of-the-moment crime of opportunity.

My, how times have changed.

See the rest of the article at the link above.

There are links to other articles on the subject, then there is a discussion of various types of cyber criminals and hacker activities. I've been going through an evening ritual of turning off the computer then turning off all of the juice to the equipment on a power supply. That is a puny response to the assaults possible today.

It concludes:
Crime and no punishment: Some victims never recover from exploitation. Their credit record is forever scarred by a hacker's fraudulent transaction, the malware uses the victim's address book list to forward itself to friends and family members, victims of intellectual property theft spend tens of millions of dollars in repair and prevention.

The worst part is that almost none of those who use the above malicious attacks are successfully prosecuted. The professional criminals on the Internet are living large because the Internet isn't good at producing court-actionable evidence. It's anonymous by default, and tracks are lost and covered up in milliseconds. Right now we live in the "wild, wild West" days of the Internet. As it matures, the criminal safe havens will dry up. Until then, IT security pros have their work cut out for them.

A well-know social media voice (@Mat on Twitter, a writer by the name of Mat Honan) was hacked on Gizmodo a few weeks ago, and has written and interviewed about it since.


Use the security features offered by reliable sources. If you don't recognize an email address, don't click the attachment, and if the email with a link or attachment seems odd, don't open them. Use Google's two-step verification. If you get an email saying you are changing your password and you're not, don't click on the link - that confirms the change. Pay attention.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: IT's 9 biggest security threats
From: JohnInKansas
Date: 27 Aug 12 - 01:26 PM

An example of the sophistication of malware operators has very recently been reported that affects Adobe Flash.

1. Adobe released what was for them a huge patch for Flash recently.

2. So few people applied the Adobe patch that malware writers were able to back-engineer the patch to discover how to attack unpatched Flash.

3. Attacks on Flash have now progressed to use of a phony Microsoft Word document sent as an attachment or embedded in an email that many people will open in Internet Explorer. The malware doesn't affect either Word or IE but IE can open Flash so it sends the malicious code from the Word document directly to Flash (in unpatched Flash installations) to infect the computer, potentially giving the malware's creator complete control of the computer.

LESSON TO LEARN: All of the applications on your computer can potentially communicate with each other, often invisibly to you, so you need to keep ALL OF YOUR STUFF up to date and protected with good antimalware programs and operating practices.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: IT's 9 biggest security threats
From: JohnInKansas
Date: 27 Aug 12 - 02:32 PM

An aspect of the "security game" that isn't mentioned in the first link above is the appropriate use of good passwords. Another article that may rearrange your thinking about how you're doing it is at:

Tricks aren't protecting you from today's hackers

By Melanie Pinola, Lifehacker

Security breaches happen so often nowadays, you're probably sick of hearing about them and all the ways you should beef up your accounts.

Even if you feel you've heard it all already, though, unfortunately, today's password-cracking tools are more advanced and cut through the clever password tricks many of us use. Here's what's changed and what you should do about it.

Background: Passwords are easier to crack than ever

Our passwords are much less secure than they were just a few years ago, thanks to faster hardware and new techniques used by password crackers. Ars Technica explains that inexpensive graphics processors enable password-cracking programs to try billions of password combinations in a second; what would have taken years to crack now may take only months or maybe days.

Making matters much worse is hackers know a lot more about our passwords than they used to. All the recent password leaks have helped hackers identify the patterns we use when creating passwords, so hackers can now use rules and algorithms to crack passwords more quickly than they could through simple common-word attacks.


[end quote]

A little way down in the article a link is given to "10,000 most commonly used passwords" with the assertion that 99.8% of all passwords people use are in that list. (One might wonder "how do they know that?") Running through that many "common passwords" would take seconds at most for one of the common cracking programs.

The last line gives the very good advice that "The only good password is one you can't remember." Unfortunately that's probably true, since any "memory aids" you use are probably very common ones.


Post - Top - Home - Printer Friendly - Translate
  Share Thread:

Reply to Thread
Subject:  Help
Preview   Automatic Linebreaks   Make a link ("blue clicky")

Mudcat time: 17 December 2:47 AM EST

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.