CUISPA
Podcast #26 – Mac versus PC
Panelists:
John Brozycki, Alex Rams, Larry Porres
Recorded: 9/25/2009
Questions, comments, or something youÕd like us to cover? Contact us at: podcast@cuispa.org
I. News stories
1) TJX Suspect
Indicated in Hannaford and Hartland Breach.
ÒAlbert ÒSegvecÓ Gonzalez has been indicted by a federal grand jury in New
Jersey on charges of hacking into Heartland Payment Systems, the New
Jersey-based card processing company, as well as Hannaford Brothers, 7-Eleven
and two unnamed national retailers, according to the indictment unsealed
Monday.Ó
http://www.wired.com/threatlevel/2009/08/tjx-hacker-charged-with-heartland/
2)
Blocking Social Networking Sites
Research
from SanSafe states that seventy-six percent of the companyÕs customers block
sites like Facebook. Sites also included in being blocked included webmail,
shopping sites, and sport sites. One reason behind this is the exposure a companyÕs
exposure to malware and decrease in employeesÕ productivity.
http://www.v3.co.uk/v3/news/2248091/companies-blocking-social
http://www.scmagazineuk.com/Employers-block-more-social-networking-sites-than-shopping-or-pornography/article/146866/
3)
ISP – not requiring password change
Same password to all users each month with the option to update their password
upon first time login. Company is considering making it mandatory to change
their default passwords.
http://www.scmagazineuk.com/ISP-criticised-for-distributing-the-same-password-to-all-new-users-with-no-firm-instruction-to-change-it/article/147136/
4)
Insider Security Incidents are Accidental than Deliberate
RSA research says more security incidents arise from incompetence than from
malicious insider attacks[1]. A Wyoming bank sent an e-mail containing
sensitive customer data to
the wrong Gmail account, and now wants Google to reveal the identity
of the account holder[2].
[1] http://www.theregister.co.uk/2009/08/25/rsa_accidental_security_breach_survey/
[2] http://www.wired.com/threatlevel/2009/09/bank-sues-google/
5)
Judge Allows Couple to Sue Bank for Inadequate Data Security
ÒA District Court Judge in Illinois has ruled that an Indiana couple may sue
Citizens Financial Bank for negligence. The suit brought by Marsha and Michael
Shames-Yeakel alleges the bank was negligent for failing to use the most
current security measures to protect the couple's information. Inadequate user
authentication measures allegedly allowed thieves to steal more than US $26,000
from the couple's home equity line of credit. Citizens' Financial Bank had
requested to have the claim dismissed.Ó
http://www.wired.com/threatlevel/2009/09/citizens-financial-sued/
http://www.computerworld.com/s/article/9137451/Court_allows_suit_against_bank_for_lax_security?source=rss_security
UPDATE!: http://www.wired.com/threatlevel/2009/09/judge-closes-gmail-account/
II. Tech Segment
As
Windows 7 will be released to the public letÕs review the best under-hyped
features.
http://lifehacker.com/5254211/windows-7s-best-underhyped-features
III. Cooltility (Cool + Utility = Cooltility)
1)
NasBackup – Open Source but only available for Windows
You can
use NasBackup right out of the box and easily schedule backups from your
machine to another machine on your network.
http://sourceforge.net/projects/nasbackup/
http://www.nasbackup.com/ [link broken
at time of podcast]
IV. Smarter U.
HackerNews Network - http://www.hackernews.com/
Got a suggestion for this space? Please send it to podcast@cuispa.org.