Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    sales and data analytics
    How Data Analytics Improves Lead Management and Sales Results
    9 Min Read
    data analytics and truck accident claims
    How Data Analytics Reduces Truck Accidents and Speeds Up Claims
    7 Min Read
    predictive analytics for interior designers
    Interior Designers Boost Profits with Predictive Analytics
    8 Min Read
    image fx (67)
    Improving LinkedIn Ad Strategies with Data Analytics
    9 Min Read
    big data and remote work
    Data Helps Speech-Language Pathologists Deliver Better Results
    6 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: CTO Security Report
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Risk Management > CTO Security Report
NewsRisk ManagementSecurity

CTO Security Report

BryanHalfpap
BryanHalfpap
7 Min Read
SHARE
Anonymous

Anonymous (Photo credit: Schuilr)

3 Million Iranian Bank Accounts Disclosed

Anonymous

Anonymous (Photo credit: Schuilr)

3 Million Iranian Bank Accounts Disclosed

Iranian ATM’s are dispensing PIN and Password changes instead of money this week following the public disclosure of three million bank account details by an Iranian security researcher.  While the disclosure of these accounts is unfortunate, what is more troubling is the process that led to this disclosure.  A year ago Khosrow Zarefarid warned the CEO’s of the banks in Iran that a banking flaw could expose their customers.  Even after submitting accounts found using the technique he warned them about, he received no response.  Seeing no other course of action, the researcher disclosed the accounts in a bid to bring the situation to light.  Such “grey-hat” actions often happen when security is not taken seriously at organizations such as banks, and the ensuing fiasco could have easily been avoided with proper communication and effort on behalf of Iranian banks.

More Read

Evernote’s Three Laws of Data Protection
Network Security Certifications to Combat Growing Data Breach Threats
Are You Flushing Your Identity Down the Drain? [INFOGRAPHIC]
Safety and Security Tips To Know in the Era of Big Data
Facebook’s ThreatExchange to Help Cyber Security Experts Coordinate Their Efforts Against Hackers

Read More: http://www.zdnet.com/blog/security/3-million-bank-accounts-hacked-in-iran/11577

F1 Racing Sites Attacked by Anonymous

Elements of the Anonymous collective are currently targeting F1 racing Federation websites in an effort to disrupt and publicise a campaign against the F1 race being held in Bahrain.  This effort comes as the F1 race is being held in Bahrain despite well-documented human rights abuses in that country.  At the time of writing, f1-racers.net had been defaced and elements within Anonymous were still planning to increase the level of disruption.  The Formula One federation is aware of the attempts by Anonymous to disrupt its activities.

Defaced Site: http://f1-racers.net/

 

Anonymous Starts Their Own Pastebin Lookalike

Fed up with Pastebin’s promises to moderate and censor posts containing sensitive information such as passwords, bank accounts, and addresses, Anonymous members have struck out on their own.  The result is a pastebin clone which is hosted by an organization sympathetic to Anonymous, the People’s Liberation Front.  This new paste site does not have information on what is contained in the paste because every paste is encrypted with AES 256 and requires a symmetric key to decrypt inside of the browser.  This key is contained with the URL generated for the post when it is uploaded to the server.  The advantage is that posts cannot be read by the hosting provider, since they have stated that they disable all connection logging.  Expect to see more members of Anonymous to switch to this new service, which will make Anonymous movements somewhat harder to track — you need to have the URL with the key in order to read the paste, and cannot track trending posts with the service.

Read More: http://www.peoplesliberationfront.net/anonpaste/index.php?0bb850fa017e85f1#SRccDhThvKyQ5+o4Sm3xineTXfDReG76Q01x2yaWik0

 

15 Year old Boy Hacks >250 Companies

A 15-year-old Austrian boy was discovered to be the culpit behind the web-based attacks on the web presences of over 250 companies.  The boy, using attack software, techniques, and anonymization services and programs he found on the internet, mounted a successful campaign in order to win the favor and attention of his hacker peers and garner points on a hacker scoreboard.  Within a short period of time the young hacker was attacking as much as 3 websites a day on average.  With website/web service security being rather lax in most organizations and applications the news of the age of the attacker is perhaps more of a surprise than the number of targets he successfully breached.

Read More: http://www.zdnet.com/blog/security/15-year-old-arrested-for-hacking-259-companies/11585?tag=mantle_skin;content

 

New Android Hacking Concept Emerges

A side-channel attack on login PINs utilizing the gyroscopic sensors inside of Android phones has been developed by security researchers.  The attack analyses the slight movements and shifts of the phone as its screen is pressed in order to determine where on the screen the user has pressed.  The application runs in the backround and waits for the user to input their pin and unlock the phone for use and does not require any permissions in order to run due to the way sensor permissions are granted in Android platforms.

This attack is unlikely to be very lucrative for normal attackers though — it requires that the user play a game in order for the application to learn how the specific user holds and uses the specific type of phone on which it runs.  The payoff could be significant though:  Besides being able to sniff PIN logins to the phone, the application can sniff phonepad entries and possibly steal credit card numbers and phone numbers through this method.

Read More: http://www.v3.co.uk/v3-uk/news/2168301/taplogger-android-trojan-cracks-touchscreen-passwords-handset-movements

 

Encryption for Google Docs from Cipherdocs

One of the drawbacks to using the Google cloud of internet applications is the lack of proper document confidentiality.  Sure, the service lets you grant or revoke permissions to different users via their email address, but what if that user’s email is compromised?  What if Google Docs were compromised in some way?  Your documents would be open for all to see.  A new startup has been bootstrapped with a way to fill this security gap — Cipherdocs.

Cipherdocs has created a plugin for the popular internet browser Mozilla Firefox which allows users to have encryption on-the-fly for Google documents.  It even has a keyring available for using Encrypted Google Docs across multiple computers, and only requires that Java be installed along with the Firefox browser and the plugin itself.  It is currently free and can be downloaded from http://www.cipherdocs.com/

Read More: http://www.cipherdocs.com/cipherdocsinstallation.pdf

Share This Article
Facebook Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

sales and data analytics
How Data Analytics Improves Lead Management and Sales Results
Analytics Big Data Exclusive
ai in marketing
How AI and Smart Platforms Improve Email Marketing
Artificial Intelligence Exclusive Marketing
AI Document Verification for Legal Firms: Importance & Top Tools
AI Document Verification for Legal Firms: Importance & Top Tools
Artificial Intelligence Exclusive
AI supply chain
AI Tools Are Strengthening Global Supply Chains
Artificial Intelligence Exclusive

Stay Connected

1.2kFollowersLike
33.7kFollowersFollow
222FollowersPin

You Might also Like

Lessons to Learn from the Top 3 SMB IT Failures

4 Min Read

How the Ad Block Debate Impacts Net Neutrality

11 Min Read
Image
AnalyticsBig DataBusiness IntelligenceData ManagementData MiningExclusiveModelingPolicy and GovernancePredictive AnalyticsRisk Management

When Big Data Turns Into a Big Nightmare!

6 Min Read

Survey Says: Security Risks Never Higher, or More Costly

4 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

AI and chatbots
Chatbots and SEO: How Can Chatbots Improve Your SEO Ranking?
Artificial Intelligence Chatbots Exclusive
AI chatbots
AI Chatbots Can Help Retailers Convert Live Broadcast Viewers into Sales!
Chatbots

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-25 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?