Archive for June, 2011

Just for the road

Posted by spaquet on June 14, 2011  |   Comments Off

Before moving our news feed to an other location (http://blog.up4b.com/), we’d like to share with you some ads for UK MoD. These ads reminded me some old ones from Symanctec displaying average users such as CEO’s PA, Accouting Manager, etc. and telling the CIO that those people are his/her biggest threat in his/her company.

Why, just because they’re doing thing without thinking twice. Their behavior can lead from virus infection to emailing “secret data” to competitors and this is what the MoD wants its soldier to keep in mind when using social network before and while being deployed.

So the is the reason of this advertising campaign, so British and terrific at the same time.

Enjoy some disco dancing terrorists and the careful with your mom.

Ad 1:

Ad 2:

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

Sony: 0 LulzSec: at least 2

Posted by spaquet on June 8, 2011  |   Comments Off

2011 is Sony’s year! After shutting down the PlayStation Network for a month, being hacked in Japan this time, Sony has temporarily shuttered yet another website following reports it may have suffered an attack by hackers.

The company’s Brazilian Music site was inaccessible for much of Tuesday as website engineers investigated a possible security breach, according to news reports.

On Friday, a group calling itself LulzSec targeted Sony’s movie division in an attack it claimed exposed more than 1 million consumer email addresses and passwords. It claimed the attack on the Sony Pictures website was achieved by exploiting a simple SQL-injection vulnerability, leading to the trove of unencrypted data.

Looks like Sony’s activities should be fully checked…

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

Cybercrime market value: about $1trillion

Posted by spaquet on June 7, 2011  |   Comments Off

2011 looks like a good year for cybercrime. Q1 has seen an unprecedented number of malwares and attacks leading the cybercrime market above $1trillion…

The cost of cybercrime has come back to the spotlight to a recent spate of high profile computer crimes: a hacker attack on Sony in May took its PlayStation Network down for 23 days after confidential information on tens of millions of network subscribers was breached; the company estimated the cost of that attack will total $171 million.

The amount of new malicious software, or “malware,” unleashed on the internet during the first three months of this year hit six million programs, according to a report last week by McAfee, the computer antivirus maker. “It’s been a busy start to 2011 for cybercriminals,” Vincent Weafer, senior vice president of McAfee Labs, said in a statement.

The increased difficulty in protecting data comes as the value of intellectual property is skyrocketing for companies. In 2009, 81% of the value of S&P 500 companies was “intangible assets” such as patented technology, proprietary data and market plans, according to an estimate by Ocean Tomo Intellectual Capital Equity. In 1985, only 68% of the S&P 500 market value was from intangibles, according to Ocean Tomo.

When bandits make off with intellectual property, the cost to the company does not equal the money made by cybercriminals.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

En garde!

Posted by spaquet on June 6, 2011  |   Comments Off

Systems of an FBI-affiliated public-private partnership organization have been hacked and its website defaced by LulzSec. In addition, email addresses have been leaked from the database in the process…

Website defacements included mooching messages such as “LET IT FLOW YOU STUPID FBI BATTLESHIPS” and a video clip. Part of the message suggests that LulzSec launched the attack as some sort of response to the Obama administration’s plans to make hacking an act of war.

Apart from website meddling there were data losses including the personal info for 180 users at Infragard, a private-public partnership between the FBI and US business that works in cyber-security.

LulzSec tried the passwords exposed by the hack on other locations, allowing it to hack into other systems thanks to some users’ re-use of the same passwords.

LulzSec, group of hackers, shot to prominence last month with a high-profile hack against PBS followed days later by a break-in that yielded 1 million user records and coupon codes at Sony BMG sites and the Sony Pictures Entertainment site.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

Upgraded TDSS rootkit gets self-propagating mechanism

Posted by spaquet on June 4, 2011  |   Comments Off

A new version of the TDSS rootkit, which also goes by the names Alureon and TDL4, is able to infect new machines using two separate methods, Kaspersky Lab researcher Sergey Golovanov wrote in a blog post.

The first is by infecting removable media drives with a file that gets executed each time a computer connects to the device.

The second method is to spread over local area networks by creating a rogue DHCP server and waiting for attached machines to request an IP address. When the malware finds a request, it responds with a valid address on the LAN and an address to a malicious DNS server under the control of the rootkit authors. The DNS server then redirects the targeted machine to malicious webpages.

Both propagation methods are perfect illustration that security without IT processes is nothing.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.