Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Internet Fraud Alert Kicks Off Today

Published: 2010-06-17
Last Updated: 2010-06-18 11:27:50 UTC
by Deborah Hale (Version: 1)
7 comment(s)

Microsoft and the National Cyber-Forensics and Training Alliance (NCFTA), with the support of
Accuity, the American Bankers Association, Anti-Phishing Working Group, Citizens Bank, eBay Inc.,
Federal Trade Commission, National Consumers League and PayPal are introducing a new program to
help identify potential fraudulent financial activity due to online fraud and to notify the
institutions involved that their customers personal identity may be at risk of abuse.  This
program:

"Will offer a trusted and effective mechanism for participating researchers to report stolen
credentials discovered online - "

The program was unveiled today and will go into effect immediately.  For more information see:

http://www.microsoft.com/Presspass/press/2010/jun10/06-17FraudAlertPR.mspx

http://ifraudalert.org/

Deb Hale Long Lines, LLC

Keywords: Internet Fraud
7 comment(s)

FYI - Another bogus site

Published: 2010-06-17
Last Updated: 2010-06-17 20:32:55 UTC
by Deborah Hale (Version: 1)
2 comment(s)

Just a quick word of caution....  Be careful what you type.  We have just received information from one of our
readers, thanks Aaron, that  w w w . malware domain lists . com is masquerading as legitimate site
www.malwaredomainlist.com (without the s).  A quick check finds articles referencing this bad
boy site as part of the Personal Antivirus infector group.

Deb Hale Long Lines, LLC

Keywords: malware advisory
2 comment(s)

Digital Copy Machines - Security Risk?

Published: 2010-06-17
Last Updated: 2010-06-17 14:37:21 UTC
by Deborah Hale (Version: 1)
9 comment(s)

I just happened upon a CBS News video that gave me pause for thought.  This once posted back in April however
I missed it until now.

http://www.cbsnews.com/video/watch/?id=6412572n

The video talks about the fact that "modern" digital copy machines, those sold after 2002, contain a hard
drive.  These hard drives store the images copied.  These machines are traded in for new models and then
refurbed and resold. However, the hard drives more than likely are not getting scrubbed to remove the content.
One of the copy machines in the video not only contained content on the hard drive but also still had documents
left on the copy bed.

This brings up some interesting discussions.  What is on your copymachine hard drive?  When it is sent in for
repair what information may be gleaned from a quick glance at the drive?  Is your copy machine another potential
target to aid in identity theft?

Food for thought.  Should there be processes and procedures in place for the disposal of these devices? Do you
know what other devices in your organization contain a hard drive or other storage device?  Is there a process
for cleaning before disposal?

Let me know what you think?  What does your company do if anything to ensure that no confidential data is
leaked by disposal of old equipment?

Deb Hale Long Lines, LLC

9 comment(s)
Diary Archives