US government websites are under the spotlight of muslim cracking groups who protest against USA – this is what they claim as an attack reason. Since the 2nd of January, 17 US governmental websites were defaced, from which 9 were defaced by means of SQL injection.

What seems obvious to me – after viewing most of those defacements on the Zone-H digital attacks archive – is that their motives are not fully justified. Most of these crackers – better say “script kiddies” – are using publicly available exploits for known vulnerabilities, and by applying logic on how to use them, they succeed in the end at gaining access on webservers.

The fact that the attacked webservers belong to the US government, doesn’t necessarily mean that there is adequate security implemented.

Read More » » »

Radio Frequency Identification or RFID chips come in many different sizes and shapes, such as cards and tags. They are already in use all around us and one of the most notable uses of RFID is that of pet chipping. These are usually tiny chips that can be embedded in almost everything and are able to identify living beings and a huge number of objects along with their properties, by transmitting the in chip stored information about them. [2]

A large number of retailers worldwide hope that RFID will replace the less-precise barcode. This is for a number of advantages, including the automation of stock tracking for cutting costs for them and for the manufacturers. [2] Despite the advantages for the retailers and the parties involved in the supply chain, the possible near future implementation of RFID chips as stock trackers raises specific privacy issues for the consumers.

This essay discusses these privacy issues with respect to the possible introduction of RFID chips as stock trackers. I will also provide a few notable examples of successes and failures in the RFID marketplace and possible solutions for mitigating privacy issues involved in stock tracking.

Read More » » »

Criminallawyergroup.com is a very interesting read as it gives an account on the evolution of cybercrime. Some good points are made towards the end about the lack of regard for the social aspect of cybercrime with most concentration on the financial side of things. It is worrying that cybercrime is reported to cost $50 billion globally per year.

In my opinion, as technologies advance, there will be always security vulnerabilities and cyber-criminals to exploit them for a variety of motivations (political, religious etc).

Most of the cyber-criminals are seeking financial gain rather than notoriety for their actions.

Read More » » »

If I was a manager recruiting security programmers, prior to the final decision on whether to employee a hacker or not, I would require positive feedback for the psychometric tests that the hacker would be obliged to attend in order to have his motives evaluated.

I would also make sure that appropriate controls for hiring hackers are in place and that my company’s policy supports it. Despite the in-depth technical knowledge of the hackers, there are possible significant risks for the companies hiring them and thus many different aspects of the lives of the hackers need to be assessed.

Read More » » »

My opinion, for preventing ID theft, is – step 1 – to research and deal with the roots of the problems caused by it; rather than – step 2 – trying to make everyone aware on how to protect his or her ID. For example, if a system administrator effectively maintained the security of an enterprise server, we wouldn’t have a security breach and thousands of credit card details and personal info would be safe!

Read More » » »