IT Security as Easy as Mikado…
November 24th, 2009 admin
Topics:
I just got my hands on a new promo item our Marketing department came out with, which looks quite interesting: It’s Mikado, an old European stick game. Basically, the idea is to carefully pick up sticks without moving the pile, in order to gain points; player with the most points wins. OK, so the game is rather cute, but it is supposed to convey a serious message – that IT security can be as simple as this game. Most people have the impression that IT security is complex, highly technical, frighteningly arcane, and difficult to manage…
Related Posts
Excellent commentary from The Register: As the smoke clears following the case of Umar Farouk Abdul Mutallab, the failed Christmas Day “underpants bomber” of Northwest Airlines Flight 253 fame, there are just three simple points for us Westerners to take away. First: It is completely impossible to prevent terrorists from attacking airliners....
Earlier this month, Adobe addressed a vulnerability issue that affects three products: Flash Player, Reader and Acrobat. While the Flash Player issue was fixed rather quickly, refer to Adobe Flash Player 10.1.53.64 Security Update , the latter two products did not receive similar love as their updates were only promised to be available at a later...
A few of days ago, we encountered an e-mail with a malicious RTF attachment. It was sent with a supposed lawsuit notification message. The e-mail didn’t mention any company by name and took a shotgun, rather than targeted, approach. Today, a security blogger forwarded us (and others) his version of the e-mail: At this point, it appears that...
Recently I had a discussion with one of the CISOs in my company. He asked a simple question: “Can you tell me when something bad happens to any of my 100 servers?” That’s a very reasonable question. Don’t get hung up on the wording. If it makes you feel better, replace “something bad happens to” with “an...
US Homeland Security Secretary Janet Napolitano gave an unprecedented seal of approval to Super Bowl safety measures on Monday after a stadium tour and a detailed look at preparations for Sunday’s game. “I didn’t have any (advice) to give,” Napolitano said. “They looked well prepared for the game. It all looked fine to...
We have received reports of a malicious Windows Mobile game that creates significant phone bills to affected users. The game in question is called 3D Anti-terrorist action , and it’s manufactured by Beijing Huike Technology in China. The game itself is a 3D first-person shooter. Apparently some Russian malware author took the game and trojanized...
A remote administration program installed on student laptops by a Pennsylvania school district and used by numerous companies to manage their computers is even more vulnerable than previously reported. The LANrev program can be exploited from anywhere on the internet, not just from an attacker on the same local area network as a victim’s...
A World of Warcraft account could be a gold pot for phishers, depending on the player’s achievement. In-game items are in demand and could be sold for real cash value, making WoW accounts a favorite phishing target. An analyst from our Response Lab recently received an e-mail from Blizzard (the creator of WoW) asking for account verification....
I know many of us work in large, diverse organizations. The larger or more complex the organization, the more difficult it is to enforce uniform security countermeasures. The larger the population to be “secure,” the more likely exceptions will bloom. Any standard tends to devolve to the least common denominator. There are some exceptions,...
A few people sent me a link to Dan Geer’s article Advanced Persistent Threat . Dan is one of my Three Wise Men, along with Ross Anderson and Gene Spafford. I’ll reproduce a few excerpts and respond. Let us define the term for the purpose of this article as follows: A targeted effort to obtain or change information by means that are...
Related Tweets from Twitter
Related News from Digg
Leave a comment
| Trackback
