Tag Archive | Personally identifiable information

More news in Sony Pictures hack, LulzSec member Rivera pleads guilty

LulzSec member, Raynaldo Rivera, who was arrested at the end of August, appeared in court this past Thursday (Oct. 11), and has plead guilty to the charges of being involved in hacking into Sony Pictures, as well as for stealing personal information, passwords, and other personal data from thousands of users.

Under the plea agreement, Rivera will pay restitution to his victims and faces the maximum penalty: five year prison sentence and a fine of at least $250,000.

Because of this “simple SQL injection“, it costed Sony over $600,000 apparently, which is not cheap change by any means.

Rivera used the HideMyAss proxy service, illegally according to their Terms, to investigate potential vulnerabilities on Sony servers. HideMyAss proxy service cooperated with authorities, providing a report of the data transactions made by the hacker.

Advertisements

Unknown hackers allegedly steal $400,000 from city of Burlington, Washington

The town of Burlington, Washington fell victim to a recent attack by a band of unknown hackers, stealing $400,000 in the operation. Odds are that taxpayer data was stolen, also.

Burlington officials have warned residents in the city that their private data could have been stolen, and becoming targets for identity theft. A number of billing systems in the town were attacked, notably the online automatic utility billing system, which holds a large amount of resident data. Once these systems were attacked, the band of hackers were able to leak $400,000 out of the city’s funds.

According to Computer World, an alert [that was] issued this morning, city administrator Bryan Harrison said all autopay customers should assume that their name, bank account number and routing number was compromised following an intrusion into a city utility billing system.

Authorities are still investigating this issue, and will provide updates soon.

October is National Cyber Security Awareness Month

NCSAM official image (Department of Homeland Security)

Cyber security awareness is so important, and we’re going to display a few things you should be aware of this month, for you to try to make capable changes to your personal or business security perspective. You will notice some of the information below is linked to different posts here on the blog. This should help you understand each topic better! Please don’t be afraid to use each of the links below to learn more about protecting your system(s).

  • Email is one of the biggest attack methods. Since users are still highly dependent on email, it is so critical that email systems get fixed. Spam can be so cunning that it may disguise itself as your friend, someone you trust, or a bank. The main target in these spam attacks is phishing, which will allow an attacker to trick you into doing something or giving away personally identifiable information.The goal is to also download malware on to your computer, which can be used to take control of your computer and steal much more personal information. Some emails may claim to be a legitimate organization sending you an attachment, but it’s purpose is to distributed malware on your computer. It is best to secure email systems against spam. This can be done using a variety of products whether hardware or software. Make sure to secure your system(s) with the latest spam fighting utilities. Also, securing Outlook or Windows Live Mail is beneficial.
  • Instant Messaging still seems to be a vector for malware attacks. Just when people drop their guard about IM security, a new band of threats affects users. Most IM attacks come in the form of spam, a message from an apparent trusted friend, or a phishing attempt/scam from a legitimate looking company. A lot of the time, when the message appears from a trusted friend, it usually means that person’s IM account or email account has been hacked and the attacker has mined the email addresses or IM addresses in order to send you these attacks. It is important to have a good Internet Security product that protects against IM attacks along with network defense.
  • Exploits are the most common cause of infections on computers these days. Many of the exploits have been caused by out-of-date Java plugins or Adobe Flash Player plugins (or even fake Flash Player), among other types of plugins for your browser. Other exploits come in the form of advertisements that are catered to your interests, by the use of tracking cookies, which when you click on the ads it can lead to a site that will immediately download malware and attempt to take control of your computer.Those are just a couple of examples of why you need Internet Security protection as declared just above in the explanation for IM security. Also, having a second-opinion malware scanner can make sure that things don’t get missed, giving you maximum protection. Working on a defense-in-depth strategy for your computer can be a great way to avoid exploits.
  • Downloading and installing untrusted software products is a good way to get infected with viruses, spyware, and other threats and malware. Using tools such as Web-of-Trust for your browsers is a key idea in managing whether a site is safe. Also, reading reviews for the product you are getting ready to download and purchase will help you make an informed decision. It is important to have Total Internet Security protection, as stated above in IM security. Please refer to the “Internet Security product” link for more information on securing your system(s) with protection mechanisms.

There are many more vectors of cyber security problems. It is important to use the methods described above as well to secure your system(s) from attacks from cybercriminals.

Summary of mitigating most attacks:

LifeLock

Alleged LulzSec Member Arrested by FBI for Sony Hack

LulzSec

A man alleged to hacking in to Sony Pictures Entertainment computer systems has been arrested. A man named Raynaldo Rivera has been arrested, not only for hacking, but also for stealing personal information, passwords, and other personal data from thousands of users. Most of the information leaked was about innocent users whom entered contests held by Sony Pictures Entertainment.

Because of this “simple SQL injection“, it costed Sony over $600,000 apparently, which is not cheap change by any means.

Rivera used the HideMyAss proxy service, illegally according to their Terms, to investigate potential vulnerabilities on Sony servers. The alleged hacker is known by the online handles, “neuron”, “wildicv”, or “royal”. He could face up to 15 years in prison, if convicted.

 

Protect your computer:

Password Security is Beginning to Improve

English: Gmail registration screenshots فارسی:...

Notice the key word “beginning” when describing the improvement? Password security is ever so important, especially when users put more data online that is personally-identifiable. It’s highly important to keep your password updated often, especially on social networks.

With recent password studies, it shows that people that are much older in age tend to pick stronger passwords. Which means for young people that it’s time to start picking out better passwords.

With recent password hacks, you’d think people get a move on in changing their passwords. Password theft can happen to anyone!

Some of the weaker passwords were only 10-20 bits. But, as time moves on, password strength should be up to 32 bits. What this means for you? Longer passwords that are more unique:

  • At least one capital letter
  • At least one lower-case letter
  • At least one symbol
  • At least one number

When you’re searching to create a password, try to make it appear easy to remember for yourself, but impossible for a stranger to figure out, even if they looked at your profile for personally-identifiable information. Another key is to avoid putting ANY personal detail in any of your passwords.

Here are some example passwords that would be excellent to use:

  • Marc#4564 (according to How Secure Is My Password, it would take 12 years to crack)
  • GenieRelease#7 (32 billion years)
  • JokerMan*777 (5 million years)

As you can see, the more unique your password is, the better chances you are at keeping your data safe for many years!

%d bloggers like this: