Jan 13
Spyware antispyware-com, business, copyright, feedback, financial, government, home, information, notification, open-source, personal, polls, recession, security, Spam, Spyware, spyware-malware, study, threat-database, Uncategorized
Businesses, governments and educational institutions says there were 50% more data breaches in 2008 than in 2007 with the personal records of at least 35.7 million Americans at risk, according to a new study.
The Identity Theft Resource Center reported 656 breaches at the end of 2008, “reflecting an increase of 47% over last year’s total of 446,” it says, going on the financial, banking and credit industries, “have remained the most proactive groups in terms of data protection over all three years”
The Government/Military category has dropped nearly 50% since 2006, moving from the highest number of breaches to the third highest, says the ITRC, but, “the business community still needs to enhance and enforce data security measures”.
Only 2.4% of all breaches had encryption or other strong protection methods in use, and only 8.5% of reported breaches had password protection, says the study.
“It is obvious that the bulk of breached data was unprotected by either encryption or even passwords,” it states, continuing:
Sadly, these trends continue to plague companies and government alike, despite education on safer information handling, new laws and regulations. Mal-attacks, hacking and insider theft, account for 29.6% of those breaches that reported the causal factor. Insider theft, now at 15.7%, has more than doubled between 2007 and 2008. On the other hand, data on the move and accidental exposure, both human error categories, showed noteworthy improvement, but still account for 35.2% of those breaches that indicate cause.
Electronic breaches (82.3%) continue to outnumber paper breaches (17.7%). While there were 35.7 million records potentially breaches according to the notification letters and information provided by breached entities, 41.9% went unreported or undisclosed making the total number of affected records an unreliable number to use for any accurate reporting.
The ITRC strongly advises all agencies and companies to:
- Minimize personal with access to personal identifying information.
- Require all mobile data storage devices that contain identifying information encrypt sensitive data.
- Limit the number of people who may take information out of the workplace, and set into policy safe procedures for storage and transport.
- When sending data or back-up records from one location to another, encrypt all data before it leaves the sender and create secure methods for storage of the information, whether electronic or paper.
- Properly destroy all paper documents prior to disposal. If they are in a storage unit that is relinquished, ensure that all documents are removed.
- Verify that your server and/or any PC with sensitive information is secure at all times. In addition to physical security, you must update anti-virus, spyware and malware software at least once a week and allow your software to update as necessary in between regular maintenance dates.
- Train employees on safe information handling until it becomes second nature.
Original post:
2008 data breach total soars: report
Dec 29
Spam ads-by-google, Adware, already, Anti Spam Solution, employment, from-and-how, internet, networking, online, personal, Phishing, search, software, Spam, spammer, Spyware, victim, want-to-receive, where-it-came
Spam. Those annoying, time-consuming emails that clog your Inbox and ruin your day. You wonder: How did it ever get so bad? While it’s not possible to completely eliminate spam, there are quite a few…
Read more here:
How to Stop Spam (Especially If You’re Already a Victim)
Dec 17
Spam ads-by-google, Adware, Anti Spam Solution, blocker, filtering, internet, menno-spijkstra, online, online-spam, personal, report-spam, search, security, software, Spam, spammer, Spyware, style, system, system-with
Spam is almost a fixed accessory to the internet. If you are working online, it is a given fact that you can also be prone to spams. In the recent years, it has been plaguing many internet users and has been present on the World Wide Web since time immemorial. There are various ways for this nuisance type of mail to be posted on the net. Mostly they are posted through emails and there are about millions of it sent everyday.
Read the rest here:
Arm Your System With an Online Spam Blocker
Oct 31
Spyware badcon-trojan, china-trojan, download, feeds, information, internet, more-resources, mupd1, news, personal, privacy, related, remove-mupd1, review, software, Spyware, trojan, user, virus, windows
Mupd1_2_1711951 is dangerous trojan. While many similar trojans download malware secretly, Mupd1_2_1711951.exe tricks people into downloading parasites willingly.
Mupd1_2_1711951 trojan is able to imitate alerts usually loaded by Windows Firewall. The fake firewall asks user if he wants to block Trojan-Keylogger.WIN32.Fung. By clicking
Oct 31
Spyware Adware, desktop, download, information, internet, local, malware, microsoft, news, personal, personal-defender, program, program-files, remove-personal, review, software, Spyware, trojan, virus, windows
Personal Defender 2009 is a malware disguised as a security tool. This is not a new way to trick people and gain a purchase, but Personal Defender 2009 uses additional misleading tactics to make things work.
PersonalDefender2009 is not able to infect computers on its own; instead, it tricks people into downloading the program voluntarily. PersonalDefender 2009 is delivered by trojan mupd1_2_1711951.exe. The trojan mimics Windows Firewall notifications and asks if user wants to enable protection. By clicking
Sep 29
Spyware activate-dat, current, download, explorer, information, internet, microsoft, news, personal, personal-anti, program, program-files, related, remove-personal, review, security, software, Spyware, virus, windows
PersonalAntiSpy uses all kinds of pop-ups to make an impression of infected system and trick user into buying a full version of this fraudulent application. Personal AntiSpy may also present itself as PersonalAntiSpy Free or PersonalAntiSpy Unregistered version. It generates system tray alerts and pop-ups masked as security notifications and offers running Personal Anti Spy scan. User can
Aug 20
Spyware antispyware-com, company, copyright, feedback, florida, home, internet, microsoft, open-source, personal, Phishing, polls, polls-archive, princeton, princeton-review, school, security, Spyware, threat-database, Uncategorized
Test-preparatory firm The Princeton Review accidentally published the personal data and standardized test scores of tens of thousands of Florida students online, “where they were available for seven weeks,” says The New York Times.
A security hole, “allowed anyone to type in a relatively simple Web address and have unfettered access to hundreds of files on the company’s computer network, including educational materials and internal communications,” says the story, going on:
Another test-preparatory company said it stumbled on the files while doing competitive research. This company provided The New York Times with the Web address of the internal files on the condition that it not be named. The Times informed the Princeton Review of the problem on Monday, and the company promptly shut off access to that portion of its site.
One file on the site contained information on about 34,000 students in the public schools in Sarasota, Fla., where the Princeton Review was hired to build an online tool to help the county measure students’ academic progress. The file included the students’ birthdays and ethnicities, whether they had learning disabilities, whether English was their second language, and their level of performance on the Florida Comprehensive Assessment Test, which is given to students in grades 3 to 11.
Another folder contained dozens of files with names and birth dates for 74,000 students in the school system of Fairfax County, Va., which had hired the Princeton Review to measure and improve student performance.
According to the New York Times, The Princeton Review said student information should have been protected by a password, but the protection was, “most likely lost when the company moved its site to a new Internet provider in late June”.
It’s now looking into how many people might have accessed the files, some of which could be found through search engines,” adds the story.
Go here to read the rest:
Princeton Review test scores online
Jul 15
Spyware download, elhacker, elhacker-keylogger, feeds, information, japan, more-resources, movie, news, personal, privacy, remove-elhacker, review, software, Spam, Spyware, user, virus, webmasters, windows
From the publisher:
‘Ejecutar teclass.exe en el ordenador victima. Se crea un txt en la carpeta c:windowssystem Este txt contiene las teclas caputradas. El nombe del txt es notn?, donde n? corresponde al numero de not’s.txt que se van creando. Muy f’
Apr 16
adminSpyware access-control, Adware, events, firewalls, microsoft, more-8250, network, news, outlook, personal, Phishing, related-articles, security, security-audit, software, Spam, Spyware, white-papers, windows
Competition drives prices down, regardless of the industry. With a crowded field of vendors jockeying to be the trusted source of computer security for your home and office, prices for many of the ess…
Read more from the original source:
The 103 Best Free Security Utilities
Feb 20
adminSpam about-me, adam-minic, december, elite-herbal, february, genbucks, home, january, july, june, march, marion-lynn, money, personal, servman, Spam, spamislame, want-to-hear
Since Feb. 12th, bulkerforum.biz has been dormant. Domain does not resolve and it’s not hosted on any of the previously known hijacked IP’s. That’s interesting in itself, in light of the slew of recent arrests involving illegal spammers.
But there’s other interesting news regarding that site. Several members have suddenly been unceremoniously removed. I’ll report back on a few of them in the coming weeks, but for now I thought I’d cover one particular member who seems to have actively wanted to cover his tracks: ServMan.
Back in November when Marion Lynn created his blog, spamgossip, he began exposing individual members of bulkerforum.biz, the go-to forum for illegal spammers.
Initially he listed handfuls of people per day, then removed a bunch, then removed a bunch more. Since then it’s remained pretty dead, and numerous postings have been removed altogether. As one would expect, this caused people (like me) to dig a little deeper. I checked out some of the postings of the exposed users. At the time, none of it seemed particularly important.
I and many others had recently noticed (before the forum was shut down, if that’s what’s taken place) that some of those members have suddenly “gone dark” on that forum, notably Phantom (aka: Norman Keith Holmes.)
Then in mid-January I noticed that one of the members, ServMan, had either been systematically deleting any postings he had on the forum, or getting someone else to. (Or, alternatively, one of the admins of that forum may feel that having his particular info on that forum is a bad idea.)
Whenever I see this kind of thing happen, it definitely seems to indicate that there is truth to the exposed information. Why would somebody suddenly shut up unless the name was correct? Especially in light of how that group has acted whenever someone like myself has done this in the past (claiming libel, claiming my info is way off base, etc.) it is stunning just how silent some of the members have become.
Servman was listed as one Adam J. Minic. Searching for that turns up very few hits, but there is one interesting one from the NANAE newsgroup:
Newsgroups: news.admin.net-abuse.email
From: DarkFiber
Date: Sat, 24 Nov 2007 20:46:21 -0000
Local: Sat, Nov 24 2007 3:46 pm
Subject: Re: TURKEY STUFFING: ANOTHER SHITBAG!
On Thu, 22 Nov 2007 19:46:51 -0800, spamgossip wrote:
> SPAM AND EGGS! On Thu, 22 Nov 2007 19:46:51 -0800, spamgossip wrote:
> SPAM AND EGGS!
> The spam is in your mail and the egg is on the faces of these Bulker
> Forum members!
> servman – Adam J Minic – Boise, ID
Highly believable as there is evidence as recent as summer 2007 that Adam Minic associates with veteran spammer Todd Springer of the S & S Global LLC spam business that Todd and his brother, Scott used to run. Adam is perhaps a protege of theirs.
Kind of makes one wonder if Todd and Scott Springer didn’t really retire from the spam business.
One also has to wonder if KEVIN JAMES MINIC #18299 who was discharged (as an inmate) from the Idaho Department Of Correction on 03/21/2005 is any relation.
On Dec. 27th, 2007 – the last time I bothered to check into it, Servman was responsible for 11 postings. Prior to that the number was much higher, around 30 or so.
I checked it on Jan. 28th, 2008, just out of curiosity. There were zero postings from Servman. None.
As it happens, I still have copies of some of his postings on the forum. In my opinion, while they are definitely damning evidence pointing to a string of the usual offences associated with illegal spamming, they aren’t terribly different from those of numerous other members of the site. Nonetheless, either Servman or someone else must have assumed that this was too much exposure for him.
Here are the details I managed to glean from the postings I was able to archive from bulkerforum.biz last year following the exposition of Servman:
- He expressed interest in Hotmail and Yahoo email list verifier software.
- He was interested in purchasing lists from numerous members.
- He offered a new RX program (ie: Pharmacy spam, like we needed more of this crap.) He paid a 45% commission per sale.
- He used (or uses) DarkMailer (aka: DM) to perform his spam runs.
- He was (or still is) an active member of Sancash, the now-renowned “herbal remedy” spammer affiliate program with ties to Genbucks and Tulip Lab. (yes, VPXL / Elite Herbal / Manster / Megadik, again: like any of us wants to hear about it.) He liked spamming for them and made okay commission apparently. His conversion ratio indicates that he’s spamming lots of people who definitely do not want to hear about these products: “My conversions started at 1:80 and have been at 1:150-1:250 ever since.” More on this below.
- He was also a member of the bulker.biz affiliate program. (Canadian Pharmacy, I believe, is one of their properties.)
- He has dealt with diploma spamming in the past. Whether he actually mailed it himself is unknown. This is very obviously illegal activity.
- He was in need of new servers in Sept. 2007. He had very specific requests as to the specs of these servers, which were to be used for “proxy mailing”, in other words: to use a botnet to send spam, which is illegal. It appears that he may have done a deal with RackSpace06 for those servers, and that he got ripped off by him (or nearly so.)
- In March 2007 he stated “We have entered a new era in mailing. Botnet is your best canidate for re-entering this industry.” He then outlined how to get started in the bot-spamming business. It’s pretty clear he knows a lot about how to send spam using hijacked and infected computers, to lists of people who very likely don’t want to hear from him.
- He hates “antis” (such a stupid term.) Yet he continues to mail to people he knows would prefer not to hear from him. Their complaints make him angry.
What other dealings does Mr. Minic feel would be threatened by exposing him as a spammer? A google search for “Adam Minic” (with quotes) and “boise idaho” (without quotes) turns up a posting dated Jan. 23rd, 2008 on the forum “averyoutdoors.com” from a user named Camo Coatings discussing goose hunting. He is also located in Boise Idaho. I had previously suspended this posting because someone claiming to be Mr. Minic complained that someone was threatening his life based solely on my posting on this blog, ignoring completely that this information was already widely publicized last year by Marion Lynn on his spamgossip blog.
Since he has not shown me any proof of these alleged threats, this posting has been reactivated, with his comments intact. I have excised the contact info, which as mentioned before is already available elsewhere.
I mentioned his “conversion ratio.” Conversions are the meat and potatoes of the spam industry if you spam on behalf of an affiliate program. A ratio of 1:80 is not good, by legitimate marketing standards. That means that for every 80 people who end up clicking through to your site, only one of them bought something. Legitimate companies, companies like (let’s say) Amazon.com, or Lavalife.com, or any other above-board business which relies on third parties for some of their marketing needs would be hoping to see conversions more along the lines of 1:4, or 1:10. Even 1:10 is not considered a good ratio by legitimate companies. This goes quite a way to explaining the spammer mentality. They don’t care how many people (like me) don’t want to hear from them, they want money. They want the money for as little effort as possible. They want to follow only two steps:
1. Hit “send”
2. Get paid
Your complaints mean nothing to a guy like Adam Minic / Servman. He can’t be bothered to clean his lists because that involves more steps than the two outlined above. Steps like: cleaning your list. Or possibly: choosing NOT to promote fake herbal remedies or illegally supplied fake pharmaceuticals which have no proven medicinal value.
A posting from January 2007 is probably the biggest indicator as to why he doesn’t want his personal data out there. It’s in response to a posting by mcproxy regarding exposing the personal data of someone who scams you in the spam industry:
The thing is, maybe not posting personal info. but enough to get the point across. Ie: icq, alias, etc.. In a perticular section of the forum. I was just expressing my idea in hopes that we could build something workable. I vote for a scammer section for misconduct and wrong-dooing un-becoming of a valid contact in this biz type of section.. hehe.
Currently if any of us get scammed, I can speak for myself anyways, I will post their alias info at least. I have never posted anyone’s personal info. and I am sure never will. But many of us know each other past our alias. So therfor thats the assumed risk we take in business through gui interface..
Maybe my “quick reference section to scammers” is not a great or even good idea, but just wanted to convey my thoughts about this issue.
Any-thoughts guys???
Maybe he’s worried about being perceived as a scammer. Or maybe he does business in other areas which would be impacted by having his real name associated with activities like spamming or using a botnet. Aside from the purely legal ramifications, I guess that would definitely impact his bottom line. But then why continue to spam? Why knowingly participate in these activities if you weren’t already well aware of the risks?
I’m intrigued to see if he appears anywhere else out there in terms of forum postings. Having said that: I have a life. I’m not going to knock myself out about it. Digging this bit of info didn’t take long at all. I like to keep it that way.
It appears that Lynn was correct in identifying Servman. (Surprise!) I’m still not sold that he’s effectively identified anyone else, or that doing so has had the desired effect.
SiL / IKS / concerned citizen
Read the original here:
Who is Servman? (now that Bulkerforum is down)
Older Entries
RSS
