Haven't gotten any of the scam calls that are from indian call centers requesting you install remote sessions for them to "assess your virus infections" yet have you ? These for some reason are still allowed to run there from the same scum trying to get cash out of google there.
They usually target more then 1 chain, but have to taylor it to each chain as the pci-dss standard is enacted differently in each chain. Usually they will breach a big chain and use the same method for others but taylor the way they do it a bit differently and most times this helps them avoid early detection. Often the breach is discovered later, much later because it was not using the same carbon copy methods that were used in another breach.
There is supposed to be multiple log servers, and they get backed up.
So what happens is the logs are kept in the machines as well as shipped to a log server.. Depends on how they went about this.... but everything should be logging to multiple places for just this reason, hackers have automated log scrubbers that they can hide as a binary like say cd. the cd bin will get executed, but after the hook runs and scrubs the logs.
Most IDS systems should trigger alerts and close the route when sending massive amounts of data ANYWHERE !
All my gear is set up that if your sending a pack over 5 megs and you didn't get auth from secops and the mac cleared the route is shut down. Yes it's draconian but it prevents a lot of network abuse and has left me with 2 300 meg circuits instead of 2 gig circuits.
As some one who deals with security on a daily basis, I have seen tools to prevent this.
What happens is someone advertises say 10 K cards for sale. They actually package 15 K cards in the pack, when the user gets the pack they have a robot ap that goes and makes purchases from shops that are on the internet and are known to be able to easycard fraud friendly. The robots order something quickly like a $20 cable or piece of merchandise. If its declined the card is dropped from the database.
Once all the cards are checked if the buy has close to 10 K they don't care. If less then say 8 K they get another chunk of 4 K to go at again. Until they get close to the 10 K they were promised. This is how the good groups do it. The ones who don't care just sell in chunks of 5 K to 10 K with no guarantees.
Now they also can use another system for cards to do quick transactions checks just like paypal would do to check if the card is valid. Small bump purchase then issue a refund if they want to hide from the owner of the card.
I have to monitor these "groups" as I need to make sure that none of my servers are being used in their scams. A good security guy keeps his eye on everything ! And yes we monitor IRC and other methods of chatter to see if any of our servers have been compromised.
Everyone has a passion even kids ! How bout we foster their passions and let them grow with their passion ! at that point we will become a stronger nation.
No way , it's not like broadband is every where in Russia, and Skype is not even remotely a possibility !
The real question is , will Microsoft shut down Skype for the NSA so he can't testify ?
Because that part of the atm is heavily protected, whereas the usb port is behind a plastic panel.
That is hard to believe both Lenovo and HP make solid workstations... for now anyway.
Apple is relying on ssd on the pci bus to gain speed, sorry to say this but those ssd drives have a short life span when used for heavy lifting. Currently my workstation is a lenovo and runs sas, with a raid 10 set of 4 900 gig 15 k drives. Blindly fast and quiet. Dual 10 Core Xeons and 32 gigs of ram, I can run most anything on my workstation and it doesn't break a sweat. It's solid even in 80 degree heat here in colombia.
I run linux, and use a macbook for mobility. Hiring based on seeing what workstation someone selects is just a bad way to even joke about getting talent in the door. My Lenovo has a 4k price tag to our business, show me an apple product that low with those specs and I'll be the first to line up to purchase.
I live in a municipality zone at the moment for power, and they don't buy back power at all, matter of fact they won't even give credits for what solar will put back into their system. How this is legal, I don't know but stuff like this needs to be addressed, and it's easily addressed by giving the customer credit for half of what they produce on the bill.
servers sir don't need desktops ! and there we have high penetration, unfortunately companies are starting to right gui only installers for linux, we the server geeks don't want a damn desktop on our servers. we want to squeeze as much performance as we can out of the hardware !
Single Charge Cumming soon ?
What do you think this is Toronto ? And your hanging with Mr. Mayor ?
Did you just make a sex with cancer patient joke ?
There is a real need for dedicated IT staff.Especially if your building customers environments.
I'd hate to say it but I have seen this first hand. Firstly security is ignored, and secondly there has to e a level of over site.
Im a systems admin for a fortune 500 and in charge of security, you don't even know how many times "staff" have setup a replica of the customers environment and missed the security aspect or even forgot huge parts of the environment or even misconfigured half of it and we could not replicate bugs. My team goes in and notices this stuff off the bat.
There needs to be dedicated staff because core infrastructure should not be pieced together, It should be engineered, when not properly engineered and just thrown together based on what people want.... This usually ends up ina giant mess, which dedicated staff are called in to unravel and repair.