Submission + - Is Montana the Next Big Data Hub? (missoulian.com)

Submitted by rye on Monday May 05, 2014 @02:38AM

rye writes: Montana is positioning itself as the next hub for big data and cyber security. With companies like Symantec and IBM investing heavily in high-tech development, the opening of University of Montana's new Cyber Innovation Laboratory, and statewide competitions such as this weekend's Montana Cyber Triathlon (which had the coolest trophy ever), the momentum is strong. Cheap labor, cheap space and the Northern Tier backbone (with stretches over 600 miles across the width of Montana) are all contributing to the new tech growth. Even Congress is jumping on the bandwagon: Montana Rep. Steve Daines, a member of the House Subcommittee on Cybersecurity, Infrastructure Protection and Security, recently said "Technology has removed geography as a constant." Is the Last Best Place poised for a tech boom?

Submission + - Under the Hood: Banking Malware (lmgsecurity.com)

Submitted by rye on Tuesday June 04, 2013 @01:32AM

rye writes: What is your computer actually DOING when you click on a link in a phishing email? Sherri Davidoff of LMG Security released these charts of an infected computer's behavior after clicking on a link in a Blackhole Exploit Kit phishing email. You can see the malware "phone home" to the attacker every 20 minutes on the dot, and download updates to evade antivirus. She then went on to capture screenshots and videos of the hacker executing a man-in-the-browser attack against Bank of America's web site. Quoting:

"My favorite part is when the attacker tried to steal my debit card number, expiration date, security code, Social Security Number, date of birth, driver’s license number, and mother’s maiden name– all at the same time. Nice try, dude!!"

Submission + - Dissecting RSA's "Watering Hole" Traffic Snippet (lmgsecurity.com)

Submitted by rye on Tuesday May 07, 2013 @12:35AM

rye writes: Even the tiniest snippets of network traffic reveal a lot-- not just about viruses and botnets, but also about the malware research lab setup inside corporations like RSA. Watch as Sherri Davidoff of LMG Security tears apart a teeny tiny snippet of gh0st RAT traffic released by RSA during their investigation of the VOHO "watering hole" attack.

Submission + - What Does DHS Know About You? (philosecurity.org)

Submitted by

Sherri Davidoff

on Monday September 07, 2009 @01:10PM

Sherri Davidoff writes: "Here's a real copy of an American citizen's DHS Travel Record retrieved from the U.S. Customs and Border Patrol's Automated Targeting System (ATS). This was obtained through a FOIA/Privacy Act request... The document reveals that the DHS is storing the reader's:

Credit card number and expiration
IP address used to make web travel reservations
Hotel information and itinerary
Full airline itinerary, including flight numbers and seat numbers
Phone numbers, incl. business, home & cell
Every frequent flyer and hotel number associated with the subject, even ones not used for the specific reservation
"

Comment Re:Please don't think of the children. (Score 1) 1092

by rye on Tuesday June 02, 2009 @01:17AM (#28177977) Attached to: Making a Child Locating System

First it was tracking consumers. Look at the location histories that public transit agencies store (EZ-Pass, Metro Card, etc), not to mention credit card and cell companies that track and analyze consumer location info for the company's benefit. Money is the greatest motivator.

After these systems are set up, police realize that they can gain access and use them to track suspects or "terrorists." Once the capabilities are well-publicized, parents get interested and companies spew out spinoff consumer-friendly tracking tools... such as Verizon's Chaperone, which more average people buy... which LE will subsequently take advantage of...

Every new advance in location tracking technology is an exploitative cycle between the market forces, Big Brother and normal human attachments.

Submission + - Interview with an Adware Author (philosecurity.org)

Submitted by rye on Tuesday January 13, 2009 @03:48PM

rye writes: Sherri Davidoff conducts a fascinating interview with Matt Knox, a talented Ruby instructor and coder, who 'talks about his early days designing and writing adware for Direct Revenue. (Direct Revenue was sued by Eliot Spitzer in 2006 for allegedly surreptitiously installing adware on millions of computers.)'