Al Gore’s Word-Press blog to promote his film “An Inconvenient Truth” was recently hacked with links selling online pharmaceuticals. These types of attacks are far too common with spammers looking for ways to peddle their wares. Like many other blog platforms, Word-Press has been plagued with security exploits and vulnerabilities.

Hackers compromise high profile sites like these to build legitimate links to their empire of sites to build traffic storms and search engine rank.

One of the most effective ways to protect your blogs is to keep the software up to date. It is also common for hackers to add malicious code to blog skins then distribute them publicly through sites like WP-Shere.

Tags: CyberCrime, Events, Security Breach, Web Defacement

Author: Christopher

Sites like MySpace and Photobucket are seeing a significant amount of malicious banner ads planted on their pages. Other heavily volume sites are noticing similar occurrences of difficult to detect javascript based trojan downloaders.

These types of threats are very dangerous as you do not have to click on the ad to be infected. These types of ads are not automatically filtered by Right Media’s ad servers as the trojan writer add in code to not display infect the ad if coming from a Right Media IPs. These ‘Agent’ trojans are becoming popular vehicles to deliver more dangerous malware.

Tags: Events, Malware, Patch Management

Author: Christopher

Yung-Hsun Lin recently plead guilty to writing and installing a logic bomb on the company network at Medco Health Solutions. Concerned he may be laid off, he planned on disrupting Medco Health Solutions ability to know if a customer’s new prescriptions would have adverse interactions with their existing prescriptions.

Fortunately another administrator found the threat before it had a chance to go off. Medco estimates the problem cost them between $70,000 – $120,000 to clean up.

If convicted, Lin could be facing 10 years in prison; although his plea deal is for 30 to 37 months.

Tags: CyberCrime, Events, Sabotage

Author: Christopher

According to a recent press release, Kaspersky reported finding the Virus.Win32.AutoRun.ah virus on brand new Maxtor 3200 Personal Storage drives sold in the Netherlands.

The virus looks around a computer searching for gaming passwords and deletes MP3 files. Kaspersky speculates these drives were some how infected during the formating process.

Tags: Anti-Virus, Events, Malware

Author: Christopher

The University of California recently has been hit with a proposed $3 Million fine by the U.S. Department of Energy for their alleged failures to protect classified information in a data breach back in October 2006. I am quite confident that the fine is only a portion of the financial responsibility as a result to this breach, quite likely not even the largest.

We tell our clients that protecting your grand moma’s apple pie recipe is only a single goal of Information & Data Security. Liability, reputation, and compliance are other good reasons to be concerned and pro-active with security. Pro-active Security is a time consuming and expensive task, but is yet considerably cheaper than the alternative; a security breach.

Tags: Events, Information Security, Security Breach

Author: Christopher