I first encountered the difference between French and US employment policy during the dot com boom and I was working with a friend, Gilles Lerat, on an electronic coupon management solution he had developed. His company, a successful security consulting and reseller firm, was worried about the "employment police" who would stake out their parking lot and fine the company if they uncovered evidence that people were working late.
Richard Stiennon delivers a timely, succinct exploration of cyber threats, hack attacks, crime on the web, and information warfare.
I am not going to parrot the inevitable sky is falling warnings that are sure to come from pundits everywhere regarding the just heard news that a third undersea cable in the Mideast has been cut. Coincidence or well timed targeted attack?
Longterm readers of Threatchaos will recall the attempted Sumitomo Bank heist in London. In that incident a gang connected to an Israeli crime syndicate infiltrated the London branch of Sumitomo Mitsui and installed hardware key stroke loggers on desktop machines within the bank.
There was a time when Bay Area residents could find anything they needed quickly and efficiently on Craigslist. It was great - cars, furniture, apartments, partners, all right there in a revolutionarily simple text format.
Here is a beautiful example of poking around inside an application to gather what otherwise would be proprietary data. John Graham-Cumming has hacked the social book marking application Digg to discover how many registered users they have.
According to the Wall Street Journal this morning the Bush administration is pushing to spend $6 billion on cyber security in one year! They claim that US telecom systems are not adequately protected and that they need to spend this money to protect it.
You may remember when Choicepoint, the data aggregator and vendor of personally identifiable information fell prey to a very simple ploy. Some Nigerian data thieves became customers and proceeded to download thousands of records.
OK, this one is on a completely different scale than SoGen's issues this past week (see below). A woman sees an ad online for an administrator at the architecture firm she works for.
More details are coming to light already on this week's revelation by France's second largest bank, Societe Generale, of massive trading losses thanks to the activity of an errant insider.The Wall Street Journal this morning (temporary link)reports that Jerome Kerviel spent hours in the evening "hacking" into SecGen's computer systems.
The absolute disaster that Societe Generale discoverd over the weekend is the best reminder ever to check internal controls. You should be especially wary of employees that are familiar with your risk and security measures.