Home How it works Free Services About Blog
Ultrasaur / Blog / crime
Ultrasaur Blog

Keeping track of exciting new threats to your digital records.

Posts Tagged ‘crime’

Physical Locks Break Too

Friday, June 19th, 2009

We don’t regularly follow physical security, but I enjoyed the article (thanks Bruce Schneier). It’s interesting to note that “high security” locks mean that they can stand up for 10 minutes — and according to Marc Weber Tobias, none last more than a few seconds reliably.

But the parallel that I find most interesting is how, as I’m prepping our next demo (where I hack a SharePoint server), is how little original work I had to do. Smarter people than me had already done the legwork, just like regular crooks who use Tobias’ work to bump the lock on your bike. You don’t have to protect your doors & servers against what you can do, but what the sum of the smartest hackers can do.

Side note, I want to buy this laptop just to have the big guy’s computer :)

Tags: , ,
Posted in hackers | No Comments »

FBI seizes 50 servers

Saturday, April 4th, 2009

This is somewhat breaking news, but apparently the FBI has seized the servers of 50 companies because they were hosted in the same building as a company suspected of leaking an unreleased movie.

“[Owner of Core IP Networks, Matthew] Simpson claims nearly 50 businesses are without access to their email and data. Some of those clients provide internet services to car dealers and other companies.”

It appears that primarily web sites and email were affected this time, but it might be setting a dangerous precedent from our perspective: If you keep backups of your records offsite, the FBI may take them at any time if they think some entity also using that site is involved with movie piracy.

Aside: Remember our pitch, we never make copies of your records, if the FBI takes our servers all they can do is verify your files if you give them to them.

Update from CBS 11 News in Dallas:

CBS 11 News has uncovered new information about FBI raids against Dallas companies that provide web servers for dozens of businesses in North Texas and across the country.

Court documents show it’s all part of an alleged massive fraud scheme against AT&T and Verizon.

Court records show Verizon first went to the FBI this past January, alleging some North Texas web server providers were cheating them and AT&T out of millions of dollars.

Tags: , , ,
Posted in legal | No Comments »

In poor economy, more IT pros could turn to e-crime

Monday, March 30th, 2009

KPMG weighs in to remind us that employees do commit fraud

The E-crime Survey 2009, presented at the E-Crime Congress in London on Tuesday, surveyed 307 private companies, government organizations, and law enforcement agencies.

In the survey, KPMG said that fraud committed by managers, employees and customers tripled compared to 2007, which indicates that the recession will likely only exacerbate those problems.

Tags: , ,
Posted in Uncategorized, misc | 1 Comment »

IT worker set malware at Fannie Mae

Thursday, March 5th, 2009

IT Worker Indicted For Setting Malware Bomb At Fannie Mae: “a malicious script buried in a legitimate script”…. “Industry experts warn that such exploits may become more common”.

We’ll be making our beta public as soon as possible.

Tags: , ,
Posted in legal, record falsification | No Comments »

$9 million ATM scam

Saturday, February 7th, 2009

Regarding the recent multi-person ATM scam one line stuck out as especially scary from a data integrity perspective:

Somehow the group managed to remove the daily withdrawal limits usually imposed on the cards and accounts, allowing for multiple large withdrawals to be made.

Meaning that the team that managed to hack the system, were able to change more than just the data but also the rules of the system. If they were able to do that, it’s safe to assume they may have been able to tamper with records and safety audits to cover their tracks. There may be no way to determine which records in the system are legitimate clues and which have been altered.

Tags: , , ,
Posted in worldnews | No Comments »