Sunday, October 29, 2006

Caller ID Identity Theft Scam. Caller ID Identity Theft Scam. "I cannot emphasize enough the importance of never providing sensitive personal information to a stranger who calls you over the telephone" [...] This warning comes in response to reports of a recent scam in which residents of the Washington, D.C. area received information over Caller ID stating that calls they were receiving originated from a District Courthouse. In this particular scam, the identity thieves tricked individuals by telling them that they had failed to report for jury duty and that they could face fines or arrest for their failure to have served. In an attempt to prove their innocence, several victims of the scam provided sensitive personal information to the callers.  [GT: Security and Privacy] 1:40:18 AM  PermaLink   / trackback []

TechTV Forever // Security Now! // Episode 61 On this week's Security Now! Leo and Steve chat about more Windows XP zero day exploits, chat about your privacy online and exactly what people's ISPs know about them and what they do with it. Additionally, among the topics are how you can protect your online privacy, how you can protect yourself from new windows vulnerabilities. Security Now! Episode 61 // October 12, 2006 1:35:03 AM  PermaLink   / trackback []

New Phishing e-Mail Identity Theft Scam. New Phishing e-Mail Identity Theft Scam. Never give Social Security Numbers to unsolicited e-mails [GT: Security and Privacy] 1:27:08 AM  PermaLink   / trackback []

FCW.com - Theft causes most data losses, report finds Because equipment theft causes most data losses, agencies should use physical security to protect sensitive information, according to a new House Government Reform Committee report. "The vast majority of data losses arose from physical thefts of portable computers, drives and disks, or unauthorized use of data by employees," the Oct. 13 report states. Computer system hackers caused few breaches. For example, the Internal Revenue Service told the committee that a revenue officer reported Feb. 27 that his IRS computer and 14 taxpayer cases were stolen from his vehicle, according to the report. Federal contractors are another main source of problems. Agencies rely heavily on private-sector contractors for information technology management services, the report sates. "Thus, many of the reported data breaches were the responsibility of contractors," it states. 1:24:18 AM  PermaLink   / trackback []

FCW.com - Justice task force looks into privacy A task force has issued a series of recommendations regarding privacy in justice information systems. The Privacy Technology Focus Group was chartered to examine the exchange of personally identifiable information, focusing on justice and public safety data. Last November, the Justice Department brought together a group of public- and private-sector specialists to look into privacy technology. The group's working teams covered areas such as access and authentication, data aggregation and dissemination, and identity theft. A report issued earlier this month that stemmed from the focus group's activities offers suggestions. Some relate to the Global Justice Extensible Markup Language Data Model (JXDM). For example, the report recommends reviewing and creating privacy metadata in Global JXDM. That metadata would describe sensitivity, use limitations and other characteristics of data. 1:22:09 AM  PermaLink   / trackback []

FCW.com - NIST highlights RFID risks A draft publication from the National Institute for Standards and Technology highlights some of the security and privacy risks associated with radio frequency identification technology. Some of the risks involved can be serious. The threat can extend from the RFID tags to central databases on an agency's network, according to the report. But NIST experts are not trying to scare agencies from using the technology. "Like any new technology, RFID presents new security and privacy risks that must be carefully mitigated through management, operational, and technical controls in order to realize the numerous benefits the technology has to offer," the report states. One danger is that an unauthorized user with a RFID reader, which is also called an interrogator, could gather information about the contents of a container, making it easier to decide what to steal. So agencies need to decide how much information to include on the tags and how to protect it. 1:18:17 AM  PermaLink   / trackback []

FCW.com - EU needs RFID privacy regs, study finds The European Union needs to consider adopting a solid legal framework to ensure that the use of radio frequency identification technology does not infringe on privacy, a top official of the European Commission, the executive branch of the EU, told an RFID conference Oct. 16. The EU also needs to standardize its RFID frequencies in the 865 to 868 MHz frequency band, according to a commission background paper presented at the conference. The commission said it expects to complete a draft spectrum decision by the end of this year. It has recently completed a six-month consultation with public and industry stakeholders on the use of RFID tags in the EU. Viviane Reding, European commissioner for information society and media, told the conference that "the overriding message that comes out of the consultation is that citizens have concerns over privacy issues." 1:13:23 AM  PermaLink   / trackback []

Boarding Pass Hacker Under Fire. Boarding Pass Hacker Under Fire. Rep. Ed Markey wants the government to arrest a graduate student for launching a website that lets users create fake boarding passes capable of fooling airport screeners. That'll fix everything! By Ryan Singel. [Wired News: Security Blanket] 1:06:55 AM  PermaLink   / trackback []

Pennsyulvania's New Cyber Security Web Site. Pennsyulvania's New Cyber Security Web Site. Web site provides critical information for staying safe on the Internet [GT: Security and Privacy] 12:07:19 AM  PermaLink   / trackback []