Log inskip to content

Archive for August, 2007

Continuity Corner #2

Tuesday, August 21st, 2007

 Disasters in the Midwest?

Since the Radian Group is located in the midwest a frequent excuse for business’s to not develop BCP’s is

  • We don’t have have earthquakes or hurricanes.
  • Nothing will ever happen to use.
  • What could possibly put me out of business in the surburban Chicago?

After doing a little research, I have listed some of the big events that have happened over the last 15 years. This of course does not even address small fires, IT failures, small scale power outages after a storm, or office closures due to snow storms.

  • 2007 May 13th: Fox Lumber Fire; 2500 Com Ed customers lost power.
  • 2006 April 13th: Fairview Heights. Roof collapsed on K&G Fashion Superstore;  1 death.
  • 2004 Dec 6th: ABN AMRO. Electrical fire started when a ballast in the ceiling overheated and caught fire; no deaths
  • 2004 April 20th: Utica Tornado; 8 deaths
  • 2003 October 17th: Fire caused by a faulty light fixture in Cook County admin building; 6 deaths and 12 injured.
  • 2003 August 27th: Workplace shooting by  a former employee at a Windy City Core Supply, Inc. warehouse; 7 deaths
  • 2003 February 19th: Stampede in a  second-floor E2 nightclub; 21 deaths and 50 injured.
  • 1995 July 12-16th: Heat wave with high  daily temperatures, ranging from 93 F  to 104 F; 739 deaths.
  • 1992 April 13th: Chicago freight tunnel flood,  piling driven into the Chicago River bottom caused a leak in one of Chicago’s underground freight tunnels. No Deaths. 

 
  Have you ever had an event which shut your business down for a day or more?

 

Posted in Business Continuity Management | No Comments »

Trojan Steals Data From Job Search Site

Saturday, August 18th, 2007

Infections at Monster.com and other sites result in theft of personal information for 46,000 job-seekers.

A security researcher at SecureWorks Inc. has uncovered a cache of financial and personal data that was stolen from about 46,000 individuals by a variant of Prg, a Trojan program gaining notoriety for its quick-change behaviors.

The stolen data includes bank and credit card account information and Social Security numbers as well as usernames and passwords for online accounts. Many of the victims were infected and reinfected as they visited several leading online job search sites, including the popular Monster.com.

Don Jackson, the SecureWorks researcher who found the collection, said it was the largest single cache of data he discovered from the Prg Trojan, a piece of malware first seen in the wild in June. According to Jackson, the server he examined is still collecting stolen data, with up to 10,000 victims feeding it information at any particular time.

That server is one of 20 similar servers worldwide that are collecting and storing data stolen by Prg. Twelve of those servers — including the one with the large data cache — are being managed by a single hacking group known for naming their attacks after car manufacturers such as Bugatti, Ford and Mercedes, Jackson said.

The "car group’s" success in compromising and stealing information from so many individuals is based on two factors, Jackson said. The first factor appears to have been their success in widely distributing the malware. He says the group used online ad aggregation services to place infected ads on job-search services as well as other Web sites, he said.

A user clicking on one of the malicious ads is taken to an exploit page that "fingerprints" the user’s browser and then serves up between one and four exploits designed to infect the user’s system with the Trojan. From that point on, all information the user enters into the browser is captured and sent off to the hacking group’s servers, Jackson said.

The other reason for the widespread compromises is the group’s sheer industry — they’ve been releasing a new variant of the Trojan every five days to a week, on average, and sometimes even quicker. Antivirus tools are having a hard time keeping up with the variants, Jackson said, so infections are going undetected for several weeks in many cases. Many of those whose data has been stolen appear to have been infected multiple times by successive variants of the Trojan.

A number of Prg variants are known to operate in part by opening up Port 6081 on victims’ computers and listening for connections there. Some experts suggest that concerned parties looking to cut Prg off at the knees might start by blocking inbound and outbound traffic on 6081.

Prg appears to be a variant of a somewhat older Trojan known as wnspoem, discovered last October. Like the earlier model, Prg is designed to sniff sensitive data from Windows internal memory buffers before the data is encrypted, which means that the malware can circumvent SSL security measures. When SecureWorks researchers noted back in June that a Prg construction kit was making the rounds, the data caches they analyzed contained a remarkable amount of information from corporate PCs — indicating perhaps that attackers are now expanding their focus.

It’s not entirely clear how the stolen information in the latest attacks is being used, but Jackson says that the kind of data that the Trojan has cached seems to indicate that the data is being stolen for identity theft purposes.

Posted in General | No Comments »

SEC charges ex-Brocade CFO in backdating scheme

Friday, August 17th, 2007

The U.S. Securities and Exchange Commission charged Brocade Communications Systems former chief financial officer with fraud on Friday, saying he disregarded indications other executives were backdating stock options.

The SEC said Michael Byrd learned of instances in which Brocade’s former CEO and others were backdating options for certain people, but did not ensure the company properly accounted for the expenses and disclosed them to investors.

A U.S. jury convicted the former Brocade CEO Gregory Reyes earlier this month in the government’s first criminal trial of options backdating.

Brocade has already agreed to pay a $7 million civil penalty to settle charges of fraudulent stock option backdating.

The SEC said Reyes repeatedly granted “in-the-money” options to employees and executives, but signed backdated grant paperwork to avoid reporting significant expenses.

Now on News.com
A trip down computer memory lane

E-voting predicament: Not-so-secret ballots

Chipmakers aim to unclog data paths

Extra: Scientists: ‘Frozen smoke’ will change world
Byrd received information indicating this misconduct but did not fully determine its scope or ensure the options were properly accounted for, the SEC said.

An attorney for Byrd did not immediately have a comment on the charges.

The agency also said Byrd received a backdating option grant in 2001, and filed a disclosure statement with the SEC with a false grant date.

The SEC is seeking disgorgement of ill-gotten gains and civil monetary penalties.

Posted in General | No Comments »

« Previous Entries
Next Entries »

« Jul iCalendar Sep »
August 2007
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031EC

Upcoming Events

  • No events.

Just as with the Y2K crisis of seven years ago, IT workers are being called upon to don superhero suits and save the enterprise from impending technology trouble. But this time, IT will be sifting through the complexities of the federal Sarbanes-Oxley Act of 2002

Public Companies over 75 million already need to comply by 12/15/2007...

Will your SMB be Ready?

Monthly Archives

Google
Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon Sign up for our Email Newsletter