[SecurityRatty] tag: california

Most Spam Came from a Single Web Hosting Firm

Mon, 17 Nov 2008 02:11:07 +0000

Experts say the precipitous drop-off in spam comes from Internet providers unplugging McColo Corp., a hosting provider in Northern California that was the home base for machines responsible for coordinating the sending of roughly 75 percent of all spam each day.

Certainly this won't last:

Bhandari said he expects the spam volume to recover to normal levels in about a week, as the spam operations that were previously hosted at McColo move to a new home.
"We're seeing a slow recovery," Bhandari. "We fully expect this to recover completely, and to go into the highest ever spam period during the upcoming holiday season."

But with all the talk of massive botnets sending spam, it's interesting that most of it still comes from hosting services. You'd think this would make the job of detecting spam a lot easier.

Hosting firm shutdown forces botnets to relocate

Thu, 13 Nov 2008 02:00:00 +0000

The shutdown Tuesday of a California-based hosting company not only cut spam volumes, it also put a dent in malware-spreading botnets and other criminal activity, researchers said today.

Hosting firm shutdown forces botnets to relocate

Wed, 12 Nov 2008 21:00:00 +0000

The shutdown Tuesday of a California-based hosting company not only knocked down spam volumes but has also put a dent in malware-spreading botnets and other criminal activity, researchers said today.

Spam plummets after Calif. hosting service shuttered

Wed, 12 Nov 2008 02:00:00 +0000

The volume of spam worldwide dropped by more than 40% after a California-based hosting service was cut off from the Web, according to IronPort, a messaging security company owned by Cisco Systems.

IT admin used inside knowledge to hack and steal

Mon, 10 Nov 2008 21:00:00 +0000

A former San Jose, California, network administrator is facing 12 years in prison after pleading guilty to hacking, ID theft, burglary and drug charges.

Data privacy, security laws have far-reaching impact

Thu, 06 Nov 2008 21:00:00 +0000

Massachusetts has enacted data privacy and data security regulations that will make it eke out California for the most wide ranging state privacy and security laws--laws that are likely to impact the policies, practices, procedures, contracts and training used by companies nationwide. The Massachusetts Office of Consumer Affairs and Business Regulation determined that there was a significant need for set of comprehensive standards that ensure businesses are taking practical steps to safeguard personal information. While many of these practices are probably adopted by most companies in some way, shape or form--now a laundry list of minimum standards will be required. And, since it may be impractical for a company to treat information collected from Massachusetts residents differently than others--many companies across the country will

DDoS Attacks Strike Campaigns Against Same-Sex Marriage Bans

Thu, 30 Oct 2008 17:18:00 +0000

A group fighting a California anti-gay marriage amendment says its website was attacked Wednesday night with a denial-of-service attack right as it launched a fundraising drive. The No on Prop 8 capaign says a similar Florida group was also hit with a DDoS and that the Secret Service is now investigating.

Address Spoofing Flaw Allows Googles Chrome Websites Impersonation

Sun, 26 Oct 2008 19:04:47 +0000

A new vulnerability has been found in Google’s Chrome browser that allows attackers to impersonate websites of groups like the Better Business Bureau, PayPal and even Google. Researcher Liu Die Yu of the TopsecTianRongXin research lab in Beijing says the spoofing vulnerability is the result of faulty code inserted by programmers from the Mountain View, California. [...]

Presentation on Application Logging, Done Wrong or Very Wrong :-)

Fri, 17 Oct 2008 01:55:00 +0000

A final "automated" post, while I am on a plane back to California. This is a result of my work on defining what is a good log, based on looking at countless bad logs :-)

This presentation "Application Logging Good Bad Ugly ... Beautiful?" would be useful to application developers who create logging functionality as well as security pros who then need to use the logs.

Here it is, embedded below:

Application Logging Good Bad Ugly ... Beautiful?

View SlideShare presentation or Upload your own. (tags: logs logging)

Enjoy!

The Importance of Advance Planning in Executive Protection

Sun, 12 Oct 2008 16:10:00 +0000

I was delighted to see the Herald Standard quoting an executive/close protection agent regarding the importance of Advance work.

Sy Alli is an E.P./C.P. team leader for "Limited Brands Inc.," and was speaking at the California University of Pennsylvania's 2nd annual conference on Corporate and Homeland Security.

Mr. Alli was describing a previous trip to Indonesia where he was in charge of the advance to make sure everything was in place before the Principal arrived out with the other protective agents. Very accurately, he described the need to cover every minute detail from the routes of travel to the alternative routes and to include such important features as local hospitals should medical treatment be needed.

Another important point highlighted was the need for agents to have access to contacts in different countries who could assist with logistics, general and specialized support on the ground, current political situations, etc.

Far too often I am approached by security persons (and not even all are qualified/trained in executive or close protection)who find out that we may have overseas work and want to be included. On some occassions, those requesting to be included on the detail did not even have a current passport!

If you are serious about making a career out of this line of work, you owe it to yourself to do your homework. Over the years I have developed hundreds of contacts all over the world who will respond immediately and who can be trusted to support us in any number of situations and scenarios.

This took a lot of preparing and involved constant contact. It is not something that you throw together a day before your client is scheduled to arrive in a country. If you have people in different parts of the country, or world if you wish to work globally, who can assist when you are in need, you will be able to facilitate your client in a way that will not only gain his/her admiration, but will undoubtedly cement your position in that client's security detail.

In these unsure times, there is a lot to be said for knowing your job is safe for the foreseeable future.