Universities vulnerable to ID thieves
,----[ Quote ]
| A major database breach at the University of California, Los Angeles that
| went undetected for more than a year and a smaller breach at the University
| of Texas are the latest examples of how vulnerable colleges are to such
| attacks, security experts said.
|
| [...]
|
| University officials say that only a small number of records
| containing Social Security numbers were accessed, probably less
| than 5 percent of the 800,000 total records. The university notified the
| FBI, which has launched a probe into the incident.
|
| Hackers also might have obtained the personal information of 6,000
| people who worked for, applied to or attended the University of Texas
| at Dallas, school officials said last week. The information includes
| names and Social Security numbers, the school said. In some cases,
| addresses, e-mail addresses and telephone numbers also might have
| been obtained.
|
| [...]
|
| Computers used for administrative purposes have even tougher
| security software installed that allows for central monitoring and
| updating of security software.
|
| [...]
|
| This spring, Ohio University announced the first of what would be
| identified as five cases of data theft, affecting thousands ofs
| tudents, alumni and employees -- including the president. About
| 173,000 Social Security numbers may have been stolen since March
| 2005, along with names, birth dates, medical records and home
| addresses.
|
| In 2005, a database at the University of Southern California was
| hacked, exposing the records of 270,000 individuals.
`----
http://news.yahoo.com/s/ap/20061217/ap_on_hi_te/university_data_thefts
...And there are still unpatched critical-rated vulnerabilties that permit
privilege escalation and hijacking. Keep in mind that some companies still
process credit card details on Windows servers. Some banks have Windows
servers and ATM's.
You needn't even go far to find example. Our Exchange server got pwned
earlier this year.
Related:
UT Dallas says more affected by Internet attack
,----[ Quote ]
| The University of Texas at Dallas said Wednesday that further analysis
| of a network breach has revealed that all people employed at the
| university between 1999 and 2005 potentially have had sensitive
| information exposed.
`----
http://phoenix.bizjournals.com/dallas/stories/2006/12/11/daily31.html
UCLA Probes Computer Security Breach
,----[ Quote ]
| The University of California, Los Angeles alerted about 800,000
| current and former students, faculty and staff on Tuesday that
| their names and certain personal information were exposed after
| a hacker broke into a campus computer system.
`----
http://www.washingtonpost.com/wp-dyn/content/article/2006/12/12/AR2006121200173.html
University server in hackers' hands for a year
,----[ Quote ]
| An unprecedented string of electronic intrusions has prompted Ohio
| University to place at least one technician on paid administrative
| leave and begin a sweeping reorganization of the university's
| computer services department.
|
| Bill Sams, Ohio University's chief information officer, said he
| initiated the reorganization on Friday. The Athens, Ohio-based
| university is reacting to recent discoveries that data thieves
| compromised at least three campus computer servers.
|
| In a disclosure that hasn't been widely reported, one of the
| compromised servers, which held Social Security numbers belonging
| to 137,000 people, was penetrated by U.S. and overseas-based hackers
| for at least a year and possibly much longer, Sams said in a phone
| interview Sunday with CNET News.com.
`----
http://news.com.com/2100-7349_3-6074739.html
Study: Billions of dollars spent on security
,----[ Quote ]
| Large U.S. businesses will spend $61 billion on security by the end
| of this year, representing 7.3 percent of total IT budgets in the
| country, according to a new report from Info-Tech Research Group.
`----
http://news.com.com/2110-7350_3-6135989.html?part=rss&tag=2547-1_3-0-20&subj=news
US lost $8 billion to computer crime
,----[ Quote ]
| Consumer reports' latest "State of the Net" survey has revealed that
| US punters lost more than $8 billion over the last two years to
| viruses, spyware and con tricks.
` ^^^^^^^^^^^^^^^^
http://www.theinquirer.net/default.aspx?article=33554
Why not Embedded? ATM's Running XP Professional...
,----[ Quote ]
| This time, I happened to be there when it suddenly BSOD'd and began a
| reboot cycle. Obviously, to BSOD it needs to run Windows, and moments
| later, that was confirmed. But that's not the story here -- believe it or
| not, most ATMs run Windows nowadays, and there's absoloutely nothing
| wrong with that.
|
| [...]
|
| There's a million reasons why an ATM should must be RTOS, be it Linux or
| VxWorks or Windows CE, but even if you don't go with RTOS, Windows XP
| Professional most certainly isn't the answer. Especially if it's not even
| SP2.
`----
http://neosmart.net/blog/archives/287
ATMs hacked using MP3 player
,----[ Quote ]
| A criminal gang in the U.K. was able to steal confidential banking
| data by bugging ATMs with an MP3 player, The Times of London
| reported in its online edition Thursday.
`----
http://news.com.com/2061-10789_3-6135905.html
|
|
