Society has always had its share of bad apples. Even now, in the midst of an unprecedented crisis all some people can see is the opportunity to take advantage of others. There’s been a huge uptick in all kinds of fraud, usually targeting people’s understandable anxieties about the virus or their own financial situation. Here’s what you … Continue reading One man’s crisis is another man’s opportunity.
A number of major breaches have hit the news recently - including the 500-million-data-record Marriott Hotels breach, and the Sotheby's Home Magecart hack. I'll probably go on about over-retention of ID data in another post, but right now I was wondering... Is it attractive for hacked organisations to exaggerate how long a "just-discovered" breach has … Continue reading A quick thought on moral hazard
Just got off the phone from our corporate card provider to reset my card after a fraud block. Their words: “a number of customer card details were copied from where they were used recently and are being used to make fraudulent transactions”. So presumably at least one of the promised Christmas POS malware attacks came … Continue reading Someone’s been breached…but I don’t know whom
You probably won’t win £108 million on the lottery. But you will get hacked… There are times when I find it harder than usual to stay upbeat. As I’ve said before, much of what we do as IT security professionals feels like preaching Armageddon to atheists. They’re convinced it won’t happen, so they don’t really … Continue reading It could be you
Once upon a time, humans lived in small bands, huddled together for warmth and security. We defended ourselves against predators by establishing secure perimeters – the cave-mouth, the palisade of stakes – and keeping close watch on the unfriendly night outside the radius of our firelight. This tendency to defend a perimeter against external threat … Continue reading Pervasive security, or why paranoia can be a good thing