From jericho at attrition.org Mon Oct 11 17:42:13 2010 From: jericho at attrition.org (security curmudgeon) Date: Mon, 11 Oct 2010 17:42:13 -0500 (CDT) Subject: [attrition] Outgunned: How Security Tech Is Failing Us Message-ID: http://www.informationweek.com/news/security/antivirus/showArticle.jhtml?articleID=227700360 Outgunned: How Security Tech Is Failing Us Our testing shows we're spending billions on defenses that are no match for the stealthy attacks being thrown at us today. What can be done? By Greg Shipley InformationWeek October 9, 2010 12:00 AM (From the October 11, 2010 issue) Information security professionals face mounting threats, hoping some mix of technology, education, and hard work will keep their companies and organizations safe. But lately, the specter of failure is looming larger. "Pay no attention to the exploit behind the curtain" is the message from product vendors as they roll out the next iteration of their all-powerful, dynamically updating, self-defending, threat-intelligent, risk-mitigating, compliance-ensuring, nth-generation security technologies. Just pony up the money and the manpower and you'll be safe from what goes bump in the night. Thing is, the pitch is less believable these days, and the atmosphere is becoming downright hostile. We face more and larger breaches, increased costs, more advanced adversaries, and a growing number of public control failures. Regulation and litigation have both increased. We're still struggling with the expensive PCI initiative, an effort as controversial as its efficacy is questionable--U.S. businesses continue to hemorrhage credit card numbers and personally identifiable information. The tab for the Heartland Payment Systems breach, which compromised 130 million card numbers, is reportedly at $144 million and counting. The Stuxnet worm, a cunning and highly targeted piece of cyberweaponry, just left a trail of tens of thousands of infected PCs. Earlier this month, the FBI announced the arrest of individuals who used the Zeus Trojan to pilfer $70 million from U.S. banks. Zeus is in year three of its reign of terror, impervious to law enforcement, government agencies, and the sophisticated information security teams of the largest financial services firms on the planet. [..] From lyger at attrition.org Sat Oct 30 15:02:15 2010 From: lyger at attrition.org (lyger) Date: Sat, 30 Oct 2010 15:02:15 -0500 (CDT) Subject: [attrition] postal: make awkward sexual advances, not war Message-ID: http://attrition.org/postal/p0021.html it's all about the ear wax request denied investment advice because he knows and you are... ? old farts yogas and tapas the "e" key was broken they still don't get it the subject says it all [...]