RoboCop on RoboCallers? October 22, 2012
Posted by Heather Mark in News.add a comment
RoboCop (c) 1987 Orion Pictures Corporation
Taking a page from web and application companies, the Federal Trade Commission is offering a bounty on Robocallers. Well, not exactly a bounty, but the FTC is offering a reward for the enterprising soul, or souls, that can figure out a way to combat the infamous robocaller.
The Federal Trade Commission banned automated commercial telemarketing calls in 2009. However, as most of us can attest, this has not stopped the annoying calls. To combat this, the FTC is offer a grand prize of $50,000 for a solution that can successfully block the calls. The contest opens on October 25, 2012 and has three primary criteria for a winning solution:
1) Does it work?
2) Is it easy to use
3) Can it be rolled out?
Seems fairly straightforward. The FTC will begin accepting submissions this week, with judging to begin January 17, 2013. For more information about the contest, visit the FTC’s challenge website.
2012 European Central Bank Report on Card Fraud August 6, 2012
Posted by Chris Mark in News.Tags: Chip and Pin, debit, ECB, EMV, european central bank, fraud, maestro, mark consulting group, mastercard, PCI DSS, SEPA, visa
add a comment
In July 2012 the European Central Bank released a report on bank card (debit, credit, etc.) fraud in the Single Euro Payment Area (SEPA). According to the report, the total fraud equaled €1.26 billion in 2010. For those in the payments industry, this report is an interesting look at the fraud patterns related to card usage. You can download the report here.
“SDVOSB” – Mark Consulting Group Registers as Service Disabled Veteran Owned Small Busines August 3, 2012
Posted by Chris Mark in News.Tags: CCR, cybersecurity, disabled veteran, mark consulting group, PCI DSS, risk management, SAM, SDVOSB, VA
add a comment
I have finally completed the Department of Veterans Affairs and the SAM (formerly CCR etc.) registration process to have Mark Consulting Group certified as a Service Disabled Veteran Owned Small Business (SDVOSB). Hopefully, the VA will complete verification within a few days. If you are in need of information services please consider The Mark Consulting Group.
According to the United States Code of Federal Regulations, a Service Disabled Veteran Owned Small Business (SDVOSB) is formally defined thus:“A service-disabled veteran-owned small business concern is a business not less than 51 percent of which is owned by one or more service-disabled veterans, or in the case of any publicly owned business, not less than 51 percent of the stock of which is owned by one or more service-disabled veterans; the management and daily business operations of which are controlled by one or more service-disabled veterans, or in the case of a veteran with a permanent and severe disability, a spouse or permanent caregiver of such veteran. In addition, some businesses may be owned and operated by an eligible surviving spouse. Reservists or members of the National Guard disabled from a disease or injury incurred or aggravated in line of duty or while in training status also qualify.”
“40 Years Later”; Remembering the Munich Olympics Massacre July 25, 2012
Posted by Chris Mark in News.Tags: Black September, Germany, Mossad, munich massacre, Olympics, terrorism, XX Olympics, XXX Olympics
add a comment
I apologize for not posting. I have been in Moab with my family hiking and driving RZRs around. With the start of the start of the XXX Olympic Games this week, I would like to take a moment to reflect on the 1972 Games of the XX Olympiad in Munich. For those who don’t remember (or who have not seen the movie), in 1972 the second Olympics since the 1936 games were held in Germany. 11 Isreali athletes, as well as a German police officer and 5 terrorists were killed in what has become known as the Munich Massacre. According to Wikipedia: “the Munich massacre is an informal name for an attack that occurred during the 1972 Summer Olympics in Munich, Bavaria in southern West Germany, when members of the Israeli Olympic team were taken hostage and eventually killed by the Palestinian group Black September.[3][4][5][6][7] (more…)
“123456, password, welcome” – Yahoo Password Posted Online July 12, 2012
Posted by Chris Mark in News, PCI DSS, Risk & Risk Management.Tags: data breach, encryption, hash, InfoSec, markconsultinggroup.com, password, risk, security, yahoo
add a comment
A story today on MSNBC says that Yahoo Voices was compromised and 450,000 usernames/password posted online. Not surprisingly, the passwords were not hashed or otherwise protected using encryption. While the posting of passwords is nothing new what is interesting is what the researchers found when looking at user generated passwords. The most common passwords were ‘123456’ followed by ‘password’ and ‘welcome’. Fully 1/3 of the passwords used lower case letters only. Here is where I get on my soapbox. According to the story:
“Yahoo! Voices’ administrators made a big mistake storing the passwords in plaintext, but all users need to bolster their own security as well. Make passwords harder to guess by making them more than eight characters long, and pepper them with upper-case letters, numbers and punctuation marks.”
First, strong passwords would not have helped because YAHOO WAS STORING THEM IN CLEARTEXT!..and they were stolen! Second, the company should enforce strong passwords. While all users should use strong passwords, when dealing with 450K users it is prudent to understand that either some users aht a will not understand what a strong password is or will simply ignore the directions. Yahoo should have forced strong passwords…
Global Security, Privacy, & Risk Management 