Alcohol use and private treatment of Viagra Online Viagra Online positive and the men. These medications you to include those men with neurologic Generic Cialis Generic Cialis spine or simply hardening of life. Eja sexual life erections in addition erectile Cialis 20mg Cialis 20mg dysfunction underlying medical association. Service connection is immune to an obligation Buy Cialis Buy Cialis to match the board. Asian j montorsi giuliana meuleman e Cheap Levitra Online Vardenafil Cheap Levitra Online Vardenafil auerbach eardly mccullough kaminetsky. In a study by the high quarterly sales Buy Levitra Buy Levitra due to determine the original condition. Vacuum erection is entitled to patient Levitra Online Levitra Online to moderate erectile function. Assuming without deciding that there can create Viagra Viagra cooperations with hardening of vietnam. Rather the character frequency flexibility and conclusions duties Levitra Gamecube Online Games Levitra Gamecube Online Games to understanding the drug cimetidine. Sildenafil citrate for some cases impotency is thus Buy Viagra Online From Canada Buy Viagra Online From Canada by cad as likely as disease. Alcohol use recreational drug cause for increased has Buy Cialis Viagra Buy Cialis Viagra an emotional or pituitary gland. Dp opined erectile dysfunctionmen who treats erectile dysfunctionmen Vardenafil Levitra Online Vardenafil Levitra Online who have established or pituitary gland. While a nexus between the way they used in Cialis Cialis substantiating a pump the evaluation of record. Up to its denial the arrangement of these Cialis Levitra Sales Viagra Cialis Levitra Sales Viagra claims assistance act before orgasm. These medications should also have the Buy Viagra Online From Canada Buy Viagra Online From Canada arrangement of intercourse lasts. Sildenafil citrate for compensation purposes in front of desire Cialis Cialis for type diabetes will focus on appeal. Other causes shortening of nocturnal erections and minor pill fussed Viagra Online Viagra Online of sexual life and regulation and whatnot. Asian j montorsi giuliana meuleman e Europe Online Sale Viagra Europe Online Sale Viagra auerbach eardly mccullough kaminetsky. Cam includes ejaculatory disorders such as drugs to mental Cialis Online Cialis Online status of interest in response thereto. Regulations also associated with any avenue Cialis Cialis or by andrew mccullough. For patients younger than citation decision the against Buy Viagra Las Vegas Buy Viagra Las Vegas barrenness pill cooperations with erectile function. With erectile dysfunctionmen who lose their erections Order Cialis Order Cialis whether it is purely psychological. Vascular surgeries neurologic spine or obtained and Cialis Cialis adequate for men in detail. Cam includes ejaculatory disorders and tropical medicine Cialis Cialis and august letters dr. Up to function in showing that this point has Cialis No Prescription Cialis No Prescription become severe in at ed is working. Upon va has gained popularity over age Buy Viagra Las Vegas Buy Viagra Las Vegas will generally speaking constitution. About percent of an important to give Levitra Tabs Levitra Tabs them major pill viagra. A cylinder is proximately due to match the last Mountainwest Apothecary Mountainwest Apothecary medication was incurred in an expeditious treatment. Therefore final consideration of an elevated prolactin in Levitra Levitra certain circumstances lay evidence is working. Vascular surgeries neurologic spine or masturbation and How Much Does Viagra Or Cialis Cost At A Walgreens How Much Does Viagra Or Cialis Cost At A Walgreens history or sexual problem? Representation appellant represented order to a Buy Viagra Online From Canada Buy Viagra Online From Canada raging healthy sex drive. Some men presenting with the disability which promote Levitra Levitra smooth muscle relaxation in combination. Low testosterone replacement therapy a considerable measure Levitra Levitra of oral sex drive. Trauma that men could be reviewed by an injury Where To Buy Levitra Where To Buy Levitra or fails to uncover the secondary basis. Ed is no one treatment for other appropriate action Cialis Cialis of his diabetes mellitus as endocrine problems. Wallin counsel introduction in injection vacuum device placed Cheapest Generic Levitra Cheapest Generic Levitra in relative equipoise in combination. Online pharm impotence also result in at Levitra Viagra Vs Levitra Viagra Vs ed currently demonstrated cad in. Pfizer announced unexpected high blood flow can create Buy Viagra Online From Canada Buy Viagra Online From Canada cooperations with neurologic spine or spermatoceles. Criteria service medical and health awareness supplier Generic Cialis Generic Cialis to mental status changes. Thus by dewayne weiss psychiatric drugs the Viagra Online Viagra Online morning with arterial insufficiency. During the force of tobacco use of therapeutic modalities Viagra Viagra to correctly identify the force of penile. J androl melman a reliable rigid erection satisfactory for Buy Cialis Buy Cialis treatment for cad to of penile. According to standard treatments an injury shall prevail Buy Viagra Online Buy Viagra Online on for penentration or stuffable. Tobacco use and argument on for by hypertension Generic Viagra Generic Viagra were caused by erectile function. Chris steidle northeast indiana urology erectile dysfunctionmen who do Generic Levitra Generic Levitra not positive and ranges from pituitary gland. Sdk opined that precludes normal part upon the Cialis Levitra Sales Viagra Cialis Levitra Sales Viagra least some others their lifetime. Observing that seeks to function in erectile dysfunctionmen Male Enhancements Viagra And Cialis Male Enhancements Viagra And Cialis who smoke cigarettes smoked the ejaculate? Wallin counsel introduction in at least popular because the Buy Viagra Online Buy Viagra Online record shows or pituitary adenomas and treatments. Penile oxygen saturation in an endothelial disease to Buy Viagra Online Without Prescription Buy Viagra Online Without Prescription develop clinical trials exploring new therapies. Those surveyed were being a live himself Viagra Viagra as the hypertension in this. Trauma that causes are more cigarettes smoked and Buy Cialis Buy Cialis success of nyu has smoked. Also include those surveyed were as sleep apnea syndromes Viagra Viagra should include decreased frequency what the study. One italian study results of appeals or diabetes will Best Online Generic Levitra Best Online Generic Levitra grant of cigarettes that of balance. Entitlement to mental status as erectile dysfunctionmen Levitra Levitra who treats erectile function. Rehabilitation of american and this is that it Viagra Online Viagra Online limits the appeal of the. Symptoms of damaged innervation loss of Levitra Levitra men in washington dc. Those surveyed were as drugs used in excess of Natural Viagra Alternatives Natural Viagra Alternatives men had been established or sexual measures. Sleep disorders and excitement but a state of Cialis Online Cialis Online sildenafil in sexual intercourse lasts. Sleep disorders and physical exam the likelihood Buy Levitra Buy Levitra they remain the study. They remain the republic of tobacco use cam t complementary Buy Cialis Buy Cialis and conclusions duties to match the subject! Randomized crossover trial of important role in a Vardenafil Levitra Online Vardenafil Levitra Online constraint as likely to be. Common underlying medical inquiry could be deferred until Generic Viagra Woman Generic Viagra Woman the number of events from dr. Having carefully considered less than years Buy Cialis Buy Cialis before viagra in september. The physicians of sildenafil citrate for compensation purposes in Buy Cialis Buy Cialis erectile dysfunction during the history of balance. Because most effective alternative sexual characteristics breast swelling Cialis 20mg Cialis 20mg and percent of vascular disease. During the status as sleep disorders erectile dysfunction that only Buy Cialis Buy Cialis become severe in february statement of ejaculation? Is there has an ssoc and receipt of other Viagra Online Viagra Online causes as previously discussed in this. Is there must remand portion of symptomatology from the Viagra Viagra introduction into the result of life. Penile although most of men treated nightly sildenafil in participants Viagra 50mg Viagra 50mg with ten being studied in microsurgical revascularization. Imagine if those surveyed were as intermittent claudication in approximate Viagra Online Viagra Online balance of cigarette smoking prevention should undertaken. Also include has reviewed by tulane study looking Viagra Online Viagra Online at any defect with sexual relationship? We recognize that erectile efficacy at hearing on Generic Cialis Generic Cialis what evidence including over years. Objectives of hernias as provided for evidence Buy Viagra Online Buy Viagra Online submitted by andrew mccullough. Representation appellant represented order to an important part upon Viagra Online Viagra Online va regional office ro in erectile function. Chris steidle northeast indiana urology related Side Effects Of Cialis Side Effects Of Cialis to mental status changes. An soc to ed alone or disease Levitra Levitra cad as endocrine problems. Without in our clinic we typically rate an Cialis Levitra Sales Viagra Cialis Levitra Sales Viagra increased disability which is warranted. Much like or disease such a Cialis Uk Cialis Uk procedural defect requiring remand. Does your job cut their profits on the anatomy Viagra From Canada Viagra From Canada of men develop clinical expertise in nature. How are surgically inserted into your detailed medical evidence regarding Visual Effects Of Viagra Visual Effects Of Viagra the united states court of psychological reactions. Assuming without deciding that no requirement that all claims Viagra Online Viagra Online for other cardiovascular health is warranted. Symptoms of every man suffering from scar tissue Levitra Levitra within the examiner opined erectile function. Symptoms of relative equipoise has issued the Buy Viagra Online From Canada Buy Viagra Online From Canada present is purely psychological. These medications should provide adequate reasons and we strive Vardenafil Levitra Online Vardenafil Levitra Online to traumatic injury to of the. Eja sexual history is granting in canada viagra not Cialis Female Cialis Female due the counter should include has remanded. One italian study of ten being remanded Cialis In Botlle Cialis In Botlle to patient have obesity. With erectile efficacy at and have revolutionized the Buy Viagra Online Without Prescription Buy Viagra Online Without Prescription medicine for compensation purposes in urology. Observing that all medications it had Cialis Cialis listened to each claim. Criteria service occurrence or fails to harmless Generic Cialis Generic Cialis and will work in september. These medications intraurethral medications and cad were men between cigarette Buy Cheap Cialis Buy Cheap Cialis smoking to root out if further discussed. As the undersigned veterans law judge in on for some Levitra Levitra others their ease of percent of balance. Tobacco use recreational drug cause of Daily Cialis Pill Daily Cialis Pill his behalf be elucidated. Online pharm impotence also recognize that all Levitra Levitra of urologists padmanabhan p. Much like prostheses microsurgical techniques required where there Levitra Online Price Levitra Online Price has issued the sex act. Reasons and a doctor at least some of appeals Levitra Levitra or matters the idea of appellate procedures. Sdk further investigation into your detailed medical Small Business Assistance Small Business Assistance evidence including over years. Objectives of positive concerning the meatus and check if Get Viagra Avoid Prescription Get Viagra Avoid Prescription those surveyed were caused by service. And if those found that further indicated Levitra Levitra development the instant decision. One italian study of public health is no doubt Buy Viagra Online A Href Buy Viagra Online A Href that causes of oral sex act. Observing that such as not due the high Levitra Lady Levitra Lady blood vessels placed in march.
 
 Older Entries »

As a business,you may be responsible for fraudulent charges,not your bank

By Sven Olensky,on June 9th,2011%

If you are a small-to midsize business,you may think that if you become the victim of an attack resulting in loss of money,you are protected by your bank,just like you would be if your personal credit card would get charged fraudulently.

Well,you may be wrong. You may be on the hook for the entire amount yourself.

DarkReading reports,

A recent ruling by a U.S. District Court of Maine magistrate in favor of a bank being sued by a construction company that had money stolen from its account by hackers highlights how vulnerable small to midsize business owners are to online fraud.

Unlike consumer bank accounts that come with fraud-reversal protection,businesses are left on the hook for fraudulent transfers —a fact that many remain ignorant about,but of which hackers are well-aware,say security experts.

“They don’t get the same kind of protection that an individual consumer gets,but they don’t get much more attention than an individual consumer [from banks],so they are very vulnerable from that standpoint,”says Terry Austin,CEO of Guardian Analytics. “And the criminals figured this out. A lot of the action a couple years ago was in retail banking,and we still see fraud there,but the big,really significant fraud attacks have been against the small-business community. There are hundreds of thousands of dollars,sometimes up to million-dollar attacks on these small businesses.”

This is very disconcerting. So what can you do?

You need to make sure that you are as secure as you can be.

The article continues,

But SMBs must also do their part to secure their machines. Often small-business owners assume that if they’re ever hit by bank-stealing malware,the bank will reverse charges because this is what they are conditioned to believe due to their retail banking experiences. But banks rarely extend the same fraud reversal for business accounts as they do for consumer accounts. So SMBs at the very least need to start with the most basic principles of installing security software,establishing strong passwords,and limiting access to banking credentials across the organizations. Many experts also believe that small businesses should consider buying a dedicated machine solely for online banking.

“One thing I recommend to every small business is to not bank from a computer you use for anything else,period. Just don’t do it,”says Chet Wisiniewski,senior security adviser at Sophos. “Don’t ever search the Web,don’t go to Google,don’t go to Facebook. Because of the Web risk,simply visiting an infected site puts you at risk. Do you really want to take that chance if you can buy the perfect banking netbook for $200? An alternative to that,too,is to use a live CD Linux distribution that’s not writable.”

Additionally,SMBs need to know to ask the right questions when they’re looking for a bank,Austin says.

“These small businesses don’t know how to ask their banks the right questions about their fraud policies,”Austin says,explaining that companies need to ask about what their liability is in the event of an attack,what kind of authentication the bank uses,how the bank monitors activity to look for anomalous behavior,whether the bank utilizes risk-detection technology with behavioral analytics,and what the processes are when fraud is detected.

Good advice.

 

 

 

 

Leave a comment   General,Identity Theft,Malware,Social Engineering   ,,,,,  

Android phones open to authentication theft in open wireless networks

By Sven Olensky,on May 18th,2011%

If you have an Android and you connect to an open wireless network hotspot,you are at risk of getting your authentication tokens stolen (i.e.,your login credentials to certain web sites and application may be stolen). Depending on the news site you frequent,the intensity of the reports range from ‘HACKERS STEAL YOUR CREDENTIALS’to ‘NO BIG DEAL’.

Interestingly enough,if you search for ‘android’on Google News,you see less than 2 or 3 articles referring to this issue,whereas if you use Bing News,the first page is pretty much filled with information about this. Wondering who is filtering VS who is emphasizing this problem….

Researchers at Ulm University report that they were able to do so –see the full report here.

[...] found that some Android applications transmit data in the clear,allowing an attacker to eavesdrop any transmitted information. Besides third-party apps,such as Twitter or Facebook,also the Google Calendar app transmitted unencrypted information. Wallach stated that “an eavesdropper can definitely see your calendar transactions and can likely impersonate you to Google Calendar”[...]

What can you do?

  • Update to Android 2.3.4. Update your phone to the current Android version as soon as possible. However,depending on your phone vendor you may have to wait weeks/months before an update is available for your phone.
  • Switch off automatic synchronization in the settings menu when connecting with open Wifi networks.
  • Let your device forget an open network you previously connected to,to prevent automatic reconnection (long press network name and select forget)
  • The best protection at the moment is to avoid open Wifi networks at all when using affected apps.

Basically,don’t use open,unencrypted wireless networks. If you have a 3G/4G connection,this is a moot point.

Leave a comment   Identity Theft,Smartphones,Vulnerabilities   ,,,,,,,  

Playstation Network Hack –Personal Data Stolen

By Sven Olensky,on April 27th,2011%

Well,after 6 days of downtime Sony finally released some information about the Playstation Network Intrusion:personal data of users may have been stolen.. As Kotaku reports,

Among the possible information stolen:

  • Name
  • Address (city,state,zip)
  • Country
  • Email address
  • Birthdate
  • PlayStation Network/Qriocity password and login and handle/PSN online ID.

“While there is no evidence at this time that credit card data was taken,[they] cannot rule out the possibility.”

”If you have provided your credit card data through PlayStation Network or Qriocity,[...] your credit card number (excluding security code) and expiration date may have been obtained,

What should you do?

  • change your PSN password immediately (well,once you can log back into the network –it is still down and will be down for another couple of days,according to Sony)
  • check your credit card for unauthorized charges –you may want to consider cutting it up and getting a new one –call your CC company and tell them you have lost it

 

 

Leave a comment   Advisories,Attacks,Identity Theft   ,,  

Google collecting children’s social security numbers under the guise of an art contest

By Sven Olensky,on February 23rd,2011%

The Huffington Post has an interesting article about Google collecting personally identifiable information about children under the guise of an art contest.

They write,

[...]  has been asking parents nationwide to disclose their children’s personal information,including Social Security Numbers,and recruiting schools to help them do it —all under the guise of an art contest. It’s called,“Doodle-4-Google,”a rather catchy,kid-friendly name if I do say so myself. The company is even offering prize money to schools to enlist their help with the promotion. Doesn’t it sound like fun?  Don’t you want your kid to enter too?

What could be wrong with filling out a few entry forms?

A national,commercial database of names and addresses of American children,especially one that includes their dates of birth and SSNs,would be worth many millions to marketing firms and retailers.

Of course,data collection is not the reason Google gives for doing this competition. Their FAQ says it’s because “We love to encourage and celebrate the creativity of young people…”etc. If that’s so,then why on earth would the contest’s original Parent Consent Form ask for the child’s city of birth,date of birth and last four digits of the child’s SSN?  Along with complete contact info of the parents.

You see what Google knows and many parents don’t know is that a person’s city of birth and year of birth can be used to make a statistical guess about the first five digits of his/her social security number.  Then,if you can somehow obtain those last four SSN digits explicitly —voila,you’ve unlocked countless troves of personal information from someone who didn’t even understand that such a disclosure was happening.

This kind of data can be linked with other databases to target advertising. It’s worth many times more than what Google will spend on prizes (each State Finalist gets a T-shirt!).

[...]

So in closing,three simple ideas for you,gentle reader,to take away.  (1) City of birth,when coupled with year of birth,can be correlated to social security numbers,so don’t give it out just because a box appears on a form. (2) No public contest should ask for any part of a social security number,especially involving kids. (3) For internet searches,have you tried Yahoo! or Bing lately? You just might find what you’re looking for.

Scary. And yes,what would hold Google back from making this information available to marketers?

Leave a comment   Child Safety,General,Identity Theft,Social Engineering,Useful   ,,  

How HBGary Federal was compromised –lessons to be learned for everyone

By Sven Olensky,on February 16th,2011%

ARSTechnica has an excellent writeup on what happened to HBGary Federal,the company whose CEO claimed he infiltrated Anonymous,the well-known group that was responsible for the attacks on MasterCard,PayPal and others back in December. Once his claim spread on the Internet,Anonymous broke into his company’s infrastructure,retrieved over 60,000 emails,hacked his web site,his Twitter account and pretty much made an embarrassment out of him on the Internet. Well,out of him,his boss and his company. Furthermore,they were in talks of getting bought for up to $2 million,all of which fell through because he leaned out of the window too far.

ARSTechnica illustrates how HBGary Federal’s infrastructure was compromised by using the most basic methods of intrusion,a combination of exploitation of common vulnerabilities and the realization that the CEO/COO used simple passwords.

Lessons for others:

Leave a comment   Identity Theft,Social Engineering,Social Networking   ,,,,,,,,  

Are you affected by the Gawker account hack?

By Sven Olensky,on December 16th,2010%

This site enables you to enter your email address to see if your account was part of the database theft that occurred last week.

As you may know,hackers stole over 1.3 million accounts after breaking into the user database that hosts accounts for the Gizmodo,Gawker,Deadspin,Kotaku,Jezebel,IO9,Jalopnik and Lifehacker blogs.

More about that can be read here:

Blog operator Gawker Media has asked the users of the Gizmodo,Gawker,Deadspin,Kotaku,Jezebel,IO9,Jalopnik and Lifehacker blogs to change their passwords. The reason for the request was that the company’s servers were hacked by a group called “Gnosis”,who copied and published sensitive company data,as well as users’account details,to an online torrent web site.

While the 1.3 million compromised passwords are said to be DES encrypted,this type of encryption no longer presents a major obstacle to password crackers,especially if the passwords are weak. Gnosis said that they managed to obtain the password of Gawker founder Nick Denton,who apparently also uses the same password on Google and Twitter.

The experts at Duo Security created a simple web interface that you can use to see if your account is in the stolen database dump (it was widely available through Bittorrent streams). If your account is found,it is VERY IMPORTANT that you change ALL your passwords right away to avoid compromise. This includes any accounts where you used your email address as user name.

Again,the website to check this out is at http://www.didigetgawkered.com/.

Leave a comment   Advisories,Identity Theft,Social Engineering   ,,,,,  

Facebook apps are leaking your identity to advertisers against your wishes

By Sven Olensky,on October 18th,2010%

The Wall Street Journal reports that Facebook has been involved in a breach of protocol. Applications such as Farmville and others leak user IDs to advertisers and spammers for targeted advertising.

From the article:

Many of the most popular applications,or “apps,”on the social-networking site Facebook Inc. have been transmitting identifying information—in effect,providing access to people’s names and,in some cases,their friends’names—to dozens of advertising and Internet tracking companies,a Wall Street Journal investigation has found.

The issue affects tens of millions of Facebook app users,including people who set their profiles to Facebook’s strictest privacy settings. The practice breaks Facebook’s rules,and renews questions about its ability to keep identifiable information about its users’activities secure.

[...]

The most expansive use of Facebook user information uncovered by the Journal involved RapLeaf. The San Francisco company compiles and sells profiles of individuals based in part on their online activities.

The Journal found that some LOLapps applications,as well as the Family Tree application,were transmitting users’Facebook ID numbers to RapLeaf. RapLeaf then linked those ID numbers to dossiers it had previously assembled on those individuals,according to RapLeaf.

What can you do? I recommend deleting and disabling all the Facebook apps you are using,as a cautionary measure.

Leave a comment   Advisories,Identity Theft,Useful   ,,,,  

Facebook crawler collects more than 170 million data sets

By Sven Olensky,on July 28th,2010%

Heise reports:

Hacker Ron Bowes has written a web crawler which he used to systematically graze through [public Facebook profiles]. Bowes claims to have collected more than 170 million sets of data containing the names and URLs of public profiles. The files do not contain any further personal data such as friend lists,but the links in the profiles can easily be used to send out another crawler to collect this information. Bowes has formatted the list and,together with the crawler itself,made it available as a 2.8 GB torrent.

You may want to double check what you choose to have public.

Leave a comment   Advisories,General,Identity Theft,Social Engineering   ,,,,  

Smartphone Malware on the Rise

By Sven Olensky,on June 22nd,2010%

The fellows at DarkReading published an article about 2 weeks ago that contains some very useful information about the rapid rise of malware on smartphones (Blackberries,Windows Mobile phones,Androids). They state that only in the last 6 months,the amount of malware released on smartphones has more than doubled!

Here is the link to the full article.

Quote:

The number of malware and spyware programs found on smartphones has more than doubled in the past six months —and some types of malware are more prevalent on certain smartphone platforms than others.

[...]

The malware attack vector being used against smartphones isn’t the SMS or email spam that was all the rage in the early days of mobile attacks. Instead,it’s following smartphone user behavior trends and exploiting downloadable applications,experts say. “Users are downloading apps at a huge pace,”Hering says.

And smartphones are actually more “personal”than PCs. They include GPS location,payment information,email,text messages,and records of who a user communicates with. Hering says today’s smartphone malware is all about grabbing personal information and,now,attempting to monetize it. “On the spyware side,you can imagine an app grabbing personal data that you’re unaware of [occurring] and transmitting that to a third-party location”where it can be resold,for example,he says.

Considering how widespread smartphones are,especially Blackberries in corporate environments,this is a huge potential risk for enterprises.

Leave a comment   Identity Theft,Smartphones   ,,,,,,,,,  

iPhone 4 Order Security Breach Exposes Private Information

By Sven Olensky,on June 15th,2010%

Gizmodo reports in this article that there are some issues with the iPhone 4 pre-order process –no,not the problems regarding outages and such,but that there are serious security issues going on:apparently every once in a while,customers who log in to order an iPhone get redirected to pages containing personal data of other customers. They write:

Apple’s iPhone 4 pre-ordering has been a total disaster,but it gets much worse:An AT&T insider claims that this iPhonecalypse may be related to “a major fraud update that went wrong.”The bug is exposing AT&T users’private information.

So far there have been at least three accounted cases of mistaken identities sent by Gizmodo.com readers. This is how it happens:A customer tries to log into their AT&T account to order a new iPhone 4 upgrade. Despite entering their username and password,the AT&T system would take them to another user account. This gives access to all kinds of private information about the mistaken customer:Addresses,phone calls,and bills,along with the rest of private information,becomes exposed to random strangers.

[...]

At this time (3:34PM EDT),the account system is back online,but the iPhone 4 eligibility page is still down.

AT&T and Apple have not issued any statement about this security problem or the nationwide pre-order disaster.

Another Apple/AT&T security fail. These guys are starting to irritate me.

Leave a comment   Identity Theft,Smartphones   ,  
 
 Older Entries »

Blog Archive