View From The Bunker
A blog about security and availability by Guy Bunker at Symantec

• Home
• About
• RSS

• Recent Posts

  • Me, Me, Pick Me…
  • Halt. Who Goes There?
  • Transformational Government 2008
  • Tape Glorious Tape, There’s Nothing Quite Like It
  • Not Waving But Drowning

• Categories

  • announcements
  • Application
  • Availability
  • Complexity
  • Compliance
  • Consumerization
  • data-loss
  • Education
  • Information Policy
  • Insider
  • IT equipment
  • Miscellaneous
  • Regulation
  • Reputation
  • SaaS
  • security
  • Spam
  • Speaking
  • Uncategorized

• Tags

  Bank & Finans BERR CEO CNI Compliance data-gain data-loss data destruction Education email encryption financial loss fix fraud Identity theft information cost InfoSec ISTR IT department Las Vegas new process no data-loss PCI DSS People Phishing pictures policy PricewaterhouseCoopers Regulation Reputation RUSI SaaS SLA security security breaches sensitive information social networking Software as a Service Spam Speaking strangers usability USB virtual machine Vision Work practice

• Blogroll

  • Bruce Schneier’s Blog
  • Get Safe Online (The Blog)
  • Gizmodo Gadget Blog
  • Jonathan Schwartz’s Blog
  • Phil Windley’s Technometria
  • Toby Stevens’ Data Trust Blog

Vote for me in
IT Security Blogs

1Server, 3 Weeks, 1.4GB Personal Information

A server was found this week chock full of personal information - 1.4GB of personal information. The information had been stolen from around the world and included health records and email - and within the email there was even more information relating to contacts, account details, pension savings plans (401k) and so on… 1.4GB can house a lot of useful information.

This server was quite a find… but it is not alone, we see compromised servers which receive stolen information everyday and there are a lot of them. OK, so most don’t have 1.4GB but they do contain tens of thousands of pieces of information. The latest Internet Security Threat Report (ISTR Vol. XIII, April 2008) reported more than 60,000 bot infected computers per day (a 17% increase over the previous 6 months). These aren’t all collecting information - most are sending it out (spam, phishing, DoS, …) however some of them are. It also highlighted that of the 54,609 applications installed, 65% were malicious.

So (and I’m starting to sound like a broken record)… if you value your information and something asks to install itself, especially if you are in a web browser (also known as a plug-in), be very sure that the source of the request is valid - if not, then just click away. 

comments

• Subscribe

  

  Enter your email address:

  Delivered by FeedBurner

• Podcasts

  
  Detach Player
  

   

• Symantec Security Response Weblog

• Links, downloads and other resources

  Symantec UK
  Symantec Podcast Directory
  Symantec Security Response