Skip to main content

Got Identities?

Brian Krebs has written a few articles recently focusing on how bad identitiy theft and credit card fraud really is. There are 2 facts that I find really hard to ignore, which are also really infuriating. The first is that according to Symantec, the majority of the Credit Card trafficking is being done on servers located inside the USA. So what happened to that Patriot act? Why are these criminals allowed to continue doing this, when clearly the FBI has the power to stop it. I know the logic they are using is that they are going after the kingpins and not the small fish, which makes sense. Except that tens of thousands of US citizens are getting thier lives destroyed in the process. And even though they may take down a kingpin one day, another one pops up the next. So eitherway, US citizens are getting screwed. The second problem I have is that we are infact subsidizing our own credit cards getting stolen. The Credit Card industry on a whole acknowledges fraud as an acceptable loss and simple passes on the costs to the customer. They even go so far as to sell us identity theft protection. That is completely ridiculous. Here's a novel idea, how about you make your product secure before selling it to the American public.

Read the Story HERE
Labels:

Comments

Post a Comment

Popular posts from this blog

2020 SANS CTI Summit Notes

Unfortunately due to some back surgery I was not able to attend the SANS CTI summit this year, however I always try to take advantage of the great content SANS makes available. To help me out in synthesizing the information, I combined the context provided by those that were live tweeting which is useful when reviewing the slide decks. Hope you find this useful and well done @rickholland , @PDXbek , and @likethecoins , another great year of great content! Day 1 Secret Squirrels and Flashlights: Legal Risks and Threat Intelligence https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1579535253.pdf @CristinGoodwin Assistant General Counsel for Customer Security and Trust, Microsoft Boundaries and strategies to help analysts identify and manage legal risks while hunting, investigating, and responding "Have a principled approach to sharing, so when the crisis comes you don’t have to panic.” "What we call common in #threatinel sharing is what a l
Post a Comment
Read more

FIRST Conference 2018 - Review (Kuala Lumpur Edition)

As apart of my new job, my employer is seeking to gain FIRST membership later this year. To support that goal, I was asked to attend the 30th FIRST Conference in Kuala Lumpur. For the travel weary, this is not a trip to take lightly. For me it was 3 flights and 28 hours total of travel just to arrive. I do have to say, the conference venue, the Shangri-La hotel is absolutely fabulous. Very nice, clean, and ultra courteous staff. The swag bag I was given at registration was also very nice, including 3 shirts, challenge coin, notebook, mini first aid kit, and a pretty decent backpack. I also have to say the lunch options for the conference are vastly superior to anything I have ever experienced. SANS and Blackhat could learn a few things. For a 5 day conference, you get a much greater value here. If you are interested in jumping straight the slides you can visit here . Opening The conference was kicked off on Day 1 by Thomas Schreck (@shrekts) who gave out some
Post a Comment
Read more

SANS Cyber Threat Intelligence Summit 2013

     I recently attended the first SANS CTI Summit in Washington DC. While there was plenty of brain power in the room, and good discussions were to be had, overall it was just ok. There was a big focus on what CTI is and why you should be doing it, or at least consuming it. There wasn't enough discussion, aside from one talk, on how you should be doing it. It basically reinforced my beliefs that this is still very much a small, closed off club of insiders, where nobody is sharing tradecraft. I love that SANS is getting involved in this space though, and it sounds like Mike Cloppert will be writing a SANS course on Threat Intelligence in the future. I would very much be interested in that and I expect it would sell out quickly.      Mike Cloppert opened the day by discussing the old vulnerability centric approach focused on reducing attack surface as opposed to the new threat centric model focused on reducing the risk of the actual threats affecting your company. The key focus of
2 comments
Read more