Posts Tagged ‘Security’

Preserve Windows Update files

May 27, 2012

Lately  I had to bring back to life an old Windows XP vm, and … tadaaa … tons of downloads from Windows Update. 🙂
Well, lots of files to be saved for next sleeping WinXP vm to restore.

This is directory where Windows stores Windows Update file:  %WINDIR%\SoftwareDistribution\Download\

source Windows XP: Save Downloaded Windows Update Files For Re-Use

Windows 7 (ATTENTION: not verified!): Update Windows 7 PC Offline By Downloading Windows Updates To Another Computer

This wasy you save bandwidth and, most important, time 😉

10 € = the price of our private data

December 23, 2011

Lately, a mobile operator had a new offer, made this way:
-refuel your mobile account, twice, each one 10€ minimun,
and you give 10€ more

-within some weeks
-use a well know payment operator

further condition required: a payment operator valid subscription of course

the payment operator needs name,surmane,email,credit card … at least

so, these data mean 10€! :O

Pirates in AVAST ?!?! :O

September 17, 2010


more info here

GPS security

March 7, 2010

Technology that depends on satellite-navigation signals is increasingly threatened by attack from widely available equipment, experts say.

While “jamming” sat-nav equipment with noise signals is on the rise, more sophisticated methods allow hackers even to program what receivers display.

At risk are not only sat-nav users, but also critical national infrastructure.

read full article here: Sat-nav systems under growing threat from ‘jammers’

Security, two-factor authentication, man-in-the-browser attacks, etc

February 19, 2010

Home banking, webmail via https, e-commerce website … and so on!
Authentication is really important, and your browser tells you when you’re surfing over a secure connecti0n and when not.

Fraudsters are beating strong two-factor authentication and are proving that any authentication method that relies on browser communications can be defeated. A layered fraud prevention approach can thwart these attacks.
Criminals are successfully launching man-in-the-browser attacks that circumvent strong two-factor and other authentication that communicate through the user’s browser. The fraudsters are also successfully having telecommunication carriers forward phone calls used to authenticate users and/or transactions to the fraudster’s phone instead of the legitimate user’s phone. These attacks were successfully and repeatedly executed against many banks and their customers across the globe in 2009. While bank accounts are the main immediate targets, these attack methods will migrate to other sectors and applications that contain sensitive valuable information and data within the next three years.
A layered fraud prevention approach that includes server-based fraud detection and out-of-band transaction verification that precludes call forwarding to illegitimate user phone numbers can and has mitigated these threats.

read full article here: Where Strong Authentication Fails and What You Can Do About It

source: Attenzione con l’Internet Banking