It seems the FCC can now tap your broadband connection. Last Friday the FCC released it's CALEA First Report and Order, which allowed law enforcement to wiretap VoIP service. The original CALEA omitted broadband “information services” from such wiretaps, but now the FCC somehow was able to sneak this in.
A spokesperson for the software giant acknowledged the MSRC (Microsoft Security Response Center) is investigating public reports of the flaw, which has been rated “moderately critical” by Secunia Inc.
XmlHttpRequest object flaw.
he American Civil Liberties Union of Georgia today filed a federal lawsuit on behalf of two vegan protesters who were subjected to false imprisonment, false arrest and harassment by officials of the Homeland Security Division of DeKalb County and the DeKalb County Police Department.
Microsoft® Office 2003 Service Pack 2 contains significant security
enhancements, in addition to stability and performance improvements.
Some of the fixes included with SP2 have been previously released as
separate updates. Office 2003 SP 2 include Office 2003 Service Pack 2
for Proofing Tools, New anti-phishing feature in Outlook 2003
SP2.
Office is a great software suite. Office 97 was not my favorite
because of the numerous security holes, but like many of the Microsoft
products (with exception of Internet Explorer) it has gotten better
over time.
What truly amazes me is how intuitive the entire Office suite is.
CardSystems Solutions moronic security efforts have resulted in the potential theft of information for 40 million credit cards. Hackers were able to install a rogue program, probably a Trojan, in the CardSystems security network. This program captured credit card information including the cardholder’s name, account number and verification code.
CardSystems Solutions is an Atlanta-based company. Prior to this incident, it processed approximately $15 billion dollars in credit card transactions each year. Small businesses were the primary users of the system.
The FBI and MasterCard International have launched investigations into the hack. It has become apparent CardSystems Solutions should be charged with gross negligence. The company failed to comply with MasterCard security regulations and failed to destroy the information of cardholders after prescribed time periods.
In a matter of gross incompetence, CardSystems failed to encrypt any of the credit card data for users. This is the equivalent of your bank sending monthly account statements will all the information printed on the outside of the envelope. It is simply inexcusable and has led to potentially the biggest theft of financial information in history.
Which Credit Cards?
The incompetence of CardSystems Solutions will have an impact on every major credit card group. Estimated numbers range from about 20 million Visa cards exposed to 14 million MasterCard credit cards. As many as 4 million American Express and Discover accounts were also put on the sacrificial altar by CardSystems.
What You Should Do
You should review all charges on credit card statements over the next 12 months. Contrary to popular belief, hackers typically will not go out and charge up thousands of dollars on the card. Instead, you should look for small charges of $10 to $20 from companies with bland names. Hackers know that many people will not call to reverse a small charge. Don’t be lazy! Closely inspect your statement and contest any charges that aren’t familiar.
Closing
How big is this hack? There are approximately 300 million people in the United States. 40 million accounts equates to 1 in every 7.5 people. Yes, people carry multiple credit cards, but it is still a huge number. CardSystems Solutions should pay a heavy price for its incompetence. Frankly, it should be liquidated. There is little doubt the major credit card companies will take action.
Richard Chapo, Esq., is a business lawyer with http://www.sandiegobusinesslawfirm.com – offering legal advice to San Diego businesses. This article is for general education purposes and does not address every facet of the subject matter. Nothing in this article creates an attorney-client relationship