If you see a comment that goes something like this, DO NOT CLICK ON IT:

seen this really bad blog about you? http://www.jdsense.com/search/redirect.php?f=http://blogs.faecibook.com/sessionid?nglnbskuf

Apparently China based, it will bring you to an authentic-looking FAKE Facebook page that tells you Your Session Has Expired and will require you to login with your email and password.

Its only purpose is to harvest your email address and facebook password, and the creators are writing comments on strangers’ statuses.

So far, the comments have been either “seen this really bad blog about you?” or “I have a 13 year old daughter who is in LOVE with you.”

Apparently, in a few minutes, the message will be deleted.

If you happen to experience this, CHANGE YOUR PASSWORD NOW!!!

Technical info:

It seems the domain was set up on 6th August 2009 under the name Li Wang, registered in Shanghai with email lixing688@gmail.com, and phone/fax no: 86-021-51697771

But what is it and how does it work?

Developed in the US, a chemical marker that is added to diesel consignments before leaving oil terminals. Every 8,000 litres of subsidised diesel is doped with a 25ml vial of the chemical. Doped diesel cannot be differentiated by visible means. Its low concentration level is akin to one second in 15 years. No amount of mixing subsidised diesel with those that are not ‘tagged’ will affect the results.

To detect the presence of nanotags in a diesel sample, another chemical is used. It is drawn into a syringe containing the diesel sample – the presence of nanotags would turn the diesel sample either white or pink in colour.

Normal diesel stored in tanks, which have previously contained nanotag doped diesel, would not be tested positive, because the sensitivity of the chemical has been adjusted to ensure that containers used to store both ‘tagged’ and ‘non-tagged’ diesel will not give contradicting results.

It seems to be very effective. According to the newsreport, since its implementation in Sept 2006, more than 60 per cent of industrial sites have tested positive for illegal possession of subsidised diesel. That’s more than half!
As an indication of the size of the matter: in Malaysia there are 4,000 approved fuel distributors, and there are a total of 10,000 factories.

Apparently nanotag techology are also applied in this way in India, Brazil and of course the US.

source

Some Macy’s, CVS, and Babies ‘R’ Us stores have installed a system called the Video Investigator, whose advanced surveillance software can compare a shopper’s movements between video images and recognize unusual activity. Remove 10 items from a shelf at once, for instance, or open a case that’s normally kept closed and locked, and the system alerts guards sitting in a back room — or pacing the sales floor — with a chime or flashing screen. The system can predict where a shoplifter is likely to hide (at the ends of aisles, behind floor displays). A search function spots sudden movement that might indicate a large spill, prompting workers to clean up before it leads to a slip-and-fall accident and a costly lawsuit. And if someone opens a back door at 2 a.m., the system will record who sneaked in and link it with snapshots of the previous and next persons to use the door. Alerts, complete with images, can be sent to handheld devices, keeping retailers informed 24/7, says Jumbi Edulbehram, vice-president for strategic marketing at IntelliVid Corp., a Cambridge (Mass.) firm that makes the Video Investigator system.

source

Tags: CCTV, security

Maybe not all are wired to the net, but at least some are.

Malaysian banks – anybody know their status?

http://www.windowsfordevices.com/news/NS6438545389.html

Tags: ATM+machines, internet, security

And it’s not a small matter:

• they had likely hundreds of servers, at least 3 were compromised
• at least one of the servers compromised contained Social Security numbers of more than 130,000 people
• the other 2 servers had health records belonging to students treated at the university’s health center stolen, as well as more Social Security numbers.
• penetrated by both US and overseas hackers

The Uni only came to know about it after the FBI discovered someone had remotely taken control of one of the school’s servers. What if they didn’t?

Universities are popular targets for hackers because:

• due to the fact that they store Social Security numbers and other data useful for committing identity thefts
• they don’t take security seriously enough.
• they have to keep information free flowing (maintain delicate balance in flexibility and security), unlike corporations which can issue immediate lockdown

Bill Sams, the school’s CIO said: "We need someone somewhere to come up with a set of best practices for schools."

How hackers managed to get in, according to Sams:

A server supporting the alumni relations department was supposed to be offline. The people responsible for shutting it down thought they had done so. The server continued to be connected to the Internet but didn’t receive security updates. It was the equivalent of leaving a backdoor open for thieves to walk in and seize what they wanted.

The following is a sobering statement for all of us:

"We had a failure of both policies and procedures," Sams said. Asked why, when so many schools were succumbing to computer attacks, Ohio University wasn’t quicker to order a security audit, Sams replied: "Should we have? Yes. Did we? No."