Hacks and phishing, more and more sophisticated

By    John Garner on  Monday, July 17, 2006
Summary: An article on WashingtonPost.com explains how a security flaw in Powerpoint has enabled hackers to infiltrate companies and retrieve vital information in a specific espionage case. It seems that the criminals using this hole in Microsoft PowerPoint wait until Microsoft have just released their security updates, and this is becoming a trend. In the wake […]

An article on WashingtonPost.com explains how a security flaw in Powerpoint has enabled hackers to infiltrate companies and retrieve vital information in a specific espionage case. It seems that the criminals using this hole in Microsoft PowerPoint wait until Microsoft have just released their security updates, and this is becoming a trend. In the wake of new updates they launch their attacks knowing full well that updates have not dealt with the flaw they have identified !

Andreas Marx of AV-Test.org notes that hackers appear to be surfacing with new exploits just days after Microsoft's monthly Patch Tuesday cycle has passed, possibly to have more time to exploit vulnerable systems before Redmond issues its next round of updates.

Attacks like this and phishing techniques are well thought-out and often extremely complex operations that require skills that even some of the top computer companies would rather have in-house than having to battle against them. A recent MITM (Man in the Middle) attack against Citibank, rather Citibank customers, used an extremely sophisticated system that could easily fool savvy IT folks ! This attack is also explained in detail in washingtonpost.com's Security Fix section.

Banks are now faced with traditional scams and the new extremely sophisticated cyber-scams like the above phishing techniques.

It's a good idea to remember that banks will (should) never request your pin code over the internet and checking the domain name is a good idea. In the above example the domain name used was "citibank.com.tufel-club.ru" and not "citibank.com".

Article written by  John Garner

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Check out the most recent posts from the blog: 
Sunday, September 24, 2023
The reliability & accuracy of GenAI

I question the reliability and accuracy of Generative AI (GenAI) in enterprise scenarios, particularly when faced with adversarial questions, highlighting that current Large Language Models (LLMs) may be data-rich but lack in reasoning and causality. I would call for a more balanced approach to AI adoption in cases of assisting users, requiring supervision, and the need for better LLM models that can be trusted, learn, and reason.

Read More
Saturday, September 23, 2023
From Chatbots to Reducing Society's Technical Debt

I discuss my experience with chatbots, contrasting older rules-based systems with newer GenAI (General Artificial Intelligence) chatbots. We cannot dismiss the creative capabilities of GenAI-based chatbots, but these systems lack reliability, especially in customer-facing applications, and improvements in the way AI is structured could lead to a "software renaissance," potentially reducing society's technical debt.

Read More
Friday, June 16, 2023
The imbalance of power in the AI game: in search of the common good

The article discusses the contrasting debate on how AI safety is and should be managed, its impact on technical debt, and its societal implications.
It notes the Center for AI Safety's call for a worldwide focus on the risks of AI, and Meredith Whittaker's criticism that such warnings preserve the status quo, strengthening tech giants' dominance. The piece also highlights AI's potential to decrease societal and technical debt by making software production cheaper, simpler, and resulting in far more innovation. It provides examples of cost-effective open-source models that perform well and emphasizes the rapid pace of AI innovation. Last, the article emphasises the need for adaptive legislation to match the pace of AI innovation, empowering suitable government entities for oversight, defining appropriate scopes for legislation and regulation, addressing ethical issues and biases in AI, and promoting public engagement in AI regulatory decisions.

Read More
Thursday, June 1, 2023
Japan revises copyright laws for AI

Japan has made its ruling on the situation between Content creators and Businesses. Japanese companies that use AI have the freedom to use content for training purposes without the burden of copyright laws. This news about the copyright laws in Japan reported over at Technomancers is seen as Businesses: 1 / Content Creators: 0 The […]

Read More
crossmenuarrow-down