From: InfoSec News (alertsinfosecnews.org)
Date: Thu Mar 19 2009 - 01:15:03 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.csoonline.com/article/484847/A_Real_Dumpster_Dive_Bank_Tosses_Personal_Data_Checks_Laptops

By Joan Goodchild
Senior Editor
CSO
March 18, 2009

 Data protection is not just an IT security issue. But security industry
analyst Steve Hunt, who heads up Hunt Business Intelligence, believes
too many people in IT security still have that false perception.

"There are so many physical security aspects to data protection it ought
to never be considered merely an IT security issue," Hunt said.

Instead, noted Hunt, sensitive data is sitting on USB drives, in the
garbage, in the discarded fax pile and plenty of other places, waiting
to be found by criminals. (For lots of additional examples of how
sensitive information is lost or taken, see 9 Dirty Tricks: Social
Engineers' Favorite Pickup Lines [1].

Good old-fashioned dumpster diving. It might sound like a 90s tactic,
but Hunt thought it would still work as a way to garner sensitive
information.With that in mind, Hunt headed to the trash bin at what he
describes as "a big bank in a big city." He was in and out of the
dumpster in three minutes, according to his estimate. In that short
amount of time he came up with the following items (Check out the video
below to see Hunt's walkthrough of the results):

[1] http://www.csoonline.com/article/480589/_Dirty_Tricks_Social_Engineers_Favorite_Pick_Up_Lines

[...]

_______________________________________________
Best Selling Security Books and More!
http://www.shopinfosecnews.org/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]