Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: "Porn-surfing hits taxpayer IDs"

From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Wed, 14 Jun 2006 16:05:19 -0400
You should look at a program like PestPatrol.

Without any technical details .. it sounds like a key logging program was installed - this cannot be detected by the 
WEB application (the information has been
copied before the web server gets it), but can be detected by a program running on the machine that looks for something 
that has hooked the keyboard interrupt.

My 2 cents.

Joel Rosenblatt

Joel Rosenblatt, Senior Security Officer & Windows Specialist, CUIT
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel - You can't spell seCUrITy without CUIT


--On Wednesday, June 14, 2006 12:44 PM -0700 Jere Retzer <retzerj () OHSU EDU> wrote:


From today's Oregonian. Here is another threat/risk to consider. Does anyone know about other incidents of trojans stealing 
personal data? I'm also looking
for safeguards to build into web-based applications used to access sensitive data to prevent malware on individual PCs 
from harvesting the data. Thanks

Article from the Oregonian follows:




Joel Rosenblatt, Senior Security Officer & Windows Specialist, CUIT
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel - You can't spell seCUrITy without CUIT
Previous By Date Next
Previous By Thread Next

Current thread: