Bots create Microsoft Live Hotmail Accounts by breaking CAPTCHAs

Microsoft’s periodically revamped CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) has been broken, yet again in spite of it’s continued efforts towards protecting it. This is the latest in a series of ‘break-ins’ which started in early 2008 and has affected major service providers including Google & Yahoo.  Continue reading “Bots create Microsoft Live Hotmail Accounts by breaking CAPTCHAs”

IT Governance Institute’s New Framework-Risk IT

IT risk is gaining increased attention from executive management, stakeholders and regulators alike. The COBIT framework provides a generally accepted framework for IT but this does not deal with risk management in a comprehensive manner. The ITGI has now remedied this gap with their latest initiative-a framework for IT related risk management. Continue reading “IT Governance Institute’s New Framework-Risk IT”

$9 million (about Rs.45 crores) stolen from ATMs in less than 30 minutes

Mission Impossible !!


With only 100 compromised ATM cards thieves were able to grab $9 million from ATMs in a new style of attack in just under 30 minutes. Law enforcement sources have told that it’s one of the most frightening well-coordinated heists they’ve ever seen.


From the news that have come in till now, the flow of events is presumed to be as follows. Continue reading “$9 million (about Rs.45 crores) stolen from ATMs in less than 30 minutes”

Compliance is illusory- Security is real

While there have been scores of IT related security incidents and this is definitely not going to be the last, the Heartland Payment Systems incident is noteworthy for the fact that the company in question was PCI compliant. While we have been seeing security certifications such as ISO27001, PCI being introduced and implemented across industry, a key question that rarely gets addressed is the absorption of IT Security initiatives within the organization. No compliance can help when importance of IT Security is not understood. At the end of the day compliance to all security standards is only illusory, reality may be far behind. Continue reading “Compliance is illusory- Security is real”