Yahoo India News… A case of click fraud???

This was something I noticed a while back around the end of May during the French Open tennis tournament held at Paris.

A particular news story was making the rounds when Serena Williams accused her opponent Maria Jose Martinez Sanchez for cheating during their third round match.

On going to Yahoo India news, this is what I found…

Wow…”Serena Williams calls Novak Djokovic a cheat”. A blatant fake headline to get the user to click the link.

Though on checking the story, it does state about who Serena Williams actually accuses of cheating and how Djokovic looses his match…

In the end, it is the user who actually clicked the link expecting something else who got “cheated”.

Is this not a case of ‘click fraud’?. It’s one thing to increase your ad revenue through click ‘hits’, but this is not the way you go about it.

The funny thing is, this is not the first instance of seeing such headlines in Yahoo India news..

Barack Obama launches Cyber Security Plan

The Obama administration has launched an ambitious plan to protect the country’s cyber infrastructure. It includes the creation of a ‘cyber tsar’ personally appointed by the President who would oversee the whole security plan.

The President’s full speech can be found here.

Hackers attack Facebook

Facebook has been targeted with a new round of phishing attacks again…

The newest Facebook attacks resemble previous phishing rounds in their tactics: a compromised account sends a malicious link to friends. That link leads to a site that mimics the legitimate log-in page.

Read the full article here

Major security vendor’s website plagued by vulnerabilities

McAfee’s website  was found to be vulnerable to both XSS as well as cross site request forgery (csrf) attacks. The sites now have been fixed or either taken offline.

Ironically one of the vulnerable sites was McAfee Secure, which scanned customer sites to check for the same issues!.

Mike Bailey of Skeptikal.org who found the issues wrote on his blog that the company failed to comply with PCI requirements for Approved Scanning Vendors, didn’t use a secure software development lifecycle in building the application, and neglected to do an in-depth penetration test of the site.

McAfee spokesman Joris Evers said the site taken offline was the McAfee Knowledge Center, which is part of its customer support site that uses software from a third-party provider. The site had a cross-site scripting vulnerability, he said.

“These types of vulnerabilities are rarely exploited in the wild and thus aren’t deemed to be severe,” he said in an e-mail. None of the vulnerabilities exposed any McAfee corporate information and the company had not seen any malicious exploitation of the vulnerabilities, he added.

XSS vulnerabilites…rarely exploited???. For someone whose entire business model involves around selling products that provide security from such issues, such a statement does’nt seem to be clever.

Although it must be noted that McAfee isnt the only company to suffer from such issues. Last month, Symantec’s website was found to be vulnerable to XSS attacks. Also in February, a Romanian hacker site claimed to use XSS and SQL injection to breach sites like F-Secure, BitDefender and Kaspersky.

SPAM – An Environment Killer

Everyone who has an email account is in someway effected by SPAM. The junk mails flooding inboxes cost companies billions of dollars. In terms of  computer capacity to handle the large influx of mail and employee productivity and time lost in deleting all those mails.

A recent survey by Microsoft claims more than 97% of email traffic is SPAM and most contain attachments infected or linked to malwares. It states for every 1000 computers out there, 8.6 are infected.

It seems SPAM is not only just an annoying hindrance to our productivity but is also killing the environment. The security firm McAfee released a report titled ‘Carbon Footprint of Spam’ (registration required) based on a study by climate-change consultants ICF International.

In it, the survey suggest that the carbon footprint of every SPAM mail is 0.3 gms of CO2. Over the year 2008, more that 62 trillion spam mails (that’s right..62 trillion!) were sent resulting in a loss of over 33 billion kilo-watt hours (KWh) of power. Most of this energy is wasted on the end user’s computer where time is spent sifting through, deleting and separating the spam from the genuine ones.

ICF reckons more than one-fifth of the annual energy usage at a medium-size business on email is associated with spam. It estimates an average business email user is responsible for 131kg of CO2 per year in email-related emissions, one-fifth (or 22%) is related to spam.

Having a spam filtering solution in place could eliminate over 75% of the energy lost. It’s highly unlikely for spammers to change their ways on knowing the damage  their actions are causing to the environment.

Jeff Green, senior vice president of product development at McAfee Avert Labs said

As the world faces the growing problem of climate change, this study highlights that spam has an immense financial, personal and environmental impact on businesses and individuals. Stopping spam at its source, as well investing in state-of-the-art spam filtering technology, will save time and money, and will pay dividends to the planet by reducing carbon emissions as well.

Landslide in Malaysia

This is what happens when you have a tin mine operation very close to the coast.

The footage is of a mine collapse that happened in 1993 near Pantai Remis in Malaysia. The video is of a poor resolution but is considered as one of the best landslide videos.

Fortunately at the time , the mine was not in operation. Also as a result of the man made disaster, a cove was created along the coastline. It can be viewed on Google Earth at 100°36’21.32"E, 4°25’18.85"N.

Everything is Amazing!…yet nobody is happy

Comedian Louis CK sums it up in his interview with Conan O’Brien, stating how the present generation is constantly moaning and taking everything for granted.

IE8 out and already hacked…

No sooner than Microsoft released Internet Explorer 8 and talked about it’s new security features, a hacker exploited the new browser during the PWN2OWN contest held at CanSecWest security conference in Vancouver, Canada.

‘Nils’, a hacker from Germany achieved this feat by exploiting an unknown vulnerability in IE8 running on a build of Windows 7. Microsoft  did confirm the vulnerability and would be releasing a patch for it soon.

Internet Explorer 8 does support new features like SmartScreen filter,  Domain Highlighting, Cross site scripting filters, out of box protection against clickjacking etc.

But security analyst and researchers are still unconvinced as they state the software is too bloated to be secured easily. Moreover, researchers believe that the clickjacking protection provided by IE8 will only work when developers add special tags to web buttons on their pages from being misused. In other words, the protection is only provided to Websites that use this feature and not the browser users. This could end up giving IE users a false sense of security.

Layman’s Financial Crisis Glossary

For the past few months, the common man has been bombarded with financial jargon like sub-prime mortgages, recession, short selling, ponzi schemes and now the latest….quantitative easing 🙂

So what does this all mean?.

Here is a list on some of the more common business words being used regularly.

AAA-rating

The best credit rating that can be given to a corporation’s bonds, effectively indicating that the risk of default is negligible.

Administration

A rescue mechanism for UK companies in severe trouble. It allows them to continue as a going concern, under supervision, effectively to try to trade out of difficulty.

A firm in administration cannot be wound up without permission from a court.

Assets

Things that have earning power or some other value to their owner.

Fixed assets (also known as long-term assets) are things that have a useful life of more than one year, for example buildings and machinery; there are also intangible fixed assets, like the good reputation of a company or brand.

Current assets are the things that can easily be turned into cash and are expected to be sold or used up in the near future.

Basis point

One hundred basis points make up a percentage point, so an interest rate cut of 25 basis points might take the rate, for example, from 3% to 2.75%.

Bear market

In a bear market, prices are falling and investors, anticipating losses, tend to sell. This can create a self-sustaining downward spiral.

Bond

A debt security – or more simply an IOU. The bond states when a loan must be repaid and what interest the borrower (issuer) must pay to the holder. Banks and investors buy and trade bonds.

Bull market

A bull market is one in which prices are generally rising and investor confidence is high.

Capital

The wealth – cash or other assets – used to fuel the creation of more wealth. Within companies, often characterised as working capital or fixed capital.

Capitulation

Used of the stock markets, the point when a flurry of panic selling induces a bottoming out of prices.

Carry trade (currency)

Typically, the borrowing of currency with a low interest rate, converting it into currency with a high interest rate and then lending it. One common carry trade currency is the yen, as traders seek to benefit from Japan’s low interest rates. The element of risk is in the fluctuations in the currency market.

Chapter 11

The term for bankruptcy protection in the US. It postpones a company’s obligations to its creditors, giving it time to reorganise its debts or sell parts of the business, for example.

Collateralised debt obligations (CDOs)

A collateralised debt obligation is a financial structure that groups individual loans, bonds or assets in a portfolio, which can then be traded.

In theory, CDOs attract a stronger credit rating than individual assets due to the risk being more diversified. But as the performance of some assets has fallen, the value of many CDOs have also been reduced.

Commercial paper

Unsecured, short-term loans issued by companies. The funds are typically used for working capital, rather than fixed assets such as a new building.

Commodities

Commodities are products that, in their basic form, are all the same so it makes little difference from whom you buy them.

That means that they have a market price. You would be unlikely to pay more for iron ore from a particular mine, for example.

Correction

A short-term drop in stock market prices. The term comes from the notion that, when this happens, overpriced stocks are returning back to their “correct” values.

Credit crunch

The situation created when banks hugely reduced their lending to each other because they were uncertain about how much money they had.

This in turn resulted in more expensive loans and mortgages for ordinary people.

Credit default swap

A swap designed to transfer credit risk, in effect a form of financial insurance. The buyer of the swap makes periodic payments to the seller in return for protection in the event of a default on a loan.

Currency peg A commitment by a government to maintain its currency at a fixed value in relation to another currency. Typically this is done by the government buying its own currency to force the value up, or selling its own currency to lower the value. One example of a peg was the fixing of the exchange rate of the Chinese yuan against the dollar.

Dead cat bounce

A phrase long used on trading floors to describe a short-lived recovery of share prices in a falling stock market.

Deflation

The downward price movement of goods and services.

Derivatives

Derivatives are a way of investing in a particular product or security without having to own it. The value can depend on anything from the price of coffee to interest rates or what the weather is like.

Derivatives can be used as insurance to limit the risk of a particular investment.

Credit derivatives are based on the risk of borrowers defaulting on their loans, such as mortgages.

Dividends

A payment by a company to its shareholders, usually linked to its profits.

Equity

In a business, equity is how much all of the shares put together are worth.

In a house, your equity is the amount your house is worth minus the amount of mortgage debt that is outstanding on it.

FTSE-100

An index of the 100 companies listed on the London Stock Exchange with the biggest market capitalisation – the share price multiplied by the number of shares. The index is revised every three months.

Fundamentals

Fundamentals determine a company, currency or security’s value. A company’s fundamentals include its assets, debt, revenue, earnings and growth.

Futures

A futures contract is an agreement to buy or sell a commodity at a predetermined date and price. It could be used to hedge or to speculate on the price of the commodity.

GDP

Gross domestic product. A measure of economic activity in a country, namely of all the services and goods produced in a year. There are three main ways of calculating GDP – through output, through income and through expenditure.

Hedge fund

A private investment fund with a large, unregulated pool of capital and very experienced investors.

Hedge funds use a range of sophisticated strategies to maximise returns – including hedging, leveraging and derivatives trading.

Hedging

Making an investment to reduce the risk of price fluctuations to the value of an asset.

For example, if you owned a stock and then sold a futures contract agreeing to sell your stock on a particular date at a set price. A fall in price would not harm you – but nor would you benefit from any rise.

Inflation

The upward price movement of goods and services.

Investment bank

Investment banks provide financial services for governments, companies or extremely rich individuals. They differ from commercial banks where you have your savings or your mortgage.

Junk bond

A bond (or loan to a company) with a high interest rate to reward the lender for a high risk of default.

Keynesian economics

The economics of John Maynard Keynes. In modern political parlance, the belief that the state can directly stimulate demand in a stagnating economy. For instance, by borrowing money to spend on public works projects like roads, schools and hospitals.

Leveraging

Leveraging, or gearing, means using debt to supplement investment.

The more you borrow on top of the funds (or equity) you already have, the more highly leveraged you are. Leveraging can maximise both gains and losses.

Deleveraging means reducing the amount you are borrowing.

Libor

London Inter Bank Offered Rate. The rate at which banks lend money to each other.

Limited liability

Confines an investor’s loss in a business to the amount of capital they invested. If a person invests £100,000 in a company and it goes under, they will lose only their investment and not more.

Liquidity

The liquidity of something is how easy it is to convert it into cash. Your current account, for example, is more liquid than your house.

If you needed to sell your house quickly to pay bills you would have drop the price substantially to get a sale.

Loans to deposit ratio

For financial institutions, the sum of their loans divided by the sum of their deposits.

Currently important because using other sources to fund lending is getting more expensive.

Mark-to-market

Recording the value of an asset on a daily basis according to current market prices.

So for a futures contract, what it would be worth if realised today rather than at the specified future date. Also marked-to-market.

Money markets

Global markets dealing in borrowing and lending on a short-term basis.

Monoline insurance

Monolines were set up in the 1970s to insure against the risk that a bond will default. Companies and public institutions issue bonds to raise money. If they pay a fee to a monoline to insure their debt that in turn helps to raise the credit rating of the bond which in turn means the institutions can raise the money more cheaply.

Mortgage-backed securities

These are securities made up of mortgage debt or a collection of mortgages. Banks repackage debt from a number of mortgages which can be traded. Selling mortgages off frees up funds to lend to more homeowners. See securities.

Naked short selling

A version of short selling, illegal or restricted in some jurisdictions, where the trader does not first establish that he is able to borrow the relevant asset.

Nationalisation

The act of bringing an industry or assets like land and property under state control.

Negative equity

Refers to a situation in which the value of your house is below the amount of the mortgage that still has to be paid off.

Ponzi scheme

Similar to a pyramid scheme, an enterprise where – instead of genuine profits – funds from new investors are used to pay high returns to current investors. Named after the Italian fraudster Charles Ponzi, such schemes are destined to collapse as soon as new investment tails off or significant numbers of investors simultaneously wish to withdraw funds.

Preference shares

A class of shares that usually do not offer voting rights, but do offer a superior type of dividend, paid ahead of dividends to ordinary shareholders. Preference shareholders often also have superior status in the event of a liquidation.

Prime rate

A term used primarily in North America to describe the standard lending rate of banks to most customers. The prime rate is usually the same across all banks, and higher rates are often described as “x percentage points above prime”.

Profit warning

When a company issues a statement indicating that its profits will not be as high as it had expected. Also profits warning.

Quantitative easing

Central banks flood the economy with money by printing new notes, in order to increase the supply of money. The idea is to add more money into the system to avert deflation and encourage banks/people to borrow and spend.

One of the dangers of this tactic is hyperinflation.

Rating

Bonds are rated according to their safety from an investment standpoint – based on the ability of the company or government that has issued it to repay.

Ratings range from AAA, the safest, down to D, a company that has already defaulted.

Recapitalisation

To inject fresh money into a firm, thus reducing the debts of a company.

For example, when a government intervenes to recapitalise a bank, it might give cash in exchange for some form of guarantee, such as a stake in the company. Taxpayers can then benefit if the bank recovers.

Recession

A period of negative economic growth.

In most parts of the world a recession is technically defined as two consecutive quarters of negative economic growth – when real output falls.

In the United States, a larger number of factors are taken into account, like job creation and manufacturing activity. However, this means that a US recession can usually only be defined when it is already over.

Retained earnings

Money not paid out as dividend and held awaiting investment in the company.

Rights issue

When a public company issues new shares to raise cash. The company might do this for a number or reasons – because it is running short of cash, or because it wants to make an expensive investment. By putting more shares on the market, a company dilutes the value of its existing shares.

Securities lending

Security lending is when one broker or dealer lends a security to another for a fee. This is the process that allows short selling.

Securitisation

Turning something into a security. For example, taking the debt from a number of mortgages and combining them to make a financial product which can then be traded.

Banks who buy these securities receive income when the original home-buyers make their mortgage payments.

Security

Essentially, a contract that can be assigned a value and traded. It could be a stock, bond or mortgage debt, for example.

Short selling

A technique used by investors who think the price of an asset, such as shares, currencies or oil contracts, will fall. They borrow the asset from another investor and then sell it in the relevant market.

The aim is to buy back the asset at a lower price and return it to its owner, pocketing the difference. Also shorting.

Spiv

A term popularised in World War II for flashily-dressed chancers involved in black market dealings. A fictional spiv is ladies’ man Private Joe Walker in Dad’s Army.

Newspaper headline writers use “spiv” as shorthand for traders who play for high stakes.

Stagflation

The dreaded combination of inflation and stagnation – an economy that is not growing while prices continue to rise.

Sub-prime mortgages

These carry a higher risk to the lender (and therefore tend to be at higher interest rates) because they are offered to people who have had financial problems or who have low or unpredictable incomes.

Swap

An exchange of securities between two parties. For example, if a firm in one country has a lower fixed interest rate and one in another country has a lower floating interest rate, an interest rate swap could be mutually beneficial.

Tier 1 capital

A calculation of the strength of a bank in terms of its capital, defined by the Basel Accords, typically comprising ordinary shares, disclosed reserves, retained earnings and some preference shares.

Toxic debts

Debts that are very unlikely to be recovered from borrowers. Most lenders expect that some customers cannot repay; toxic debt describes a whole package of loans where it is now unlikely that it will be repaid.

Underwriters

When used of a rights issue, the institution pledging to purchase a certain number of shares if not bought by the public.

Unwind

To unwind a deal is to reverse it – to sell something that you have previously bought, or vice versa.

When administrators are called in to a bank, they must do the unwinding before creditors can get any money back.

Warrants

A document entitling the bearer to receive shares, usually at a stated price.

Write-down

Reducing the book value of an asset to reflect a fall in its market value. For example, the write-down of a company’s value after a big fall in share prices.

Yield spread

The difference in the rate of return in two different investments. If Bond A earns a return of 10% and Bond B 7%, the yield spread would be three percentage points.

Data Loss Prevention (DLP) products benefiting from recession

As the economic gloom spreads and everything from real estate to banking stocks are taking a nosedive, it seems Gold is not the only thing benefiting from the recession. Data Loss Prevention products appears to be on the shopping list of security managers even as their security budgets get tightened.

As the economic downturn is forcing companies to lay-off employees in their thousands, concern among IT decision makers is that the laid-off workforce is the biggest security threat to their organization.

They have good reason to worry too…A recent survey conducted by the Ponemon Institute startlingly showed that 6 out of 10 employees stole company data when they left their jobs last year. Similarly, in a McAfee sponsored survey (registration required) more than 42% of respondents saw laid-off employees as the biggest security threat. McAfee also estimates losses due to data theft and security breaches crossed $1 trillion last year.

Disgruntled employees feel they have an entitlement to the data because of their efforts. Moreover it is a known fact, crime rates go UP when we hit hard times. Desperate employees do desperate things!!!. They would use the information for financial motives, get hired with another competitor.

The risk of having data losses is a headline grabbing event with huge financial losses that managers would very much like to avoid. So investing in DLP products would help them mitigate those risks and protect the confidential proprietary data wherever it is stored or used.