In the early days, those who created malware or hacked into systems did it for fun and boasting rights. Over time, cybercrooks realized such acts are lucrative and begun to exploit vulnerabilities and security loopholes.
With the emergence of individuals and groups such as Anonymous and LulzSec, non-monetary forms of motivation have again been thrust into the spotlight.
Read full article: http://bit.ly/og8hsrA 59-year-old man has been arrested by police investigating alleged threats made over the internet to the children of Louise Mensch, a prominent Conservative MP.
The back-bench Tory MP for Corby and East Northamptonshire who is also a bestselling novelist, called police after she disclosed the threats on the social networking website Twitter.
Read full article: http://bit.ly/q8Yug8Jacksonville based Fidelity National Information Services Inc. (FIS) bills itself as the world's largest processor of prepaid debit cards; FIS claims to process more than 775 million transactions annually. The company disclosed the breach in its first quarter earnings statement issued May 3, 2011. But details of the attack remained shrouded in secrecy as the FBI and forensic investigators probed one of the biggest and most complex banking heists of its kind.
FIS said it had incurred a loss of approximately $13 million related to unauthorized activities involving one client and 22 prepaid cards on its Sunrise, Fla. based eFunds Prepaid Solutions, formerly WildCard Systems Inc., which was acquired by FIS in 2007.
FIS stated: "The Company has identified that 7,170 prepaid accounts may have been at risk and that three individual cardholders' non-public information may have been disclosed as a result of the unauthorized activities. FIS worked with the impacted clients to take appropriate action, including blocking and reissuing cards for the affected accounts. The Company has taken steps to further enhance security and continues to work with Federal law enforcement officials on this matter." The disclosure was scarcely noted by news media.
A cybersecurity expert and diabetic who recently showed that his insulin pump is vulnerable to hacking has revealed the maker of his device: Fridley-based Medtronic Inc.
Jay Radcliffe, a 33-year-old Idaho man who hacked into his own pump at a cybersecurity conference earlier this month, said Thursday that he initially withheld the name of the manufacturer in an effort to work with the medical technology company on security issues.
Read full article: http://bit.ly/pZlthLThe National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on cybersecurity awareness and education for all digital citizens, today announced that it will organize and lead efforts for Data Privacy Day on January 28, 2012. This annual international awareness initiative promotes data privacy and protection across the United States, Canada, and a host of other countries across the globe.
Simply explained, the authors decided to see if they could guess what you'd typed on your mobile phone by looking only at the data stream from the motion sensors as you pecked at the on-screen keys.
The experiment was rather limited, using a dedicated, full-screen application with a numeric keypad. This allowed the researchers to record what keys you'd actually typed, as well as how you'd typed them.
Read full article: http://bit.ly/qWphNEIf you've been reading the internet regularly this week, you're probably familiar with Jonathan's card, a "social payment experiment" amounting to a public Starbucks gift card. You might have bought a coffee. You might have contributed. You might have suspected it of being a Starbucks viral (it isn't).
What you probably haven't done is set up a script to skim money off the card in order to use it for your own nefarious purposes. And by "nefarious purposes," I mean feeding starving children in Africa. Here comes the ethics!
Read full article: http://bit.ly/nFheLe
A solo attacker has hacked into an events management company and obtained sensitive information belonging to 20,000 individuals, many of whom were United States government employees or contractors.
The cyber-attacker posted an Excel spreadsheet containing log-in credentials and personal information for 20,000 people obtained from allianceforbiz.com, according to a blog post signed by "Thehacker12" on Aug. 22. Allianceforbiz.com is a professional trade show management company that manages conferences, meetings and trade shows for customers, according to the company Website.
Read full article: http://bit.ly/qFH6l5On Aug. 3, the Naval Satellite Operations Center (NAVSOC) welcomed a visit from Vice Adm. Barry McCullough, commander, U.S. Fleet Cyber Command, and commander, U.S. 10th Fleet.
McCullough met with senior leaders to talk about the command's mission and future operations. Following a command brief by the NAVSOC commanding officer, Capt. Kevin Johnson, and a question-and-answer session with command personnel, McCullough was given an in-depth tour of the operations center.
Read full article: http://bit.ly/nnfgfsThus far, 2,006 people have been detained by officers in relation to the wave of disturbances that swept across the capital earlier this month, with 1,135 people being charged.
A Flickr page has now been set up featuring Metropolitan Police mug shots of those found guilty of offences during the London riots. (PA)With more than 954 cases related to the violent disorder, vandalism and looting having now passed through the courts, Met officials have decided to use the photo-sharing website to name and shame those who have been convicted.
Read full article: http://bit.ly/qwevA1Each succeeding Black Hat Technical Security forum, a conference aimed at both freelance and sponsored hackers, seems to veer into arcane fields of embedded devices where the security concerns might appear a little far-fetched. In fact, it seems many Black Hat attendees are leaving the IT world behind, considering the problems of computer networks, even in new tablet and mobile fields, to be trite and predictable.
Three weeks ago, I caught a pre-show Black Hat news report about two researchers who were demonstrating a build-it-at-home, fully functional airborne spy drone, complete with imaging and audio capture technology. The handy-dandy flying robot could even crack WiFi passwords in real time. The inventors insisted their intent was to educate citizens on the types of drone technologies now available to both governments and amateurs, but I'd be willing to bet most DIY hobbyists attending their session sought to build their own robot spy to find out what the neighbors were doing in that detached garage every night.
A Chinese documentary that showed off the military's ability to conduct a cyberattack against a U.S.-based site appears to have been removed from the Web site of state-run TV.
Meantime, Chinese officials are insisting that the clip was nothing but the workings of an imaginative producer.
The clip was part of a state-run documentary on cyberwarfare, and it appeared to show an unseen user conducting an attack on an Alabama-based Web site of the Falun Gong spiritual movement. At just six seconds, the clip offered what experts described as an uncommonly candid depiction of China's offensive cyber-capabilities.
Read full article: http://bit.ly/p6CqQRikko Hypponen has spent the past 20-plus years studying malicious software, including everything from "Brain" -- the first PC virus, dating back to 1986 -- all the way up to Stuxnet and today's most sophisticated global malware.
He's widely considered one of the world's foremost experts on information security, and he's played a key role in taking down numerous international rings of cybercriminals.
Read full article: http://bit.ly/nCBPMxFundtech Ltd. FNDT -4.18% , a market leader in global transaction banking solutions, today released a new white paper investigating the widespread cyber crime challenges faced by banks and how to fight them. The white paper includes insights from fraud and cyber crime experts from the FDIC, FBI, M&T Bank and NICE-Actimize.
Entitled "Fraud: A 360(TM) View," the white paper looks into the increasing occurrence of wire transfer fraud across banking channels. While cyber fraud losses from all sources have been on the decline since first peaking in 2006, online wire transfer and ACH fraud is still climbing -- with 2010 seeing $87.5 million in losses, according to David M. Nelson, Specialist in the FDIC's Cyber Fraud and Financial Crime Section. Notably, this type of fraud is increasingly occurring across a variety of channels: from bank account infiltration (24%), via call center and fax communication (26%), as well as in-branch (15%). A recent Fundtech survey revealed that the majority (66%) of bankers believe that cyber crime will never get under control.
Read full article: http://bit.ly/noQWh1One of the phrases that I've been noticing more and more -- particularly outside of the security world -- is "cyber attack." For example, in the past week the Chinese cyber security watchdog has claimed China was attacked nearly half a million times last year.
It sounds fantastically sci-fi, and I can see why journalists in particular like it. But "cyber attack" is a really misleading term.
Read full article: http://bit.ly/qVLE6J
One of the phrases that I've been noticing more and more -- particularly outside of the security world -- is "cyber attack." For example, in the past week the Chinese cyber security watchdog has claimed China was attacked nearly half a million times last year.
It sounds fantastically sci-fi, and I can see why journalists in particular like it. But "cyber attack" is a really misleading term.
Read full article: http://bit.ly/mTKLGjAs far as the online activist movement Anonymous is concerned, its Monday afternoon BART disruptions have been rousing successes.
Thousands of inconvenienced commuters disagree. So does San Francisco Police Chief Greg Suhr.
"I don't want this to be construed as delivering a threat," Suhr said, "but enough is enough. They made their point, and they are now losing in the court of public opinion. We don't feel that we took appropriate action at the appropriate pace (on Monday). The next response will be quicker."
Link: http://bit.ly/qPRdEIAfter the recent crackdown around the world on companies allegedly distributing scareware programs, the fake security business seems to be in full retreat, according to a recent report.
The number of new fake antivirus, scareware and other rogue software incidents have declined 60 percent since June, Alvin Estevez, CEO of Enigma Software said Aug. 18. The analysis was based on the company's support logs, software detection and support tickets from new customers.
Read full article: http://bit.ly/n0fYY1The Anonymous group is facing a second member revolt in a week after a second 'anon' spoke against its actions.
Naming himself simply 'John Doe' and tweeting atJohnDoeKM, he began by criticising the proposed 'opFacebook' which encouraged other to target the social networking site on 5th November, and went on to claim that the movement's aims had changed 'since Lulzsec made random hacks 'cool'.
Read full article: http://bit.ly/pZC3OOThere are likely to be red faces in Chinese government, after video footage showed Chinese military systems hacking a US target.
So said F-Secure chief research officer Mikko Hyppönen in a blog posting. Hyppönen spotted the video footage of the alleged hack during a Chinese military TV documentary.
"On 17th of July, a military documentary program titled "Military Technology: Internet Storm is Coming" was published on the Government-run TV channel CCTV 7, Military and Agriculture (at military.cntv.cn)," explained Hyppönen.
Read full article: http://bit.ly/pfiAHCCriticisms aimed at the San Francisco Bay Area's subway system for temporarily pulling the plug on cellular service have raised "very valid points," a federal regulator said
.
FCC Commissioner Robert McDowell said that the agency is still investigating what happened when BART pulled the plug on cell service on August 11 in four subway stations in downtown San Francisco in anticipation of a protest. (A BART board meeting is currently under way--check back later for CNET coverage.)
"What the heck happened, what precedent does it set, were there any laws that were broken?" McDowell said at a technology conference here yesterday. "Let's continue with the investigation. We'll draw conclusions after we have all the facts."
The August 11 protest was intended to call attention to the fatal shooting of an apparently homeless man named Charles Blair Hill.
The protest might normally have gone unnoticed outside the San Francisco metro area. That's what happened after a July 11 protest, during which train doorways were held open and some stations were shut down. But disabling underground cell service--a move more associated with authoritarian regimes in the Middle East than supposedly progressive California cities--drew national attention and criticism.
Whether it be a virus, trojan horse or worm, adware, badware or scamware, most Internet users are familiar with the notion that some software available online can do harm to both them and their computer. These days people are becoming more cautious and savvy, but as they do so virus creators also up their game.
The creators of the Koobface worm (an anagram of Facebook) have done just that. This piece of code first appeared in 2008 and originally targeted members of social networks. Using an already infected computer as a jump point, Koobface would send messages to an Internet user's Facebook 'friends' which contained links to various material, possibly a video.
Read full article: http://bit.ly/pfXaUBMoves to open the Internet in Syria were to enable the government to control citizens on a scale not attempted before.
In an attempt to calm the general populace from doing another Libya, the Syrian government promised to relax Internet restrictions. It seemed to do this by unblocking popular social networking sites.
However it turned out that it was luring the online revolutionaries into a well prepared battleground staffed by the Syrian Electronic Army.
Read full article: http://bit.ly/ruUONfOn Tuesday morning, in the wake of Monday night's rowdy BART protest, infamous hacker group "Anonymous" announced that the organization would be protesting, yet again, at the Civic Center BART station next Monday evening.
In a post on the group's Tumblr page, Anonymous promised to continue protesting. The group wrote: "We have proven that we stand by what we believe. […] We have stated and will keep our promise of a protest EVERY week until our demands are met".
Read full article: http://bit.ly/oAgYRLRiders of the San Francisco Bay Area subway stations experienced a significant inconvenience on Aug. 11 that may have violated their First Amendment rights.
Authorities for the Bay Area Rapid Transit, or BART, blocked cell phone signals in some subway stations in an attempt to head off protests caused by the July 3 shooting death of Charles Blair Hill by BART police, according to National Public Radio. Police say that Hill came at them with a knife, according to NPR.
Read full article: http://bit.ly/p9VL7qIn response to outrage over last week's shutdown of cell phone service in four San Francisco stations on rumors of a planned protest, BART officials have repeatedly claimed their decision was necessary to maintain public safety. BART spokesman Linton Johnson has gone so far as to invent a new Constitutional "right to safety" which trumps the First Amendment. As it happens, we are in full agreement that BART has an obligation to the safety of its passengers. We believe that working cell phones throughout the BART system do not pose a danger to riders; rather, they help to promote public safety.
Furthermore, BART riders agree with us, and if you go back to 2001, BART officials do too. BART made the decision to introduce cell phone service to trains and platforms shortly after 9/11, in response to popular demand from BART riders who saw that New Yorkers had found cell phones to be invaluable to communicating with authorities and loved ones in the midst of city-wide confusion.
Read full post: http://bit.ly/qzOLjUSymantec Corp. SYMC +3.51% today announced the results of the August 2011 Symantec Intelligence Report, now combining the best research and analysis from the Symantec.cloud MessageLabs Intelligence Report and the Symantec State of Spam & Phishing Report. This month's analysis reveals that once more spammers are seeking to benefit from fluctuations in the turbulent financial markets, most notably by sending large volumes of spam relating to certain "pink sheets" stocks in an attempt to "pump" the value of these stocks before "dumping" them at a profit.
Click to Tweet: Turbulent markets drive "pump-and-dump" stock scams says August 2011 Symantec Intelligence Report: http://bit.ly/owDLp0
In a pump-and-dump stock scam, spammers promote certain stocks in order to inflate the price as much as possible so that they may then be sold before their valuation crashes back to reality. The spam for these scams tries to convince the prospective mark that the penny stock is actually worth more than its valuation, or that it will soon skyrocket. Most of these claims are either misleading or false.
Link: http://bit.ly/pSPBaLResearchers have uncovered the first malware using the "Gingerbreak" root exploit for Android 2.3, code-named "Gingerbread."
GingerMaster, a variant of the DroidKungFu malware that appeared earlier this year, has a root exploit that gives the attacker control of the infected device, Xuxian Jiang, an associate professor at North Carolina State University's department of computer science, wrote in a blog post Aug. 18. NC State researchers worked with mobile security vendor NetQin and discovered that GingerMaster wrapped malicious code around a jailbreak exploit for Android 2.3 devices.
Read full article: http://bit.ly/r70dO0Google's Android has overtaken Java Micro Edition as the most attacked mobile platform, McAfee said in its latest quarterly threat report.
Out of about 1,200 mobile malware samples that McAfee Labs collected and analyzed in the second quarter of 2011, about 60 percent were aimed at Android, McAfee said in its 2011 Threats Report for the second quarter. While mobile malware remains a tiny fraction of the overall malware market, Android is clearly the criminals' favorite target, McAfee said.
Read full article: http://bit.ly/r1jZMOMobile malware is climbing alarmingly and the threat to companies increases with each day. The challenge is unlike any that IT has faced because it contains just about every threat that whole IT systems have faced concentrated in a small vulnerable shell.
There is the obvious problem of losing a phone. Unlike a laptop, it can slip down the sofa or simply be left in the pub after a bit of relaxation following a busy day at work. The average UK user does not even bother to set a PIN or password to protect their phones – devices that now have the equivalent power of desktop PCs of less than ten years ago.
Read full article: http://bit.ly/o6U07nA federal judge sentenced a Romanian to one year and eight months in prison for conspiring with another Romanian to steal customer account information from PNC Bank ATM machines in Western Pennsylvania.
Mihai Popa, 29, pleaded guilty in February to the conspiracy. Alexandru Razvan Serb, 29, pleaded guilty in December to the same charge and was sentenced in May to one year and 11 months in prison.
Read full article: http://bit.ly/ps2J3l
