[img_assist|nid=494|title=|desc=|link=none|align=right|width=115|height=115]Microsoft’s Computer Online Forensic Evidence Extractor (COFEE) has made it into the hands of pirates, and their virtual ships are distributing it. The COFEE application lets officers grab data from password-protected or encrypted sources. That means you can now break the law twice over: download the software and then use it to steal information from other people’s computers.
Browsing Category: Data Breaches
Federal authorities on Wednesd[img_assist|nid=1564|title=|desc=|link=none|align=right|width=115|height=117]ay filed intrusion charges against two
men accused of accessing the computer systems of their former employer. Scott R. Burgess, 45, of Jasper, Indiana, and Walter D. Puckett, 39,
of Williamstown, Kentucky, both worked as managers for Indiana-based
Stens Corporation until taking jobs with a competing company in Ohio,
according to an indictment filed in federal court.
Two separate bills that would require organizations to notify consumers when their personal information has been compromised have made their way out of committee in the Senate, a critical step toward the creation of a national data-breach notification bill.
Individual [img_assist|nid=1443|title=|desc=|link=none|align=right|width=115|height=115]data compromised in a data breach is four times more likely to be used for identity theft finds Javelin Research in a multi-year study. Another key finding cited: Most consumers do not see the link between breaches and identity theft. “[D]espite 19.5 percent of breach victims
suffering some kind of fraud in the past year, only 2 percent attribute
their fraud to the breach.” Read the full article. [Dark Reading]
A flaw i[img_assist|nid=1533|title=|desc=|link=none|align=left|width=115|height=138]n the SSL protocol that could affect company networks, hosting environments and key machines has security researchers scrambling. The flaw, which requires a hack in to a network to launch, has devastating consequences and implications on database and mail servers. Discovered in August by PhoneFactor, the researchers have been working with ICASI to make an industry-wide fix, which is called “Project Mogul.” Researchers Chris Paget and HD Moore are helping to expose the flaw. Read the full article. [Computerworld]
The FBI reports it has seen a rise of malware over the past few months targeting small and medium businesses and municipal government entities and school districts. Once a malicious attachment or link is opened, keylogging tactics obtain bank acco[img_assist|nid=1530|title=|desc=|link=none|align=right|width=115|height=115]unt info where criminals then initiate wire transfers or Automated Clearinghouse Transfers (ACH). The report also cites that in some cases individuals have been recruited to unknowingly help criminals with “work at home” jobs that tell them they will be working on sending these fraudulent funds transfers by Western Union or Moneygram. FBI has links to US CERT for help. Read the statement. [FBI]
UK security researchers MWR InfoSecurity have[img_assist|nid=1456|title=|desc=|link=none|align=right|width=115|height=115] found a flaw in the driver software of USB sticks that could allow the technology to “interrogate” and download the complete content of any system. The company believes the use of such devices is only months away, and has shared its research with the British government.
Martin Quoc Pham, 28, of Garden Grove was sentenced by a judge to 11 [img_assist|nid=1443|title=|desc=|link=none|align=right|width=115|height=115]years in Federal prison for spearheading an identity theft ring targeting home equity lines. The compromised accounts of JP Morgan Chase customers were fraudulently accessed and lines of credit were stolen including nearly $1 million that was transferred to accounts controlled by the ring.
After a former C[img_assist|nid=1435|title=|desc=|link=none|align=right|width=115|height=115]ongressional staffer exposed some sensitive data on a file-sharing network recently, some lawmakers are calling for the Congress to start an internal review of its own data security policies immediately.
[img_assist|nid=1027|title=|desc=|link=none|align=left|width=115|height=115]Hackers using a sophisticated network of banking Trojans money mules have stolen about $40 million from small and medium-sized businesses in the U.S., according to the latest installment in a series by Washington Post writer Brian Krebs.