Browsing Category: Data Breaches

Microsoft’s Police Forensic Tool Leaked to Bad Guys

[img_assist|nid=494|title=|desc=|link=none|align=right|width=115|height=115]Microsoft’s Computer Online Forensic Evidence Extractor (COFEE) has made it into the hands of pirates, and their virtual ships are distributing it. The COFEE application lets officers grab data from password-protected or encrypted sources. That means you can now break the law twice over: download the software and then use it to steal information from other people’s computers.

Read more...

Ex-Workers Indicted for Hacking Company Database

Categories: Compliance, Data Breaches

Federal authorities on Wednesd[img_assist|nid=1564|title=|desc=|link=none|align=right|width=115|height=117]ay filed intrusion charges against two
men accused of accessing the computer systems of their former employer. Scott R. Burgess, 45, of Jasper, Indiana, and Walter D. Puckett, 39,
of Williamstown, Kentucky, both worked as managers for Indiana-based
Stens Corporation until taking jobs with a competing company in Ohio,
according to an indictment filed in federal court.

Read more...

Data Breaches Increase ID Theft Chances 4X

Individual [img_assist|nid=1443|title=|desc=|link=none|align=right|width=115|height=115]data compromised in a data breach is four times more likely to be used for identity theft finds Javelin Research in a multi-year study. Another key finding cited: Most consumers do not see the link between breaches and identity theft. “[D]espite 19.5 percent of breach victims
suffering some kind of fraud in the past year, only 2 percent attribute
their fraud to the breach.” Read the full article. [Dark Reading]

Read more...

SSL Flaw Has Researchers Hustling to Fix

A flaw i[img_assist|nid=1533|title=|desc=|link=none|align=left|width=115|height=138]n the SSL protocol that could affect company networks, hosting environments and key machines has security researchers scrambling. The flaw, which requires a hack in to a network to launch, has devastating consequences and implications on database and mail servers. Discovered in August by PhoneFactor, the researchers have been working with ICASI to make an industry-wide fix, which is called “Project Mogul.” Researchers Chris Paget and HD Moore are helping to expose the flaw. Read the full article. [Computerworld]

Read more...

FBI Reports Malware on Rise in Electronic Funds Fraud

The FBI reports it has seen a rise of malware over the past few months targeting small and medium businesses and municipal government entities and school districts. Once a malicious attachment or link is opened, keylogging tactics obtain bank acco[img_assist|nid=1530|title=|desc=|link=none|align=right|width=115|height=115]unt info where criminals then initiate wire transfers or Automated Clearinghouse Transfers (ACH). The report also cites that in some cases individuals have been recruited to unknowingly help criminals with “work at home” jobs that tell them they will be working on sending these fraudulent funds transfers by Western Union or Moneygram. FBI has links to US CERT for help. Read the statement. [FBI]

Read more...

Flawed USB Sticks Can Be Used to Download Whatever Desired

Categories: Data Breaches, Malware

UK security researchers MWR InfoSecurity have[img_assist|nid=1456|title=|desc=|link=none|align=right|width=115|height=115] found a flaw in the driver software of USB sticks that could allow the technology to “interrogate” and download the complete content of any system. The company believes the use of such devices is only months away, and has shared its research with the British government.

Read more...

Southern California Man Gets 11 Years in Slammer for ID Theft Ring

Martin Quoc Pham, 28, of Garden Grove was sentenced by a judge to 11 [img_assist|nid=1443|title=|desc=|link=none|align=right|width=115|height=115]years in Federal prison for spearheading an identity theft ring targeting home equity lines. The compromised accounts of JP Morgan Chase customers were fraudulently accessed and lines of credit were stolen including nearly $1 million that was transferred to accounts controlled by the ring.

Read more...

FBI: SMBs Lost $40M in Bank Trojan Attacks

Categories: Data Breaches, Malware

[img_assist|nid=1027|title=|desc=|link=none|align=left|width=115|height=115]Hackers using a sophisticated network of banking Trojans money mules have stolen about $40 million from small and medium-sized businesses in the U.S., according to the latest installment in a series by Washington Post writer Brian Krebs.

Read more...