Mac Users: Phishers Are Platform Agnostic

Yes, Mac fans, virus writers continue to focus primarily on Windows, since nine of 10 computers connected to the Web are PCs. However, phishers are platform agnostic. And right now phishing attacks are surging. Phishers rely on social engineering to victimize Web users. And their latest sleigh-of-hand is to lure your into giving up your Web mail or social network account log-ons. Anyone who uses Hotmail, YahooMail, Gmail, Facebook, MySpace, LinkedIn or Twitter is likely being attacked — doesn’t matter what computer operating system they happen to be using. Read the full article. [USA Today]

Connecticut Investigates Blue Cross Blue Shield Data Breach

Connecticut Attorney General Richard
Blumenthal is investigating Blue Cross Blue Shield’s loss of
confidential information, including tax identification and Social
Security numbers, for 800,000 healthcare providers nationwide. The attorney general is also seeking additional identity theft
protection for affected doctors, therapists, and other professionals,
according to a statement from the attorney general issued. The companies lost the information when a laptop was stolen Aug. 25. Read the full article. [Dark Reading]

UK Police Warn Job Seekers to Avoid Being Money Mules

The Serious Organised Crime Agency (Soca) says websites are currently being used to recruit “money mules”. The “mules” are ordinary people who send and receive payments through their bank accounts to facilitate business. But in reality, the cash has been laundered from crime, leaving unwitting mules open to prosecution. Fraudsters are using a variety of bogus and legitimate recruitment channels to con job-hunters into thinking they have found genuine employment. Read the full article. [BBC]


Guest editorial by David MortmanIt’s early fall here in Ohio which means it’s time for the second round of canning for the winter. So last weekend my kitchen was covered in bushels of apples and pounds of greens and a whole lot of canning jars. As you know by now, I love to cook and I love a well-designed kitchen tool. Mason jars in particular make me extremely happy. They were invented in 1858 and fundamentally haven’t changed in the subsequent 150 years.

They’re the Internet equivalent of storm chasers, spending endless hours scanning and sleuthing, looking for the telltale signs of botnets. Here’s an inside look at the battle against cybercrime’s weapons of mass infection. Read the full article. [CSOonline.com]

A critical vulnerability in the Wikipedia Toolbar extension for Firefox has been discovered that can be exploited by an attacker to compromise a victim’s system. According to the Secunia report, the cause of the problem is due to the application using invalidated input in a call to eval() which can be exploited to execute arbitrary JavaScript code.

Hackers are increasingly targeting law firms and public relations
companies with a sophisticated e-mail scheme that breaks into their
computer networks to steal sensitive data, often linked to large
corporate clients doing business overseas. Read the full article. [NYTimes.com/AP]

The recent ACM Cloud Computing Security Workshop in Chicago was devoted specifically to cloud security. Speakers included Whitfield Diffie, a cryptographer and security
researcher who, in 1976, helped solve a fundamental problem of
cryptography: how to securely pass along the “keys” that unlock
encrypted material for intended recipients. Diffie, now a visiting professor at Royal Holloway, University of
London, was until recently a chief security officer at Sun
Microsystems. He sat down with Technology Review’s chief
correspondent. Read the full article. [Technology Review]

A hacker has broken into the Nebraska Worker’s Compensation database,
prompting an FBI investigation and an effort to contact those who may
be affected. Several thousand people could be affected by the
breach, which was discovered last week when the state’s chief
information officer noticed an unusual amount of Internet traffic
traversing the Worker’s Compensation courts server. Read the full article. [KETV.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.