INSTA-LEADS: Our Full-Service B2B Marketing Program Delivers Sales-Ready Leads Click to Learn More!
Welcome Guest | Sign In
ECommerceTimes.com
Toll Fraud Can Take a Big Toll on SMBs
October 22, 2014
Toll fraud -- the hijacking of a phone system to dial out to premium numbers in distant countries at several dollars a minute -- costs companies more than $4.7 billion a year, up nearly $1 billion from 2011. Major carriers, such as the companies that make up the CFCA, have sophisticated fraud systems in place to catch hackers, and they can afford to credit customers for fraudulent charges.
Staples May Be Next to Wear Data Breach Scarlet Letter
October 21, 2014
Yet another major retailer -- this time, office supply chain Staples -- reportedly has fallen victim to a data breach. More than half a dozen banks operating on the East Coast have seen fraudulent charges made at non-Staples businesses, such as supermarkets and other big-box retailers, by people using Staples cards. Those cards apparently were used previously at three Staples stores in the area.
FBI's Comey Argues Against Encryption: Trust Us
October 20, 2014
FBI director James Comey, in a speech last week at the Brookings Institute, reiterated his concerns about encryption built into iOS 8 and Android stymieing law enforcement. "I'm a huge believer in the rule of law, but I also believe that no one in this country should be beyond the law," he said. However, the law has not kept pace with technology, Comey pointed out.
Microsoft Patch Blocks Sandworm Tunnels
October 17, 2014
iSight Partners this week revealed that a cybergang it dubbed "Sandworm" has been exploiting a zero-day vulnerability that impacts all supported versions of Microsoft Windows, including Windows Server 2008 and 2012. The announcement was held off until Microsoft issued its patch earlier this week. If exploited, the flaw will let attackers remotely execute code on target systems.
Tide Starts to Turn Against Gamergate's Women-Hating Campaign
October 17, 2014
Backlash against the #Gamergate movement escalated several notches this week, thanks to high-profile newspaper reports and a public statement from the Entertainment Software Association. "Threats of violence and harassment are wrong," the ESA said. "They have to stop. There is no place in the video game community -- or our society -- for personal attacks and threats."
Spam Still Packs a Punch
October 15, 2014
The days of in-boxes flooded with spam messages on an assortment of sordid subjects are a faint memory to most email users, but what spam has lost in volume it's gained in power. More than two-thirds of some 200 IT decision makers in companies with five to 1,000 employees said a spam incident in the last year had severely disrupted their business operations -- or halted them entirely.
Snapchat Hackers Could Be Prosecuted for Child Porn Offenses
October 13, 2014
Private videos and pictures shared between tens of thousands of Snapchat users -- possibly as many as 200,000 -- were posted online by hackers over the weekend in an episode dubbed the "Snappening." Much of the content is sexual, including many nude photos -- some possibly of minors. The hackers appear to have gone for maximum embarrassment and humiliation with this particular breach.
Kaspersky Probes ATM Malware Mystery
October 10, 2014
Kaspersky Lab this week reported that criminals have been emptying ATMs and infecting them with malware dubbed "Tyupkin." About 50 machines have been infected in eastern Europe, and the attacks have spread to the United States, India and China, based on statistics culled from VirusTotal, Kaspersky said. The attackers target ATMs running Windows 32-bit operating systems.
DEA Lifts Woman's Identity, Creates Fake Facebook Page
October 08, 2014
The U.S. Drug Enforcement Agency reportedly co-opted a woman's identity to create a fake Facebook page as a ruse to investigate suspects. The agency posted racy pictures of the woman, then known as "Sondra Prince," as well as a photo of her young son and niece, to the sham page. The photos were taken from her cellphone, which DEA had seized when Prince was arrested in connection with a drug ring.
Consumers Fed Up With Data Breaches
September 30, 2014
Consumers are beginning to lose their patience with the custodians of their personal information. Survey results from 2,000 consumers released last week by HyTrust, suggest that 51 percent of those polled would bolt from any business involved in a data breach that compromised personal information such as address, Social Security number or credit card details.
Banks, Businesses Scramble to Smash Bash Shellshock Bug
September 29, 2014
Banks and businesses toiled over the weekend to crush a bug in a widely used open source operating system. The flaw has been in Unix for some 25 years, but it was revealed just last week. If exploited, the vulnerability could be used to inject malicious code or take command of a system or device. Dubbed "Shellshock," it requires patching systems and devices running Apple's OS X, Linux and Unix.
Bash Shellshock Bug Patched but Not Pummeled
September 25, 2014
Researchers on Thursday discovered proof-of-concept code that could take advantage of unpatched computer systems, and found evidence of attacks exploiting the BASH Shellshock bug in the wild. Shellshock, which came to light on Wednesday, could become a major threat to Linux/Unix and Apple operating systems if published patches to BASH are not applied before an attacker cashes in.
Self-Driving Car Security: No Room for Error
September 25, 2014
Walk into any electronics store and you will find antivirus software from companies like Norton, ESET, McAfee and Kaspersky. In the last few years, the risk has spread from our computers to our smartphones and our tablets. The next thing we will have to protect may be our cars -- and our lives could depend on it. We used to think the computer was the only device that needed virus protection.
Banking Trojan Targets Petrochemical Outfits
September 23, 2014
The pernicious program Citadel has been around for awhile, but it's using some new tricks on new targets. From its humble origins as a "man in the browser" thief of banking credentials, Citadel has become a knave of all trades. Once it lands on a computer, it can be configured in a number of ways with a file from a server operated by Web predators.
Phishing Scam Ensnares eBay Shoppers
September 23, 2014
Attackers for months have been using eBay listings to redirect visitors to password-harvesting scam sites. They use cross-site scripting to hijack shoppers and trick them into handing over personal data. Smartphones, televisions, hot tubs and clothing are among the items supposedly for sale in listings infected with malicious Javascript code. eBay reportedly has been slow to address the issue.
Home Depot Gives 56 Million Customers a Heads Up
September 19, 2014
Home Depot on Thursday said it had excised the malware demon from its computerized payment system after its recent discovery of a security breach in which thieves stole records of 56 million credit cards. Home Depot stopped short of admitting that an ongoing security upgrade may have contributed to the breach. Efforts to harden the system with enhanced encryption are under way.
XSS Flaw Burns a Hole in Kindle Security
September 16, 2014
Security consultant Benjamin Mussler last week warned that the Kindle e-book library had a cross-site scripting vulnerability. It appears Amazon previously had fixed the XSS flaw but two months ago reintroduced it in a new version of the "Manage Your Kindle" Web application, according to Mussler. People who download pirated e-books are at greatest risk, he said.
Millions of Gmail Users Victims of Latest Password Heist
September 11, 2014
About 5 million Gmail usernames and passwords have been published on a Russian bitcoin security forum as a text file. Sixty percent of the 4.93 million credentials in the file were valid, claimed the poster, who used the online handle "tvskit." The information reportedly was dumped on several Russian cybercrime forums and shared through a variety of peer-to-peer services.
Apple's Cook Promises Feeble iCloud Security Upgrades
September 05, 2014
Apple is taking steps to improve security in the wake of the furor generated by hackers' posting nude photos of celebs on the Internet, CEO Tim Cook said. Apple will alert users via email and push notifications when someone tries to restore iCloud data to a new device. It already does this when someone tries to change an account password or when a device first logs in to an account.
Home Depot All But Confirms Doozy of a Data Breach
September 03, 2014
Home Depot may have experienced a massive security breach -- possibly on a greater scale than last year's Target breach, which affected an estimated 110 million people. Home Depot said it was investigating the possibility, following security researcher Brian Krebs' Tuesday alert. It appears the perpetrators are the same hackers responsible for the data breaches at Target and elsewhere.
Admins Grapple With Shadow Tech
September 03, 2014
If you want to see an IT pro twitch, bring up Shadow IT in a conversation. "Shadow IT" is a term applied to technology deployed by an organization's users outside the purview of the IT department. It's bothersome to system shepherds because it can open up an organization to data leakages. It's also growing. Many Shadow IT programs run in the cloud, but all clouds are not created equal.
Other Shoe Drops in CyberVor Hack Attack
September 02, 2014
Domain name registrar Namecheap on Monday reported that it was besieged Sunday night by cyberattackers who employed username and password data possibly stolen by the so-called CyberVor hacker gang. "CyberVor" is the name Hold Security used last month when it reported the theft of 1.2 billion online credentials. However, the "vast majority" of the malicious login attempts were unsuccessful.
Victimized Celebs Blamed for Their Indecent Exposure
September 02, 2014
Apple on Tuesday issued a statement blaming the posting online of more than 100 celebrities' photos in various stages of dishabille on a highly targeted hack attack to gain access to their usernames, passwords and answers to security questions. None of the cases investigated resulted from any breach in the company's systems, including iCloud or Find my iPhone, Apple maintained.
Russian Hackers Sack US Banks: Report
August 29, 2014
Hackers appear to have stolen data from JPMorgan Chase and at least one other U.S. bank in retaliation for economic sanctions against Russia. The raid on the banks' computer systems reportedly resulted in the theft of gigabytes of sensitive data. JPMorgan did not confirm the incident. However, the FBI is conducting an investigation into reports of cyberattacks on U.S. banks.

See More Articles in Cybercrime Section >>
Facebook Twitter LinkedIn Google+ RSS