Woman reading

InfoSec in the News

2001 and earlier

Most of these news stories could have been prevented with an effective security awareness program or they promote the use of security awareness.
Also visit our News Archives for older stories

Subscribe to the following e-mail lists for even more stories:

SANS NewsBites

Security Wire Digest


31 December 2010 - Honda Customer Database Security Breach
Honda Motor Company is warning millions of its customers that intruders have gained access to their email addresses, probably through an attack on Silverpop Systems, a third-party marketing services provider.  The breach appears to affect two million Honda owners and three million Acura owners and also includes names and vehicle identification numbers. The compromised information could be used in phishing attacks.

30 December 2010 - Monitoring Software Catches Employee Trafficking in Pirated Games
A Nationwide Insurance employee has been sentenced to two-and-a-half years in prison for pirating and selling copies of computer games. Qiang Bi, who goes by Michael Bi, pleaded guilty to charges of mail fraud, copyright infringement and aggravated identity theft.  Nationwide discovered Bi's illegal activity thanks to recently deployed monitoring software that detected a suspicious spreadsheet sent from his personal email account to his work email account.  The spreadsheet contained details of PayPal and eBay accounts under phony names.  An investigation determined that Bi has sold more than 35,000 pirated copies of computer games with retail value of US $700,000.


29 December 2010 - Trojan Targets Android OS
Malware known as Geinimi targets the Google Android platform and has characteristics of botnet malware.  It appears to have been bundled with legitimate games, both paid and free; the developers were unaware that the malware was piggybacking on their products.  The malware targets Chinese-speaking users.  Geinimi communicates with a command-and-control server that has the capability of telling infected devices to perform certain tasks, such as downloading or uninstalling software.  Android users receive prompts and must approve the actions before they occur.
Internet Storm Center: http://www.isc.sans.org/diary.html?storyid=10186

27 December 2010 - Man Facing Possible Prison Time for Reading Wife's eMail
A Michigan man could face up to five years in prison for reading his wife's email.  Leon Walker found his wife's (Clara Walker) gmail password in a notebook and used it to access her account, from which he learned that she was having an affair.  Leon Walker is Clara Walker's third husband.  The email disclosed that she was having an affair with her second husband, who has a history of domestic violence against her. Leon Walker shared the information with Clara Walker's first husband, the father of her son, who filed an emergency motion for custody.
Walker is facing a felony charge under a law that is aimed at prosecuting people who have committed identity theft or have stolen trade secrets.  His trial is slated to begin in February 2011.

22 December 2010 - Man Pleads Guilty in Wi-Fi Framing Case
A Minnesota man has pleaded guilty to computer hacking, aggravated identity theft and other charges for sending email threats against Vice President Joe Biden in his neighbor's name.  Barry Vincent Ardolf admitted to breaking into his neighbor's wireless network, setting up phony email accounts and sending the threatening messages to appear as though they came from his neighbor.  Ardolf also sent offensive email messages to some of the neighbor's co-workers http://www.theregister.co.uk/2010/12/22/wi_fi_hack_threat_man_admits_guilt/

16 December 2010 - Tech Executives Allegedly Sold Inside Information
Four technology company executives have been arrested for selling inside company information to a California market research company.  The executives worked as consultants for Primary Global Research, receiving generous fees for providing the company with information about industry trends that is then sold to money managers, but the FBI alleges that the activity "went way beyond permissible market research" when insider information was sold to hedge funds.

14 December 2010 - Former Employee Gets 18 Months for Revenge Cyber Attack
A former employee of Florida's Suncoast Community Health Center has been sentenced to 18 months in federal prison for breaking into the organization's computer system. Patricia Marie Fowler was fired on March 13, 2009 for insubordination; four days later, she launched an attack, deleting records and passwords that prevented legitimate users from accessing the system. Following her release, Fowler will serve three years probation and will have to pay more than US $17,000 in restitution.

13 December 2010 - Irish Authorities and Microsoft Warn of Phony Virus Calls
Microsoft and the Irish National Consumer Agency (NCA) have issued a warning about scammers posing as representatives of Microsoft, or other legitimate technology companies, and calling people to tell them they have malware on their computers. The targets are instructed to download a file from a certain website that gives the attacker access to their machines. Some of the thieves also ask for credit card information.

10 December 2010 - Former Goldman Sachs Employee Guilty of Trading Software Source Code Theft
Former Goldman Sachs computer programmer Sergey Aleynikov has been found guilty of stealing trade secrets.  Aleynikov stole high-speed trading proprietary software source code from his former employer after accepting a position at a competing company.  Aleynikov downloaded the source code shortly before leaving the company in late spring 2009; he stored it on a German-hosted website and attempted to remove his tracks from Goldman Sachs systems.

6 December 2010 - Mega-D Spam Suspect Pleads Not Guilty to CAN-SPAM Violation Charges
Alleged spam king Oleg Y. Nikolaenko pleaded not guilty to violating the CAN-SPAM Act in US federal court in Wisconsin last week. Nikolaenko is believed to have had a major role in spam schemes that sent out more than 10 billion messages a day through the Mega-D botnet. The judge denied bail for Nikolaenko after prosecutors successfully argued that he posed a flight risk.

1 December 2010 - Chinese Government to Crack Down on Piracy
The Chinese government has announced that it will begin inspecting government computers at the national and local levels for pirated software.  The government expects to complete the inspection by May 2011.  Chinese officials said they also plan to pursue purveyors of counterfeit merchandise.  In a related development, Microsoft has announced that it has filed a lawsuit against ten companies in China for selling computers pre-installed with pirated software.  According to statistics from the Business Software Alliance, last year roughly 79 percent of software on Chinese computers was pirated.

30 November 2010 - Ransomware Makes a Comeback
Security firms are noting the resurgence of ransomware, malware designed to hold users' data hostage on their own computers in return for payment.  The newest variants demand payment of as much as US $120 to return control of data to their rightful owners.  One of the variants used infected PDF files to exploit known vulnerabilities in Adobe Reader.  Users whose patches are up to date are protected.  Another variant targets the master boot record of Windows PCs' hard drives.


29 November 2010 - Supreme Court Will Not Hear Whitney Harper RIAA Case
The US Supreme Court has declined to hear a case involving a high school student sued by the Recording Industry Association of America (RIAA) for illegally downloading 37 copyrighted songs. Whitney Harper, who is now a Texas college student, maintained that she did not know at the time she downloaded the music that what she was doing was illegal.  Under the innocent infringer defense, Harper claimed her damages should be US $200 for each song, or $7,400.  The judge in her initial trial agreed, but the ruling was reversed by the Fifth US Circuit Court of Appeals, which said the record companies had included copyright notices on CD covers and disallowed her innocent infringer status.  Harper's defense team argued that because she was downloading the music from the internet and did not have the CD covers, the warnings did not provide actual notice.
In a dissent, Justice Samuel Alito wrote that he would grant review to Harper's appeal to look more closely at the Fifth Circuit's interpretation of the innocent infringer provision.

26 November 2010- Piracy and Counterfeit Goods Sites Seized
US authorities have seized 82 websites linked to piracy.  All the sites shut down either offer or provide means to find pirated content or sell counterfeit merchandise on the Internet.  Some of the sites have already begun conducting business through alternate addresses.  The seizure orders were issued by US District Courts across the country.  Agents from the Department of Homeland Security's (DHS) Immigrations and Customs Enforcement (ICE) division seized the sites.  Attorney General Eric Holder said the operation was deliberately timed to coincide with the holiday shopping season.

25 November 2010 - Indian Police Make Film Piracy Arrests
Police in Hyderabad, India have arrested four people in connection with illegally uploaded digital content.  The four allegedly operated a business involving making illegal copies of CDs and DVDs and uploading them to Torrentrockerz.  The site focused primarily on Bollywood films.


23 November 2010 - Former Ford Employee Pleads Guilty in Industrial Secrets Theft
Xiang Dong (Mike) Yu faces a prison sentence of five or more years and a US $150,000 fine for stealing industrial secrets from his former employer, Ford, and giving the information to a Chinese competitor.  Yu was employed at Ford as a product engineer from 1997 until 2007.  He admitted copying spec designs to an external hard drive in December 2006, just after accepting a position at another company.  He pleaded guilty to stealing trade secrets; sentencing is scheduled for February 23, 2011.

22 November 2010 - Man Used Malicious eMail to Steal Personal Info & Take Control of  Webcams
Matthew Anderson of Keith, Banffshire, Scotland has admitted to an offense under the UK's Computer Misuse Act for his role in an email scheme designed to steal personal data.  He sent spam containing malware that allowed him access to users' computers.  Anderson gained remote control of users' webcams and spied on them in their homes.  Law enforcement agents found other people's photographs and medical reports on Anderson's computer.  He is to be sentenced on November 23.

19 November 2010 - LifeLock Sending Refund Checks as Part of Settlement With FTC
LifeLock, a company that offers identity theft protection services, is sending US $10.87 checks to nearly one million customers to comply with a settlement the company reached with the US Federal Trade Commission (FTC).  Attorneys general from 35 states and the FTC alleged that LifeLock made false claims about the scope of its protection.  The settlement was reached in March.  In addition to making the payments to customers, LifeLock must not overstate the risk of identity theft and must not misrepresent its services.

17 November 2010 - Man Arrested, Charged with Stealing Trade Secrets from Former Employer
A California man has been arrested on charges he stole proprietary code from his employer with the intent of using it to develop a competing company.  Zhiqiang (Michael) Zhang had been director of software development at Sirf Technology, which makes Global Positioning chipsets. He was responsible for developing the code that he allegedly stole.  He resigned from Sirf in May 2009 after seven years' employment.  After his resignation, Zhang allegedly established a company called Anywhere Logic that would provide "services utilizing trade secrets stolen from Sirf."

17 November 2010 - US Air Force Warns that Social Networking Sites Can Reveal Location Data
The US Air Force Troops has posted a warning on its website that social networking sites, including Facebook, can disclose data about users' locations. Most sites allow users to disable geo-location features. "Careless use of these services by airmen could have devastating operations security and privacy implications." The US Army plans to issue a similar warning to personnel next week.

11 November 2010 - Spam Declines in Face of Concerted Anti-Bot Efforts
According to statistics gathered by Symantec's hosted services unit, the volume of spam has fallen 47 percent globally in the last three months; the significant drop is attributed to efforts to take down botnets.  Last month, authorities in the Netherlands took down servers that were supporting the Bredolab botnet, and September saw the shutdown of pharmaceutical spam giant spamit.com and dozens of arrests associated with the ZeuS botnet.  A report from Kaspersky Lab notes a similar decline in spam and attributes the change to the disabling of the Pushdo botnet.


10 November 2010 - Over One Million Phones in China Infected with Malware
Attackers have infected more than 1 million cell phones in China with malware that sends text messages automatically; the infection is estimated to be costing users a total of 2 million yuan (US $302,000) a day.  The malware snuck onto the phones in a phony antivirus application.  The malware can send information about the infected devices' SIM cards to the attackers, which they use to send the messages remotely.  Some of the messages sent contain links to malicious websites.

4 November 2010 - Jury Delivers US $1.5 Million Verdict Against Thomas-Rasset
On Wednesday, November 3, a jury in Minnesota delivered a US $1.5 million verdict against Jammie Thomas-Rasset for illegally downloading 24 songs through Kazaa.  The verdict is the third delivered in the filesharing case.  The first trial in 2007 resulted in a US $220,000 judgment against Thomas-Rasset.  The judge later declared a mistrial because he believed he had given the jury incorrect instructions.  In June 2009, another jury delivered a US $1.92 million verdict against Thomas-Rasset; the judge reduced the amount to $54,000, saying that the judgment "must bear some relation to actual damages."  In January, Thomas-Rasset rejected an offer from the Recording Industry Association of America (RIAA) to settle the case for US $25,000.

1 November 2010 - Android Market Bans Spyware App
The Google Android Market has banned an application that surreptitiously forwards all SMS text messages to another device.  The app, Secret SMS Replicator, violates the Android Market Content Policy.  The app appears to be designed to be installed on users devices without their knowledge and because "there is no visible icon or shortcut to access it, ... once it's installed, it will continue to monitor without revealing itself," according to Zak Tanjeloff, CEO of DLP Mobile, which developed the app.

1 November 2010 - Facebook Bans Developers for Selling User IDs
Facebook has banned a number of developers from connecting to the social network for six months after it learned that they had been selling user information to data brokers.  Facebook discovered the problem while conducting an investigation into a flaw that caused Facebook user identifiers (UIDs) to be shared inadvertently.  Facebook did not specify which developers have been banned, but did say that the decision affects fewer than a dozen and none of the applications are among the social network's 10 most popular.  Once the six months are over, companies wishing to return to the site mist submit their data practices to an audit before they will be permitted to access Facebook.

1 November 2010 - Disgruntled Former Employee Draws Prison Sentence for Deleting Files
A Virginia man has been sentenced to 27 months in prison for deleting files from his former employer's computer system.  Darnell H. Albert-El admitted using his still-active account with administrative privileges to access the Transmarx website and delete 1,000 files in July 2008, a month after he was dismissed from his job there as IT Director.  The information was backed up, so Transmarx was able to restore it. Albert-El was also ordered to pay US $6,700 in restitution.

30 October 2010 - Prison Term for Selling Pirated Software
A Texas man, Todd Alan Cook, has been sentenced to 18 months in prison for selling pirated software online.  The judge in the case also ordered Cook to pay nearly US $600,000 in restitution.  Earlier this year Cook pleaded guilty to criminal copyright infringement.  For nearly two years, Cook and his father, Robert D. Cook and a third individual, operated websites through which they sold counterfeit software.  The value of the pirated software has been estimated at more than US $1 million.  The elder Cook is scheduled for sentencing on December 3.


29 October 2010 - Former IT Worker Sentenced for Stealing and Using Co-Workers' Personal Data
A man who worked for five years in the IT department at the University of California San Francisco Medical Center has been sentenced to 366 days in prison for stealing co-workers' personal data.  Cam Giang was fired from his position after his employer learned that he had been using colleagues' names, birthdates and Social Security numbers (SSNs) to fill out online surveys for which he received US $100 Amazon vouchers.  Nearly 500 employees were affected by Giang's scheme.  The scheme was discovered when employees began complaining that they were unable to complete the online survey because their information had already been used.

25 October 2010 - Facebook to Employ Encryption to Protect User IDs
Facebook says it will use encryption and other data protection measures following reports that users' data were being shared with third parties. Facebook policy forbids application developers from sharing Facebook User IDs (UIDs) with third parties, but the company said that "some developers were inadvertently sharing [the data] via the HTTP Referrer header."  In related news, a Minnesota woman has filed a class-action lawsuit against Zynga, the company responsible for the popular FarmVille and Mafia Wars games on Facebook, for sharing user information with third parties, and data aggregator Rapleaf said it is no longer sharing user identifiers with advertising networks.

25 October 2010 - Guilty Plea in Malware Installation Scheme
A Scottish man who admitted to sending spam with malicious attachments has pleaded guilty to violating the Computer Misuse Act.  Matthew Anderson had a major role in a scheme that used the malware successfully installed on users' computers to steal data and spy on the users through their webcams.  Among the information found in Anderson's possession following a June 2006 raid on his home were wills, medical reports and photographs.

22 October 2010 - Media Content Groups Urge Quick Passage of Anti-Piracy Legislation
Proposed legislation in the US Senate would make it easier to go after websites believed to be promoting piracy.  The bill has the support of the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA) and other prominent media content organizations.  The groups signed a letter to Senator Patrick Leahy (D-Vermont), who is one of the bill's sponsors.  The Combating Online Infringement and Counterfeits Act does not allow the government to shut down the websites, but allows the US Justice Department to seize the sites' domain names and impose restrictions on credit cards and banks that would prohibit them from conducting further business with the alleged pirates.

20 October 2010 - Guilty Plea in Pump-and-Dump Scheme
An Arizona man has pleaded guilty to conspiracy to commit securities fraud and fraud in connection with electronic mail for his role in a pump-and-dump scheme that used a botnet to distribute phony information about stocks.  James Bragg used a botnet to send out spam aimed at artificially boosting the price of certain penny stocks.  Bragg also gained access to online brokerage accounts and used them to make stock purchases without the account holders' knowledge.

18 October 2010 - Facebook Faces Another Privacy Breach
The privacy of many users on Facebook has been compromised by a number of popular applications, or apps, used on the social networking site. An investigation by the Wall Street Journal identified a number of apps that access Facebook members' personal details, even if their privacy settings were set to the most restrictive allowed within the social network.  According to the report, up to 25 advertising and data gathering firms were exploiting the issue to enable them access the name of the persons using certain apps, and in some cases the names of those persons' friends.  One company, Rapleaf, was also found to have combined the user data accessed in Facebook with its own database of internet users.  Rapleaf admitted that some of this information was also transmitted to other third parties, but claimed that this transmission was accidental.  Facebook has responded by saying it will implement a solution to prevent this type of access to user data.

15 October 2010 - US Government Using Social Networks for Spying
The privacy watchdog the Electronic Frontier Foundation (EFF) has highlighted that a number of documents obtained from various US government agencies demonstrates that those agencies are actively using various social networking sites to spy on people.  Some of the agencies involved include the U.S. Citizenship and Immigration Services which monitored the activity of people who applied for U.S. citizenship and the Department of Homeland Security which monitored commentary on various social networks during President Obama's inauguration.  The EFF highlighted that while the DHS attempted to ensure its monitoring of social networks was appropriate, the EFF had a number of concerns, "While it is laudable to see DHS discussing the Fair Information Practice Principles as part of the design for such a project, the breadth of sites targeted is concerning".

(Webmaster's note - ironically, I said to some acquaintances a few weeks ago, "What if social networks are really a ploy by the government to get everyone to put their entire lives online and in the public light?"

7 October 2010 - Akamai Employee Convicted of Trying to Sell Data to Foreign Government
Akamai technologies employee Elliot Doxer has been arrested for allegedly attempting to hand information to someone he believed was a representative of an unnamed foreign government.  Doxer had been charged with wire fraud.  Doxer worked in Akamai's finance department and in June 2006, he allegedly contacted the Boston consulate of the foreign country by email, offering invoice and contact information of Akamai customers.  The consulate contacted US authorities, which then set up a sting operation involving a dead drop, which Doxer used more than 60 times.

7 October 2010 - Aldi Grocery Store Skimmer Scheme Hits Stores Near 10 Large US Cities
An Illinois company, Aldi, that operates 1,100 grocery stores in 31 US states said that between June and August, cyber thieves used skimmers to steal payment card information from customers.  The attacks appear to have affected payment terminals at stores in 11 states.  More than 1,000 people in the Chicago Area have reported fraudulent transactions on payment cards that can be traced to the Aldi skimmers.  The affected stores are close to 10 large cities, suggesting a coordinated scheme. Skimming operations have usually been local because they are so labor intensive.  Fraudulent ATM withdrawals made on the compromised payment cards were made in California, Ohio and Illinois.  There is speculation that Aldi was targeted because the "no-frills" grocery stores have few employees.

7 October 2010 - Former Fannie Mae Worker Convicted of Planting Malicious Code on Servers
A federal jury has convicted Rajendrasinh Babubhai Makwana of computer intrusion for installing malware on a Federal National Mortgage Association (Fannie Mae) computers while he was employed at the organization as a computer programmer.  Makwana was a contract UNIX engineer at Fannie Mae for three years and had access to Fannie Mae's nearly 5,000 servers. He was fired on October 24, 2008; several days later, a senior engineer discovered the malware, which was installed on October 24 and programmed to execute on January 31, 2009.  The malware was found embedded in a routine that executes on all Fannie Mae servers every morning; it was designed to destroy data.  Makwana was linked to the malware through network logs.

6 October 2010 - UK Man Jailed for Refusing to Surrender Password
A 19-year-old man has been sentenced to four months detention for refusing to surrender the password necessary to decrypt content on his computer.  Oliver Drage was found guilty of violating the Regulation of Investigatory Powers Act (RIPA) for refusing to provide police with a password that would allow them to access allegedly illegal content on his computer.  Drage was arrested in 2009 as part of an investigation into images of child sexual abuse.

30 September 2010 - Dozens Charged in Connection with ZeuS-Enabled Bank Fraud
Authorities on both sides of the Atlantic have charged dozens of people in connection with massive bank fraud using the ZeuS Trojan horse program.  US authorities charged 92 people believed to have been involved in cyber attacks that stole more than US $200 million from bank accounts over the last four years.  In the UK, authorities arrested 20 people who are believed to have stolen GBP 6 million (US $9.5 million) in just three months using ZeuS.  While the charges in the US may have dealt a blow to the scheme's operations, the code's developers, those who run the back-end servers and the scheme's masterminds remain at large.

20 September 2010 - Proposed Legislation Would Allow DoJ to Shut Down Piracy Sites
Proposed US legislation would allow the US Justice Department (DoJ) to seek court orders to shut down websites that facilitate piracy anywhere in the world.  The Combating Online Infringement and Counterfeits Act would allow the DoJ to ask for injunctions that would order US domain registrars and registries to cease resolving the domain name of piracy sites.

18 September 2010 - Former Hospital Employee Charged with HIPAA Violations
A former surgical instrument technician at UPMC Shadyside Hospital in Pittsburgh, Pennsylvania, has been charged with violations of the Health Insurance Portability and Accountability Act (HIPAA).  Paul C.  Pepala allegedly accessed the names, birth dates and Social Security numbers (SSNs) of UPMC Shadyside Hospital patients in February 2008 and disclosed the information to other people.  The information was used to file phony tax returns.  If convicted of all charges in the 14 count indictment, Pepala faces up to 80 years in prison and a maximum fine of US $4.73 million.

16 September 2010 - New Patterns in Attacks Are Gaining Sophistication
A new analysis of data, using actual attacks and upatched vulnerabilities from tens of thousands of companies, was just published jointly by Tipping Point (HP), Qualys, and SANS Internet Storm Center. The report described attacks on Adobe PDF vulnerabilities that used 10 different cross-referenced streams to hide from AV and IPS tools. The report also documents new challenges exploiting increased consumerization of enterprise computing, prolonged and persistent targetingf of web applications, and unrelenting legacy threats.

15 September 2010 - Google Engineer Fired for Violating Internal Privacy Policies
Google has acknowledged that it fired an employee in July for allegedly accessing user accounts without authorization.  David Barksdale, a Site Reliability Engineer, allegedly accessed Gmail and Google Voice accounts of at least four minors.  There are no allegations of sexual misconduct; it appears Barksdale was attempting to "impress [the teenagers] with his level of access and power." According to a statement from Google senior vice president of engineering Bill Coughran, Google is "significantly increasing" log auditing to make sure privacy policies are being followed.  Law enforcement authorities were not contacted about the incidents because one of the families has asked to remain anonymous. Barksdale is not the first Google engineer who was fired for privacy policy violations.

9 September 2010 - New Mass-Mailing Worm Detected
There are reports that a new mass-mailing worm is spreading.  The worm spreads through email messages with the subject line "Here you have;" the body of the message includes a link that appears to lead to a PDF file, but instead leads to a malicious executable file.  For users' machines to become infected, they must agree to install what claims to be a screensaver, but is actually the worm, which tries to disable security software and then sends itself to everyone in the infected computer's email contact list.  The worm is the first wide-spread infection of this type in nearly a decade.

7 September 2010 - Phishers exploit UK HMRC tax error letters
The UK tax authorities are in the process of sending millions of people letters about incorrect tax payments - meaning good news for some, and unpleasant news for others. Email scammers are taking advantage - spreading phishing messages pretending to come from the HMRC designed to trick users into handing over their credit card details.

6 September 2010 - Unencrypted Flash Drive Found on Street Contains Police Data
A flash drive found on the street in Manchester, UK contains police anti-terror training information and personnel data.  The device, which had a logo on it identifying it as belonging to the Greater Manchester Police Public Order Training Unit, was found outside a police station in Stalybridge, Greater Manchester.  The drive was not encrypted.  GMP Superintendent Bryan Lawton said his organization is looking into the incident.

6 September 2010 - Scareware Variant Serves Look-Alike Browser Warning Pages
A new set of scareware attacks use pop-ups that look just like browser warning pages.  The malware, known as MSIL/Zeven, discerns which browser is running, then serves a page that appears to be a warning from IE, Firefox or Chrome.  The pages warn users that their systems are infected with malware and urge the users to run a phony anti-virus program called Win7 AV.  The warnings arise from malicious scripts on compromised websites.

6 September 2010 - Swedish Police Crack Down on Filesharers
Police in Sweden have raided the homes of two people believed to be responsible for running Direct Connect filesharing hubs.  Police reportedly impounded a computer and questioned one suspect.  The cases against the suspected filesharers are part of a move by Swedish authorities to step up efforts to fight illegal filesharing in that country. http://www.unitethecows.com/content/265-swedish-pirates-under-fire.html

3 September 2010 - Facebook becomes second most targeted phishing site
Facebook has passed eBay into second position in the list of organizations most often attacked by phishers, according to security firm Kaspersky Lab. Facebook accounted for 12.8% of phishing messages in July 2010, more than three times as much as in the previous month, nudging eBay into third place with 7.6%, said Kaspersky's latest spam report.

3 September 2010 - Spammers flood Apple's new Ping service with iPhone scams
A new version of iTunes has introduced the new Ping social media service, giving music lovers the ability to connect with other fans. Unfortunately, Sophos discovered that spammers were lying in wait, and weren't slow to take advantage.

3 September 2010 - 12-Year Sentence for Advance-Fee Scam Mastermind
Okpako Mike Diamreyan has been sentenced to more than a dozen years in prison for his role in masterminding an advance-fee scam, also known as a 419 scam, that brought in more than US $1.3 million. Diamreyan was also ordered to pay more than US $1 million in restitution to the 67 people from whom he stole money between 2004 and 2009.  Prosecutors were able to convict Diamreyan because he moved to the US in 2008 when he married a US citizen.  He continued his illegal activity once he arrived in the country; some of his victims were more comfortable working with someone already in the country.

1 September 2010 - Ten Arrested for Alleged Involvement in Ransomware Scam
Police in Russia have arrested 10 people in connection with a ransomware scheme that allegedly brought in US $16 million.  The group was allegedly involved with the distribution and deployment of the WinLock Trojan horse program that locked up infected computers and displayed pornography.  The gang informed victims that their computers could be unlocked by sending premium rate SMS messages at a cost of about US $10 to US $30.http://www.theregister.co.uk/2010/09/01/ransomware_trojan_suspects_cuffed/

31 August 2010 - Judge Says FBI Must Obtain Warrant Before Requesting Suspect's Cell Phone Location Data
A federal magistrate in New York has ruled that government investigators must obtain a warrant before using cell phone information to track a suspect's location.  Magistrate Judge James Orenstein's ruling comes close on the heels of an appeals court decision that a suspect's rights were violated when federal investigators used a surreptitiously attached GPS device on his car to track his whereabouts.  The prosecutors in the case Orenstein heard cites a precedent of a 1983 case that ruled that tracking individuals' alocations outside the home is the equivalent of physical surveillance, but Judge Orenstein said he "believe[s] that magistrate judges presented with ex parte requests for authority to deploy various forms of warrantless location-tracking must carefully re-examine the constitutionality of such investigative techniques, and that it is no longer enough to dismiss the need for such analysis by relying on" precedents.

30 August 2010 - iPad and iPhone 4 tester scams hit Facebook
It sounds too good to be true - Can you really get a free iPad 3G or iPhone 4 by signing up just to be a tester? Sadly, it's just the latest scam spreading rapidly between compromised Facebook accounts in the last few days. Discover more, and ensure that you and your employees are practising safe computing.

27 August 2010 - Worm Spreads Through IM, Opens Back Door on Infected Machines
The Zeroll worm spreads through various instant messaging (IM) clients, tailoring the language of the accompanying message to the country in which the computer appears to be to increase its chances of spreading. Once the Zeroll worm has infected a computer, it searches for IM client contact lists and sends itself out again.  It also has a backdoor capability that allows attackers to take control of infected machines.
Four variants of the worm have been detected so far.  Users' machines become infected when they click on a link in a message that claims to be a picture, but really downloads malware onto their computers.

26 August 2010 - IBM X-Force 2010 Mid-Year Trend and Risk Report
The IBM X-Force 2010 Mid-Year Trend and Risk Report notes a 36 percent increase in the number of new vulnerabilities reported during the first half of 2010 when compared to the same period in 2009.  More than half of the 4,396 reported vulnerabilities were in web applications.  The report also cites a 52 percent jump in the number of obfuscated attacks, most commonly hidden in JavaScript and PDF files.  Apple, Microsoft and Adobe were listed as the three vendors with the most reported vulnerabilities

24 August 2010 - Zurich Insurance Fined Over Data Loss
The UK's Financial Services Authority has fined the UK branch of Zurich Insurance GBP 2.27 million (US $3.53 million) for losing data of 46,000 customers.  The data were on an unencrypted backup tape that was lost en route to a data storage center in August 2008; the company did not become aware of the missing tape for a year.  The information includes names and bank account, credit card and other financial data.  The fine was less than it could have been; had the company not agreed early on to settle, it would have been fined GBP 3.25 million (US $5.05 million). http://www.h-online.com/security/news/item/Lb2-28-million-fine-for-Zurich-Insurance-s-data-loss-1065336.html

10 August 2010 - Two Men Arrested in Thailand in Connection With Online Bank Thefts
Two German men have been arrested in Pattaya, Thailand.  Dominik Ianoco and Dave Ackermann are believed to be responsible for the theft of 100 million baht (US$3,115,600) through online banking fraud. Their victims are in Thailand, Europe and the US.  The arrest followed the theft of 700,000 baht (US$22,000) from the account of one individual.  The scheme used Trojan horse programs to infect computers and steal information necessary for committing the cyber theft. The men are believed to be part of an international cyber theft ring.

9 August 2010 - Two Texas Colleges Choose Preventive Measures Over Cyber Insurance
The University of Texas Pan-American (UTPA) and South Texas College both say they would prefer to spend their cyber security budgets on preventive measures instead of purchasing insurance to cover their liability in the event of a data breach.  UTPA VP of information technology Bob Lim said, "there's better use in working to fight intrusion than being scared of it."

9 August 2010 - Computer Repair Engineer Gets Nine Months for Snooping
Grzegorz Zachodni was sentenced to nine months in prison for attempted fraud.  Zachodni, a computer repair engineer, was caught in a sting operation.  A laptop computer was brought into the shop with the complaint about a memory problem, but it was rigged to film the person doing the repairs and log all files accessed.  Zachodni was caught looking at personal pictures and attempting to use a password he had found in a file to access an online bank account.  The webcam footage also shows Zachodni downloading account login details and two photographs from the laptop onto a flash drive.

6 August 2010 - Hong Kong Executive Resigns Over Sale of Customer Data
Hong Kong-based Octopus Holdings chief executive Prudence Chan has resigned amid reports that her company sold customers' personal data without their consent.  Octopus sells cards that residents of Hong Kong use to pay for riding the subway and buses and to purchase food from certain stores.  The data were sold to six companies.  The company will donate the HK $44 million (US $5.7 million) it made from the data sale to charity.  The breach affects approximately two million customers.

5 August 2010 - Legislators Seek Answers About Website Data Collection
US Representatives Ed Markey (D-Massachusetts) and Joe Barton (R-Texas) have sent letters to 15 major websites seeking detailed information on the amount of user information they retain and what they do with the information.  Specifically, the legislators want to know what information the sites collect; how they use that information for tracking; whether the sites sell the information, and how much money they make selling the information.  Their concern was raised by a recent report in the Wall Street Journal about data privacy practices. Both legislators are senior members of the House Energy and Commerce Committee, which hopes to push through privacy legislation this year.

4 August 2010 - Six Arrested in Connection with Phishing Scheme
Six people have been arrested in the UK and Ireland in connection with a phishing scam in which at least 20,000 financial accounts were compromised and more than GBP 358,000 (US $569,000) was stolen. The unnamed suspects were arrested in suspicion of conspiracy to commit online banking fraud and violations of the Computer Misuse Act. http://www.bbc.co.uk/news/uk-england-london-10869847

3 August 2010 - Hidden Messages in Toy Story 3? It's another Facebook scam
Facebook users are being tricked once again - this time by pages which claim to contain secret rude messages from the blockbuster animated movie, Toy Story 3. Find out more about the scam and don't be fooled. http://email.sophos.com/r/?id=h132e28f,143a3488,143a348d

30 July 2010 - Google Android Apps Reportedly Stealing Data
Dozens of wallpaper apps being sold for Google Android devices have been found to be gathering personal information and sending it back to the apps' developers.  Google has suspended one of the applications, which appears to send collected data to a server in China, while it investigates the situation.   The application is called Jackeey Wallpaper and contains stolen copyrighted content.   The issue underscores the importance of downloading applications only from known and trusted sources.

22 July 2010 - Couple Charged in GM Hybrid Car Technology Theft
Former General Motors (GM) employee Shanshan Du and her husband Yu Qin have been indicted in Michigan for allegedly stealing hybrid car technology information from GM. They have both been charged with conspiracy to possess trade secrets without authorization, unauthorized possession of trade secrets and wire fraud; one of them has also been charged with obstruction of justice.  Between December 2003 and May 2006, Du allegedly shared trade secret information about hybrid cars at GM with her husband while she was employed there. Du allegedly copied thousands of documents to an external hard drive shortly after she was
offered a severance package from GM. Several months later, Qin started a new business that sought to provide hybrid car technology to a Chinese company.  GM places the value of the stolen documents at US $40 million.http://www.networkworld.com/community/node/64031

22 July 2010 - UK Ministry of Defense Lost 240 Laptops in Two Years
According to statistics obtained through the UK's freedom of Information Act, the UK Ministry of Defense (MoD) lost 340 laptop computers over the course of two years. The majority of the computers were not encrypted; their total value has been estimated at GBP 620,000 (US $960,000). In addition, MoD reported missing 593 CDs, DVDs and floppy disks, 215 memory sticks, 96 removable disk drives and 13 mobile phones.  Of the missing laptops, 220 were lost and 120 were stolen. http://www.dailymail.co.uk/news/article-1296773/MoD-loses-staggering-340-laptop-computers-TWO-YEARS--encrypted.html?ito=feeds-newsxml

21 July 2010 - Massachusetts Hospital Backup Files Lost
Missing backup files contain personally identifiable information of about 800,000 people.  Most were treated as patients at South Shore Hospital in Weymouth, Massachusetts between January 1, 1996 and January 6, 2010.  In addition to patients, the files contain information about employees, physicians, volunteers, donors, vendors and partners.  The compromised data include Social Security numbers (SSNs), diagnoses and treatments, and financial account information.  The files were sent to a data management company to be destroyed, but only some of the files were received and ultimately destroyed.  The hospital will begin notifying affected individuals soon.

20 July 2010 - Gas Pump Card Skimmers Found in Colorado
More than 30 gas station pump payment devices in the Denver area have recently been hit by skimmers.  A string of fraudulent transactions on credit card accounts has been linked to skimmers placed on gas pump payment devices at gas stations along I-25 in the Denver, Colorado area. Local police and US Secret Service agents have reportedly visited several Valero gas stations in the area to look for the devices.  A similar set of incidents in Florida used Bluetooth-enabled skimmers so the thieves could access the stolen data without physically revisiting the pumps.

14 July 2010 - Thieves Stole 3,000 Laptops From Military Contractor in Florida
Three thousand laptops were stolen from a military contactor's office in March.  The theft occurred at the Tampa, Florida offices of iGov, which it contracted to supply the computers to the US Special operations Command.  The incident, which unfolded over the course of nine hours, was caught on surveillance camera; thus far, about 1,900 items have been recovered.  The details of the incident were made public when a search warrant seeking phone records of one of the suspects was filed.  The stolen laptops reportedly did not contain any military data.http://www.channelregister.co.uk/2010/07/14/specops_robbery/

13 July 2010 - Bluetooth-Enabled Skimmers Found on Gas Pumps in Southeastern US
Law enforcement officials in the southeastern US say that criminals are using Bluetooth-enabled skimmers to steal credit card data from gas station pumps.  In Alachua County Florida, detectives have been sent to all gas stations within a mile of Interstate 75; four skimming devices have been discovered.  All gas station operators are urged to examine their pump payment systems for skimmers.

6 July 2010 - Man Draws One-Year Sentence for Damaging Former Employer's Computer System
Steven Jinwoo Kim has been sentenced to one year in prison and fined US $100,000 for breaking into his former employer's computer network.  Kim pleaded guilty to one count of reckless damage to a protected computer in November 2009.  Kim was once employed as a senior database administrator at Houston, Texas-based Gexa Energy. He was fired in February 2008.  In April 2008, Kim accessed Gexa's computer network from his home computer; Gexa maintains that Kim damaged both the network and a customer database.  Kim also copied a database file that held customer information.

3 July 2010 - Former Bank Employee Pleads Guilty in Data Theft and Fraud Case
A man who at one time worked as a contract computer technician at Bank of New York Mellon has pleaded guilty to grand larceny, money laundering and computer tampering.  Over an eight-year period, Adeniyi Adeyemi stole more than US $1.1 million from charities' bank accounts through the automated clearing house (ACH) network.  He stole personal information from his co-workers and used it to set up dummy bank and brokerage accounts into which he transferred the stolen funds.  He then transferred money from those accounts into a second layer of dummy accounts.  Adeyemi kept the transactions below the US $10,000 threshold that triggers reports of the funds transfers to the US Treasury. Adeyemi also admitted to having stolen money directly from his co-workers' accounts.  He is scheduled to be sentenced on July 21.

30 June 2010 - Missing CDs Hold Unencrypted Patient Data
More than 130,000 patients of New York's Lincoln Medical and Mental Health Center are being notified that their personal information may have been compromised.  A billing processor sent seven unencrypted CDs through FedEx, but the disks never arrived at their destination.  The disks contain personal data, including Social Security numbers (SSNs), health plan numbers, driver's license numbers and diagnostic and procedural codes and descriptions.  In a June 4 letter to affected patients, the hospital wrote, "FedEx has suggested that the CDs likely became separated from their shipping envelope at one of its facilities, were swept up and destroyed."

24 June 2010 - Two UK Teens Arrested for Roles in Cyber Crime Group
Police in the UK have arrested two teenagers for being involved with a cyber crime forum.  The unnamed forum had nearly 8,000 members who traded stolen financial account data, cybercrime lessons and malware.
Details for more than 65,000 credit card accounts were discovered in the forum.  The teenagers were arrested on suspicion of encouraging or assisting crime, conspiracy to commit fraud, and unauthorized access under the Computer Misuse Act.  The investigation has been underway for eight months and is expected to conclude in August.http://www.theregister.co.uk/2010/06/24/teen_crime_forum/

23 June 2010 - Gas Station Card Skimmer Gang Sentenced
Theogenes De Montford has been sentenced to four-and-a-half years in jail for his role in a scheme that installed card skimmers at gas stations across the UK.  The devices allowed De Montford and his accomplices to steal information and create clones of the cards.  When authorities arrested him, De Montford had data for 35,000 payment cards in his possession.  De Montford is believed to be the ringleader of the gang; Rajakumar Thevathasan, Rashid Hassan and Usman Mahmood were each sentenced to three-and-a-half years in jail last week.http://news.bbc.co.uk/2/hi/england/london/10371659.stm

14 June 2010 - Minnesota Man Charged with Threatening VP Through Neighbor's Wi-Fi Network
A Minnesota man has been charged with aggravated identity theft and threats to the president and successors for allegedly tapping into a neighbor's wireless network and sending threatening messages to US vice president Joe Biden.  Barry Ardolf has a history of disputes with neighbors.  He has also allegedly stolen personal information, sent offensive messages and sent indecent photographs to his neighbor's co-workers from an email account set up to appear as if the messages were coming from the neighbor.  FBI agents seized numerous computers, hard drives and routers after a search of Ardolf's home last summer.

11 June 2010 - California Hospitals Fined for Data Breaches
The California Department of Public Health (CDPH) announced that five California hospitals have been fined a total of US $675,000 for failing to protect patient information.  The largest breach involved personal data of 204 patients.  The penalties were imposed under new state legislation that allows a US $25,000 penalty for each patient whose information is compromised.  Once the penalties are imposed, the hospitals have 10 days to submit a correction plan to prevent breaches in the future.

9 June 2010 - iPad User Data Leaked by AT&T
AT&T has inadvertently leaked information about more than 114,000 iPad users.The data include email addresses and ISS-IDs, unique identifiers used to authenticate iPads' SIM cards to the AT&T network.  The breach affects a number of high-profile individuals who were among the first to use iPads.  The vulnerability in the AT&T website has since been fixed.  The group that found and exploited the vulnerability did not inform AT&T about the problem; instead, the company learned about it from a business customer.

8 June 2010 - Bank of America Employee Pleads Guilty to Bank Fraud
Bank of America (BofA) call center employee Brian Matty Hagen has pleaded guilty to bank fraud.  Hagen admitted he stole customer information and tried to sell it.  Hagen's scheme was uncovered when he attempted to make a data sale to an undercover FBI agent.  Hagen targeted only BofA accounts with balances in excess of US $100,000. Hagen was keeping track of customers' information and hoped to exchange it for 25 percent of the profits.  The information was allegedly going to be used to establish credit lines at other financial institutions.http://www.theregister.co.uk/2010/06/08/bank_insider_data_theft/

28 May 2010 - Three Indicted in Huge Scareware Scheme
Three men have been indicted for allegedly running a scareware scheme that took in more than US $100 million.  The trio allegedly established phony Internet advertising agencies to get their infected ads onto websites.  The code hidden in the ads redirected users' browsers to maliciously crafted websites where they were greeted with pop-up windows telling them their computers were infected with malware and that they needed to purchase software to fix the problems.  The phony anti-virus software cost between US $30 and US $70.  The US Federal Trade Commission (FTC) filed similar charges against operators of the same companies in 2008.  Shaileshkumar P. Jain, Bjorn Daniel Sundin and James Reno are all facing charges of wire fraud, computer fraud, and conspiracy to commit computer fraud.

28 May 2010 - Database Holds 44 Million Stolen Online Gaming Credentials
Researchers at Symantec have found a 17 GB trove of stolen login credentials for gaming accounts and websites.  The thieves have apparently written a Trojan horse program called Trojan.Loginck that can check stolen account information for validity.  The credentials sell for between US $6 and US $28,000 apiece depending on the level of the game reached by the account's legitimate owner.

21 May 2010 - IBM Hands Out Infected USB Drives at Conference in Australia
USB drives handed out as swag by IBM at last week's Asia Pacific Information Security Conference have been found to be infected with malware.  IBM has sent all conference attendees an email acknowledging and apologizing for the problem and offering instructions for removing the infection from systems. This particular malware was discovered in 2008 and should be detected by most anti-virus products.
Internet Storm Center: http://isc.sans.org/diary.html?storyid=8827

13 May 2010 - Laptop Stolen From Contractor's Office Holds Army Reservists' Information
The US Army Reserve Command is notifying approximately 207,000 reservists that their personally identifiable information is on a CD-ROM in a laptop computer stolen from a government contractor.  The compromised data include names, addresses and Social Security numbers (SSNs).  The computer may also contain information about reservists' dependents and spouses.  The computer was one of three stolen from the Morrow, Georgia offices of Serco Inc.

12 May 2010 - Cyber Thieves Clog Phones With Nuisance Calls While They Plunder Bank Accounts
Cyber thieves targeting financial accounts have added another tactic to their schemes: denial-of-service attacks on telephones.  The attack floods victims' phones with calls - either dead air or recorded advertisements - during the period of time when their financial institution is likely to call to verify that contact information has been changed.  They also initiate transactions, then call to complain that the transaction did not go through and confirm that they have been having telephone problems.

28 April 2010 - Prison Time for Snooping on Patient Records
Former healthcare system employee Huping Zhou has been sentenced to four months in prison for snooping into patient records.  Zhou, who is a licensed surgeon in China, was working as a researcher at the UCLA School of Medicine.  He began accessing patient files without authorization in 2003 after learning that he was going to be fired. Zhou is the first person to receive a prison sentence for violating provisions of the Health Insurance Portability and Accountability Act (HIPAA).

26 April 2010 - Blippy Will Hire CSO After Data Leak
Social networking and shopping site Blippy has announced that it is hiring a chief security officer in the wake of a security incident that exposed members' credit card numbers in Google searches.  The data leak was due to technical oversight that permitted transaction data to appear in some HTML code for several hours in February.  Blippy was unaware, however, that a Google crawler had indexed Blippy pages that contained the sensitive account information.  Blippy has since asked Google to remove the information.  Blippy also plans to hire information security staff to work with the CSO and focus solely on data protection.

24 April 2010 - IT Security Job Market Getting Stronger
The high profile attacks against Google disclosed earlier this year are prompting companies to take a look at their own cyber security posture. The public awareness of data breaches has heightened awareness of the need for people with skills to protect valuable information assets.  In the first three months of 2010, one employment market information company has seen a 25 percent jump in the number of cyber security job openings, from 32,000 to 40,000.  An information security recruitment company says it has seen a 50 percent increase in the number of companies seeking IT security specialists.  Companies that have been working with limited employees are feeling the pinch of not having adequate data security in place.  The companies are looking for people with specific skill sets: particularly those with experience in identity and access management; cloud computing security; forensics; and reverse engineering.

23 April 2010 - Chinese Company Must Pay Microsoft for Using Illegal Software
A Chinese court has ordered an insurance company there to pay Microsoft 2.2 million yuan (US $322,000) for using illegal copies of Microsoft software, including Windows XP and Microsoft Office.  Microsoft said that Dazhong Insurance was using 450 illegal copies of its software. Dazhong plans to appeal the verdict.  The case is the first brought by Microsoft against a large Chinese company for software copyright infringement.  The rate of pirated software in China in 2008 was estimated to be 80 percent; while still high, the number is lower than in previous years. http://www.computerworld.com/s/article/9175937/Microsoft_wins_piracy_case_against

23 April 2010 - Man Indicted on Cyber Extortion Charges
Anthony Digati has been indicted on charges of cyber extortion for threatening to spread negative information about his insurance company and former employer over a dispute concerning a variable universal life insurance policy.  Digati, a former registered agent and manager at New York Life Insurance Company, allegedly demanded that the company pay him nearly US $200,000; he had paid just under US $50,000 in premiums.  If the demand was not met by a certain date, he is alleged to have said the amount would increase to US $3 million and that he would send millions of email messages to people disparaging the company.  If convicted, Digati could face up to two years in prison.http://www.wired.com/threatlevel/2010/04/spam-extortion/

23 April 2010 - NHS Computers Reportedly Infected with Qakbot
Some of the UK's National Health Service (NHS) computers have been infected with Qakbot, malware that is designed to steal data, including credit card information, search histories and account passwords.  More than 1,100 computers appear to have been affected.  Qakbot is normally detected by most off-the-shelf security software.  Researchers monitoring the malware say it has the capability to steal significant amounts of data.  The malware spreads through web pages manipulated to exploit known flaws in Internet Explorer and QuickTime, and through file shares on local networks.  It spreads at a measured pace so as not to attract attention.http://www.theregister.co.uk/2010/04/23/nhs_worm_infection/

21 April 2010 - OMB Memo Describes New Direction for Federal Cyber Security
The White House is taking bold steps to improve cyber security requirements for government agencies while legislators and the National Institute of Standards and Technology (NIST) ponder changes to the Federal Information Security Management Act (FISMA) that has proven to be a financial drain - costing as much as US $1,400 a page for the paperwork necessary for compliance.  Guidance in a memo from the Office of Management and Budget (OMB) says that government agencies will be required to feed real-time data to a web-based gateway called CyberScope, maintained by the Department of Homeland Security.  The White House will meet with agencies on May 7 to begin training.  Data feeds are expected to begin as soon as June 2010. http://www.nextgov.com/nextgov/ng_20100421_5175.php?oref=topstory

20 April 2010 - Former Analyst/Trader Arrested for Alleged Trading Code Thefts
A former Societe Generale quantitative analyst and commodities trader has been arrested for allegedly stealing high-frequency trading software code from his former employer.  Samarth Agrawal worked at the New York offices of the Paris-based bank.  Less than a year ago, former Goldman Sachs computer programmer Sergey Aleynikov was arrested for stealing similar software from that company.  The US Securities and Exchange Commission (SEC) is investigating the use of high-frequency trading software due to concerns that it may allow its users an unfair advantage over competitors.  In any case, theft of the proprietary code is illegal. http://www.businessweek.com/news/2010-04-19/ex-societe-generale-trader-accused-of-stealing-computer-code.html

19 April 2010 - Two Arrested In Connection with Fraud-Enabling Site
Two men have been arrested in Eastern Europe in connection with a website that peddled services to aid identity thieves.  Dmitry Naskovets and Sergey Semashko were both arrested on April 15 -- Naskovets in the Czech Republic and Semashko in Belarus.  According to Naskovets's indictment, the two men allegedly launched the website, CallService.biz, in Lithuania in 2007.  The site offered services of people who spoke fluent English and German to help people with their fraud schemes - sometime financial institutions require telephone authorizations to authorize transactions.  The site allegedly helped more than 2,000 people commit more than 5,000 fraudulent transactions.  The FBI has seized the website.  US authorities are seeking to extradite Naskovets, and Semashko is facing charges in Belarus.

19 April 2010 - Two Arrested In Connection with Fraud-Enabling Site
Two men have been arrested in Eastern Europe in connection with a website that peddled services to aid identity thieves.  Dmitry Naskovets and Sergey Semashko were both arrested on April 15 -- Naskovets in the Czech Republic and Semashko in Belarus.  According to Naskovets's indictment, the two men allegedly launched the website, CallService.biz, in Lithuania in 2007.  The site offered services of people who spoke fluent English and German to help people with their fraud schemes - sometime financial institutions require telephone authorizations to authorize transactions.  The site allegedly helped more than 2,000 people commit more than 5,000 fraudulent transactions.  The FBI has seized the website.  US authorities are seeking to extradite Naskovets, and Semashko is facing charges in Belarus.

15 April 2010 - Discarded Copiers Hold Sensitive Data on Hard Drives
A CBS news investigation found that the hard drives of four digital copy machines purchased second hand at a New Jersey warehouse contained treasure troves of personally identifiable information, including police files on domestic violence and sex crimes; copies of pay stubs and checks; and sensitive medical information such as test results, prescriptions and diagnoses.  Each machine cost approximately US $300.
A survey conducted by Sharp two years ago indicated that 60 percent of Americans do not know that copiers store images on their hard drives.

15 April 2010 - Discarded Copiers Hold Sensitive Data on Hard Drives
A CBS news investigation found that the hard drives of four digital copy machines purchased second hand at a New Jersey warehouse contained treasure troves of personally identifiable information, including police files on domestic violence and sex crimes; copies of pay stubs and checks; and sensitive medical information such as test results, prescriptions and diagnoses.  Each machine cost approximately US $300. A survey conducted by Sharp two years ago indicated that 60 percent of Americans do not know that copiers store images on their hard drives.

9 April 2010 - Spammers Get Smarter By The Second
The exponential increase in spam causes untold headaches for IT administrators, who are required to manage the spam volumes, meticulously scan logs and chase down crucial e-mails that get trapped in spam filters.

9 April 2010 - China Hackers Launch Cyber Attack On India, Dalai Lama
A University of Toronto report alleged cyberspies from south China launched a sophisticated attack using social networks Twitter, Google Groups, Yahoo Mail and others to distribute malware that would steal classified documents from the Indian government and Dalai Lama.

9 April 2010 - The Dark Side Of The iPad: 8 Security Flaws
iPad is here, and along with all the hype around this "game-changer" comes real and potential security flaws that give malicious attackers reason to celebrate as well.

30 March 2010 - Barnet Council Loses Data Related To 9,000 Children
Following the theft of a laptop, CDs and USB sticks during a burglary at the home of a Barnet Council employee, the council has admitted that data related to 9,000 children has been also been stolen.  While the laptop was encrypted the data were stored on the unencrypted USB sticks and CDs which the council has said was "against council policy".  The compromised data includes the names, birth dates, postcodes, ethnicity and education data on year 11 pupils attending any school in Barnett from 2006 to 2009.  The council believes the risk posed to the students by the compromised data is low, although there were concerns with the identity of one child which "has been dealt with."  To prevent a similar breach of policy occurring in the future the council has disabling access to external storage devices on its systems.

29 March 2010 - Found USB Stick Contains Sensitive Data
A USB stick has been found on a pavement in Stoke-on-Trent in England containing sensitive information on children in care.  The USB stick was not encrypted and contained dozens of documents belonging to the Stoke-on-Trent council, which included records of foster carers, child custody arrangements, psychological history of children and family court proceedings.  Storing information on USB sticks without encrypting it is against council policy and the council has stated "We will conduct a thorough investigation to determine the circumstances in which the data was lost."  In response the UK's Information Commissioner's office has said "We may serve an enforcement notice if an organisation has failed to comply with any of the data protection principles. We have statutory power to impose a financial penalty if there has been a serious breach of data protection."

27 March 2010 - Loan Records for 3.3 Million Students Stolen
The personally identifiable information belonging to 3.3 million students was stolen from the headquarters of Minnesota based student loan servicing company, Educational Credit Management Corp. (ECMC).  The stolen information was stored on a number of portable devices which were taken during a break-in at the offices of ECMC.  It is not clear whether the stolen information was encrypted.

18 March 2010 - Spammers Go After Facebook Users
Spammers have been targeting Facebook members with data-stealing malware.  The malicious messages appear to come from legitimate senders, but the return address is spoofed.  The messages tell recipients that their Facebook passwords have been reset and that they need to download an attachment that contains the new password.  Although many users may know by now that websites would not reset passwords and email the new ones, because Facebook's user base is so large, the attackers appear to be hoping that at least some will fall for the ruse.

18 March 2010 - 25 Percent of UK Schoolchildren Admit to Accessing Others' Online Accounts
One quarter of school-aged children in the UK admitted to accessing other people's Facebook or web-based email accounts.  Seventy-eight percent of the students said that breaking into others' accounts was wrong and 53 percent said they believed it was illegal.  The reasons most often given for the unauthorized account access were just for fun and mischief.  Twenty percent of the students believed they could make money breaking into others' accounts, and five percent envisioned making a career out of cyber attacks.

17 March 2010 - Report Says Internet Piracy Will Cost EU 1.2 Million Jobs by 2015
A report conducted on behalf of the International Chamber of Commerce says that illegal filesharing could cost European countries 1.2 million jobs and 240 billion euros over the next five years.  According to the report, the UK alone lost 1.4 billion euros in the creative industries in 2008, all due to piracy.  Trades Union Congress (TUC) General Secretary Brendan Barber said that "if there were ever proof needed to demonstrate why the Digital Economy Bill is imperative for the protection of our creative industries, this report is it." The report gathered data from European Union countries, the World Intellectual Property Organization, and Eurostat.  The analysis describes a worst case scenario based on consumer web traffic increasing 24 percent annually.

11 March 2010 - HSBC Apologizes to 24,000 Customers for Data Theft
HSBC has revised the number of customer records compromised by a former employee upward to 24,000.  Initially, the bank said that fewer than 10 customers were affected by the data theft.  Later, that number was revised to 15,000, and now it appears that an additional 9,000 accounts were compromised.  The data were stolen by a former bank employee who attempted to sell the information.  The bank does not believe that the stolen information would allow unauthorized access to the accounts, but it could leave account holders open to prosecution for tax evasion.  The former employee, Herve Falciani, allegedly copied the data onto a non-bank-issued computer.

10 March 2010 - Pennsylvania State CISO Loses Job After Speaking on Panel at RSA
Robert Maley, Pennsylvania's former chief information security officer (CISO), lost his job ostensibly because he spoke about a security incident with the Commonwealth's online driving test system without obtaining approval in advance.  The Commonwealth requires that employees get permission to speak about official matters before making public statements about them.  A spokesperson for Pennsylvania Governor Edward Rendell acknowledged that Maley no longer works for the Commonwealth, but declined to offer any details, citing Commonwealth privacy rules. Maley spoke on a panel of state CISOs at the RSA conference about an incident in which a driving school allegedly discovered and exploited an "anomaly" in the state driver's license test scheduling system that allowed it to bump its students to the front of the queue.

4 March 2010 - FBI Director Says Cyber Terrorism Threat is Growing
Speaking at the RSA conference in San Francisco last week, FBI Director Robert S. Mueller said that the threat of cyber terrorism is "real and ... rapidly expanding."  Mueller also said that cyber criminals have broken into IT systems at private companies and government agencies and not only stolen information, but corrupted data as well.  While Mueller did not provide any details about what data had been corrupted or in what way data had been corrupted, he did note that attackers who gain access to source code could change it to allow them to plant malware or access systems later.   Mueller said that the government cannot fight cyber attacks alone; the public and private sectors need to cooperate and share information.  In particular, he urged companies to notify the government when they have been attacked.

4 March 2010 - Phishers Used Facebook to Penetrate Financial Firm's Computer System
Phishers used Facebook to burrow their way into the network of a large US financial company last year.  The attackers took control of one employee's Facebook account and using information culled from that individual's friends' profiles, sent what appeared to be personal messages to several other company employees about pictures taken at a company picnic.  The phishers learned of the picnic through postings on the hijacked account.  When one of the other employees received a message asking her to click on a link that would allow her to view the pictures, her computer became infected with keystroke logging malware. When that employee logged in to a VPN account to access the company network, the attackers were able to capture the necessary information to gain access to that network.  The intruders managed to get deeper into the network and take control of two servers before they were detected.

26 February 2010 - Wyndham Hotels Acknowledges Third Breach in a Year
Wyndham Hotels & Resorts has acknowledged that attackers gained access to their computer systems and stole customer data.  This is the third data breach for Wyndham in the last year.  The most recent breach took place sometime between October 2009 and January 2010.  The stolen data included information from the magnetic stripes of customers' credit cards.  Wyndham has not yet notified affected customers of the breach.

19 February 2010 - FBI Investigating School District's Remote Webcam Use
The FBI is investigating allegations that the Lower Merion School District, in Ardmore, Pennsylvania has been using built-in cameras in school-issued MacBook laptop computers to spy on students at home.
Michael and Holly Robbins, parents of a district high school student, have asked a federal judge to bar the district from turning on the webcams.  They also want the judge to prevent the district from recalling the computers from students because they fear students will wipe evidence of the cameras' use from the machines.  The district maintained it was using the webcam to locate missing computers, and disabled the function two days after the Robbinses filed their suit. According to the lawsuit, the Robbinses' son "was at home using a school issued laptop that was neither reported lost nor stolen when his image was captured by Defendants without his or his parents' permission."  The Robbinses' lawsuit is seeking class action status.

18 February 2010 - Kneber Botnet Infected 75,000 Computers
The Kneber botnet has reportedly breached nearly 75,000 computers. The goal of the malware is to harvest login credentials for online financial accounts, social networking sites, and email systems. The compromised systems include those at some US government agencies and commercial enterprises, such as Merck (a pharmaceutical company) and Paramount Pictures. Organizations are advised to limit and monitor outbound traffic to stem damage from similar infections.

15 February 2010 - Royal Dutch Shell Investigating Employee Database Leak
A database containing personal information of more than 170,000 Royal Dutch Shell employees has been copied and sent to environmentalists and human rights groups.  The database was "downloaded without authorization and distributed to some external parties."  Those responsible for the leak have not been identified, but could be disgruntled and/or former employees seeking a "peaceful corporate revolution."  The data in the file are about six months old.  Shell is investigating the breach, and is demanding that organizations that received a copy of the database destroy it or face legal action.

13 February 2010 - Phony Anti-Virus Malware Adds Live Support
Cyber criminals behind the Live PC Care phony anti-virus scam have begun offering live support to add a layer of credibility to their operation. The phony antivirus software screen now has an online support button that allows users to chat with an agent who will do his or her best to convince the user to pay money to solve the purported security problems. Symantec researchers say that their interactions with the support staff suggest that there are real people manning the chats.

5 February 2010 - FBI Wants ISP to Retain Sites Visited Data for Two Years
The FBI wants Internet service providers (ISPs) to keep records of which websites its customers visit and to retain the data for two years.  The agency believes that the information could prove useful in investigations of serious crimes.  Existing federal regulations require telecommunications providers to keep records of toll calls for 18 months; the information logged includes the "name, address, and telephone number of the caller, telephone number called, date, time and length of call."  The FBI is not seeking the content of communications, just "non-content transactional data."

25 January 2010 - Study Shows US $100,000 Increase in Costs Associated With Average Breach
According to a study from the Ponemon Institute, the costs associated with data security breaches rose US $100,000 between 2008 and 2009, from US $6.65 million to US $6.75 million.  The figures were formulated based on 45 reported breaches of sensitive customer data in 2009 at companies that were willing to discuss the incidents.  The average cost per compromised record in 2009 was US $204, up just US $2 from 2008 figures, but over the five years that the study has been conducted, cost per record has increased $66.  The factors considered in figuring the cost of a breach include cost of lost business; legal fees; disclosure expenses; consulting; and remediation.  The study divides the breaches into three main causes: negligence, accounting for 40 percent of the incidents; system glitches, which account for 36 percent; and malicious attacks, which account for 24 percent.

25 January 2010 - The Top 20 website passwords you shouldn't be using
Computer users continue to choose predictable passwords that are easy to guess - a new study reveals.  Find out which password is the most commonly used, and learn a way to help your users dream up passwords that are hard to crack, but still easy for them to remember.

25 January 2010 - Johnny Depp death crash video launches malware attack
Word spread like wildfire across the internet this weekend that actor Johnny Depp had been killed in a car crash.  The story was bogus, but that didn't stop hackers taking advantage of the hot topic to spread a malicious Trojan. Discover more, and watch our video where we demonstrate the attack in action.

22 January 2010 - Hard Drives Stolen From BlueCross BlueShield Contained Member Information
A thief stole 57 hard drives from BluleCross BlueShield of Tennessee. The hard drives contained an estimated 500,000 member records and personal information.

22 January 2010 - New version of Zeus Targeting AIM users
A new iteration of Zeus, a notorious password-stealing trojan, is victimizing users of AOL Instant Messenger (AIM), according to researchers at anti-virus vendor Webroot

22 January 2010 - RockYou hack reveals most common password: '123456'
A recent analysis of 32 million passwords, obtained in the RockYou.com hack, has revealed that nearly 300,000 individuals used '123456' as their password.

20 January 2010 - People Leaving USB Drives in Clothing Pockets, Say Cleaners
A UK survey found that 4,500 USB drives have been found in people's clothing pockets when they were taken to dry cleaners.  That number is half what it was a year earlier, but this could be explained by a shift to users downloading data to smartphones and netbooks as opposed to increased vigilance about data security.  USB drive security was in the news recently when several manufacturers acknowledged a vulnerability in the access control mechanism of their devices.

11 January 2010 - South Korean Military to Ban USB Drives
The South Korean military says it will ban the use of USB drives.  The South Korean military is building a new data transfer system; once that system is complete, use of USB drives will no longer be permitted.  The decision comes in the wake of attempts to infiltrate South Korean military computer systems.  Last year, information about a joint South Korea/US military contingency plan was compromised due to the use of a portable storage device. http://gcn.com/articles/2010/01/11/korea-bans-flash-drives.aspx

11 January 2010 - Facebook Group Page Has Links to Malware-Laced Sites
Miscreants intent on spreading malware appear to be preying on people's unfounded fears that Facebook plans to begin charging users for its services.  A Facebook group that appears to offer a place for people to protest the rumored fees has been shown to contain malware.  The group pages themselves appear to be clean, but link to suspicious sites. Snopes.com has posted a warning about the deceptive groups and associated pages.

8 January 2010 - Wide-Reaching Spear Phishing Campaign Claims to be Outlook Alert
A recently detected spear phishing scheme is spreading in the guise of a Microsoft Outlook alert.  This particular attack is targeting a large number of domain names in the hope of tricking more users into clicking on a link that will download a variant of the Zbot banking Trojan horse program onto their computers.  The attack also personalizes the emails in an attempt to gain users' trust.

4 January 2010 - Convicted Filesharer Seeks Lower Fine
The Boston University student who was fined US $675,000 for illegally downloading music has asked a judge to reduce the penalty or give him a retrial.  Joel Tenenbaum, who was fined US $22,500 for each of 30 songs he was found guilty of downloading in violation of copyright law, says the amount is "grossly excessive."

1 January 2010 - French Anti-Piracy Law Now in Effect
France's new Internet anti-piracy law took effect on January 1. Internet users who download music in violation of copyright laws will first receive email warnings.  If they continue to violate the law, they will then receive written warnings.  If they persist in illegal filesharing activity after both warnings, they will be required to appear before a judge who will have the authority to fine the individual or suspend the individual's Internet access.

31 December 2009 - Indiana Fugitive Found Through Online Game
The Howard County, Indiana Sheriff's Department found a fugitive from justice through his penchant for playing the online game World of Warcraft (WoW).  Alfred Hightower had fled to Canada to evade a warrant issued for his arrest in 2007.  After learning that Hightower is an avid WoW player, Deputy Matt Roberson sent a subpoena to Blizzard Entertainment in Canada, seeking information that would help his office locate Hightower.  Because the company is Canadian and Roberson had no jurisdiction there, he did not expect anything to come of it, but several months later, he received data from the company that included Hightower's IP address, account information and history, billing address and online screen name.  The information was enough to find Hightower and have him deported to the US, where he is expected to face the 2007 charges.

30 December 2009 - McAfee Report Predicts Top Threats and Trends for 2010
According to McAfee's 2010 Threat Predictions Report, Adobe Reader and Adobe Flash will be the top targets for malware writers in 2010.  Users are not always aware that the applications need updating, and the updates themselves can prove complicated to apply.  The report also predicts that the severity of attacks against social networking sites will increase and that Trojans designed to steal banking information will become more sophisticated and harder to detect.

28 December 2009 - Chinese Matchmaking Site Data Stolen
A former board member of a Chinese matchmaking website is accused of stealing applicant information and trying to sell it to other companies. In all, about 16,000 people who registered with the site are affected by the alleged data theft.  The unnamed individual took the data from the company before he resigned in mid-2006.

24 December 2009 - GAO Report Points Fingers in Nuclear Site Document Leak
A report from the Government Accountability Office (GAO) faults five government agencies, two congressional offices and the National Security Council for the leak of information about hundreds of US civilian nuclear facilities.  The document was published on the Government Printing Office website in June and remained visible for about one day. The document was intended for the International Atomic Energy Agency (IAEA).  Some of the confusion stemmed from the document's classification with an IAEA term that is not recognized in the US.  NSC did not provide specific instructions for handling the document once delivered to the White House clerk's office.

23 December 2009 - MBNA Customer Credit Card Data on Stolen Laptop
MBNA is notifying thousands of customers that a laptop stolen from NCO Europe offices contains their credit card information.  NCO Europe is a third-party contractor.  Although the files do contain personal information, no PINs are believed to be included. While no fraudulent activity has been detected on the compromised accounts, MBNA is offering affected customers one year of credit monitoring service and is monitoring all compromised accounts.

22 December 2009 - Former Asst. DA Draws Probation for Unauthorized Access to Information
A Louisiana man has been sentenced to two years of probation and ordered to pay a US $3,000 fine for unauthorized access to information by use of a computer.  Perry Booth was employed as an Assistant District Attorney for Jefferson Parish, Louisiana when he noted the license plate of an individual involved in a near miss traffic incident.  Booth asked an investigator in the DA's office to access a confidential law enforcement database to find out the person's identity.  He then sent that person a threatening letter referring to the traffic incident. http://neworleans.fbi.gov/dojpressrel/pressrel09/no122209.htm

21 December 2009 - Possible Prison Time for Sending Spyware
A n Ohio man could face time in prison for sending spyware to a woman's computer.  Scott Graham sent the spyware surreptitiously as an email attachment; the recipient opened the mail on two computers at her
workplace: Akron Children's Hospital.  The software harvested confidential medical procedure and financial information.  The spyware was discovered because it was slowing down the hospital's computer system.  The software is legal to use on computers owned by the person who purchases it.  Graham has pleaded guilty to one felony charge of intercepting electronic communications.

17 December 2009 - Eleven Sentenced to Jail For Stealing Online Gaming Account Credentials
Chinese authorities have jailed 11 people for their roles in a scheme that aimed to steal online gaming login credentials.  The group used Trojan horse programs to steal the information from five million profiles.  They then sold game artifacts they accessed through the accounts, making a total of 30 million yuan (US $4.4 million).  The eleven people received sentences of up to three years; the group was also fined a total of US $120,000.  Dozens more people involved in the scheme are expected to be sentenced soon.

17 December 2009 - Conficker on 6.5 Million Machines Worldwide
According to information from Shadowserver, one in seven computers infected with Conficker are hosted on Chinese Internet service provider (ISP) Chinanet.  The ISP's infected machines account for 14 percent of all known infected machines, but make up just one percent of the company's network.  Other ISPs have infection rates as high as 25 percent.  Conficker has infected an estimated 6.5 million computers around the world.

16 December 2009 - Stolen Laptop Holds Military and DoD Employee Information
A laptop computer stolen from the home of a Fort Belvoir Family and Morale, Welfare and Recreation Command contains personally identifiable information of more than 42,000 US Army soldiers, US Department of Defense employees and their families.  The theft occurred on November 28.  The Command learned of the theft on December 1. Affected individuals will be notified of the security breach by letter.

16 December 2009 - House Ethics Committee Data Leak Prompts Security Policy Changes
US House of Representatives chief administrative officer Daniel P. Beard has recommended that legislative aides undergo new cyber security training and that the legislature take additional steps to protect sensitive data.  The recommendations are the result of a six week review prompted by the inadvertent leak of an Ethics Committee document.  The new security policies will be clear in their insistence that all House data remain on House equipment, that the data must be encrypted when they are stored on mobile devices and that they cannot be sent over any public system.  Beard is also seeking to implement a requirement that the House's wireless Internet service be password protected.  In addition, legislative employees who travel out of the country will have their wireless devices, including laptops, checked both before and after trips.

15 December 2009 - Minnesota Public Radio and Reporter May Face Legal Action Over Data Access
A Texas company is threatening to take legal action against a Minnesota Public Radio (MPR) and one of its reporters after they aired a story about security problems at the company that exposed sensitive personal information.  Lookout Services, which allows its customers to verify the identities of potential employees, maintains that MPR and Sasha Aslanian broke the law when they accessed databases containing information for five Lookout customers, compromising the personal information of 500 people.  Lookout acknowledges that its website was misconfigured in such a way as to allow unauthorized users to view customer information.

14 December 2009 - Stolen Swiss Bank Data Used in French Tax Evasion Investigation
Some of the data used by French authorities in tax evasion investigations appears to have been leaked by a former employee of HSBC Private Bank in Switzerland.  Initially it was believed the man had provided French authorities with information on about 10 accounts, but that number is now believed to be much higher.  The data were stolen about three years ago and a criminal complaint was filed in 2008.  The man allegedly gave the information to the French government, but was not paid for it.  He is reportedly under judicial protection in France.

© 1999-2016 Security Awareness, Inc. All Rights Reserved  :  Privacy Statement
Contact Us     Site Map