31 December 2011 - Facebook's White Hat Visa Debit Cards for Bug Hunters
Facebook has started giving out White Hat Visa debit cards to bug hunters. Facebook began paying bounties for bugs in July 2011. Those reporting the flaws earn a minimum of US $500 and there is no maximum amount; to date, the largest sum Facebook has paid for a vulnerability is US $5,000. The bug hunters must abide by Facebook's responsible Disclosure Policy, which requires that they not publicly disclose the flaw until it has been fixed.
30 December 2011 - Over 150 UK Police Officers Disciplined for Inappropriate Facebook Posts
Police in the UK have been disciplined for inappropriate and offensive posts on Facebook. More than 150 officers have faced action for posting inappropriate photographs, using the social networking site to harass colleagues, and making racist comments. At least two officers have been fired for inappropriate Facebook activity. Details of the disciplinary action were obtained through a Freedom of Information Act request; the information includes formal complaints lodged against police officers from the UK and Wales between 2008 and 2010. A government review of police corruption in the UK "found a significant blurring between people's professional lives on social networking sites and their private lives."
30 December 2011 - United Airlines Passenger Data Exposed Online
A woman who was attempting to check her available miles through the United Airlines mobile website found herself viewing information for other people's accounts. Each time she navigated to a different part of the website, she found another person's information. Exposed data included names, Mileage Plus numbers, future itineraries and confirmation codes. When she contacted United about the problem, the company suggested that perhaps someone had used her phone to navigate the site and had not logged off correctly, but no one else had used her phone. A United Airlines spokesperson said the company is looking into the matter but that the woman "didn't have access to sensitive personal information." http://www.kvue.com/news/United-Passenger-Finds-dozens-of-account-passengers-info-online--136455568.html
29 December 2011 - Twitter Subpoenas Raise First Amendment Concerns
The District Attorney of Suffolk County, Massachusetts, which includes the city of Boston, has subpoenaed Twitter for records associated with two accounts, two hash tags, and the name of an individual between December 8 and December 13, 2011. The accounts in question are associated with the Occupy Boston movement. The subpoena has raised concerns among free speech advocates, who view it as a violation of the First Amendment. It appears to seek to identify anyone who used the hash tags between those dates, and of anyone who followed the two named accounts.
27 December 2011 - Mobile Phone Security Needs Improvement
Research scheduled to be presented at a Chaos Computer Club convention later this week indicates that mobile network security is nowhere near as robust as it should be, especially given recent events involving certain British journalists. A study of mobile operators in Morocco, Thailand, and Europe found that most provided weak or non-existent protection from unauthorized surveillance and identity theft. Armed with a seven-year-old mobile phone and free decryption software, the person who will be making the presentation found that he was able to access conversations and text messages and spoof account identities. At least one of the vulnerabilities that allowed him to intercept voice and data could be addressed with the application of an available patch.
23 December 2011 - Phishing Attacks Target US Military Personnel
Recent phishing attacks are targeting military personnel through their .mil email accounts. The phony email messages are spoofed so that they appear to be coming from senior officers or companies that do business with the military, including financial services company USAA. The emails attempt to get recipients to click on a link that would infect their computers with ZeuS malware.
12 December 2011 - Google Removes Malicious Apps from Android Market
Google has pulled more than 20 malicious applications from the Android Market, bringing the total number of apps removed this year to over 100.
The malware that was bundled with the removed apps has been dubbed "RuFraud." It sends text messages to premium rate phone numbers, incurring charges for users and accruing profits for those who reap the revenue of the numbers. The malware was written not to affect users in the US, but users in several European countries and in Asia are affected.http://www.computerworld.com/s/article/9222595/Google_pulls_22_more_malicious_
10 December 2011 - Six Arrested in Connection with Student Loan Phishing Scheme
Six people have been arrested for their alleged roles in a phishing scheme that targeted university students in the UK. The phishing emails included a link that, when clicked, took the recipients to a site where they were asked to update their personal information for their student loan accounts. Those allegedly involved with the scheme used the stolen information to access students' bank accounts and steal funds. In all, police say the cyber thieves stole more than GBP 1 million (US $1.56 million).
10 December 2011 - Georgia Medical Center Turns Away Patients Because of Malware Infection
Last week, a hospital in Georgia had to ask ambulances to take patients to other area hospitals after its computer system became infected with malware that slowed down patient registration and other functions. The cyber infection was discovered on Wednesday, December 7; the hospital reverted to old-fashioned paperwork. The malware affected patient registration times, pharmacy operations, and accessibility to radiology and laboratory results. Gwinnett Medical Center, which is a trauma center, accepted severe cases such as respiratory distress, cardiac issues, and other traumas, but sent other cases to area hospitals.
The center was back to accepting all patients as of Saturday evening, December 10.
7 December 2011 - Card Skimmers Found at the Lucky Supermarket Chain
Lucky Supermarkets has acknowledged that hackers have tempered with payment card readers in self-checkout lanes at more than 20 stores in California. It is not known how many customers may be affected, but Lucky and its parent company, Save Mart Supermarkets, are urging customers to check their credit and debit card accounts. Card readers at more than 200 stores are also being checked for tampering.
28 November 2011 - Feds Shut Down Sites for Allegedly Selling Counterfeit Merchandise
The US Department of Immigration and Customs Enforcement has seized 150 domain names suspected of being involved in selling counterfeit merchandise. The seizures were announced on Monday, a big online shopping day, and come amidst heated legislative debate over anti-piracy legislation. The domains are being taken down under the same civil seizure law used to seize bank accounts and property allegedly linked with illegal activity.http://www.wired.com/threatlevel/2011/11/operation-in-our-sites-grows/
22 November 2011 - Three Indicted for Skimming Scheme
Three men have been indicted for allegedly placing skimming devices on ATMs in New York City. Dimitar Stamatov, Nikolai Ivanov, and Iordan Ivanov face a list of charges, including identity theft, criminal possession of forgery devices, and scheming to defraud. The men allegedly placed skimming devices on four cash machines and used the information they harvested to manufacture cloned payment cards. They then allegedly used those cards to conduct US $264,000 in fraudulent transactions. Two of the men were arrested earlier this year as they were attempting to retrieve one of the skimming devices; the third man is still at large.
18 November 2011 - UK Police Shut Down 2,000+ Websites for Piracy and Theft
Police in the UK have shut down more than 2,000 websites believed to be selling counterfeit or non-existent merchandise. The goods offered for sale include clothing, jewelry and sporting equipment. In some cases, payment was taken but the merchandise was never delivered. UK domain registrar Nominet helped pinpoint and shut down the offending sites. In a separate but related story, proposed changes to Nominet policy would allow the organization to deny requests for site takedowns unless provided with a court order or the site allegedly puts the public at risk, for instance, by selling questionable medications.
16 November 2011 - Stolen Computer Holds Unencrypted Data of 4 Million Patients
A desktop computer stolen from Sutter Medical Foundation in mid-October holds unencrypted patient information dating back to 1995. The data include names, addresses, and diagnoses of more than 4 million patients.
In the last two years, more than 364 breaches at healthcare organizations have compromised personal data of nearly 18 million patients.
9 November 2011 - Six Arrested in Connection with Clickjacking Scheme
The FBI said that six people have been arrested in connection with a click-fraud scheme that infected more than four million computers in countries around the world. The arrests were the result of a two-year investigation known as Operation Ghost Click. All six were arrested in Estonia. A seventh defendant, who is Russian, is still at large. The US attorney's office will seek extradition of those in custody. The malware used in the scheme is known as DNS Changer. DNSChanger virus changed the DNS settings on the infected computers pointing them to DNS servers under the control of the criminals. They could then redirect victim's traffic from legitimate sites, e.g. iTunes, to other sites where they earned more than $14 million from commissions on referrals to the online advertising. The defendants are facing charges of wire and computer intrusion. One was also charged with money laundering. The FBI worked with law enforcement authorities in Estonia and the Netherlands on the case. The attack targeted both Windows and Mac OS X machines.
The FBI put up a website where people can check if their computer is
Internet Storm Center: https://isc.sans.edu/diary.html?storyid=11986
7 November 2011 - DARPA Doubles Cyber Security Research Funding; Also Provides Rapid Funding
The Defense Advanced Projects Research Agency (DARPA) plans to increase spending on cyber security research by 50 percent over the next five years. DARPA plans to step up its focus on offensive cyber capabilities.
In addition a new program managed by DARPA program manager Mudge (Peiter
Zatko) has launched "Cyber Fast Track" to provide funds to small researchers in less than 2 weeks with little or no bureaucracy. Eight grants were made in the first 2 months of the program.
14 Ocotber 2011 - US $4.9 Billion Lawsuit Filed Over TRICARE Data Breach
A class action lawsuit filed against TRICARE Health Management is seeking US $4.9 billion in damages as a result of a recently disclosed data security breach. Unencrypted backup tapes containing personally identifiable information of 4.9 million TRICARE beneficiaries were stolen from a parked car of an employee of a TRICARE business associate, Science Applications International Corp. (SAIC). The lawsuit names TRICARE, the US Department of Defense and Defense secretary Leon Panetta as defendants; SAIC was not named as a defendant. The tapes contained Social Security numbers (SSNs), names and certain health data, in addition to other personal information. The lawsuit seeks US $1,000 compensation for each victim and alleges that TRICARE violated the Privacy Act of 1974 and the Federal Administrative Procedures Act.
13 October 2011 - Energy Industry Notes Shift From Physical to Cyber Security Threats
Security concerns within the energy industry have shifted in the last few years from physical threats to cyber threats. Energy companies used to be focused on physical terrorist attacks and kidnappings; now companies are focused on protecting proprietary information from cyber theft. In 2008, computer networks at several oil companies were found to have been infiltrated by cyber criminals looking for data about gas lease bids. Companies within the energy industry are still reluctant to talk about cyber attacks. At the recent FBI-sponsored Energy Security Awareness Symposium, two speakers asked that they not be identified and reporters were asked to leave during a presentation about counter-terrorism.
11 October 2011 - Probation for Men Who Sold Lost iPhone 4 Prototype
The two men involved in the sale of the lost iPhone 4 prototype in 2010 have been sentenced to probation and community service; they were also ordered to pay US$250 in restitution to Apple. Brian Hogan found the device at a bar in Redwood City, California where it had been accidentally left behind by an Apple engineer. Hogan eventually sold the phone to an editor at the tech blog Gizmodo, an arrangement brokered by his friend and co-defendant, Sage Wallower.
3 October 2011 - GAO Report: Gov't Agencies Have Not Fully Implemented Security Programs
According to a report from the Government Accountability Office (GAO), sensitive data held by two dozen US government agencies is not adequately protected from theft, unauthorized access and leaks.
Although "reports of security incidents from federal agencies are on the rise," agencies have not taken sufficient steps to improve their security posture. Many agencies have developed information security programs, but have not yet fully implemented them.
30 September 2011 - NinjaVideo Co-Founder to Plead Guilty to Copyright Infringement
A co-founder of the NinjaVideo video filesharing site will plead guilty to conspiracy and criminal copyright infringement. Hana Beshara has reportedly admitted to earning more than US $200,000 from the business; she will forfeit assets seized by authorities. Beshara has been an outspoken proponent of filesharing, citing huge profits enjoyed by Hollywood. One of her co-defendants pleaded guilty several days before Beshara's decision to agree to a deal with prosecutors.
28 September 2011 - Prison Sentence for Countrywide Data Thief
Rene Rebollo Jr. has been sentenced to eight months in prison for stealing and selling personal data. Rebollo is a former employee of Countrywide, where he had worked as an analyst. Rebollo has been ordered to pay restitution of US $1.2 million, and the judge in his case also ordered him to serve 10 months in a community jail. Rebollo was charged in 2008 with exceeding authorized access to data, stealing the data and selling them to loan officers from other companies. Rebollo and an accomplice, Wahid Siddiqi, downloaded data in batches of 20,000 customers and sold each batch for US $500. The pair carried on the scheme for two years. Siddiqi has been sentenced to 36 months in prison for selling the data.
27 September 2011 - State Dept. Officer Threatened With Job Loss Over Blog
A US State Department foreign service officer has been told he could lose his job for a blog posting that included a link to one of the State Department cables released by WikiLeaks. Peter Van Buren is under investigation for allegedly disclosing classified information even though the documents he allegedly disclosed were already readily accessible on the Internet. Van Buren said that investigators demanded to know who had helped him with his blog and asked him for details about his contract for a recently published book that is critical of US foreign policy in the Middle East. He was told that if he did not provide answers, he would be fired.
25 September 2011 - ISC2 Plans Rapid Growth in Number of CISSP Certified Professionals
ISC2's executive director, Hord Tipton, told a SearchSecurity reporter that one reason many companies struggle with information security is because, despite more than 76,000 active CISSPs worldwide and 3,200 who took the test last December, they can't find enough qualified infosec pros to work for them. "I need to find 2 million people in three years to come close to meeting the expected need," said Tipton. On the other had, some CISSPs expressed concern to the reporter their hard-earned certification is being watered down by a bevy of inexperienced applicants.
12 September 2011 - Fourteen-Year Sentence in Stolen Credit Card Case
An Indiana man has been sentenced to 14 years in prison for running a scheme that involved selling cloned payment cards over the Internet.
Tony Perez III pleaded guilty to wire fraud and aggravated identity theft in April. While serving a search warrant at Perez's home in June 2010, authorities discovered equipment and supplies that could be used to manufacture credit cards along with stolen data on 21,000 credit card accounts. The credit card numbers found in Perez's home have been linked to more than US $3 million in fraudulent transactions.
9 September 2011 - Five Indicted in Connection with Website Offering Pirated Content
Five people have been indicted for their alleged involvement with NinjaVideo.net, a website that allowed people to download television programs and movies that had not yet been released to DVD. NinjaVideo was operational from February 2008 until it was shut down by authorities in June 2010. The site allowed free access to some digital content. For a US $25 "donation" people could also access a larger repository of films, software and other digital content.http://www.computerworld.com/s/article/9219896/Grand_jury_indicts_alleged_video_
5 September 2011 - Former Employee Erased Payroll Files
David Palmer, a former IT administrator at McLane Advanced Technologies in Texas, has pleaded guilty to charges of computer intrusion. After his firing, Palmer accessed his former employer's computer system and erased payroll files belonging to one of its customers, a military contractor called Lone Star Plastics. Court records indicate that Palmer told investigators that his intent was "to create general havoc and disorder for McLane." Palmer was able to gain access to the system after he was fired through a backdoor he had set up prior to leaving the company. He accessed the system though a Wi-Fi network at an area restaurant.
31 August 2011 - Former Akamai Employee Pleads Guilty to Espionage Charges
Elliot Doxer has pleaded guilty to espionage charges for trying to sell confidential information belonging to his employer to a man he believed was an Israeli intelligence officer. Over an 18-month period starting in September 2007, Doxer gave the man, who was actually an FBI counterintelligence agent, confidential documents belonging to Akamai.
The information included lists of clients and contracts, Akamai security practices and information about Akamai employees. Doxer was employed in the finance office at Akamai's Boston office.
30 August 2011 - Judge Says Lawsuit Against Company That Tracks Lost Laptops May Proceed
A federal judge has determined that a lawsuit filed against Absolute Software, a company that provides tracking services to help find lost Devices, may proceed. One of the plaintiffs, Susan Clements-Jeffrey, purchased what she believed to be a used laptop from one of her students. The device was actually stolen from the school district. When the tracking software was activated, the person conducting the search captured sexually explicit exchanges between Clements-Jeffrey and the other plaintiff, Carlton Smith, printouts of which the police brought to the woman's home when they arrested her for receiving stolen property. Those charges were ultimately dropped. The plaintiffs allege that the defendants, which include an Absolute employee, the City of Springfield, Ohio and its police department, violated their privacy by illegally intercepting their communications. The defendants filed a motion for a summary judgment, maintaining that the plaintiffs had no expectation of privacy while using the stolen device. US District Judge Walter Herbert Rice disagreed, writing that "It is one thing to cause a stolen computer to report its IP address or geographical location in an effort to track it down. It is something entirely different to violate federal wiretapping laws by intercepting communications of the person using the stolen laptop." http://www.informationweek.com/news/security/privacy/231600626
28 August 2011 - Missing USB Key Results in Suspension for British Detective
A detective constable working with the serious crime team for the Greater Manchester police force in the United Kingdom has been suspended pending an investigation after a USB key containing sensitive information was stolen from his home. The information contained on the USB stick includes the details of people who confidentially provided the Greater Manchester police with information on those involved in criminal activity such as drug dealing. The information on the USB stick was not encrypted, contrary to policy, and should not have been in the detective's home. The police have been in touch with those impacted by the breach.http://www.dailymail.co.uk/news/article-2030949/Detective-suspended-thieves-steal-vital-police-data-home.html
26 August 2011 - Email Used in Phishing Attack Against RSA Published
Researchers at Finnish anti-virus firm F-Secure believe they have discovered a copy of the email used in the phishing attack against RSA earlier this year. According to F-Secure's research the email was sent to four employees within RSA's parent company EMC on March 3. The email contains an Excel spreadsheet called "2011 Recruitment Plan.xls" with the body of the email simply reading "I forward this file to you for review. Please open and view it." Once the spreadsheet was opened it executed a malicious Adobe Flash object which in turn installed the Poison Ivy backdoor. The exploit used a then unknown vulnerability in Flash which Adobe has since patched.
23 August 2011 - Email Sent To Bank Staff Reveal Contractors' Rates
An email inadvertently sent to 800 employees in the Royal Bank of Scotland by a staff member of UK contracting firm, Hays, revealed the names and contract rates of up to 3,000 contractors engaged by the bank.
Some of those contracted by the bank were shown to be charged at daily rates of up to GBP 2,000 or US $3,270. Hays has launched an investigation into the breach and apologized for the incident. In a statement the contracting firm said it "recognizes that the correct treatment of data is of the utmost importance and we are taking the unauthorized release of this data extremely seriously". The RBS is ostensibly currently reviewing its relationship with Hays.
22 August 2011 - Firm Fined $50,000 For Collecting Children's Personal Information
The Federal Trade Commission has fined W3 Innovations, a mobile applications development firm, US $50,000 for violating the Children's Online Privacy Protection Act (COPPA). The FTC alleged the company gathered the email addresses of up to 50,000 children under the age of
19 August 2011 - Juicejacking - an emergency phone charge can be a security risk
You've heard of hijacking. And carjacking, truckjacking and shipjacking. You've probably also heard of sidejacking, sheepjacking and clickjacking. That's nothing. Here comes juicejacking! Do you take enough care about where you power-up your smartphone?
19 August 2011 - Bikini-clad women and photo tags aid Facebook scammers
If you're a Facebook user, please repeat after me: "Facebook doesn't let you track who is viewing your profile. Third-party Facebook apps aren't allowed to do it either, and if they claim to offer the ability they are banned from Facebook." http://email.sophos.com/r/?id=h3d7bc10,3be10600,3be10608
18 August 2011 - IT worker pleads guilty to crippling ex-employer's network
Jason Cornish, 37, of Smyrna, Ga., faces up to 10 years in prison and a $250,000 fine for breaking into the computer network of the U.S.-based subsidiary of a Japanese pharmaceutical company
18 August 2011 - Why you shouldn't trust Google+ verified accounts
Dolly Parton, Britney Spears and Alyssa Milano all have one, as do many other celebrities and public figures. But can a verified Google+ account really be trusted? Learn more now. http://email.sophos.com/r/?id=h3d7bc10,3be10600,3be1060a
17 August 2011 - How to steal ATM PINs with thermal cameras
Researchers have demonstrated how it's possible to use infrared imaging to capture the secret PINs that people use at cash machines
16 August 2011 - Cyber Thieves Target Nebraska Non-Profit
An Omaha, Nebraska non-profit has lost US $70,000 to cyber thieves.
After an employee opened an attachment that came with an email from the thieves, the Metropolitan Entertainment & Convention Authority's (MECA) computer system became infected with malware that allowed the thieves to steal passwords. The attackers added people to the company's payroll and made fraudulent transfers to their accounts. In all, the thieves attempted to steal US $217,000. One transfer in the amount of US
$147,000 was reversed, but the rest of the money is gone. MECA declined security precautions its bank offered because they seemed "administratively burdensome." MECA chief financial officer Lea French remarked "Why isn't someone out shouting on the rooftops about this fraud? People need to understand how exposed they are."http://krebsonsecurity.com/2011/08/ethieves-steal-217k-from-arena-firm/
15 August 2011 - Malicious Android Application Answers Calls
Researchers have detected a malicious Android application that pretends to be the Google+ social networking platform. Once installed as
Google++, the application has the ability to steal data and answer and
record incoming calls. The application requires that users manually install it. The stolen data, including text messages, call logs and GPS locations, appears to be sent to a remote server in China.
15 August 2011 - Fifteen-Month Sentence for Using Information Found Online to Drain Bank Accounts
Iain Wood has been sentenced to 15 months in prison for using information his Facebook friends had posted online to steal money from their bank accounts. Wood stole more than GBP 35,000 (US $57,000) from his neighbors between June 2008 and June 2010, when he was caught. He used the information he found online, including birth dates and mother's maiden names, to answer security questions that allowed him to access people's bank accounts.
12 August 2011 - Prison Sentence for Man Running Video Stores Filled with Pirated Disks
A California man has been sentenced to 18 months in prison for operating video stores in which most of the offerings were pirated. Yan Akhumov's scheme was discovered when police responded to a call at one of his shops where a customer was making a scene because the DVD she had rented did not play. In 2007, Akhumov was visited by FBI agents who told him to stop trading in pirated CDs and DVDs. In all, authorities seized more than 55,000 disks that appeared to contain pirated content.
8 August 2011 - DefCon Kids
For the first time, DefCon offered a track for children ages eight to
16 at its Las Vegas, Nevada conference. The participants heard talks from US federal agents hoping to guide them down the right path. A parent of one participant said that the "instructors ... focused on the benefits of gaining a real understanding of the technologies involved and when appropriate discussed the moral and ethical questions involved." One of the participants in the two-day event discovered a loophole in certain games; having grown weary of waiting for crops to grow on farm games, she found that by disconnecting a tablet or phone from WiFi and advancing the clock slightly, the applications could be tricked into speeding up the crops' growth.
5 August 2011 - Spam King Surrenders
Sanford Wallace, a.k.a. "the Spam King," has surrendered to federal law enforcement agents in California. Wallace has been charged with sending millions of spam messages to Facebook users. He allegedly tricked users into submitting their account login details. An estimated 500,000 Facebook accounts were compromised. Once he had access to compromised accounts, he accessed their friends lists and posted junk messages on their walls. Facebook won a US $711 million judgment against Wallace in 2009. Wallace faces charges of electronic mail fraud, intentional damage to a protected computer and criminal contempt. He has been released after posting US $100,000 bail. http://www.bbc.co.uk/news/world-us-canada-14428730
29 July 2011 - AT&T Will Throttle Broadband Speed for Smartphone Data Hogs
AT&T has announced that starting October 1, 2011, smartphone users with unlimited data plans who consume large amounts of data may find that their connections are throttled; the plan will affect those whose use lands then in the top five percent of users in a billing cycle. The plan affects users who have purchased unlimited data plans which AT&T stopped offering last year. Users with tiered service may pay for additional use. AT&T says that the plan is not a permanent long term solution, and that the only way to solve the bandwidth problem would require "completing the T-Mobile merger," which has been opposed by competitors and some legislators. Users will receive warning notices and will have a grace period before the throttling takes effect. Speeds will return to normal levels at the start of the next billing cycle.
29 July 2011 - External Hard Drives Infected With Conficker are Recalled
AUSCERT issued a warning to consumers about the Fission External 4-in-1 Hard Drive, DVD, USB and Card Reader being sold at ALDI discount stores.
There have been reports that some of the devices are infected with Conficker. ALDI has removed the affected devices from its shelves and has issued a voluntary recall. Users are advised to return the devices to the store and to run anti-virus scans on their PCs. The malware is likely to have infected the drives during factory production.
28 July 2011 - Trojan Variant Trick Users Into Transferring Funds Out Of Online Banking Accounts
A newly-detected Trojan horse program waits until users access their online bank accounts, then tells them that a credit has been made to their account in error. It then informs them their account is frozen until they authorize the transfer of the funds back out of the account.
The malware alters the appearance of users' balances and offers them pre-populated transfer forms. This Trojan bears similarities to another known as the URL Zone Trojan, which manipulates the balances users see in their online banking accounts to appear normal even after they have been drained of funds.
28 July 2011 - Court Orders BT to Block Site Linked to Digital Piracy
A group of film studios represented by the Motion Picture Association (MPA), the international arm of the Motion Picture Association of America (MPAA), has won a court order against British ISP BT to block the Newzbin2 filesharing website. A British High Court judge has ordered BT to block users' access to the members-only website that offers links to movies and television programs available on Usenet boards.
26 July 2011 - Governor Recognizes Maryland Winners of US Cyber Foundations Competition
Governor Martin O'Malley took time out to honor Maryland winners of the
2011 Spring Cyber Foundations National Competition. The competition, coordinated by the U.S. Cyber Challenge, is a national online contest to identify talented high school students with the skills to pursue advanced education and job opportunities in the cyber security field, one of the most in-demand career fields.
25 July 2011 - Chinese Authorities Close Two Phony Apple Stores in Kunming
Officials in China have shut down two phony Apple stores in the wake of a blogger's story that publicized their presence. Trade officials launched an investigation; five stores claiming to be Apple retail outlets were discovered in Kunming, China. Two of the operations lacked official business licenses and were ordered to suspend operations pending the outcome of an investigation by the Chinese government.
22 July 2011 - Man Sentenced for Malware Spread Over Peer-to-Peer Network
A judge in Japan has sentenced a man to two-and-a-half years in prison for writing malware that spread over the Winny peer-to-peer file sharing network. Masato Nakatsuji was already on probation for a similar offense when he was nabbed for the "ika-tako," or "squid-octopus" malware.
Nakatsuji had received a two-year suspended sentence in 2008 for spreading malware by attaching it to anime images. The 30-month sentence is for property destruction; the malware replaced files on people's computers with a cartoon image of an octopus.
21 July 2011 - Man Arrested for Allegedly Infecting Computers with Malware
Authorities in Canada have arrested a man for allegedly placing keystroke-logging software on computers in Canada, the US, France, Russia and the United Arab Emirates. Joseph Mercier was employed as an information security manager at an unnamed organization. He allegedly used his work computers and computers at his home to conduct the scheme, which also allowed him to use infected computers' webcams to spy on people and take pictures.
21 July 2011 - Phony Apple Stores Reported in China
An American ex-pat blogging from Kunming, China, has reported finding three phony Apple stores in that city. The blogger said that the staff at the establishments appeared to believe that they were actually employed by Apple, but certain details, including the words Apple Store outside the storefronts, led to suspicion that the establishments were bogus. The origin of the merchandise being sold has not been determined. The Wall Street Journal cannot speak reporter managed to speak to one of the store's employees who appeared to know that the store was not official. Apple has not commented on the situation. Apple has four official stores in China and several official resellers, but the Kunming store appears to be neither.
18 July 2011 - Microsoft Offers Reward for Arrest of Rustock Operators
Microsoft is offering a US $250,000 reward for information that leads to the arrest and conviction of those responsible for the Rustock botnet. Earlier this year, Microsoft launched a concerted attack on Rustock when it obtained court orders that allowed authorities to seize the botnet's command and control servers. At one point, Rustock was believed to be responsible for 40 percent of all spam sent worldwide.
14 July 2011 - Comcast Bans Bandwidth Hog For One Year
Comcast has banned a Seattle man from the Internet for a year because he used too much data. Andre Vrignaud used more than 250 GB of data on his Comcast Internet connection for two months in a row, violating the company's use policy, which does not allow those who are banned to switch to more expensive, uncapped, but lower speed connections. A Comcast spokesperson said that the 250 GB limit was established after the company agreed not to selectively slow down peer-to-peer traffic.
The limit is designed to prevent users from degrading their neighbors'
13 July 2011 - ZeuS Variant Targets Android Smartphones
Anti-virus vendors have detected a variant of the ZeuS Trojan horse program that can infect Android smartphones. The malware in this case is a variant of Zitmo, which stands for "Zeus in the mobile;" it pretends to be an online banking security application called Rapport, which is the name of a legitimate application from Trusteer. It is capable of stealing one-time passwords that are sent to users' mobile phones as an added layer of security and sending them to a remote server.
13 July 2011 - Minnesota Wi-Fi hacker gets 18 years in prison for terrorizing neighbors
Minnesota hacker Barry Ardolf was sentenced to an 18-year term in a federal prison this Tuesday. Ardolf had terrorized a neighboring family for two years through a carefully planned campaign involving a hijacked Wi-Fi network to harass, frame and embarrass the next-door neighbors in every facet of their lives. http://news.yahoo.com/minnesota-wi-fi-hacker-gets-18-years-prison-032803295.html
12 July 2011 - Three Sentenced for Phishing Scheme
Three men have been sentenced to prison for their roles in a phishing scheme that defrauded banks around the world. The three were arrested in the UK and Ireland in August 2010. Their sentences range from two years to just over five-and-a-half years. The men established phony web pages for banks, promoted them through spam, and harvested login data.
The men compromised 900 bank accounts and 10,000 credit cards. Losses of GBP 570,000 (US $921,000) have been confirmed, but the total could be as high as GBP 3.1 million (US $5 million).
8 July 2011 - Spear-phishing attacks take two more national labs offline
Two more Department of Energy (DOE) labs appear to be the victims of spear-phishing attacks that resulted in the shutdown of their email and Internet connectivity.
The Department of Energy’s Pacific Northwest Lab (PNNL) in Richland, Wash., and Jefferson National Lab in Newport News, Va., suffered recent cyberattacks and responded by suspending email and internet connectivity, according to various media reports. Battelle, which operates PNNL, was also targeted.
7 July 2011 - Colorado agency loses medical aid applicants' data
A computer disk containing the personal information of thousands of medical aid applications has gone missing from the Colorado Department of Health Care Policy and Financing.
7 July 2011 - Programmer Arrested for Alleged Theft of Trade Secrets
US law enforcement authorities have arrested a man for alleged theft of proprietary software. Chunlai Yang had worked as a senior software engineer for CME group, which makes commodity derivative market trading platforms. CME says they have been monitoring Yang's computer use and noticed that he downloaded files containing proprietary source code. He was arrested in a raid on CME's offices and has been charged with theft of trade secrets. The FBI said that Yang had email contact with an organization in China; one of the messages included an attachment that contained proprietary code. Yang is a naturalized US citizen.
6 July 2011 - Morgan Stanley Smith Barney: Losing data, and client trust, the old fashioned way
Brokerage firm Morgan Stanley Smith Barney recently admitted that personal information on 34,000 investment clients had been lost in the mail, and possibly stolen.
5 July 2011 - Massachusetts data breaches touch five million residents
Data breaches have affected five million residents of Massachusetts since October 2007, when the state’s strict data breach law was enacted, according to Barbara Anthony, head of the Office of Consumer Affairs and Business Regulation.
29 June 2011 - Finnish Court Orders Three Subscribers' Internet Connections Disconnected
A court in Finland has ordered an Internet service provider (ISP) to disconnect three users from the Internet for alleged violations of copyright law. The subscribers received no warning notices. The three individuals are believed to be users of The Pirate Bay website. The order follows a lawsuit filed by the Copyright Information and Anti-Piracy Centre and the International Federation of the Phonographic Industry earlier this year.
28 June 2011 - Eleven-Year Sentence for Man Involved in Phishing Ring
Kenneth Lucas II, who was in charge of the US branch of an International phishing operation, has been sentenced to 11 years in prison. In 2009, more than 100 people were arrested in connection with what is known as Operation Phish Phry. Some of those involved used phishing tactics to steal bank account information that was then used to siphon funds. Lucas and two co-conspirators arranged for money mules to receive the stolen money, deposit it in their accounts and send it on to accounts outside the US. In all, the scheme stole more than US $1 million from its victims.
27 June 2011 - Film Industry Seeks to Block Site That Hosts Pirated Movies
The Motion Picture Association is seeking an injunction that would force BT to sever access to a website that hosts pirated films. The MPA wants BT to use the same technology that it uses to block child pornography sites to block the Newzbin site. BT was chosen as the target of the injunction because it is the largest Internet service provider (ISP) in the UK and because it provides a site blocking system called Cleanfeed to other ISPs. The MPA is the international counterpart to the Motion Picture Association of America (MPAA).
17 June 2011 - Virgin Media Warns Users Infected With Spy Eye Trojan
Internet service provider (ISP) Virgin Media has warned about 1,500 customers that their computers have been infected with the SpyEye Trojan horse program. Virgin has provided the customers with advice from the UK's Serious Organised Crime Agency (SOCA) for cleaning their computers.
15 June 2011 - Missing Laptop Holds Unencrypted NHS Patient Data
A laptop computer stolen from a National Health Services (NHS) subsidiary in London contains unencrypted personal health information of more than 8.6 million people, including records of 18 million hospital visits, operations and procedures. Three weeks ago, the laptop and 19 other computers were reported missing from a storeroom at the London Health Programmes medical research organization. The incident is being investigated by the UK Information Commissioner's Office (ICO) and police.
10 June 2011 - Fines for Former T-Mobile Employees Who Stole and Sold Data
Two men who used to work for T-Mobile have been fined a total of GBP 73,700 (US $121,000) for stealing customer information and selling it to third parties. The action resulting in the decision was brought by the UK information Commissioner's Office (ICO), which launched the investigation in 2008.
3 June 2011 - Spear Phishing Attacks Gathered Information Over Many Months
The recently disclosed spear phishing attacks against key government officials, political activists and journalists in several countries around the world had been painstakingly planned; the attackers appear to have been gathering personal information about their targets for as long as nine months. Google claims to have disrupted the targeted attacks.http://www.theregister.co.uk/2011/06/03/gmail_users_stalked_for_months/
2 June 2011 0 Tennessee Law Prohibits Sharing Login Credentials
Tennessee's governor has signed into law a bill that makes it illegal to share login information - usernames and passwords - with anyone, including family members. The law takes effect July 1 and applies only within the borders of that state. The bill is an expansion of laws that allow prosecution of people for stealing cable service or not paying for restaurant meals. People convicted under the law of stealing up to US $500 worth of entertainment could face a year in jail and a fine of up to US $2,500. For those convicted of stealing more than US $500 of content, penalties are greater.
1 June 2011 - Google Pulls Malware-Infected Apps From Android Market
Google has pulled nearly three dozen apps from its Android market after learning that the mobile applications were infected with malware. The questionable apps are maliciously altered versions of legitimate ones.
Several months ago, Google removed more than 50 apps from Android Market over similar concerns. The malware in question this time is being called DroidDream Light.
1 June 2011 - Facebook Video Scam Spreading
Some links spreading through Facebook that claim to lead to salacious videos actually lead users to sites that install rogue security software on their computers. Facebook has thus far been powerless to stop the scareware attacks. The scheme targets both PCs and Macs. The ruse varies with operating systems. PC users are told they need to install the most recent version of Adobe Flash Player to view the video; Mac users are greeted with a security warning pop-up that offers a "fix" button. The malware redirects users to pornographic websites every five minutes until they pay for a software license.
1 June 2011 - Second Annual UK Cyber Security Challenge Launched
Registration has begun for the UK's second annual Cyber Security Challenge, a competition designed to encourage people with interest and skills in cyber security to pursue and develop careers to fill the need for specialists to defend UK networks. Those who are interested can register through the competition website to participate in a series of challenges over the coming year. This year's competition has three
strands: secure network design, informed defence, and investigate and understand.
29 May 2011 - French Police Shut Filesharing Website
Law enforcement authorities in France have shut down a website known for making pirated movies, music and software available for download and have arrested three people in connection with the operation. Liberty Land had an estimated 800,000 members. The site's operators each face up to five years in prison and fines of 500,000 Euros (US $714,000).http://www.bangkokpost.com/tech/computer/239483/french-police-close-down-piracy-website
13 May 2011 - Facebook Adds Security Feature
Facebook has introduced an added layer of security to prevent account hijacking. Users must opt-in to the two-factor authentication feature, called Login Approvals, which requires supplying Facebook with a mobile phone number to which a one-time security authentication code will be sent when users try to login to Facebook from new devices. A new code will be required every time users attempt to login from a device that they have not designated as safe.http://krebsonsecurity.com/2011/05/facebook-adds-mobile-authentication/
16 May 2011 - Warns of (Nonexistent) Hard Drive Problems
A new twist on scareware purports to detect disk errors and tries to manipulate users into paying US $80 for phony software that repairs problems that did not exist in the first place. The malware, which infects users machines when they surf to certain, tainted websites, moves files to temporary locations and makes desktop icons disappear, lending credence to the notion that something bad is going on with the machines' hard drives.
13 May 2011 - LimeWire Will Pay US $105 Million to Settle RIAA Suit
LimeWire and its founder, Mark Gorton, will pay US $105 million to settle a lawsuit brought by the Recording Industry Association of America (RIAA). The lawsuit, filed in August 2006, alleged that LimeWire was "devoted essentially" to enabling music piracy over the Internet. In October 2010, a judge ordered LimeWire to stop distributing peer-to-peer (P2P) filesharing software.http://news.cnet.com/8301-31001_3-20062418-261.html
7 May 2011 - Google Image Poisoning
Reports are emerging that Google Images searches are returning results laced with malicious links. Users have reported that when they clicked on certain results, their computers became infected with scareware alerts and warnings. The technique has been used recently to take advantage of people's curiosity about the royal wedding and about bin Laden.
6 May 2011 - Raid Targets Computer Allegedly Used in DDoS Against Gene Simmons' Website
US federal law enforcement agents have raided a home in Gig Harbor, Washington in connection with distributed denial-of-service (DDoS) attacks against Gene Simmons' website. Simmons' website came under attack last October, days after the KISS frontman spoke out against illegal filesharing and encouraged musicians to "sue everybody." Some of the traffic implicated in the attack had been traced to the Gig Harbor home, where law enforcement agents seized a computer that reportedly belongs to a teenager who lives there.
5 May 2011 - PC Rental Company Allegedly Used Webcam to Take Pictures of Customers Remotely
A Wyoming couple has filed a lawsuit against a store through which they had a rent-to-own computer agreement. The suit alleges that the store spied on them. Crystal and Brian Bird discovered that someone at the store had used remotely activated software to take a picture of Brian when a store employee came to their home and attempted to repossess the
computer. The lawsuit also names the company that developed the
software allegedly used to take the picture. Evidently a picture was taken each time the couple received a pop-up reminder to register their software. The Byrds are seeking class action status for their lawsuit.
28 April 2011 - LimeWire Trial Set to Start This Week
The copyright infringement lawsuit brought against LimeWire by the Recording Industry Association of America (RIAA) is scheduled to start on Tuesday, May 3. It's the first such lawsuit against a file-sharing software company since the Supreme Court ruled against Grokster in 2005.
A federal jury will decide how much LimeWire should pay for copyright infringement conducted through its service. The record companies say LimeWire owes more than US $1 billion in damages. US District Judge Kimba Wood noted that the infringement was "willful," which significantly increases the penalty for each track that was shared illegally. Judge Wood ordered LimeWire to stop "file-distribution functionality" in October 2010.
25 April 2011 - FBI Raids Home of Suspected Illegal Filesharer
The FBI has raided the apartment of an individual believed to have uploaded several movies to The Pirate Bay that were playing only in theaters at the time. The person has been identified as Wes DeSoto, a member of the Screen Actors Guild and the owner of a clothing shop.
DeSoto was pegged as the culprit because the copies of the films he
viewed had unique watermarks. Members of the Guild were provided
iTunes codes that allowed them to access the screening copies of films nominated for awards.
20 April 2011 - iPhone Software Collects and Stores User Location Data
Researchers have found that iPhones running iOS4 track and retain user location data. The unencrypted information is stored on the devices and
on computers through the iOS device backup system in iTunes. The data
are stored without users' permission. There is no evidence that the information is being sent to Apple; it appears to remain in the possession of the user. Another researcher discovered the issue last year, but his work remained largely in forensic circles and was not publicized. The two researchers who just released their information have also released a tool that generates a visual representation of the stored information.
20 April 2011 - Guilty Plea in Phony Software Sales Case
Jacinda Jones, from Ypsilanti, Michigan, has pleaded guilty to willful copyright infringement for selling counterfeit software over the Internet. Jones sold more than 7,000 copies of pirated software between July 2008 and January 2010. The companies affected by the sales include Microsoft, Adobe, and Symantec. The software had a retail value of more than US $2 million.
5 April 2011 - Free Pandora App Shares User Data
Online music service Pandora has acknowledged being served with a subpoena demanding documents related to information sharing practices.
The subpoena appears to be connected to a federal grand jury investigation into information sharing practices of apps that run on Apple and Android mobile platforms. A report recently found that a Pandora smartphone app shares user information with advertisers. The shared data include age, gender, geographic location, birth date and device ID.
31 March 2011 - BP Employee Loses Laptop With Unencrypted Claimant Information
BP's acknowledgment that an employee lost a laptop containing unencrypted information of 13,000 people who have submitted claims associated with last year's oil spill has prompted analysts to declare that failing to encrypt sensitive data on portable devices is inexcusable. The information compromised in the BP laptop breach includes names, Social Security numbers (SSNs) and dates of birth. Even a requirement for federal agencies to encrypt sensitive data on portable devices following a breach that compromised the security of records of more than 26 million veterans has not resulted in compliance.
31 March 2011 - TV Producer Sues Over Lost Show Files
The creators of children's television program Zodiac Island say that a disgruntled former employee at their data hosting company deleted more than 300GB of video files, erasing an entire season of the show. The Wisconsin ISP, CyberLynk, fired Michael Scott Jewson in February 2009.
A month later, Jewson allegedly logged into CyberLynk's computer systems and deleted data stored on an FTP server. Although CyberLynk was supposed to have backed up the stored data, the backup system "had failed and/or was not properly instituted," according to the lawsuit filed by WeR1 World Network, the show's creator. WeR1 is suing CyberLynk and Jewson for damages.
29 March 2011 - Spam Volume Drops by One-Third Following Rustock Takedown
Since the Rustock botnet has been taken down, worldwide spam levels have dropped 33 percent, according to MessageLabs. Other botnets appear to be starting to fill the void. The Bagle botnet is now believed to be the single largest active source of spam.
22 March 2011 - Two-Year Sentence for Stealing Virtual Gaming Chips
A UK man has been sentenced to two years in jail for stealing virtual gaming chips. Ashley Mitchell pleaded guilty to charges of hacking and theft for stealing and reselling chips used in games from Zynga.
Mitchell stole 400 billion gaming credits and resold a third of them, earning about GBP 53,000 (US $85,000). Ashley managed to gain access to Zynga's systems and assume the identities of two employees.
21 March 2011 - Companies Lose Business Following Data Breaches
A study conducted by the Ponemon Institute on behalf of Symantec, 37 percent of data loss cases reported in the UK in 2010 involved system failures; that figure is seven percent higher than it was in 2009. The study also found that the average cost of data breaches for large UK companies in 2010 was GBP 1.9 million (US $3.1 million), an increase of
13 percent from 2009. The report also found that companies that suffer computer breaches experience significant financial repercussions in lost business.
19 March 2011 - Phishing Attack Evades Filters
The US Computer Emergency Response Team (US-CERT) has warned of a sophisticated phishing attack that targets customers of several financial institutions, including Bank of America, PayPal and Lloyds.
This particular attack manages to evade filters designed to identify phishing sites. The phishing emails arrive with HTML attachments.
18 March 2011 - Eight-Year Sentence for Theft of Proprietary Code
A former programmer for Goldman Sachs has been sentenced to eight years in prison for stealing proprietary code from the investment company.
Sergey Aleynikov developed high-frequency trading software for Goldman Sachs. He worked at the firm from 2007 to June 2009. He transferred a significant amount of the code to servers in Germany in July 2009. The following month, he met with a startup developing high-frequency trading software. He had taken steps to erase his tracks; his activity was discovered when Goldman Sachs began monitoring HTTPS transfers after noticing suspicious network activity.
16 March 2011 - Home WiFi Users Lack Understanding of Security
According to a survey from the UK Information Commissioner's Office (ICO), nearly half of home computer users who have WiFi networks do not understand WiFi security settings. Most Internet service providers
(ISPs) now set up and install customers' WiFi security settings, but 40 percent of WiFi users do not understand those settings and 16 percent are either using an unsecured network or do not know if their network is secured. ICO head of policy Steve Wood pointed to Google's Street View data collection vehicles gathering information from unprotected networks as evidence that users need to be aware of their network settings.
13 March 2011 - Facebook Users Scammed by Bogus CNN Japanese Tsunami Video
In even more attacks, inspired by the disaster in Japan, Facebook users are being tricked into clicking on links which claim to be raw CNN footage of the Japanese tsunami by cold-hearted scammers. Sophos recommends that users take care over the links they click on, and only visit trusted sites for news of the disaster in Japan.
12 March 2011 - Japanese tsunami disaster exploited by hard-hearted cybercriminals
Sick-minded scammers are up to their dirty tricks again, trying to make money out of the natural disaster in Japan which has shocked people around the world. In one example, Facebook users are being tricked into believing they are going to see a whale carried by the tsunami into a wrecked building. But the reality is that the scammers are trying to earn money by bringing traffic to online surveys. Sophos recommends that users who wish to keep abreast of the news only trust legitimate media sources.
11 March 2011 - Earthquake and Tsunami Breed Web Scams, Malware
The 8.9-magnitude earthquake and deadly tsunami in Japan also has triggered a tidal wave of cybercrime, say experts. Almost immediately after the news broke, internet fraudsters got to work by customizing their malicious websites so they would rank near the top of search results, a process known as black hat search engine optimization. The sites purportedly featured information about the quake but actually had been booby-trapped with malware, such as rogue anti-virus programs.
11 March 2011 - N.J. Agencies Failed to Wipe Hard Drives Before Resale
Multiple New Jersey state agencies left confidential information on computers set to be sold at auction, according to a report released this week by state Comptroller Matthew Boxer. An audit by Boxer's office revealed that multiple state agencies disposed of computer equipment without ensuring that data on the devices had been removed. Auditors discovered completed tax returns, Social Security numbers, health records, child abuse papers and a list of login passwords on computers that were shrink-wrapped on pallets at the state's surplus property warehouse ready to be auctioned off to the public.
10 March 2011 - Google Faces Second Privacy Lawsuit Over Gmail Content Scanning
Google is being sued for the second time over its practice of scanning Gmail message content to serve users ads relevant to the messages'
55 external links.
9 March 2011 - New Jersey Comptroller Finds Data on Machines Marked for Auction
An audit conducted by the Office of the New Jersey State Comptroller found that nearly 80 percent of retired state government computers headed for auction still contained sensitive personal data. The computers examined were being held at a state surplus property warehouse. New Jersey guidelines require that data be removed from hard drives before computers are sent to the warehouse. The audit was prompted by a number of arrests of warehouse employees. New Jersey state comptroller Matthew A. Boxer says that he believes it is likely that other machines containing data have already been sold because no outside agency had investigated the procedures before his office looked into the matter at the warehouse.
7 March 2011 - Google Remotely Removes Infected Apps From Android-based Devices
Google has begun using its "remote removal function" to purge infected apps from Android devices running versions prior to 2.2.2. About 50 apps were found to be infected with malware known as DroidDream; all have been removed from the Android Market. Google has also suspended the accounts of the developers believed to be responsible for the infected applications and plans to take legal action.
6 March 2911 0 Former Employee Sentenced to Home Confinement for Deleting Company Data
Ismael Alvarez has been sentenced to one year of home confinement and five years of probation for breaking into his former employer's computer server and deleting data. Alvarez had worked at Gray Wireline Services for more than seven years before he was fired. Investigators identified Alvarez as the culprit through the IP address used to access the server.
The files he deleted contained proprietary reports about oil and gas wells. Alvarez was also ordered to pay more than US $20,000 in fines and restitution.
3 March 2011 - DroidDream Trojan is a Nightmare for Thousands of Android Users
Google has removed 55 apps from its Android Market after tens of thousands of users downloaded applications that were infected by the DroidDream trojan, according to numerous news reports
2 March 2011 - Google Pulls Infected Apps From Android Marketplace
Google has removed more than 50 apps from Android Market after discovering they had been infected with malware. The malware has the capability of gaining root access to infected devices and stealing information. Users had downloaded between 50,000 and 200,000 copies of the infected apps before they were pulled. They were all infected with the same malware and had been available on Android market for about four days. Another malware-infected app made news recently, but that one, called Steamy Window, was offered on a third-party site rather than Android Market. Although Google has the capacity to automatically uninstall apps from the phones, it has not initiated that procedure yet in this case.
1 March 2011 - Former Employee Gets House Arrest for Breaking Into Company Network
A California woman who admitted to accessing her former employer's computer network and posting confidential information to the Internet will serve 60 days of home detention and one year of probation. Ming Shao avoided prison time for her actions. She was able to access the sensitive data belonging to her former employer, PanTerra Networks, through two employee email accounts for several months following her dismissal from the company in August 2009. Shao pleaded guilty to one count of felony computer intrusion.http://www.theregister.co.uk/2011/03/01/sacked_employee_sentenced/
28 February 2011 - Malware on London Stock Exchange Site
The website of the London Stock Exchange (LSE) was infected with malware that appears to have come from third-party advertisements. The malware urged site visitors to download useless security software products and in some cases, merely visiting the site was enough to compromise people's computers. More than 360 pages on the site have reportedly hosted malware over the last three months. LSE has disabled the advertisements responsible for the malware.
25 February 2011 - HHS Stepping Up HIPAA Privacy Rules Enforcement
The US Department of Health and Human Services (HHS) appears to be getting serious about enforcing Health Insurance Portability and Accountability Act (HIPAA) privacy rules. HHS has imposed enforcement actions against two organizations for HIPAA privacy violations. Cignet Health was charged a civil monetary penalty of US $4.3 million for failing to provide patients access to their own medical records and failing to cooperate with an HHS investigation into the matter. When Cignet finally sent boxes of records to the US Justice Department, they included records for the 41 individuals who had requested their records as well as records of 4,500 other people. Massachusetts General Hospital will pay HHS US $1 million for the exposure of personal information of 192 patients when documents were left on a subway in March 2009. HHS appears to be getting serious about enforcing HIPAA privacy rules. Both incidents are the result of business process failures rather than technology failures.
24 February 2011 - Keystroke Loggers Found on Library Computers
Keystroke logging devices were found plugged in to computers at libraries in Cheshire, UK. It is not known how long the devices were connected to the computers before they were discovered. Keyboards are now being plugged in to ports at the front of computers.
22 February 2011 - OddJob Trojan Steals Online Banking Session IDs
The OddJob banking Trojan grabs online banking session ID tokens in real time, allowing thieves to keep the sessions open longer and make fraudulent transactions. The malware is being actively used in the US, Poland and Denmark. Researchers have noted that those behind OddJob have made refinements to the malware over the last few weeks.
16 February 2011 - Sony Threatens to Ban Jailbroken PS3 Console Users from PlayStation Network
Sony says it will permanently ban users of jailbroken PlayStation 3
(PS3) gaming consoles from the PlayStation Network. Sony has not said how it plans to enforce the new policy. The announcement comes just weeks after code to jailbreak PS3 consoles was posted to the Internet.
The code allows users to play "homebrewed" games on the devices, but with a few changes, could also be used to allow the consoles to play pirated games. The action stems from a legal case against George Hotz, who allegedly posted the code; Hotz is facing charges for violations of the Digital Millennium Copyright Act (DMCA) and other offenses.
15 February 2011 - 2012 Budget Proposal Includes Significant Increase in Cyber Security Spending
The White House's 2012 budget proposal includes an overall increase in cyber security research spending of 35 percent, bringing the total proposed allocations to US $548 million. Requested funding for government IT overall is about the same as the previous year.
14 February 2011 - Federal Agents Seize 18 Domains Linked to Counterfeit Fashion Accessories
Agents of the US government have seized an additional 18 domains that have been linked to piracy, bringing the total seized under Operation in Our Sites to nearly 120. The sites affected today allegedly sold counterfeit jewelry, handbags and other fashion accessories. The action was taken with no advance warning to the sites. Two weeks ago, the same agencies seized 10 domains associated with providing pirated sporting event content.
8 February 2011 - ICO Imposes Hefty Fines for Failure to Encrypt Laptops Containing Patient Info
Two councils have been fined a total of GBP 150,000 (US $241,000) for failing to encrypt patient data on laptops that were later stolen from an employee's home. The breach affected 1,700 people. While there is no evidence that the information has been misused, the fines were levied by the Information Commissioner's Office (ICO) for violations of the Data Protection Act. Failure to encrypt the laptops also breached council policy.
7 February 2011 - Mass Filesharing Law Suits Continue
In 2010, nearly 100,000 people in the US were sued for alleged illegal filesharing. Of the 80 mass lawsuits filed, 68 are still active; those suits target nearly 71,000 individuals. The practice of mass lawsuits, which allows the copyright holder to avoid the cost of filing suits against every individual, has been called predatory.
7 February 2011 - One-third of EU Internet Users Report Malware Infection
One-third of Internet users in the European Union experienced malware infections, according to statistics gathered by the EU. The countries with the highest rates of infection were Bulgaria, where 58 percent of users reported infections, and Malta, Slovakia, Hungary and Italy, where about half of all users reported infections. Those with the lowest rates were Ireland and Austria, with about a 15 percent infection rate.
The statistics were compiled by users reporting infections, so the actual rate of infection is likely to be even higher. Eighty-four percent of the more than 200,000 people surveyed said they have some sort of anti-malware technology in place.
2 February 2011 - Congressmen Seek Answers About Facebook Data Privacy
US lawmakers are seeking additional information about Facebook's plan to allow websites and third-party applications to request access to users' home addresses, phone numbers and other personal information.
The feature was postponed in January over privacy concerns, but Facebook plans to relaunch the feature in the next several weeks.
Representatives Ed Markey (D-Massachusetts) and Joe Barton (R-Texas), who co-chair the House Privacy Caucus, have sent a letter to Facebook's Mark Zuckerberg containing a list of questions about why the feature was introduced in the first place.
- Visit SANS, Sophos, SC Magazine, and InfoSecurity magazine websites to sign up for news feeds -
27 January 2011 - FTC Wins US $8.2 Million Settlement in Phony AV Software Case
The US Federal Trade Commission (FTC) has reached an agreement with father and son team Maurice and Marc D'Souza, who used deceptive advertising to trick Internet users into downloading bogus antivirus software. The D'Souzas will forfeit US $8.2 million as part of the settlement. The money will be used to reimburse people who were duped into buying the worthless software, which went by names such as Winfixer, Drive Cleaner and Antivirus XP. The D'Souzas used an "elaborate ruse" to trick websites into running the ads that manipulated users into buying their products.
26 January - South African Newspaper Takes Down Website to Protect Users From Malware
Following relentless cyber attacks, the website of South African newspaper The Mail & Guardian has been taken down to implement security improvements. Editors said that the site was being inundated with attacks that appeared to emanate from Russia and that tried to steal site visitors' information. Rather than expose users to the malware, the decision was made to take the site down. They hope to have the site available soon.
21 January 2011 - Cisco 2010 Security Report Notes Cybercrime Moving Toward Mobile Devices
According to Cisco's 2010 Annual Security Report, cyber criminals appear to be shifting their focus from Windows machines to mobile devices.
Users are falling prey to social engineering scams through social networking, email and even phone calls. In addition, 2010 marks the first year "in the history of the Internet" in which the volume of spam dropped, due in large part to botnet takedowns and increased ISP email restrictions.
20 January 2011 - Carberp Trojan Updating Itself
The Carberp Trojan horse program that steals information and leaves a back door open on infected systems was first detected in the fall of 2010 and now appears to be upgrading its capabilities. Carberp is designed to steal banking data. It masquerades as a legitimate Windows file and deletes antivirus software from infected machines. The upgrades allow Carberp to run on all versions of Windows without administrator privileges. Carberp communicates with command and control servers through encrypted HTTP traffic.
18 January 2011 - Client Attorney Privilege Does Not Apply if Client Communicates via Work eMail
A ruling from a California appeals court means that communications between client and attorney are not considered privileged if the client uses his or her work email account to conduct the communication. A unanimous decision by the Sacramento Third Appellate District involves a secretary who claimed her employer turned hostile after learning of her pregnancy shortly after she was hired. The company used email the secretary had sent from the workplace as evidence that she was not suffering severe emotional distress.
13 January 2011 - Vodafone Fires Employees After Security Breach
An unspecified number of Vodafone employees in Australia have been fired in the wake of a data security breach that exposed the personal information of as many as four million customers. There have been allegations that access to the customer database was sold to criminals.
Vodafone has also said that it is taking steps to improve data security.
The Australian Privacy Commissioner plans to investigate the incident.
13 January 2011 - Bank Employee Sold Customer Data
A Singaporean bank executive sold customer information to a number of people, including an illegal money lender. Sazaly Selamat was experiencing financial difficulties, including repossession of his car.
One of the people repossessing the vehicle discovered that Sazaly could access his employer's customer database and paid him for customer data.
An illegal bookmaker also became one of Sazaly's clients and paid Sazaly for information on people who owed him money. Sazaly pleaded guilty to charges of corruption and accessing the bank's customer information system without authorization.
13 January 2011 - Guilty Plea From Man Who Broke into eMail Accounts, Stole and Posted Pics
George Samuel Bronk has pleaded guilty to seven felony charges, including computer intrusion, for breaking into more than 3,200 email accounts and stealing revealing pictures of women which he then posted to the Internet. He then changed their passwords, stole pictures and uploaded them to the women's Facebook profiles. He posted pictures of
172 women. In one case, he blackmailed a woman into sending him more explicit pictures of herself if she didn't want him to post those he had stolen. Bronk faces up to six years in prison.
12 January 2011 - Disgruntled Former TSA Employee Draws Prison Sentence for Logic Bomb
Former Transportation Security Administration (TSA) employee Douglas James Duchak has been sentenced to two years in prison for planting a logic bomb in a TSA screening system. Duchak had been employed as a data analyst for TSA since 2004. Duchak placed the malware on the system in late 2009, shortly after being informed that his job was being eliminated. The malware was discovered by other workers before it caused any damage.
12 January 2011 - Two Sentenced in Gas Pump Skimming Scheme
Two men have been sentenced to prison for their roles in a skimming scheme involving gas pumps at stations around the US. The scheme began to unravel when a convenience store clerk in California noticed a skimming device inside one of the store's gas pumps. Authorities were notified, and they placed a clone inside the pump and waited for the crooks to return and retrieve the device. David Karapetyan and Zhirayr Zamanyan were arrested and charged with felonies. Karapetyan received a seven year sentence, while Zamanyan received a five year sentence.
Two additional accomplices, Edwin Hamazaspyan and Naum Mints, are scheduled to appear in court in February.
11 January 2011 - Intruders Accessed Laptops on Bank and Credit Union Network
Sovereign Bank and Pentagon Federal Credit Union (PenFed) have both recently reported that intruders broke into laptops connected to their networks. Employees noticed a computer on the network connecting to an atypical IP address; an investigation revealed a keystroke logging program on a company laptop. At PenFed, it was discovered that someone had gained access to a laptop on the financial institution's network and used that connection to access a database containing sensitive customer information, including credit card and Social Security numbers.
10 January 2011 - Teen Who Made Phony Phone Threats Over VoIP Sentenced
The North Carolina teenager who was arrested in March 2009 for making hoax bomb threats to schools and FBI offices around the country is being released after serving 22 months in pre-trial custody. A judge has sentenced Ashton Lundeby to time served and ordered him to serve three years supervised release. He was also ordered to pay more than US $29,000 in restitution. Lundeby made some of the hoax threats at the request of students who wanted to miss school, in some cases accepting payment for his efforts. He pleaded guilty to conspiracy in October.
He made the calls using VoIP software. He and others listened online as authorities responded to the threats.
6 January 2011 - Investigation Heats Up in Calif. Gas Station Skimming Scheme
At least 282 people have been victimized by credit card fraud after using their payment cards at a gas station in Sierra Madre, about 18 miles northeast of Los Angeles, California. The cumulative total of fraudulent transactions is at least US $82,000. The station where the card information is believed to have been stolen closed after Christmas.
Authorities are attempting to question the store's owner, Evgeny K.
Yakimenko, as a person of interest in the case. The US Secret Service is now assisting in the investigation. Authorities have released a security photo of a man who used one of the cloned cards at an ATM.