Malware, Viruses, Trojans, and Other Nastiness    Today's internet is probably one of the least safe places to be in regards to the health of your computer and the safekeeping of your personal data. This page will be continually updated with info on new threats as they appear. If you have any questions please feel free to contact us. One of the most common questions we get asked is "I have current, reputable anti virus software installed, why did my PC still get infected?" This article explains why. There is software you can install and services you can use to try and help prevent the many infections floating around the web. Nothing is a 100% guarantee that you'll be safe, common sense plays a big role in your safety.       We recommend the following products to help in your efforts to stay safe online   OpenDNS is designed to help protect your children & computers from undesirable web content.  What is OpenDNS?  OpenDNS is a free service that works for networks of all sizes, from home networks to K-12 schools, SMBs and large enterprises. It provides protection against known malware and phishing websites, along with parental control, giving you complete customization of the websites visited by any computer on your network, it can be set up here If you want to set it up on your network and need help, we can assist in setting it up via remote support, just call us to set up a remote session. The following articles should be required reading for ANYONE with a computer connected to the internet. The Scrap Value of a Hacked PC The Scrap Value of a Hacked PC, Revisited   One of the most common infections today is rogue or scareware applications, the following article is a must read, even with current anti virus software installed you're not immune to these infections. The ultimate guide to scareware protection   Botnet malware: What it is and how to fight it Malware or malicious computer code has been around in some form or other for over 40 years, but the use of malware to take control of a group of computers that are then organized into something called a botnet is more a twenty-first century phenomenon. Botnets have been responsible for some of the most costly security incidents experienced during the last 10 years, so a lot of effort goes into defeating botnet malware and, when possible, shutting botnets down.       Current Security News   Five new malware programs are discovered every second The numbers are in, and they don’t look too good. A new report from the respected independent testing agency AV-Test.org reveals some scary-sounding facts about the state of malware today.   Hundreds of Thousands of Unpatchable IP Cameras Affected by Two Zero-Days Hundreds of thousands of IP cameras from several vendors are affected by two zero-day vulnerabilities that allow an attacker to hijack the device, use it as a pivot point for other attacks, or spy on the camera's owner. The zero-days affect the web server built into the firmware of many of these devices, which allows users to connect to the IP camera, configure it, or view a live feed.   Backdoor Found in 80 Sony Surveillance Camera Models EU-based security firm SEC Consult says it found the flaw following a routine firmware inspection. Its researchers say a standard scan had identified two hardcoded password hashes in the firmware deployed on several security cameras.   Ransomware forced hospitals to cancel 2,800 operations and shut down systems At the end of October, three British hospitals suffered a “major incident”, as a malware attack infected the Northern Lincolnshire and Goole NHS Foundation Trust (NLAG), forcing the almost complete shutdown of IT systems and the cancellation of routine patient operations for several days.   Chinese company installed secret backdoor on hundreds of thousands of phones   These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). The firmware could target specific users and text messages matching remotely defined keywords. The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices... The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users' consent and, in some versions of the software, the transmission of fine-grained device location information.   Yahoo secretly scanned customer emails for U.S. intelligence Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.   Yahoo confirms: hackers stole 500 million account details in 2014 data breach 500 million Yahoo users are discovering that not only might hackers know their names and email addresses (potentially helping criminals craft malicious attacks and phishing campaigns) but they also have their phone numbers and dates of birth.   154 million voter records exposed, revealing gun ownership, facebook profiles, and more Security researcher Chris Vickery came across an online database, hosted on a Google Cloud server, containing 154 million US voter records. It emerged that the poorly-secured database belonged to an unnamed client of data brokerage firm L2. The client has blamed hackers for leaving the database accessible from the outside world, without even the simplest password.   Carbonite online backup service bombarded with reused passwords Online backup service Carbonite is forcing users to pick new passwords in the wake of discovering that it was under a large-scale account takeover attack. On Tuesday, the company said in a post that as far as it can tell, its own systems haven’t been breached.   GoToMyPC accounts hacked, all customer passwords reset Experiencing a problem logging into GoToMyPC? There's a reason for that. Your password has been reset by Citrix, the company which runs GoToMyPC.com, after hackers reportedly attacked the service.   Acer to notify customers of online store data breach Taiwanese hardware and electronics company Acer will soon begin notifying customers of a data breach on its e-commerce website. A sample breach notification letter warns that a third-party might have gained unauthorized access to information about customers who visited Acer's e-commerce site between May 12, 2015 and April 28, 2016.   290,000 US Driver’s License Records Leaked Some 290,000 US driver’s license records have been allegedly put up for sale on the Dark Web by a hacker going by the name of NSA. The data dump is said to contain information regarding dates of birth, driving offenses, fines, full names, addresses, state, ZIP codes, phone numbers and email addresses.   Wendy’s Breach Numbers About to Get Much Meatier When news broke last month that the credit card breach at fast food chain Wendy’s impacted fewer than 300 out of the company’s 5,800 locations, the response from many readers was, “Where’s the Breach?” Today, Wendy’s said the number of stores impacted by the breach is “significantly higher” and that the intrusion may not yet be contained.   TeamViewer denies hack, as users claim computers remotely hijacked In the last day or two, there have been a spate of posts by TeamViewer users claiming that their computers have been hijacked by malicious hackers, their PayPal and other banking accounts emptied, their webmail accessed, and malicious software installed.   Ransomware alert issued by US and Canada following recent attacks Every week seems to bring news of another case of ransomware. It’s nasty stuff. Nasty enough that the US and Canada on Thursday issued a rare joint cyber alert warning about the recent surge in ransomware attacks, in which data is encrypted and crooks demand payment for it to be unlocked.   Mattel exec falls for $3 million con by fake CEO A finance executive of US toymaker Mattel fell victim to a phishing scam that fooled him into wiring $3 million to a Chinese bank.   Crooks Steal, Sell Verizon Enterprise Customer Data Verizon Enterprise Solutions, a B2B unit of the telecommunications giant that gets called in to help Fortune 500’s respond to some of the world’s largest data breaches, is reeling from its own data breach involving the theft and resale of customer data.   Large Angler Malvertising Campaign Hits Top Publishers On Sunday msn.com, nytimes.com, bbc.com, aol.com, my.xfinity.com, and many other websites were serving the Angler exploit kit in an expanded malvertising campaign.   Thieves Phish Moneytree Employee Tax Data Payday lending firm Moneytree is the latest company to alert current and former employees that their tax data — including Social Security numbers, salary and address information — was accidentally handed over directly to scam artists.   1-800 FLOWERS warns that hacker may have stolen customers' personal info 1-800 FLOWERS has begun sending out data breach letters notifying customers that a hacker might have stolen their personal information. In a letter sent by the New York-based flower and gift retailer to the California Department of Justice, 1-800 FLOWERS explains that it was first alerted to the incident back in February when customers began complaining of an issue on its website.   Thieves Nab IRS PINs to Hijack Tax Refunds Last year, KrebsOnSecurity warned that the Internal Revenue Service‘s (IRS) solution for helping victims of tax refund fraud avoid being victimized two years in a row was vulnerable to compromise by identity thieves. According to a story shared by one reader, the crooks are well aware of this security weakness and are using it to revisit tax refund fraud on at least some victims two years running — despite the IRS’s added ID theft protections.   IRS: 390K More Victims of IRS.Gov Weakness The U.S. Internal Revenue Service (IRS) today sharply revised previous estimates on the number of citizens that had their tax data stolen since 2014 thanks to a security weakness in the IRS’s own Web site. According to the IRS, at least 724,000 citizens had their personal and tax data stolen after crooks figured out how to abuse a (now defunct) IRS Web site feature called “Get Transcript” to steal victim’s prior tax data.   IRS reports 400% increase in phishing & malware in the past 12 months The US tax-filing season has only been under way for a month, but already the Internal Revenue Service is warning that it’s seen a 400% surge in phishing and malware compared with the previous tax year.   DVR snaps stills from CCTV surveillance and sends them to China The device is capturing still images from video feeds and emailing them to an address that appears to be hosted in China.   Skype users hit by ads spreading malicious Angler exploit kit Researchers recently spotted a malvertising campaign that used poisoned ads on Skype to redirect users to the Angler exploit kit.   PIN-stealing IRS attack affects 100,000 taxpayers In May 2015, crooks used an online IRS system called Get Transcript to probe for taxpayers’ personal information that they could use in refund fraud. Get Transcript wasn’t actually anything to do with the tax filing or refund system – it was actually a reference portal by which you could retrieve returns from previous years – but it turned out to be exactly the sort of information a crook could use to file this year’s return.   No, VTech cannot simply absolve itself of security responsibility A few months ago, the Hong Kong based toy maker VTech allowed itself to be hacked and millions of accounts exposed including hundreds of thousands of kids complete with names, ages, genders, photos and their relationships to their parents replete with where they (and assumedly their children) could be located.   Wendy’s Probes Reports of Credit Card Breach Wendy’s, the nationwide chain of fast-food restaurants, says it is investigating claims of a possible credit card breach at some locations.   IoT doorbell gave up Wi-Fi passwords to anybody with a screwdriver Here’s the physical security that the Wi-Fi enabled, Internet of Things Ring smart doorbell gives you: 1) automatic activation and notification on your mobile phone when people come close to your home or loiter around it, and 2) a CCTV camera and high-quality intercom to talk to whomever comes knocking, even if you’re miles away. Here’s the physical hole it was putting in your Wi-Fi: somebody could easily pop it off your front door (it’s secured with two standard screws), flip it over, retrieve the Wi-Fi password, and Presto! own your network.   Malware-Driven Card Breach at Hyatt Hotels Hyatt Hotels Corporation said today it recently discovered malicious software designed to steal credit card data on computers that operate the payment processing systems for Hyatt-managed locations.   Banks: Card Breach at Landry’s Restaurants Fraud analysts in the banking industry tell KrebsOnSecurity that the latest hospitality firm to suffer a credit card breach is likely Landry’s Inc., a company that manages a nationwide stable of well-known restaurants including Bubba Gump, Claim Jumper, McCormick & Schmick’s, and Morton’s.   Millions of Hello Kitty fans have their data exposed online Fresh on the heels of revealing that 13 million MacKeeper customers had had their sensitive account details left lying around on a publicly accessible database, researcher Chris Vickery had discovered a database containing the details of some 3.3 million users of the Sanrio Town online community.   Comcast Customers Targeted In Elaborate Malvertising Attack With the holiday season here, we are seeing a rise in online scams that attempt to trick victims into giving out personal information and extorting money for bogus services. This latest one is particularly sneaky because it starts with an advert on Comcast’s Xfinity search page, the largest provider of cable internet access in the US, which attempts to infect visitors via an exploit kit and finally delivers a tech support scam.   European Space agency hacked. Staff and subscribers’ data exposed Hackers operating under the banner of Anonymous have seemingly breached the due.esrin.esa.int, exploration.esa.int, and sci.esa.int ESA websites, exploiting a SQL vulnerability to trick them into spitting out the contents of their databases.   13 Million MacKeeper Users Exposed The makers of MacKeeper — a much-maligned software utility many consider to be little more than scareware that targets Mac users — have acknowledged a breach that exposed the usernames, passwords and other information on more than 13 million customers.   Don’t Be a Victim of Tax Refund Fraud in ’16 With little more than a month to go before the start of the 2016 tax filing season, the IRS and the states are hunkering down for an expected slugfest with identity thieves who make a living requesting fraudulent tax refunds on behalf of victims. Here’s what you need to know going into January to protect you and your family.   VTech toymaker hacked – millions of families have their personal info exposed VTech, a leading maker of electronic learning toys, has suffered a serious security breach, with hackers accessing a database containing information about customers and their children. As a result, data including users’ email addresses, home addresses, security questions and answers, children’s names and dates of birth, and easily-reversible passwords have been accessed.   Reader’s Digest and other WordPress Sites Compromised, Push Angler EK The attack consists of a malicious script injected within compromised WordPress sites that launches another URL whose final purpose is to load the Angler exploit kit.   eDellRoot, the huge security hole shipped with Dell laptops and PCs - what you need to know Computer hardware giant Dell is shipping PCs and laptops with a security hole that could make it easy for online criminals to spy upon your online activity - including intercepting your web email, your purchases and your online banking.   Starwood Hotels Warns of Credit Card Breach Starwood Hotels & Resorts Worldwide today warned that malware designed to help cyber thieves steal credit and debit card data was found on point-of-sale cash registers at some of the company’s hotels in North America.   Webhosting company loses 13 million plaintext passwords There's another data breach to report - and it's a big one, affecting approximately 13 million customers of the "free" web hosting company 000Webhost. The breached data, which includes customer names, emails and plaintext passwords (in other words, the passwords weren't securely stored), has reportedly been put up for sale on underground markets.   Attackers hijack CCTV cameras to launch DDoS attacks We've reached a point that security researchers have long warned is coming: Insecure embedded devices connected to the Internet are routinely being hacked and used in attacks. Fridge caught sending spam emails in botnet attack   TalkTalk experiences ‘significant and sustained cyberattack’ TalkTalk has experienced a “significant and sustained cyberattack” on its main website, the UK-based telecommunications company has revealed. It said that cybercriminals had launched an assault on its website on Wednesday (October 21st), which is likely to have affected many, if not all of its four million customers. UPDATE: TalkTalk ‘receives ransom’ for cyberattack   Online accounting software Xero tells users to reset passwords, after accounts breached Cloud-based accounting service Xero has told its customers to reset their passwords after a "small number" of users had their accounts compromised. At the time of writing there was no obvious advisory on Xero's website, blog or Twitter account, but news of the security warning was sent out to customers in an email.   Online pharmacy fined for selling user data to lottery company and others The ICO has fined an online pharmacy company that not only sold on user data without proper consent, it also made some astonishingly crass choices of customers to sell it to, including a lottery company.   Fraud Tactics Against Chip-and-PIN Technology October 1 came and went in the US, marking the beginning of the “liability shift” wherein when fraud occurs, the card issuer or merchant will be held responsible for it and no longer the consumer, who is usually the “careless party” in such situations.   Tech Support Scammers Impersonate Apple Technicians Remote assistance is becoming more and more popular to troubleshoot computer issues without the hassle of bringing the problematic machine to a store. Indeed, from the comfort of your own home you can let a Certified Technician remotely log into your PC and have them fix the issues you are facing.   How a criminal ring defeated the secure chip-and-PIN credit cards Years ago, about a dozen credit cards equipped with chip-and-PIN technology were stolen in France. In May 2011, a banking group noticed that those stolen cards were being used in Belgium, something that should have been impossible without the card holders inputting their PINs.   Don’t Be Fooled by Fake Online Reviews Part II In July Brian Krebs wrote about the dangers of blindly trusting online reviews, especially for high-dollar services like moving companies. That piece told the story of Full Service Van Lines, a moving company that had mostly five-star reviews online but whose owners and operators had a long and very public history of losing or destroying their customers’ stuff and generally taking months to actually ship what few damaged goods it delivered. Last week, federal regulators shut the company down.   Online Ad Industry Admits “We Messed Up” With Too Many Invasive Ads As ad-blocking plugins become increasingly popular, the online ad industry is realizing that maybe it shouldn’t have helped to create an environment where ads bog down, interrupt, annoy, and track users. “We messed up,” begins a statement by Scott Cunningham, Senior Vice President of Technology and Ad Operations at the Interactive Advertising Bureau, a trade group whose members account for around 90% of the ads you try to ignore every day.   Credit Card Breach at America’s Thrift Stores Another charity store chain has been hacked: America’s Thrift Stores, an organization that operates donations-based thrift stores throughout the southeast United States, said this week that it recently learned it was the victim of a malware-driven security breach that targeted software used by a third-party service provider.   Dow Jones & Company experiences data breach Dow Jones & Company has become the latest big name victim of a cyberattack, the publishing and financial information firm revealed in a letter to its customers. It explained that it had recently discovered that “unauthorized access” to its systems had taken place, possibly compromising as many as 3,500 individuals.   At Experian, Security Attrition Amid Acquisitions T-Mobile disclosed last week that some 15 million customers had their Social Security numbers and other personal data stolen thanks to a breach at Experian, the largest of the big American consumer credit bureaus. But this actually wasn’t the first time that a hacking incident at Experian exposed sensitive T-Mobile customer data, and that previous breach may hold important clues about what went wrong more recently.   Trump Hotel Collection Confirms Card Breach The Trump Hotel Collection, a string of luxury hotel properties tied to business magnate and Republican presidential candidate Donald Trump, said last week that a year-long breach of its credit card system may have resulted in the theft of cards used at the hotels.   Experian hacked, but it's 15 million T-Mobile customers who are put at risk Innocent users have had personal information such as their name, address, and date of birth exposed to the criminals. In addition, encrypted fields in the hacked databases including "social security number and ID number (such as driver’s license or passport number)" may be at risk.   Banks: Card Breach at Hilton Hotel Properties Multiple sources in the banking industry say they have traced a pattern of credit card fraud that suggests hackers have compromised point-of-sale registers in gift shops and restaurants at a large number of Hilton Hotel and franchise properties across the United States. Hilton says it is investigating the claims.   Inside Target Corp., Days After 2013 Breach In December 2013, just days after a data breach exposed 40 million customer debit and credit card accounts, Target Corp. hired security experts at Verizon to probe its networks for weaknesses. The results of that confidential investigation — until now never publicly revealed — confirm what pundits have long suspected: Once inside Target’s network, there was nothing to stop attackers from gaining direct and complete access to every single cash register in every Target store.   Apple removes hundreds of malicious apps after major malware attack Apple has removed more than 300 malware-infected apps after confirming the first major breach to its iOS app store, reports The Guardian. The company confirmed on Sunday that it was cleaning up the store after finding a malicious program, dubbed XcodeGhost, was embedded into hundreds of legitimate apps.   Over 10M Consumers’ Personal Info Stolen In Latest Health Insurer Data Breach For at least the fourth time this year, millions of consumers are being faced with some bad news: health insurer Excellus Blue Cross Blue Shield has announced the discovery of a major data breach in their systems. Over 10 million subscribers to Excellus and their partner services now have their most personal information — including medical claims records and social security numbers — stolen.   Credit card info for 93,000 Web.com customers nabbed in data breach If you're a Web.com customer, keep an eye out for fraudulent transactions on your credit or debit card statement - 93,000 customer credit card numbers may have been accessed in a data breach.   IRS data breach more severe than originally thought The Internal Revenue Service (IRS) in the US has announced that a major data breach it first made public in May is far bigger than previously thought. It noted in an official press release that more than twice as many US taxpayers have been affected, with cybercriminals gaining access to up to 330,000 accounts. Second Article : IRS: 330K Taxpayers Hit by ‘Get Transcript’ Scam   Chip Card ATM ‘Shimmer’ Found in Mexico Fraud experts in Mexico have discovered an unusual ATM skimming device that can be inserted into the mouth of the cash machine’s card acceptance slot and used to read data directly off of chip-enabled credit or debit cards.   Tech Firm Ubiquiti Suffers $46M Cyberheist Networking firm Ubiquiti Networks Inc. disclosed this week that cyber thieves recently stole $46.7 million using an increasingly common scam in which crooks spoof communications from executives at the victim firm in a bid to initiate unauthorized international wire transfers.   Potential data breach results in the shut down of many retail photo-printing services A potential data breach at a third-party provider has resulted in the shut down of retail photo-printing services at a number of chains, including CVS, Costco, Rite Aid, and several others.   CVS Probes Card Breach at Online Photo Unit Nationwide pharmacy chain CVS has taken down its online photo center CVSphoto.com, replacing it with a message warning that customer credit card data may have been compromised. The incident comes just days after Walmart Canada said it was investigating a potential breach of customer card data at its online photo processing store.   Federal Data Breach Reportedly Affects An Additional 21 Million People Remember when it was announced that more than four million federal employees in the country were part of a massive data breach last month? Well, turns out that was just one of two rather large data breaches to hit the Office of Personnel Management, with the newly announced second, larger hack affecting upwards of 21 million current and former employees, as well as prospective employees, their families and others who applied for federal background investigations in the last 15 years.   Credit Card Breach at a Zoo Near You Service Systems Associates, a company that serves gift shops and eateries at zoos and cultural centers across the United States, has acknowledged a breach of its credit and debit card processing systems.   Casino customers and employees put at risk after FireKeepers hack Approximately 85,000 credit and debit cards used to make food, beverage and retail purchases between September 7 2014 and April 25 2015 are thought to have been put at risk by the hack, exposing cardholder names, card numbers, verification codes and expiry dates.   Banks: Card Breach at Trump Hotel Properties The Trump Hotel Collection, a string of luxury hotel properties tied to business magnate and now Republican presidential candidate Donald Trump, appears to be the latest victim of a credit card breach, according to data shared by several U.S.-based banks.   Hershey Park Investigates Card Fraud Pattern Hershey Park, a popular resort and amusement park in Hershey, Pa. has hired a security firm to investigate reports from multiple financial institutions about a possible credit card breach.   MacKeeper - a(nother) reason not to use it Last month a serious zero-day vulnerability was found in MacKeeper, that could be exploited by hackers. Essentially, a hacker could create a boobytrapped link that - if clicked - would trick MacKeeper into executing cod that have any number of unpleasant payloads - such as wiping your hard disk, stealing information or installing malware.   Password Manager LastPass Warns of Breach LastPass, a company that offers users a way to centrally manage all of their passwords online with a single master password, disclosed Monday that intruders had broken into its databases and made off with user email addresses and password reminders, among other data.   Discount Chain Fred’s Inc. Probes Card Breach Fred’s Inc., a discount general merchandise and pharmacy chain that operates 650 stores in more than a dozen states, disclosed today that it is investigating a potential credit card breach.   Breach at Winery Card Processor Missing Link Missing Link Networks Inc., a credit card processor and point-of-sale vendor that serves a number of wineries in Northern California and elsewhere, disclosed today that a breach of its networks exposed card data for transactions it processed in the month of April 2015.   How to Stalk Someone’s Location on Facebook Messenger Once again, warnings are being given that internet users may not realise just how much personal information they are sharing with others online – and this time it’s about where you spend your life working, playing and sleeping.   IRS: Crooks Stole Data on 100K Taxpayers Via ‘Get Transcript’ Feature In March 2015, KrebsOnSecurity broke the news that identity thieves engaged in filing fraudulent tax refund requests with the Internal Revenue Service (IRS) were using the IRS’s own Web site to obtain taxpayer data needed to complete the phony requests. Today, IRS Commissioner John Koskinen acknowledged that crooks used this feature to pull sensitive data on more than 100,000 taxpayers this year.   Carefirst Blue Cross Breach Hits 1.1M CareFirst BlueCross BlueShield on Wednesday said it had been hit with a data breach that compromised the personal information on approximately 1.1 million customers. There are indications that the same attack methods may have been used in this intrusion as with breaches at Anthem and Premera, incidents that collectively involved data on more than 90 million Americans.   mSpy Denies Breach, Even as Customers Confirm It Last week, KrebsOnSecurity broke the news that sensitive data apparently stolen from hundreds of thousands of customers mobile spyware maker mSpy had been posted online. mSpy has since been quoted twice by other publications denying a breach of its systems.   Sally Beauty Card Breach, Part Deux For the second time in a year, nationwide beauty products chain Sally Beauty Holdings Inc. says it is investigating reports of unusual credit and debit card activity at some of its U.S. stores.   FBI arrests JP Morgan Chase former employee for selling account data A former employee of JP Morgan Chase, the largest bank in the US, has been arrested by the FBI after a sting operation which resulted in several sets of bank account data including PINs being sold to informants and federal agents.   Harbortouch is Latest POS Vendor Breach Last week, Allentown, Pa. based point-of-sale (POS) maker Harbortouch disclosed that a breach involving “a small number” of its restaurant and bar customers were impacted by malicious software that allowed thieves to siphon customer card data from affected merchants.   Dropbox users continue to unwittingly leak tax returns and other private data 18 months later and Dropbox still hasn't fixed the Share link disclosure vulnerability.   Tax Fraud Advice, Straight from the Scammers Some of the most frank and useful information about how to fight fraud comes directly from the mouths of the crooks themselves. Online cybercrime forums play a critical role here, allowing thieves to compare notes about how to evade new security roadblocks and steer clear of fraud tripwires. And few topics so reliably generate discussion on crime forums around this time of year as tax return fraud, as we’ll see in the conversations highlighted in this post.   Premera Blue Cross Breach Exposes Financial, Medical Records Premera Blue Cross, a major provider of health care services, disclosed today that an intrusion into its network may have resulted in the breach of financial and medical records of 11 million customers. Although Premera isn’t saying so just yet, there are indicators that this intrusion is once again the work of state-sponsored espionage groups based in China.   Advantage Dental hacked – over 150,000 personal records breached Advantage Dental has sent out notices to 151,626 of its customers after a hacking which may have led to the leaking of valuable patient data.   Intuit Failed at ‘Know Your Customer’ Basics Intuit, the makers of TurboTax, recently introduced several changes to beef up the security of customer accounts following a spike in tax refund fraud at the state and federal level. Unfortunately, those changes don’t go far enough. Here’s a look at some of the missteps that precipitated this mess, and what the company can do differently going forward.   Credit Card Breach at Mandarin Oriental In response to questions from KrebsOnSecurity, upscale hotel chain Mandarin Oriental Hotel Group today confirmed that its hotels have been affected by a credit card breach.   Anthem refuses IT security audit following massive data breach Anthem Inc. has refused to allow a federal watchdog to conduct an audit of its IT systems, following a huge data breach last month that could have affected up to 80 million of its customers. As Government Information Security reports, the health insurer has refused to agree to vulnerability scans and configuration compliance tests offered to health insurers by The Office of Personnel Management’s Office of Inspector General (OIG). Anthem also refused security audits by the same agency to be conducted in 2013.   Natural Grocers Investigating Card Breach Sources in the financial industry tell KrebsOnSecurity they have traced a pattern of fraud on customer credit and debit cards suggesting that hackers have tapped into cash registers at Natural Grocers locations across the country. The grocery chain says it is investigating “a potential data security incident involving an unauthorized intrusion targeting limited customer payment card data.”   Spam Uses Default Passwords to Hack Routers In case you needed yet another reason to change the default username and password on your wired or wireless Internet router: Phishers are sending out links that, when clicked, quietly alter the settings on vulnerable routers to harvest online banking credentials and other sensitive data from victims.   What is malvertising? Malvertising is the name we in the security industry give to criminally-controlled adverts which intentionally infect people and businesses. These can be any ad on any site – often ones which you use as part of your everyday Internet usage. It is a growing problem, as is evidenced by a recent US Senate report, and the establishment of bodies like Trust In Ads.   Anthem hack puts at least 8.8 million NON-customers at risk It’s bad enough when a company you are doing business with gets hacked, and your personal information is exposed. But it’s even more annoying when a company that you have no relationship with suffers a serious data breach by hackers, and your details *still* get exposed.   TurboTax’s Anti-Fraud Efforts Under Scrutiny Two former security employees at Intuit — the makers of the popular tax preparation software and service TurboTax – allege that the company has made millions of dollars knowingly processing state and federal tax refunds filed by cybercriminals.   Lenovo "Superfish" controversy - what you need to know The controversy of the week is Superfish, which is the name of a marketing company that, amongst other things, produces software called Visual Discovery.   Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections Lenovo is selling computers that come preinstalled with adware that hijacks encrypted Web sessions and may make users vulnerable to HTTPS man-in-the-middle attacks that are trivial for attackers to carry out, security researchers said. Second Article   The Rise in State Tax Refund Fraud Scam artists stole billions of dollars last year from the U.S. Treasury by filing phony federal tax refund requests on millions of Americans. But as Uncle Sam has made this type of fraud harder for thieves to profit from, the crooks have massively shifted their focus to conducting refund fraud at the state level.   Citing Tax Fraud Spike, TurboTax Suspends State E-Filings TurboTax owner Intuit Inc. said Thursday that it is temporarily suspending the transmission of state e-filed tax returns in response to a surge in complaints from consumers who logged into their TurboTax accounts only to find crooks had already claimed a refund in their name.   Anthem Breach May Have Started in April 2014 Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion.   Phishers Pounce on Anthem Breach Phishers and phone fraudsters are capitalizing on public concern over a massive data breach announced this week at health insurance provider Anthem in a bid to steal financial and personal data from consumers. The flood of phishing scams was unleashed just hours after Anthem announced publicly that a “very sophisticated cyberattack” on its systems had compromised the Social Security information and other personal details on some 80 million Americans.   Data Breach at Health Insurer Anthem Could Impact Millions Anthem Inc., the nation’s second largest health insurer, disclosed Wednesday that hackers had broken into its servers and stolen Social Security numbers and other personal data from all of its business lines. Given the company’s size, this breach could end up impacting tens of millions of Americans.   Hacked Hotel Phones Fueled Bank Phishing Scams A recent phishing campaign targeting customers of several major U.S. banks was powered by text messages directing recipients to call hacked phone lines at Holiday Inn locations in the south.   Target Hackers Hit Third Parking Service Book2Park.com, an online parking reservation service for airports across the United States, appears to be the latest victim of the hacker gang that stole more than a 100 million credit and debit cards from Target and Home Depot. Book2park.com is the third online parking service since December 2014 to fall victim to this cybercriminal group.   FBI: Businesses Lost $215M to Email Scams Federal investigators say the so-called “business email compromise” (BEC) swindle is a sophisticated and increasingly common scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments.   HealthCare.gov Sends Personal Data to Dozens of Tracking Websites EFF researchers have independently confirmed that healthcare.gov is sending personal health information to at least 14 third party domains, even if the user has enabled Do Not Track.   Banks: Card Breach at Some Chick-fil-A’s Sources at several U.S. financial institutions say they have traced a pattern of credit card fraud back to accounts that all were used at different Chick-fil-A fast food restaurants around the country.   Target Hackers Hit OneStopParking.com Parking services have taken a beating this year at the hands of hackers bent on stealing credit and debit card data. This week’s victim — onestopparking.com — comes compliments of the same organized crime gang thought to be responsible for stealing tens of millions of card numbers from shoppers at Target and Home Depot.   Payday Loan Network Sold Info to Scammers The Federal Trade Commission announced this week it is suing a consumer data broker that sold payday loan application data to scammers who used the information to pull money out of consumer bank accounts.   Cowards Attack Sony PlayStation, Microsoft xBox Networks A gaggle of young misfits is taking credit for preventing millions of users from playing Sony Playstation and Microsoft Xbox Live games this holiday season.   Amazon, Xbox Live, PSN and more: Hackers leak 13,000 passwords 13,000 login details including payment card numbers an expiry dates have leaked from online services including Amazon, Xbox Live, Playstation Network and more.   Hackers damage German factory An online attack on a German steelworks caused massive damage to the infrastructure, according to reports. The incident marks “one of the rare instances in which a digital attack actually caused physical damage”.   Staples: 6-Month Breach, 1.16 Million Cards Office supply chain Staples Inc. today finally acknowledged that a malware intrusion this year at some of its stores resulted in a credit card breach. The company now says some 119 stores were impacted between April and September 2014, and that as many as 1.16 million customer credit and debit cards may have been stolen as a result.   Bebe Stores Confirms Credit Card Breach In a statement released this morning, women’s clothier chain bebe stores inc. confirmed news first reported on this blog Thursday: That hackers had stolen customer card data from stores across the country in a breach that persisted for several weeks last month.   Be Wary of ‘Order Confirmation’ Emails If you receive an email this holiday season asking you to “confirm” an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.   Sony Breach May Have Exposed Employee Healthcare, Salary Data The recent hacker break-in at Sony Pictures Entertainment appears to have involved the theft of far more than unreleased motion pictures: According to multiple sources, the intruders also stole more than 25 gigabytes of sensitive data on tens of thousands of Sony employees, including Social Security numbers, medical and salary information.   Point-of-Sale systems breached at major US parking garage operator A North American parking company, SP+, says that on 3 November, it got a security heads-up from the company that provides and maintains its payment card systems. On Friday, SP+ said in a notice that an unauthorized person used a remote-access tool to get their fingers into some of its parking facilities' computers that process payment cards.   US Postal Service breached, employee and customer data stolen The United States Postal Service on Monday warned workers that their data had been compromised. The breach affects not only letter carriers who walk their delivery routes and those who work in the inspector general's office but also the postmaster general himself.   Yahoo, Match and AOL hit by ransomware Cybercriminals taking advantage of a ‘malvertising’ attack on big name sites including Yahoo, Match.com and AOL were making in the region of $25,000 per day through ransomware, according to Forbes. The attacks, which used CryptoWall 2.0, ran through three compromised ad networks: Rubicon Project, OpenX and Right Media/Yahoo Advertising, according to the International Business Times. The site lists 22 sites that were found to be affected, including The Atlantic, Time Out, 9GAG and The Sydney Morning Herald.   Banks: Credit Card Breach at Staples Stores Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach. Staples says it is investigating “a potential issue” and has contacted law enforcement.   Malware Based Credit Card Breach at Kmart Sears Holding Co. late Friday said it recently discovered that point-of-sale registers at its Kmart stores were compromised by malicious software that stole customer credit and debit card information. The company says it has removed the malware from store registers and contained the breach, but that the investigation is ongoing.   Dairy Queen Confirms Breach at 395 Stores Nationwide fast-food chain Dairy Queen on Thursday confirmed that malware installed on cash registers at some 395 stores resulted in the theft of customer credit and debit card information. The acknowledgement comes nearly six weeks after this publication first broke the news that multiple banks were reporting indications of a card breach at Dairy Queen locations across the country.   Huge Data Leak at Largest U.S. Bond Insurer The nation’s largest bond insurer was notified that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to access data that wasn’t already accessible via a simple Web search.   AT&T hit by insider breach; "change your passcode" it warns AT&T, one of the US's biggest telecoms, has fired an insider for having thumbed through customer accounts without authorization and potentially slurping customers' taxpayer IDs, driver license numbers and more.   JP Morgan Chase confirms breach, 76 million homes and 7 million businesses affected JP Morgan Chase, the largest bank in the US, informed investors on Thursday that a data breach during the summer had affected around 76 million households and approximately 7 million small businesses.   New signed version of CryptoWall ransomware on the loose Researchers have discovered a variant of the CryptoWall ransomware that has a valid digital signature and is being distributed through malicious ads on several top-ranked Alexa Web sites.   Hacked security plugin firm stored customer passwords in plain text It’s bad enough that many firms don’t bother to salt and hash passwords on their servers and just encrypt them instead, but it’s petrifying to think that a technology company is actually storing passwords in plaintext in this day and age, despite the constant news headlines of security breaches and hacks.   Albertsons, Jewel-Osco, ACME, Shaw’s Hit By Second Credit Card Data Breach According to AB Acquisition, this is a different strain of malware than the one that compromised the stores’ payment systems from late June through mid-July of this year. So this is like getting over the norovirus only to find out you’ve got enterovirus.   Signature Systems Breach Expands Signature Systems Inc., the point-of-sale vendor blamed for a credit and debit card breach involving some 216 Jimmy John’s sandwich shop locations, now says the breach also may have jeopardized customer card numbers at nearly 100 other independent restaurants across the country that use its products.   Healthcare data worth ten times price of credit card data Medical information is now worth up to 10 times the price of credit card details on online black markets, due to weak healthcare security and a thriving black market in data to be used for medical frauds.   Jimmy John’s Confirms Breach at 216 Stores More than seven weeks after this publication broke the news of a possible credit card breach at nationwide sandwich chain Jimmy John’s, the company now confirms that a break-in at one of its payment vendors jeopardized customer credit and debit card information at 216 stores.   Disgruntled employees are increasingly e-sabotaging businesses, FBI says Employees with an axe to grind are increasingly sticking it to their current or former employers using e-tools such as cloud storage sites or remote access to a company's computer network, the US Federal Bureau of Investigation and Homeland Security Department said on Tuesday.   Home Depot data breach – ‘warnings ignored since 2008’ Home Depot staff repeatedly ignored the concerns of employees about the security of its systems, prior to the Home Depot data breach, now thought to be the largest in history, according to a New York Times report. The chain relied on outdated software which was scanned ‘rarely’ by employees.   eBay XSS password-stealing security hole “existed for months” Last week an alarm was raised about a security hole on the eBay website which had caused at least one potential purchaser to be transported to a password-stealing scam instead of an auction page flogging an iPhone.   Home Depot breach totals: 56 million credit cards exposed, $62 million in losses Lots of people who speculated about the source of the credit card data breach at the Home Depot turned out to be wrong. But those who suggested that Home Depot's breach might end up bigger than Target's turned out to be spot on.   In Home Depot Breach, Investigation Focuses on Self-Checkout Lanes The malicious software that unknown thieves used to steal credit and debit card numbers in the data breach at Home Depot this year was installed mainly on payment systems in the self-checkout lanes at retail stores, according to sources close to the investigation.   'Tiny banker' malware targets US financial institutions A banking trojan, known for its small size but powerful capabilities, has expanded the number of financial institutions from which it can collect data, according to security vendor Avast.   Online ad threat – Yahoo, Amazon, YouTube ‘victims of malvertising’ Anyone who has visited popular domains such as YouTube.com, Amazon.com or Ads.Yahoo.com could be a victim of a new, mutating malware attack distributed through the online ad network adverts displayed on the sites, according to a new blog by networking specialist Cisco.   In Wake of Confirmed Breach at Home Depot, Banks See Spike in PIN Debit Card Fraud Nearly a week after this blog first reported signs that Home Depot was battling a major security incident, the company has acknowledged that it suffered a credit and debit card breach involving its U.S. and Canadian stores dating back to April 2014. Home Depot was quick to assure customers and banks that no debit card PIN data was compromised in the break-in. Nevertheless, multiple financial institutions contacted by this publication are reporting a steep increase over the past few days in fraudulent ATM withdrawals on customer accounts.   5 Nigerian gangs and their US accomplices are behind most Craigslist buyer scams George Mason University researchers Damon McCoy and Jackie Jones have found that the majority of Craigslist buyer scams originate from one of only 5 Nigerian gangs - with substantial help from US-based accomplices.   Home Depot Hit By Same Malware as Target The apparent credit and debit card breach uncovered last week at Home Depot was aided in part by a new variant of the same malicious software program that stole card account data from cash registers at Target last December, according to sources close to the investigation.   Hacker breached HealthCare.gov website, planted malware on “ObamaCare” The Wall Street Journal is reporting that a hacker managed to break into the US Government’s HealthCare.gov health insurance comparison website in July, and managed to implant malware.   One in five Massachusetts residents breached in 2013 Roughly one in five Massachusetts residents were affected by a data breach last year, according to numbers released today by the Commonwealth’s Office of Consumer Affairs & Business Regulation (OCABR).   5 things you should know about email unsubscribe links before you click We all get emails we don’t want, and cleaning them up can be as easy as clicking 'unsubscribe' at the bottom of the email. However, some of those handy little links can cause more trouble than they solve.   Data: Nearly All U.S. Home Depot Stores Hit New data gathered from the cybercrime underground suggests that the apparent credit and debit card breach at Home Depot involves nearly all of the company’s stores across the nation.   Banks: Credit Card Breach at Home Depot Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity.   Hackers compromise Namecheap user accounts Hosting provider Namecheap said Monday hackers compromised some of its users’ accounts, likely using a recently disclosed list of 1.2 billion usernames and passwords compiled by Russian hackers.   JPMorgan hackers altered, deleted bank records, says report The scope of yesterday's computer attack against JPMorgan Chase and at least one other bank appears to be much larger than initially reported. In addition to possibly affecting seven financial organizations, instead of two as originally reported, some bank records at JPMorgan were altered and possibly deleted.   JPMorgan bank could be hackers' latest victim The FBI is investigating a data breach into JPMorgan and possibly several other banks, according to The Wall Street Journal. While information on the timing and reach of the hack is scant, sources familiar with the probe told the Journal that the investigation began earlier this month. It's believed the breach may have been caused by hackers injecting malware into a JPMorgan employee's personal computer. It's possible that between two and five US banks have been affected.   New malvertising campaign hit visitors of several high-profile sites Some visitors to several high-profile websites last week were redirected to browser exploits that installed malware on their computers because of malicious advertisements on those sites. The attack affected visitors to Java.com, Deviantart.com, TMZ.com, Photobucket.com, IBTimes.com, eBay.ie, Kapaza.be and TVgids.nl between Aug. 19 and Aug. 22, according to researchers from Dutch security firm Fox-IT.   Possible Dairy Queen data breach Sources in the financial industry say they’re seeing signs that Dairy Queen may be the latest retail chain to be victimized by cybercrooks bent on stealing credit and debit card data. Dairy Queen says it has no indication of a card breach at any of its thousands of locations, but the company also acknowledges that nearly all stores are franchises and that there is no established company process or requirement that franchisees communicate security issues or card breaches to Dairy Queen headquarters.   Report: Consumers concerned about online threats but do little to protect themselves Kaspersky conducted an online survey between May and June of this year and gathered information from users in 23 countries around the world. The findings were eye opening.   UPS admits 51 stores hit with malware for five months The list of corporations that have been victimized by credit card stealing malware in 2014 grew a little longer this week as UPS announced that 51 of its stores suffered a “broad-based malware intrusion” earlier this spring.   Supervalu says it was breached - is it the next Target? US retailer Supervalu is warning customers that an intrusion of its network may have resulted in the theft of credit and debit card numbers from up to 200 of its stores, including Albertson's, Jewel-Osco, Acme Markets, Shaw's and Star Market. All told, the number of stores affected by the breach could be as many as 1,000.   4.5 million patients put at risk after community health system hacked U.S. hospital operator Community Health Systems (CHS) has revealed that hackers have broken into its computer network, and stolen the personal data of some 4.5 million patients, including their names and addresses.   Albertsons, Jewel-Osco, ACME, Shaw’s Supermarkets Hit By Credit Card Data Breach According to AB Acquisition LLC, which operates these chains and others, the company “recently learned of an unlawful intrusion to obtain credit and debit card payment information in some of its stores.”   GameOver Zeus botnet rebuilds It didn’t take long for an updated version of GameOver Zeus to make some headway in rebuilding itself. Research published today from Arbor Networks demonstrates that cybercriminals behind GameOver Zeus, which was taken down by law enforcement in early June, have renewed the botnet with at least 12,353 unique IP addresses worldwide.   Yahoo ads network helps hackers spread CryptoWall ransomware Security researchers at Blue Coat say that they have seen CryptoWall being spread via ads.yahoo.com – a major online advertising network run by, yes you guessed it, Yahoo.   Botnets: What are They, and How can You Protect Your Computer? Chances are that every day your email address receives more than its fair share of spam messages. With luck you have good spam-filtering technology in place which (hopefully) is blocking most of the unwanted email and allowing only legitimate messages through. But have you ever wondered how all that spam was sent in the first place?   Security firm that revealed “billion password” breach demands $120 before it will say if you’re a victim We would recommend that you DO NOT use this service.   Gambling website Paddy Power took four years to tell customers their data had been stolen Yesterday, popular gambling website Paddy Power found itself admitting that it had suffered a serious data breach – the kind of position that no company ever wants to find itself in. Not that you would know if you visited their website, of course. Because there’s no mention of the issue on the front page that their customers visit. Instead they will need to find the link buried away in their press release section.   Is your Point of Sale machine protected against attacks? In case the coverage of last year’s Target breach did not drive this point home: Criminals are very interested in retailers’ Point of Sale (PoS) machines. Because so many credit card numbers pass through these systems, and they are often insufficiently guarded, criminals find them a very low-hanging fruit for theft. Recently, a new type of malware has been found that specifically tries to break into PoS machines.   Credit Card Breach at Goodwill Industries Heads up, bargain shoppers: Financial institutions across the country report that they are tracking what appears to be a series of credit card breaches involving Goodwill locations nationwide. For its part, Goodwill Industries International Inc. says it is working with the U.S. Secret Service on an investigation into these reports.   Online privacy – millions spied on by “unblockable” ad-snooper A new, invisible web tracking tool bypasses the protections privacy-conscious web users rely on (including browser privacy settings, do-not-track instructions, or tools such as AdBlock Plus) and is already being used by thousands of sites – without visitors being aware.   Researcher Identifies Hidden Data-Acquisition Services in iOS Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption.   There’s a new kid on the crypto ransomware block, known as Critroni There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen using the Tor network for command and control.   Catch of the Day waits 3 years to reveal data breach Australian daily deals website Catch of the Day has revealed its website was hacked in early 2011, compromising passwords and credit cards. The company — which owns the Catch of the Day, Scoopon, EatNow, GroceryRun, and MumGo websites — informed customers late on Friday that people who joined the site prior to May 7, 2011 should change their passwords as a result.   “Severe” password manager attacks steal digital keys and data en masse For almost two years, Ars has advised readers to use a software-based password manager to ease the password fatigue that comes from choosing and securing dozens of hard-to-guess passcodes that are unique to each site or service. A research paper scheduled to be presented at a security conference next month underscores the hidden dangers of selecting the wrong products.   CNET hacked! Registered users details stolen by gang demanding 1 Bitcoin If you are a registered user of the CNET technology news website, it might be a good idea to put your emergency password plans into action right now. That means changing your CNET password, and ensuring that you are not using the same password anywhere else on the net. Although there is no indication that your password is in imminent danger, it seems a sensible precautionary measure after CNET admitted that hackers broke into some of its web servers a few days ago, and accessed a database of the site’s users.   Beware Keyloggers at Hotel Business Centers The U.S. Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests.   Crooks Seek Revival of ‘Gameover Zeus’ Botnet Cybercrooks today began taking steps to resurrect the Gameover ZeuS botnet, a complex crime machine that has been blamed for the theft more than $100 million from banks, businesses and consumers worldwide. The revival attempt comes roughly five weeks after the FBI joined several nations, researchers and security firms in a global and thus far successful effort to eradicate it.   Nigerian scams expand to Malaysia – fraud doubles Nigeria’s notorious scam industry has expanded overseas – with Nigerian conmen entering Malaysia on student visas to perpetrate fraud using the country’s fast connections and advanced banking system, and raking in millions of dollars.   Google Drive Found Leaking Private Data — Another Warning About Shared Links A disturbing privacy problem has been discovered in Google Drive which could have resulted in sensitive personal or corporate information stored on the cloud service being accessed by unauthorised parties.   By Selling Your Smartphone You're Selling Yourself Sometimes you can get a nice trade-in when you upgrade your old phone to the latest model. When that's not possible, many electronics vendors offer a decent buy-back program. But if you're already familiar with selling online through eBay or similar services, you may find it convenient to just put your old phone up for sale. When you click "Erase everything" on the phone, all your data is safely erased, right? Well, no.   Cryptowall Ransomware: What You Need to Know Cryptowall is “ransomware” — malicious software that takes the data on your computer hostage. It then demands that a financial payment be made (a ransom) in order to regain access to the lost files. Once in place, Cryptowall encrypts a wide variety of file types on victims’ computers before asking that a ransom be paid within a specified time period.   New malware program hooks into networking APIs to steal banking data There is yet another reason to be wary of spam email about bank transfers or invoices—it could be carrying a new, cleverly designed malware program that steals financial information.   2014: The Year Extortion Went Mainstream The year 2014 may well go down in the history books as the year that extortion attacks went mainstream. Fueled largely by the emergence of the anonymous online currency Bitcoin, these shakedowns are blurring the lines between online and offline fraud, and giving novice computer users a crash course in modern-day cybercrime.   Montana medical breach may have leaked private data on 1.3 million people Personal information on 1.3 million people including bank details, medical records and home addresses may have leaked after a security incident where attackers gained entry to a server owned by Montana’s Public Health and Human Services department. Officials said that information on the affected server included names, addresses, birth dates and medical records.   Flaw Lets Attackers Bypass PayPal Two-Factor Authentication There’s a vulnerability in the way that PayPal handles certain requests from mobile clients that can allow an attacker to bypass the two-factor authentication mechanism for the service and transfer money from a victim’s account to any recipient he chooses.   Card Wash: Card Breaches at Car Washes An investigation into a string of credit card breaches at dozens of car wash locations across the United States illustrates the challenges facing local law enforcement as they seek to connect the dots between cybercrime and local gang activity that increasingly cross multiple domestic and international borders.   Internet firm goes out of business after DDoS extortion attack Code Spaces, a company which provided a similar service to GitHub and describes itself as offering “Rock Solid, Secure and Affordable Svn Hosting, Git Hosting and Project Management” has closed down for ever, after saying it fell victim to DDoS blackmailers this week.   P.F. Chang’s Breach Likely Began in Sept. 2013 The recently-announced credit card breach at P.F. Chang’s Chinese Bistro appears to have gone on for at least nine months: New information indicates that the breach at the nationwide restaurant chain began on or around Sept. 18, 2013, and didn’t end until June 11, one day after KrebsOnSecurity.com broke the news about the break-in.   New banking malware ‘Dyre’ targets Bank of America, CitiGroup accounts A dangerous new strain of malware has been discovered, able to steal banking credentials without alerting users to the interception. Second article   AT&T reveals social security data leak AT&T has revealed that customers’ personal information might have been leaked, exposing social security numbers and dates of birth. The telecoms giant disclosed in a filing to the California Attorney General’s office that third-party contractors had accessed customers’ personal data in order to unlock and re-sell smartphones.   Chinese Android smartphone comes with malware pre-installed The Star N9500 smartphone, which can be easily found available for sale via outlets like Amazon and eBay for relatively cheap prices, is said by researchers at G Data to be infected with the Uupay.D Trojan horse, posing as a version of the Google Play Store app. Second article   Domino's Pizza hacked, customer database held to ransom Hackers who claim to have cracked a Domino's Pizza database say they have stolen the details of more than 650,000 dough-loving customers in France and Belgium.   Tweetdeck has an XSS flaw. Here’s what you should do right now A potentially serious security flaw has been found in Tweetdeck, a popular Twitter client. At the time of writing the cross-site scripting (XSS) flaw doesn’t appear to have been exploited maliciously.   What’s a DDoS attack? Zombies, shopping help explain it all There has been a lot of news today about DDoS; Feedly went down, and at the time we publish this article, still is. Those types of attacks happen often, and can cause some major headaches. What are they, though? Are you at risk if it happens? We explain DDoS in layman's terms to help you understand a bit about what’s going on.   Banks: Credit Card Breach at P.F. Chang’s Nationwide chain P.F. Chang’s China Bistro said today that it is investigating claims of a data breach involving credit and debit card data reportedly stolen from restaurant locations nationwide.   Cloud service brought down by denial-of-service attack The popular online note-taking service Evernote says it began to suffer a denial-of-service attack on Tuesday which prevented users from accessing their accounts.   Feedly refuses to give in to blackmail demands, gets hit by DDoS attack Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can.   Ransomware 101: FAQ for computer users and smartphone owners What is ransomware? Ransomware is the generic term for any malicious software that, as its name suggests, demands a ransom be paid by the computer’s user.   ‘Operation Tovar’ Targets ‘Gameover’ ZeuS Botnet, CryptoLocker Scourge The U.S. Justice Department is expected to announce today an international law enforcement operation to seize control over the Gameover ZeuS botnet, a sprawling network of hacked Microsoft Windows computers that currently infects an estimated 500,000 to 1 million compromised systems globally. Experts say PCs infected with Gameover are being harvested for sensitive financial and personal data, and rented out to an elite cadre of hackers for use in online extortion attacks, spam and other illicit moneymaking schemes.   CryptoDefense ransomware infects via Java drive-by exploit Boffins at security firm Bromium have discovered that the CryptoDefense malware has been spread via boobytrapped webpages, in an attempt to make more money for its creators. CryptoDefense is less well-known than its fellow ransomware CryptoLocker, but is no less unpleasant – encrypting documents, source code and SSL certificates on victim’s computers and demanding that a Bitcoin ransom be paid in order to recover the data being held hostage.   eBay confirms security breach. Users to be asked to change passwords Later today, eBay Inc. will be asking all eBay users to change their passwords due to a cyber attack that compromised an eBay database containing encrypted eBay passwords and other non-financial information. eBay will notify its user base directly within the next 24 hours with more details.   Fitness apps are a "privacy nightmare", shedding personal data to the highest bidder The Washington Post quotes Deborah Peel, the executive director of Patient Privacy Rights, who called the growing fitness data marketplace a "privacy nightmare", given that the vast majority, if not all, of the health data these apps collect has "effectively zero" protection.   Postal Service: Beware Stamp Kiosk Skimmers The United States Postal Inspection Service is investigating reports that fraudsters are installing skimming devices on automated stamp vending machines at Post Office locations across the United States.   16-year-old Canadian boy arrested for over 30 swattings, bomb threats In March 2013, US computer security reporter Brian Krebs was swatted. Swatting - a term that derives from SWAT (Special Weapons and Tactics) - is the practice of falsely reporting an emergency, as a prank or as revenge against someone, resulting in the dispatch of emergency services. In Krebs's case, that meant armed law enforcement at his door. Krebs' persecutor had, in fact, spoofed an emergency call to make it appear that it had come from the journalist's own phone.   Antivirus is Dead: Long Live Antivirus! (why anti-virus apps don't always work) Put simply, a crypting service takes a bad guy’s piece of malware and scans it against all of the available antivirus tools on the market today — to see how many of them detect the code as malicious. The service then runs some custom encryption routines to obfuscate the malware so that it hardly resembles the piece of code that was detected as bad by most of the tools out there. And it repeats this scanning and crypting process in an iterative fashion until the malware is found to be completely undetectable by all of the antivirus tools on the market.   Dropbox told about vulnerability in November 2013, only fixed it when the media showed interest Dropbox was contacted yesterday by the media, investigating the claims being made by Intralinks – a file sharing and collaboration service for enterprises – after it revealed that it had stumbled across individuals’ mortgage applications and income tax returns that should surely have remained private on Dropbox.   Dropbox users leak tax returns, mortgage applications and more If you are using file-sharing systems like Dropbox and Box without proper care and attention, there is a risk that you could be unwittingly leaking your most private, personal information to others.   Can we trust anyone with our personal info? In the last few weeks, two very different criminal cases have concluded on opposite sides of the Atlantic, each of them showing how vulnerable our personal information is to those eager to exploit it.   Tax Fraud Gang Targeted Healthcare Firms Earlier this month, Brian Krebs wrote about an organized cybercrime gang that has been hacking into HR departments at organizations across the country and filing fraudulent tax refund requests with the IRS on employees of those victim firms. Today, we’ll look a bit closer at the activities of this crime gang, which appears to have targeted a large number of healthcare and senior living organizations that were all using the same third-party payroll and HR services provider.   Vishing Attacks Targeting Dozens Of Banks A recent VoIP-based phishing campaign has been netting the payment card information of up to 250 Americans per day.   AOL Mail accounts breached, users advised to change passwords AOL said it is investigating a large scale breach of AOL Mail in which "a significant number" of accounts were compromised. User information including encrypted passwords, encrypted answers to security questions, postal addresses, and address book contacts were compromised.   Microsoft acknowledges "in the wild" Internet Explorer zero-day Microsoft has published a security advisory of the heart-dropping sort. An "in the wild" exploit has been spotted that can cause RCE, or remote code execution, in Internet Explorer.   States: Spike in Tax Fraud Against Doctors An unusual number of physicians in several U.S. states, including New Hampshire, are just finding out that they’ve been victimized by tax return fraud this year, KrebsOnSecurity has learned. An apparent spike in tax fraud cases against medical professionals is fueling speculation that the crimes may have been prompted by a data breach at some type of national organization that certifies or provides credentials for physicians.   How do you know if your child’s ID has been stolen? When it comes to identity theft, the most successful attack is on the person least likely to be aware of activity being carried out in his or her name. That being the case, it is hard to imagine anyone who better fits the bill than a child. From the moment a child’s social security number is first issued, that information becomes a tempting target for thieves.   Crimeware Helps File Fraudulent Tax Returns Many companies believe that if they protect their intellectual property and customers’ information, they’ve done a decent job of safeguarding their crown jewels from attackers. But in an increasingly common scheme, cybercriminals are targeting the Human Resources departments at compromised organizations and rapidly filing fraudulent federal tax returns on all employees.   Heartbleed Bug: What Can You Do? In the wake of widespread media coverage of the Internet security debacle known as the Heartbleed bug, many readers are understandably anxious to know what they can do to protect themselves. Here’s a short primer.   In the wake of Heartbleed, watch out for phishing attacks disguised as password reset emails It's important that everyone remains on their guard, as malicious hackers could try to take advantage of the Heartbleed scare for their own benefit. For instance, an opportunistic cybercriminal could easily spam out a phishing attack disguised as a legitimate email from a web service asking users to reset their passwords.   Here’s some really bad Heartbleed bug advice about changing your passwords A lot of folks are going around at the moment telling the public to change all of their passwords in response to the serious Heartbleed internet security bug. That’s awful advice.   Heartbleed: Which passwords you should change right now Security researchers can all agree on one thing: the Heartbleed bug is probably the most significant and dangerous vulnerability to ever hit the internet. What’s odd about Heartbleed, though, is that due to the nature of the vulnerability — because it essentially means that hackers could eavesdrop on almost everything you’ve done in the last two years.   Microsoft requires migration to Windows 8.1 Update within 5 weeks Microsoft yesterday confirmed that Windows 8.1 users must upgrade to Windows 8.1 Update, the refresh that begins rolling out to customers today. "Failure to install this Update will prevent Windows Update from patching your system with any future updates starting with updates released in May 2014," said Michael Hildebrand of Microsoft in a Monday blog.   Did the Heartbleed bug leak your Yahoo password? The so-called Heartbleed security flaw found in the OpenSSL cryptographic software library, has created shockwaves for internet companies and users worldwide, and saw some firms scrabbling to fix and update their servers and software.   ‘Heartbleed’ Bug Exposes Passwords, Web Site Encryption Keys Researchers have uncovered an extremely critical vulnerability in recent versions of OpenSSL, a technology that allows millions of Web sites to encrypt communications with visitors. Complicating matters further is the release of a simple exploit that can be used to steal usernames and passwords from vulnerable sites, as well as private keys that sites use to encrypt and decrypt sensitive data.   U.S. States Investigating Breach at Experian An exclusive KrebsOnSecurity investigation detailing how a unit of credit bureau Experian ended up selling consumer records to an identity theft service in the cybercrime underground has prompted a multi-state investigation by several attorneys general, according to wire reports.   Targeted Attacks Exploit Microsoft Word Zero Day Targeted attacks have been spotted against a zero-day vulnerability in Microsoft Word 2010, leading Microsoft to issue a special security advisory and produce a Fix-it solution for users until a patch is ready.   Credit Card Breach at California DMV The California Department of Motor Vehicles appears to have suffered a wide-ranging credit card data breach involving online payments for DMV-related services, according to banks in California and elsewhere that received alerts this week about compromised cards that all had been previously used online at the California DMV.   NoMoreRack.com Probes Possible Card Breach For the second time since Aug. 2013, online retailer NoMoreRack.com has hired a computer forensics team after being notified by Discover about a potential breach of customer card data.   Another two universities suffer data breaches, but notification still too slow Universities seem to be evergreen targets for hackers, with two more breaches announced in the past week or so. This time it's been the turn of North Dakota University System and the prestigious Johns Hopkins University in Baltimore, Maryland, both of which have had to warn their staff and students about potential data theft and identity theft.   Sally Beauty Hit By Credit Card Breach Nationwide beauty products chain Sally Beauty appears to be the latest victim of a breach targeting their payment systems in stores, according to both sources in the banking industry and new raw data from underground cybercrime shops that traffic in stolen credit and debit cards.   Pre-installed malware turns up on new phones Marc Rogers, principal security researcher with Lookout Mobile Security, said his company has seen instances of malware show up on new phones. Lookout found a variant of a family of Chinese malware on new devices imported on the gray market from China.   Thieves Jam Up Smucker’s, Card Processor Jam and jelly maker Smucker’s last week shuttered its online store, notifying visitors that the site was being retooled because of a security breach that jeopardized customers’ credit card data. Closer examination of the attack suggests that the company was but one of several dozen firms — including at least one credit card processor — hacked last year by the same criminal gang that infiltrated some of the world’s biggest data brokers.   YouTube ads spread banking malware Security researchers at Bromium have discovered that hackers were spreading malware onto computers while unsuspecting users were watching YouTube videos.   Neiman Marcus attackers set off 60,000 alerts – but went unnoticed Hackers who stole hundreds of thousands of card details from upscale retailer Neiman Marcus set off more than 60,000 security alerts – but these were all missed by security staff at the company, according to a report by Bloomberg Businessweek.   The Talking Angela witch hunt - what on earth is going on? For the last week, the internet - and Facebook in particular - has been positively moist with the foamy, spittle flecks of an outraged, pitchfork wielding mob.   Nursing home data exposed on file-sharing site Researchers have found a trove of information on a file-sharing site that could allow attackers to breach electronic medical records and payment information from healthcare providers such as nursing homes, doctors' offices and hospitals.   Time to Harden Your Hardware Most Internet users are familiar with the concept of updating software that resides on their computers. But this past week has seen alerts about an unusual number of vulnerabilities and attacks against some important and ubiquitous hardware devices, from consumer-grade Internet routers, data storage and home automation products to enterprise-class security solutions.   Asus routers compromised by easily exploited flaw An Ars reader by the name of Jerry got a nasty surprise as he was browsing the contents of his external hard drive over the weekend, a mysterious text file warning him that he had been hacked thanks to a critical vulnerability in the Asus router he used to access the drive from various locations on his local network.   Moon router worm spreading between Linksys routers What’s unusual about the worm, which has been dubbed “The Moon”, is that it doesn’t infect computers. In fact, it never gets as far as your computer. And that means up-to-date anti-virus software running on your computer isn’t going to stop it. The worm never reaches a device which has anti-virus protection running on it.   Target ignored calls for security review just months before breach Target's massive security hole was ripped open in spite of warnings from the retailer's security people about potential vulnerabilities in its payment system.   Why cloud data isn't as safe as you think Serious cloud users know the vendor story: multiple datacenters, geograpically distributed; advanced erasure coding that is better than RAID 6 (which I've discussed); multiple version retention; checksums to ensure data integrity; and synchronization across devices. What could possibly go wrong?   Kickstarter breached - change your passwords Crowdfunding site Kickstarter has revealed that hackers gained unauthorised access to customer data earlier this week. Compromised details include usernames, email addresses, mailing addresses, phone numbers and password hashes.   Details of over one million Forbes readers leaked online Over one million readers of the Forbes website might be wise to change their password, and keep an eye open for suspicious emails, after a group of notorious hackers gained access to user information and published it online.   Email Attack on Vendor Set Up Breach at Target The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation.   ‘The Mask’ malware campaign, undetected by anti-virus firms since 2007 The technology press is full of stories this week about some malware called “The Mask”. The company which kicked off the reports is Russian security firm Kaspersky, which used the backdrop of a company meeting in the luxurious beach resort of Punta Cana in the Dominican Republic to announce its discovery to the world’s press.   Bitcoin-stealing Mac malware found on popular download websites Researchers at SecureMac have warned that they have discovered malware that steals Bitcoins which is being distributed via CNet’s popular Download.com website and MacUpdate (a rival to the official Mac App Store).   Target Hackers Broke in Via HVAC Company Last week, Target told reporters at The Wall Street Journal and Reuters that the initial intrusion into its systems was traced back to network credentials that were stolen from a third party vendor. Sources now tell KrebsOnSecurity that the vendor in question was a refrigeration, heating and air conditioning subcontractor that has worked at a number of locations at Target and other top retailers.   Comcast servers compromised by same attackers as Bell Canada Hacker group NullCrew claims to have broken into Comcast's servers today, exploiting a vulnerability reported in December 2013, but not patched.   New Clues in the Target Breach An examination of the malware used in the Target breach suggests that the attackers may have had help from a poorly secured feature built into a widely-used IT management software product that was running on the retailer’s internal network.   Hasbro website keeps spreading malware says security firm If you’re in the market for toys and games for your kids, you might want to avoid the Hasbro website. That’s the warning that’s been issued by security researchers at Barracuda Labs who claim that the toy retailer’s website has been infected with malware *four* times this year already.   Craft store Michaels faces second credit card compromise in 3 years Michaels, the largest arts and crafts store in North America, has acknowledged it may be the latest victim of malware targeting point-of-sale (PoS or cash register) computers.   Microsoft admits hackers stole law enforcement documents Microsoft has revealed that recent hacker attacks against it have gone beyond vandalising its blog and hijacking its Twitter accounts, and extended to the theft of “documents associated with law enforcement inquiries”.   Bug Exposes IP Cameras, Baby Monitors A bug in the software that powers a broad array of Webcams, IP surveillance cameras and baby monitors made by Chinese camera giant Foscam allows anyone with access to the device’s Internet address to view live and recorded video footage, KrebsOnSecurity has learned.   Gang Rigged Pumps With Bluetooth Skimmers Authorities in New York on Tuesday announced the indictment of thirteen men accused of running a multi-million dollar fraud ring that allegedly installed Bluetooth-enabled wireless gas pump skimmers at filling stations throughout the southern United States.   Two people used fake credit cards linked to Target data breach Two Mexican nationals have been arrested in Texas after they allegedly attempted to enter the U.S. with fraudulent credit cards that could be tied to the massive Target data breach.   DHS Alerts Contractors to Bank Data Theft A security breach at a Web portal for the U.S. Department of Homeland Security has exposed private documents and some financial information belonging to at least 114 organizations that bid on a contract at the agency last year.   HealthCare.gov riddled with flaws that could expose user data, experts say The federal government's HealthCare.gov website continues to be riddled with flaws that expose confidential user data to the public, a security expert testified Thursday at a hearing on Capitol Hill.   A First Look at the Target Intrusion, Malware Last weekend, Target finally disclosed at least one cause of the massive data breach that exposed personal and financial information on more than 110 million customers: Malicious software that infected point-of-sale systems at Target checkout counters. Today’s post includes new information about the malware apparently used in the attack, according to two sources with knowledge of the matter.   Security Essentials for Windows XP gets a 15-month reprieve Microsoft will produce signature updates for Security Essentials until July 14, 2015.   Target admits "there was malware on our point-of-sale registers" The Target data breach story has turned into a bit of a bus: it's big, has lots of momentum, and three just came along at once. Here's where we are now.   Target's data breach MUCH bigger than first thought - now more than 100,000,000 records Target has now joined the "hundred million plus" data breach club, following its discovery that a further 70,000,000 records were plundered in the recent breach.   Credit card hackers hit US retailer Neiman Marcus Posh US department store Neiman Marcus has been hit by hackers who managed to break into its systems and access the credit and debit card information of shoppers.   Yahoo says malware attack farther reaching than thought Yahoo has provided more information on an ad-related malware attack first reported a week ago that may have affected more than 2 million PCs and put Yahoo users' personal data in jeopardy. The company said some people outside Europe may, in fact, have been hit and that the attacks started four days earlier than previously thought.   Just how secure is that mobile banking app? Ariel Sanchez, a researcher at security assesment company IOActive, recently published a fascinating report on the sort of security you can expect if you do your internet banking on an iPhone or iPad.  The answer, sadly, seems to be, "Very little."   Bitcoin-mining linked to malware spread by Yahoo ads Here’s an easy prediction to make for 2014. We’re going to see lots more malware attacks designed to mine Bitcoins on infected computers. It’s come to light that some of the malware spread over the New Year period via poisoned Yahoo ads was designed to mine the virtual currency.   Hackers use Amazon cloud to scrape mass number of LinkedIn member profiles LinkedIn is suing a gang of hackers who used Amazon's cloud computing service to circumvent security measures and copy data from hundreds of thousands of member profiles each day.   Malware strikes thousands of Yahoo users via poisoned adverts Dutch security firm Fox IT has warned of a malware attack which has been hitting many thousands of internet users since at least December 30th.   Deconstructing the $9.84 Credit Card Hustle Over the holidays, I heard from a number of readers who were seeing strange, unauthorized charges showing up on their credit and debit cards for $9.84. Many wondered whether this was the result of the Target breach.   CryptoLocker ransomware turns from a Trojan… into a worm As if CryptoLocker wasn’t causing enough problems by infecting and locking thousands of innocent users’ Windows computers, security researchers have discovered a new variant of the ransomware that takes its propagation to a new level.   Attack dismissed as "theoretical" by Snapchat used to plunder 4.6 million phone numbers Controversial photosharing site Snapchat is back in the news again, opening the New Year as the victim of a data breach that it really ought to have predicted, and probably should have headed off at the pass.   Skype's Twitter account compromised by Syrian Electronic Army It would appear that 2014 is starting off on a sour note for the folks in Microsoft's social media team. The Syrian Electronic Army (SEA) appears to have compromised Skype's Twitter account.   Up to 40 million Target shoppers put at risk after massive credit-card data breach Anyone who shopped at Target between 27 November and 15 December is being told to be on their guard, after the North American retailer admitted they had been the victim of a massive data breach. Additional article from Krebs on Security   Two Missing Insurance Laptops May Impact 800k People On November 4, someone broke into the offices of Horizon Blue Cross Blue Shield of New Jersey and stole two laptops containing the sensitive information of more than 800,000 members.   Credit card data stolen from hundreds of attendees at Boston conventions Thieves pinched the credit card data for hundreds of attendees of two conferences held in Boston, a city in the US state of Massachusetts, this past autumn.   JP Morgan Chase owns up to data breach: 465,000 customers at risk JP Morgan Chase is the latest financial institution to own up to a data breach. According to reports, the breach affected 2% of the customers of one of the bank's payment card products. That doesn't sound such a big deal until you realise that the breach happened against a product called UCARD, of which it seems that 25,000,000 have been issued.   ZeroAccess Botnet Down, But Not Out Authorities in Europe joined Microsoft Corp. this week in disrupting “ZeroAccess,” a vast botnet that has enslaved more than two million PCs with malicious software in an elaborate and lucrative scheme to defraud online advertisers.   New Dexter Point-of-Sale Malware Campaigns Discovered The pesky Dexter point-of-sale malware, discovered more than a year ago, remains active primarily in Russia, the Middle East and Southeast Asia, while its cousin Project Hook is finding similar success in the United States, prompting experts to sound an alarm as holiday commerce ramps up.   Almost 2 million stolen passwords uncovered in cybercrime haul Security researchers at Trustwave have uncovered a stash of almost two million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo, LinkedIn and many other sites.   Don’t call it ‘the cloud’. Call it ‘someone else’s computer’ Replacing all instances of the word “cloud” with “somebody else’s computer” might make organisations stop and think about the security implications of cloud computing.   LG smart TV snooping extends to home networks, second blogger says A second blogger has published evidence that his LG-manufactured smart television is sharing sensitive user data with the Korea-based company in a post that offers support for the theory that the snooping isn't isolated behavior that affects a small number of sets.   Security pros: If Healthcare.gov hasn't been hacked already, it will be soon Four cyber security experts have delivered to the US Congress a unanimous opinion: American's shouldn't use HealthCare.gov, given its security issues.   Cupid Media Hack Exposed 42 million Passwords An intrusion at online dating service Cupid Media earlier this year exposed more than 42 million consumer records, including names, email addresses, unencrypted passwords and birthdays, according to information obtained by KrebsOnSecurity.   How your LG Smart TV can spy on you It turns out that your LG Smart TV might be silently logging what channels you watch, and when you switch channel – sending the data back to the South Korean company so it can target you with advertisements.   US local police department pays CryptoLocker ransom A local police department in Swansea, Massachusetts, has paid cybercrooks behind the CryptoLocker ransomware attack to decrypt files locked up by the malware on police computer systems.   How to freak out Instagram and Twitter users – and why they need to be more private American comedian Jack Vale took to the streets of Irvine, California, with nothing more than a smartphone. With that, he was able to search for social media users nearby who were posting messages – and then FREAK THEM OUT by telling them their names, and personal information about themselves.   Feds Charge Calif. Brothers in Cyberheists Federal authorities have arrested two young brothers in Fresno, Calif. and charged the pair with masterminding a series of cyberheists that siphoned millions of dollars from personal and commercial bank accounts at U.S. banks and brokerages.   Microsoft warns Windows users of zero-day danger from booby trapped image files Microsoft is warning about a brand new security hole in Windows that could let criminals get control of your computer through booby-trapped image files.   Zero-day targeted attacks via boobytrapped Word documents. Microsoft releases temporary fix Microsoft has issued a warning to users that malicious hackers have been using a previously unknown zero-day vulnerability to launch targeted attacks against particular computers.   CryptoLocker Crew Ratchets Up the Ransom The crooks behind this scam began easing their own rules a bit to accommodate victims who were apparently willing to pay up but simply couldn’t jump through all the hoops necessary in the time allotted.   Aaron's computer rental chain settles FTC spying charges The rent-to-own computer company settles a complaint that accused it of secretly taking Webcam photos of users in their homes and recording keystrokes of Web site login credentials.   Simple Bug Exposed Verizon Wireless Users’ SMS History A security researcher discovered a simple vulnerability in Verizon Wireless’s Web-based customer portal that enabled anyone who knows a subscriber’s phone number to download that user’s SMS message history, including the numbers of the people he communicated with.   Experian Sold Consumer Data to ID Theft Service An identity theft service that sold Social Security and drivers license numbers — as well as bank account and credit card data on millions of Americans — purchased much of its data from Experian, one of the three major credit bureaus, according to a lengthy investigation by KrebsOnSecurity.   CryptoLocker ransomware - see how it works, learn about prevention, cleanup and recovery This article explains how the CryptoLocker ransomware works, including a short video showing it in action. The article tells you about prevention, cleanup, and recovery. It also explains how to improve your security against this sort of threat in future.   US cities increasingly ignoring privacy, gobbling up data on residents Federal money earmarked to thwart terrorist attacks in the US is instead getting funneled into increasingly pervasive surveillance of citizens.   Tech Support Scams – Help & Resource Page "Hello, we are calling from Windows and your computer looks like it is infected. Our Microsoft Certified Technician can fix it for you". Sound familiar? Whether you have just been scammed or simply want to find out more on the topic, you have come to the right place   Destructive malware "CryptoLocker" on the loose Malware that encrypts your data and tries to sell it back to you, or else, is not new.   Microsoft "failed update" phish might well sound believable This email, though not exactly expected, isn't outrageously obviously bogus at first sight, and might even relate to problems you've experienced recently.   Adobe Breached, Acrobat and ColdFusion Code Stolen Along with 2.9M Customer Records Attackers accessed customer IDs, encrypted passwords as well as source code for a number of Adobe products.   Data-stealing botnets found in major public record holders' servers A "small but very potent" botnet run by an identity theft service has tentacles reaching into computers at some of the country's largest consumer and business data aggregators.   Recycled Yahoo email addresses still receiving messages for previous owners InformationWeek has reported the cases of three users who received messages intended for the previous owners of their accounts. At the outset, they received spam, but soon afterwards started to receive messages that contained PII - that's "Personally Identifiable Information".   20% of Yelp reviews are fake Back in 2006, the number of fake reviews spread across the service only made up about 5% of the total user reviews. Now, just seven years later, that number has shot up to 20%.   LinkedIn denies hacking into users' email Blake Lawit, Senior Director of Litigation for LinkedIn, on Saturday responded to a class action lawsuit brought last week by four users who claimed that the professional networking site accessed their email accounts.   US health care company faces giant class action suit for losing over 4,000,000 unencrypted records Back in July 2013, four computers were stolen from a large health care provider in Illinois, USA. At first blush, it doesn't sound like "Crime of the Century," but according to reports, those missing computers have become a huge thorn in the side of Illinois-based Advocate Health Care.   Has Facebook violated its 2011 Federal Trade Commission settlement? The top six privacy organisations in the US - the Electronic Privacy Information Center, Center for Digital Democracy, Consumer Watchdog, Patient Privacy Rights, U.S. PIRG, and the Privacy Rights Clearinghouse - sent a joint letter to politicians and regulators on Wednesday asking for some of Facebook's proposed changes to its policies to be blocked.   Lawyers report steep rise in employee data theft cases UK law firm EMW has reported a sharp rise in confidential data theft cases brought before the High Court. The bulk of the cases involve information taken by employees from their places of work, with blame for the rise being put on the availability of cloud storage services, and also on increases in remote working.   $1.5 million Cyberheist Ruins Escrow Firm A $1.5 million cyberheist against a California escrow firm earlier this year has forced the company to close and lay off its entire staff.   Backdoor in popular ad-serving software opens websites to remote hijacking The backdoor is tucked deep inside a directory in the /plugins tree in a JavaScript file called flowplayer-3.1.1.min.js. Mixed in with the JavaScript code is a malicious PHP script that lets attackers use the "eval" function to execute any PHP code.   Personal data on 72,000 staff taken in University of Delaware hack The University of Delaware (UD) has joined the long line of recent data breach victims, with a compromised university system yielding personal information on 72,000 past and present employees.   UK report: Banks let e-criminals pinch gobs of money underneath the law's nose A new report on e-crime put out by the UK's Home Affairs Committee on Tuesday blames a "black hole" that's letting thieves waltz off with big bucks filched from banks - all done often without law enforcement having been notified or having investigated.   Police departments and data mining companies team up to track license plates A new report from the ACLU on the exploding use of license plate readers across the country shows a system with virtually no oversight, few privacy protections, and limited restraint.   Facebook leaks are a lot leakier than Facebook is letting on Remember last week, when Naked Security et al. told you that Facebook leaked email addresses and phone numbers for 6 million users, but that it was really kind of a modest leak, given that it's a billion-user service? The researchers who originally found out that Facebook is actually creating secret dossiers for users are now saying the numbers don't quite match up.   Facebook issues data breach notification - may have leaked your email and phone number We recently received a report to our White Hat program regarding a bug that may have allowed some of a person’s contact information (email or phone number) to be accessed by people who either had some contact information about that person or some connection to them. More info can be found here   Yahoo has a moronic plan to let someone steal your email address Yahoo says that if you haven’t logged into your Yahoo account for 12 months, and *don’t* log in by July 15th, they’re going to give other people the chance to grab it.   Malicious Ads Infect 65 Websites, Drop ZeroAccess Trojan As many as 65 websites have been compromised in an attack that has snared another Washington, D.C.-area media website as well as a number of travel and leisure sites.   The Value of a Hacked Email Account This post aims to raise awareness about the street value of a hacked email account, as well as all of the people, personal data, and resources that are put at risk when users neglect to properly safeguard their inboxes.   FDIC: 2011 FIS Breach Worse Than Reported A 2011 hacker break-in at banking industry behemoth Fidelity National Information Services (FIS) was far more extensive and serious than the company disclosed in public reports, banking regulators warned FIS customers last month.   Chinese hackers reportedly accessed U.S. weapons designs The designs for some of the most sensitive advanced U.S. weapons systems were reportedly accessed by Chinese hackers, according to a confidential report prepared by the Defense Science Board for the Pentagon.   Proposal seeks to lock copyright infringing computers, force owners to contact police The Internet-using public is no stranger to off-the-wall plans and ideas to stop the so-called blight of copyrighted content sharing, but a new proposal recently submitted to the government is perhaps unlike any before it in terms of craziness.   Thousands of DHS Personnel Notified of Data Breach The Department of Homeland Security this week began notifying up to tens of thousands of employees, contractors and others with a DHS security clearance that their personal data may be at risk.   Only 36% of small firms apply security patches. No wonder cybercrooks are stealing their cash Small businesses are under constant attack from malware, scams and online fraud. They are not only losing money directly to fraud, but also in costs associated with maintaining security. Small businesses are simply woefully under-prepared to keep their assets safe. Despite reorganisation and redirected priorities, the police can still do little to help.   NYPD detective charged with hiring email hackers to break into colleagues' personal accounts New York City police have arrested a NYPD detective for hiring an email hacking service to pinch the login details for at least 43 personal email accounts and one cell phone belonging to at least 30 individuals.   NC Fuel Distributor Hit by $800,000 Cyberheist A fuel distribution firm in North Carolina lost more than $800,000 in a cyberheist earlier this month. Had the victim company or its bank detected the unauthorized activity sooner, the loss would have been far less. But both parties failed to notice the attackers coming and going for five days before being notified by a reporter.   Name.com Breached, Users Asked to Reset Passwords Domain registrar Name.com has informed its customers via email of a data breach and asked them to reset their passwords. The company, based in Denver, said it discovered a breach and customer account information such as encrypted credentials and credit card numbers may have been accessed along with customer email addresses.   Washington Court Data Breach Exposes 160K SSNs Attackers using a vulnerability in Adobe’s ColdFusion app server were able to compromise servers belonging to the Washington State court system sometime in the last few months and walked off with data belonging to as many as a million residents of the state. The attackers had access to 160,000 Social Security numbers and the driver’s license numbers and names of a million people.   Washington Hospital Hit By $1.03 Million Cyberheist Organized hackers in Ukraine and Russia stole more than $1 million from a public hospital in Washington state earlier this month. The costly cyberheist was carried out with the help of nearly 100 different accomplices in the United States who were hired through work-at-home job scams run by a crime gang that has been fleecing businesses for the past five years.   Scribd, "world's largest online library," admits to network intrusion, password breach San Francisco-based document sharing site Scribd has admitted to a network intrusion. Scribd bills itself as The World's Largest Online Library, and with a suggested 50 million users or more, it's hardly surprising that the site has attracted the attention of cybercriminals.   Some iMessage Accounts Hit Hard by Mass Messaging, DoS Attacks A handful of Apple developers have found their iMessage accounts the victim of what’s being loosely referred to as a series of denial-of-service attacks. Using rapid-fire AppleScript texts, attackers have been sending many messages at a time to about half a dozen iOS developers over the last week.   Telephony Denial-of-Service Attacks Prompt Federal Attention The call-center equivalent of network-based denial-of-service attacks, known as telephony denial-of-service (TDoS), have targeted emergency services among other industries, enough to garner attention from the Department of Homeland Security, Federal Bureau of Investigation, Federal Communications Commission and others in an confidential alert memo, Krebs on Security reported.   Spring ushers in US tax scam season In the US, it's spring, aka tax fraud season. To remind taxpayers to be on the lookout for scams ranging from identity theft to return-preparer fraud, the Internal Revenue Service (IRS) on Tuesday posted its Dirty Dozen list of tax scams for 2013.   Spicing up phishing attacks Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting.   British Security Agency Found Sending Passwords in Plain Text The Government Communications Headquarters (GCHQ), one of Britain’s top intelligence agencies, has admitted it sometimes emails passwords in plain text to those who apply for jobs on its site.   Missouri Court Rules Against $440,000 Cyberheist Victim A Missouri court last week handed a legal defeat to a local escrow firm that sued its financial institution to recover $440,000 stolen in a 2009 cyberheist. The court ruled that the company assumed greater responsibility for the incident because it declined to use a basic security precaution recommended by the bank: requiring two employees to sign off on all transfers.   California duo charged with selling ready-to-hack Point-of-Sale systems to Subway branches An alleged Point-of-Sale cybercrime duo from California were confronted with criminal charges late last week in Boston, Massachusetts.    Flaws in IRS Network Could Put Taxpayer Information in Jeopardy The United States Government Accountability Office (GAO) believes that “serious weaknesses remain” in the ways that the Internal Revenue Service handles its internal network, problems that could directly implicate taxpayer data according to a report the regulatory group released on Friday.   Flaw Leaves EA Origin Platform Users Open to Attack The latest vulnerability to be disclosed is in EA's Origin online game-delivery system, which researchers from ReVuln have shown can be exploited remotely to run malicious code on users' machines.   Reuters journalist who allegedly conspired with Anonymous hackers is suspended A Reuters journalist has been indicted by a US federal grand jury for allegedly handing over the login credentials of his former employer, Los Angeles Times parent company Tribune Co., to people claiming allegiance to the hacker movement Anonymous.   Third-Party Applications to Blame for 87 Percent of Vulnerabilities Last Year Third-party applications accounted for a whopping percentage of vulnerabilities last year, many more than security flaws found in Microsoft programs according to a report released this week by Danish vulnerability research firm Secunia.   Malware Discovery Forces National Vulnerability Database Offline The website of the National Vulnerability Database (NVD) remains down today, six days after malware was reportedly found on its servers.   Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules SophosLabs has been tracking an infection of Mal/Iframe-AL on Seagate's blog since late February. SophosLabs informed Seagate of the issue back in February, but at the time of writing the site remains infected.   Google to Pay $7M Settlement Over Street View Data Collection Google has agreed to pay a $7 million settlement to several dozen U.S. states as part of an agreement of charges that the company was collecting private user data from WiFi hotspots while its Street View cars were driving around taking photos in various locations.   Top Credit Agencies Admit Celebrities' Data Stolen The top credit bureaus have admitted someone accessed prominent Americans' private data by filling out bogus requests via a Web site used by millions of consumers to access free annual credit reports.   Bill Gates's social security number, address, credit report and more... published by hackers Bill Gates is the latest celebrity to have had his personal information published on a website that has exposed the social security numbers, addresses and personal financial information of a number of people in the public eye.   Malware attack poses as security warning from Microsoft Digital Crimes Unit Windows users - do you take your computer's security seriously? If so, you might decide to take prompt action when you receive an email seemingly from the Microsoft Digital Crimes Unit, but that would actually be a big mistake.   Oracle Issues Emergency Java Update, again Oracle today pushed out the third update in less than a month to fix critical vulnerabilities in its Java software. This patch plugs a dangerous security hole in Java that attackers have been exploiting to break into systems.   Evernote hacked - almost 50 million passwords reset after security breach Evernote, the online note-taking service, has posted an advisory informing its near 50 million users that it has suffered a serious security breach that saw hackers steal usernames, associated email addresses and encrypted passwords.   US ISPs launch pirate wrist-slapping campaign Last week saw the US debut of the "six strikes" pirate wrist-slapping system, officially known as the Copyright Alert System (CAS).   Researchers claim to have found more zero-day vulnerabilities in Java A security research team that has alerted Oracle to a series of security flaws in Java in the past, says that it has uncovered new zero-day vulnerabilities in the software.   Microsoft admits it was also hit by hackers, malware infects their Mac business unit Late on Friday, Microsoft published a statement on its security blog revealing that it was joining the growing list of well-known companies who had suffered at the hands of hackers. Microsoft says that a "small number of computers", including some in the company's Mac business unit, were infected by malware.   NBC Website Hacked, Leading Visitors to Citadel Banking Malware Another day, another media company hacked. This time it’s NBC which has fallen to victim hackers on the heels of compromises of the New York Times and Wall Street Journal websites. Various experts have confirmed that NBC’s website is compromised and leading visitors to the dangerous Citadel banking Trojan. The site is reportedly hosting an iframe that is redirecting visitors to sites hosting the RedKit Exploit Kit which is serving up the Citadel malware.   Zendesk Compromised, Twitter, Tumblr and Pinterest Users Affected In the wake of high-profile compromises of companies such as Facebook, the New York Times, Apple and others, officials at Zendesk, an online customer support provider, said that the company also had been compromised and the attackers had made off with the email addresses of customers of Twitter, Tumblr and Pinterest, all of which use Zendesk's services.   Why do I get so much spam? Why are there so many unwanted, tricky, manipulative, annoying, dangerous, and often illegal email messages going around? Because unscrupulous people can make a tidy profit mailing Spam. In 2010, Gmail spam expert Brad Taylor told Wired that “It costs $3,000 to rent a botnet and send out 100 million messages. It takes only 30 Viagra orders to pay for that.”   15 Common Internet Scams and How to Avoid Them The Internet is a powerful resource that connects you to the rest of the world and helps you access knowledge in the blink of any eye. It can also, however, put you in the precarious position of sussing out legitimate offers versus complete cons. These 15 Internet scams are quite popular, but you can avoid falling victim to them by learning to recognize their common red flags.   iOS Developer Site at Core of Facebook, Apple Watering Hole Attack The missing link connecting the attacks against Apple, Facebook and possibly Twitter is a popular iOS mobile developers’ forum called iPhoneDevSDK which was discovered hosting malware in an apparent watering hole attack that has likely snared victims at hundreds of organizations beyond the big three.   PayPal Credentials For Sale, Access Offered Via Proxy Server An enterprising cybercriminal has opened an underground shop that peddles access to American PayPal accounts which are then accessible through an anonymous proxy service.   Infographic: Identity Fraud Hit 1 Victim Every 3 Seconds in 2012 Nearly 13 million U.S. adults were victims of identity fraud in 2012, an increase of more than one million victims over the past year, according to a new report from Javelin Strategy & Research.   Apple patches the Java hole its own developers fell into - eventually Shortly after admitting that its own techies got infected thanks to a Java hole, Apple has pushed out a Java update for the rest of us.   Apple Breached by Facebook Hackers Using Java Exploit Apple is the latest major American company to enter the security confessional and disclose it has been breached. The company told Reuters today it was attacked by the same crew that hit Facebook, which disclosed its breach last Friday, and that like the social media giant, no data had been stolen.   DDoS Attack on Bank Hid $900,000 Cyberheist A Christmas Eve cyberattack against the Web site of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000.   Botnet master abuses Facebook for pocket money, researchers reveal A Chinese hacker's main job may well be running a botnet of malware-clotted zombie PCs, but there's always time left in the day for selling fake Likes, apparently.   Point-of-Sale malware attacks – crooks expand their reach, no business too small We've recently been tracking a set of incidents involving malware attacking Point-of-Sale (PoS) equipment. Your personally identifiable information (PII) flows into PoS devices, across PoS networks, and is processed by PoS servers, every time you pay for things without using cash. As a result, PoS equipment and the local-area networks to support it are found all over the world, in both developed and developing countries.   Facebook Says Employee Laptops Compromised in 'Sophisticated' Attack Laptops belonging to several Facebook employees were compromised recently and infected with malware that the company said was installed through the use of a Java zero-day exploit that bypassed the software's sandbox. Facebook claims that no user data was affected by the attack and says that it has been working with law enforcement to investigate the attack, which also affected other unnamed companies.   Jawbone accounts compromised by hackers - personal info accessed, passwords disabled Jawbone, makers of Bluetooth headsets, fitness bracelets, and neat Jambox portable speakers, has warned that hackers managed to break into its systems, and accessed the names, email addresses and encrypted passwords of users.   Malware injected into legitimate JavaScript code on legitimate websites As recently mentioned in the Sophos Security Threat Report, 80% of the websites where we detect malicious content are innocent sites that have been hacked.   Exploit Sat on LA Times Website for 6 Weeks The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks.   TV hackers announce dead are rising The emergency broadcast system was "hacked" and viewers of the "Steve Wilkos Show" got an alert that "dead bodies are rising from their graves."   Flickr Bug Makes Private Photos Public Flickr has reportedly sent out an email to users whose private photos may have been publicly accessible, or vice versa, because of a bug in the website. Privacy settings on the photos were changed for nearly a month.   Report: Malvertising Campaign Thrives on Dynamic DNS A malvertising campaign that’s lasted almost half a year is staying alive thanks to infected web advertisements being circulated by otherwise clean ad networks.   Yahoo! Pushing Java Version Released in 2008 At a time when Apple, Mozilla and other tech giants are taking steps to prevent users from browsing the Web with outdated versions of Java, Yahoo! is pushing many of its users in the other direction: The free tool that it offers users to help build Web sites installs a dangerously insecure version of Java that is more than four years old.   Security Firm Bit9 Hacked, Used to Spread Malware Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered an electronic compromise that cuts to the core of its business: helping clients distinguish known “safe” files from computer viruses and other malicious software.   Ex-President Bush doxed - family photos, personal email, bathtub portraiture leaked A hacker using the alias "Guccifer" has claimed responsibility for hacking the Bushes, aka the political family that gave the US its 41st president (George H.W. Bush) and its 43rd president (George W. Bush).   Former Employee Charged With Accessing Thousands of Driver's Licenses A former Minnesota state employee was charged Thursday with misdemeanors for allegedly accessing thousands of driver's licenses during a four-year period and storing 172 of them in an encrypted file.
	Home | About Us | Security Alerts | News | Parts & Repairs | Services | Service Request Products | Remote Support | Testimonials | Contact Us Copyright© 2007 Tech-N-Go. All rights reserved. Legal | Privacy Policy | Site Map