Posted by & filed under Security News.

In a news article from ExtraTorrent site, Australian authorities have attested that Romanian hackers have somehow managed to steal over $25,000,000 from 500,000 Australian credit cards. According to the report there are only four people involved in the crime and they are still at large.

The country’s Federal Police is currently working with international law enforcement agencies an attempt to arrest the organized online hackers. The intrusion seems to have come after the attackers took out a number of merchants whose individual computer systems appeared to be compromised.

News data say that there’s evidence that the same hacker group has been responsible over a hack into of the American chain of Subway restaurants.

Four citizens of Romania have in effect been accused over millions of dollars in credit card fraud that affected around 80,000 bank customers. The so-called “syndicate” used to find its targets by simply scanning the website for vulnerable point of sale terminals. The Australian Police claimed that the borderless nature of this law-breaking would cause much of the new trouble for the authorities authorities. The matter is that not only do the police need to co-operate with other enforcement agencies, but also require international and private sector co-operation in order to track and to take down the criminals.

However, this is obviously not very easy to do. The police can’t take down the online hackers because they are finding even softer potential victims with local chippies with vulnerable and open point of sale machines than the attackers do with either banks or supermarket chains.

In order to prevent credit card theft or other cyber criminal activity, businesses are advised to secure their computer terminal with the latest intrusion prevention softwares.

Posted by & filed under Security News.

Tinman Michael Dell got furious with his teen daughter after the girl made a mockery of the $2,700,000 Dell annually spent on security protection of his family.

Numerous media reports confirmed that Michael Dell had to shut down his daughter Alexa’s Twitter account after the girl revealed so much about both his and her movements online that it was very easy to plan any kind of attack.

Alexa Dell, 18 years old, has been detailing her every move on social networks like Twitter and Facebook down to the exact arrival times in New York and a list of her favorite shopping hot spots. This actually was enough to give her minders a heart attack, because such information allowed any kidnapper to work out a decent plan. The last straw was when Alexa Dell went as far as to publish her high school graduation dinner invitation which foretold the place and the time her parents would be within a few of weeks.

In the meantime, Michael Dell pays around $2,700,000 annually for the security protection of his family, including Alexa, who makes it almost impossible to keep her movements in secret. The estimations were provided from Dell’s regulatory filings.

Children publishing on social networking services are fast becoming a nightmare for the security companies who are hired to look after rich CEOs and their families. Aside from kidnapping, the posting personal data on social media websites can lead to various security breaches. For instance, a well informed hacker can use some of the posted information to guess passwords and try to hack private and business emails or servers. Such intrusions may have inexplicable consequences.

source: ExtraTorrent.com

Image credit to: The Telegraph via Facebook.

Posted by & filed under Security News.

A new piece of malware is trying to take advantage of Opera’s popularity as a mobile browser alternative on Android smartphones. Cybercriminals have created a new variant of Opfake that bundles the real Opera Mini version 6.5 so as to further mask what the malware is actually doing (earning its creators money from unsuspecting users by sending international text messages). GFI, which first discovered the malware, is calling this particular threat Trojan.AndroidOS.Generic.A. The package is named “com.surprise.me” while the file name is “opera_mini_65.apk” (both can easily be changed).

malware android
As you can see above, two sets of “Permission to Install” pages are displayed during installation. The first (above in the middle), comes from the malware itself: it asks for read and modify rights to all SMS and MMS messages, read rights to all contacts stored on the smartphone, modify or delete rights to the SD card, and so on. The second (above on the right) one appears once users agree to install the first, which is simply the permissions required for the legitimate Opera Mini browser.

This particular threat is interesting because it shows that OpFake is evolving. Instead of trying to mimic a popular app, OpFake now simply installs the real version. As a result, the user is less suspicious that something is wrong. “More than likely, users will not be aware that something might have infiltrated their phones until the bill arrives,” a GFI spokesperson said in a statement.

read the rest of the story at ZDNet

Posted by & filed under Security News.

Two U.S. senators are calling for a federal investigation of the power grid’s potential cybersecurity vulnerabilities after a CNET article last month raised security concerns.

The request for a probe comes from Sens. Joseph Lieberman (I-CT), the chairman of the Senate Homeland Security Committee, and Susan Collins (R-ME), the panel’s senior Republican, who warned that lapses “could undermine part of the security system protecting our grid.”

They sent a letter yesterday to the Federal Energy Regulatory Commission asking for an “expeditious comprehensive investigation into these allegations,” which deal with digital signatures the industry uses for authentication.

A FERC spokesman responded to a request for comment this afternoon by saying: “We don’t comment publicly on letters from members of Congress. The commission will respond to the senators in due course.”

Jesse Hurley, co-chair of the North American Energy Standards Board’s Critical Infrastructure Committee, told CNET last month that the mechanism for creating digital signatures is insufficiently secure because not enough is being done to verify identities and some companies are attempting to weaken standards to fit their business models.

“These certificates protect access to control systems,” Hurley said. “They protect access to a $400 billion market. They protect access to trading systems. They also protect access to machines that do things like turn generators off. If you issue a fraudulent certificate or you’re lax… the consequences could be disastrous.” The U.S. electrical grid has already become a target of cyberattacks, with Chinese and Russian hackers reportedly penetrating it over the Internet.

read the story at ZDNet

Posted by & filed under Security Threats.

High court told more alleged hacking victims will file civil claims, while News Corporation has accepted another 64 cases into its compensation scheme.

A further 20 alleged victims of phone hacking are expected to lodge civil claims against News International shortly, taking the latest total to more than 70 claimants, the high court has heard.

Rupert Murdoch’s News Corporation has also accepted 64 further claims into its compensation scheme for News of the World phone-hacking victims, Hugh Tomlinson QC told the high court on Friday.

The 20 new claimants that will lodge claims shortly, according to Tomlinson, were not named in court.

The number of those taking action against News International is likely to grow further.

The Metropolitan police service has received 286 requests for the disclosure of evidence related to phone hacking, including the notes of the private investigator Glenn Mulcaire, since late April, the court was told on Friday.

Those who have lodged claims include professor John Tulloch, who was just three feet from Mohammad Sidique Khan when he detonated his rucksack explosives at Edgware Road tube station in the 7/7 bombings; Hannah Pawlby, aide to former home secretary Charles Clarke; and Lewis Sproston, the boyfriend of murdered model Sally Anne Bowman.

Others include Cherie Blair, David Beckham’s father, Ted, and footballer Wayne Rooney.

It also emerged at the high court on Friday that News International, News Corp’s UK subsidiary and the former publisher of the now defunct News of the World, has retrieved the company iPhones of three unnamed executives and is trying to track down another one.

read the rest of the story at theGuardian