Showing posts sorted by date for query Credit Card. Sort by relevance Show all posts
Showing posts sorted by date for query Credit Card. Sort by relevance Show all posts

What Risk We are Posing! Everyone Can Become Target of the Latest Cyber Security Threats

Posted by Avik Sarkar On 2/10/2014 07:31:00 pm

What Risk We are Posing! Everyone Can Become a Target of the Latest Cyber Security Threats
According to a report by the Washington Post, hackers may soon be setting up a plan to unfold in 2013 that will target 30 different U.S. banking institutions. McAfee Labs, who has compiled a new cyber security report, says that banks should be on the lookout for software that creates false online transactions or targets transfers tied to large dollar amounts.
Sources say that these threats can all be tied back to “Project Blitzkrieg”, which is a program that has been around since 2008. Within the past four years, it has already stolen $5 million and plans to continue for as long as possible. During the past few months, between 300 and 500 victims located within the U.S. have fallen victim to Project Blitzkrieg’s schemes. By the spring of 2013, McAfee says that things could get even worse for U.S. banks and their customers.
Experts note that this scheme may be tied to reports from back in October by security company RSA that mentioned how a hacker out of Russia named “vorVzakone” has been openly discussing his plan to recruit a team to plan the largest Trojan attack tied to banking. McAfee warns that these threats should be taken extremely seriously as the beginning of 2013 is soon to unfold. The software can become extremely dangerous to those doing their banking online because it can replicate transactions and even delete e-mail notifications about certain transfers.
While U.S. banks will no doubt be increasing their security protocols to protect themselves from any unnecessary attacks, most already know that they are continually being cited as targets from hacking groups around the globe. Back in September, both JP Morgan Chase and Bank of America saw their sites crash because of DDoS attacks.

Samsung Smart TV Dangers
The Register has recently reported that Samsung’s newest Smart TV is completely open and vulnerable to hacking because it gives hackers the ability to steal data very quickly. According to security company ReVuln, this vulnerability most notably affects consumers who own and use their Samsung 3D TVs for internet purposes.
Those who use their Smart TVs can rent movies, browse the web for a cheap line rental, go on Facebook, and more. ReVuln claims that they have found an exploit which allows hackers to see everything the user is doing while they are using their TV, retrieve and access information like web history, and hook up an external thumb drive to the TV to conveniently steal all of this information for future use. While ReVuln noticed this exploit while using a Samsung 3D TV, the true problem is that it seems to affect all of the latest Samsung TVs with internet capabilities, which includes many different makes and models.
As these TVs continue to act more as larger PCs, it is only a matter of time until we see even more security vulnerabilities tied to them in the very near future.

Gas Station Bluetooth Skimming
News site KRCA out of Sacramento notes that crooks are using Bluetooth devices in order to steal credit card information from those who are paying for gas at the pump. The biggest issue the cyber security experts noticed is that these thieves do not even have to be near the gas station in order to steal information.
Crooks are using skimming devices that utilize Bluetooth and contain a variety of common security keys that can be used to access gas pumps for maintenance. They don’t simply pull out their device and begin swiping information for oblivious consumers. Thieves will start by installing skimmers on the pumps to collect information from those pumping gas and then pick them back up. Detectives say that these types of devices are impossible to detect.
According to experts, thieves can be up to 100 yards away and continually collect credit card information from unsuspecting users. Because of this, these crooks are impossible to detect, and the problem may only grow larger in the near future.

Troublesome QR Codes

QR codes seem to be everywhere these days. They’re typically on everything from advertisements to products that we purchase on a daily basis. In the Netherlands, hackers are posting QR codes in heavily trafficked areas like airports and major streets. When these QR codes are scanned in by a user’s smart phone, they are taken to a malicious website that may attempt to phish information from the user or possibly infect their smartphone with malware.

Disclaimer:- Before perfection, on behalf of Team VOGH, I would like to personally thank Eve Halton  for sharing this magnificent article with our readers. Eve is a very much passionate Fleet Street, she  has done her graduation in International Business and Journalism. She gained decent experience in writing articles on several fields like global politics, economics, sustainability issues, cyber security & many more.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Apple Brings iOS 7.0.4 [Includes New Features, FaceTime Bug & App Store Purchase Flaw Fixed]

Posted by Avik Sarkar On 11/17/2013 06:32:00 pm

Apple Brings iOS 7.0.4 & iOS 6.1.5 Includes New FeaturesFaceTime Bug  & App Store Purchase Flaw Fixed


California based tech giant Apple Inc has released a new update on their popular iOS software running on iPhone, iPad, and iPod touch devices. This release of of iOS 7.0.4  includes bug fixes and improvements, including a fix for an issue that causes FaceTime calls to fail for some users. iPods that are not able to upgrade to iOS 7 have their own version to upgrade to, iOS 6.1.5. The release of iOS 7.04 marks the third update of the iPhone operating system in the short time since Apple pushed out iOS 7 in September. The new OS represented a major change from the older operating systems, both in the look and feel of the software and in its functionality.  There’s much zooming in and out and all about in iOS 7, as well as a blurry background that has drawn quite a bit of criticism. iOS 7 also was a major security release, fixing issues with the iPhone’s certificate trust policy as well as remote code-execution vulnerabilities in the CoreGraphics and CoreMedia components. 

The new update improves iCloud Keychain, which was introduced in iOS 7.0.3, and the latest version of the desktop software, OS X Mavericks. The cloud-based technology keeps the Safari browser's passwords and credit card data in sync across all your Apple devices. Secondly, in Spotlight, the device's internal search engine, Apple has brought back the ability to search Google and Wikipedia from the results. The two services were removed when iOS 7 was first released in mid-September. 
Also on Thursday, Apple released a corresponding update to its Apple TV, updating the set-top box to version 6.0.2.  Users can update to the latest version by accessing the device's Settings, selecting General, then Software Update. In spite of the relatively small size of the update, it's recommended that users use Wi-Fi when updating. To avoid security vulnerabilities every Apple users are highly recommended to update their software. 



-Source (Apple, ZDNet & Threat Post





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Stratfor Hacker Jeremy Hammond Sentenced to 120 Months in Prison

Posted by Avik Sarkar On 11/17/2013 06:30:00 pm

LulzSec Hacker Jeremy Hammond Sentenced to 120 Months in Prison For Stratfor Hack

Infamous hacker Jeremy Hammond convicted by the Judge for cyber-attacks on government agencies and businesses, including a global intelligence company. This 28 year old Chicago hacker who is also known as "Anarchaos" was arrested by the federal authorities and been charged for the  breach of the security analysis company Stratfor. In December last year the bail application of Hammond was also been rejected by the the U.S. District Judge Loretta Preska. On June this year Hammond pleaded guilty for his sin. In his statement he said "I have pleaded guilty, it is a relief to be able to say that I did work with Anonymous to hack Stratfor, among other websites." 
That guilty plea indeed worked out for him, as that time it was predicated that Hammond  might have to face 30 years in prison, but on Friday Judge Loretta Preska sentenced Hammond to 120 months in federal prison and three years of supervised release for illegally accessing computers systems of law enforcement agencies and government contractors. In an emotional proceeding that lasted more than 2 hours in a Manhattan federal court room on Friday, victims and relatives of Hammond railed against the FBI and shed tears on his behalf following the sentencing. One overwrought person claiming to be a victim was forcibly escorted from the court by officers. But Hammond likely knew the sentence was coming, his lawyer said. "When Jeremy took this plea with a 10-year maximum, I think he understood this was very likely the outcome," said Sarah Kunstler, Hammond's defense attorney outside of court house.
Chief U.S. District Judge Loretta A. Preska said Hammond's digital handiwork had compromised thousands of people's personal and financial data, including the unpublished phone numbers and addresses of law enforcement, who then received threats. Hammond tried unsuccessfully to argue that his actions were politically motivated, she said. Hammond pleaded guilty to a single charge with a 10-year maximum sentence. Still his lawyers are asking to reduce his punishment for a sentence of 20 months.
Hammond has been held without bail since his arrest in March on charges connected with last year's hacking of Strategic Forecasting, or Stratfor, an Austin, Texas-based international intelligence broker, by AntiSec, an offshoot of LulzSec, which is in turn an offshoot of the hacktivist collective AnonymousProsecutors say the hack of Austin, Texas-based Strategic Forecasting resulted in the theft of 60,000 credit-card numbers and records for 860,000 clients. The government alleges that he published some of that information online, and used some of the stolen credit card data to run up at least $700,000 in unauthorized charges. He is also accused of giving about five million internal emails to WikiLeaks, which were published under the name The Global Intelligence Files.


-Source (Fox News)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised

Posted by Avik Sarkar On 6/03/2013 09:07:00 pm

Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised 

Drupal, one of the most famous and widely used open-source content management framework have fallen victim to cyber criminals. The Drupal Security Team and Infrastructure Team has discovered unauthorized access to account information on the official Drupal website and another site called groups.drupal.org. This security breach has exposed user names, country, and email addresses along with hashed passwords of more than 967,000 registered users on the Drupal.org. But still a matter of relief is that the breach failed to infiltrate the credit card details which was stored on the same server. According to security release unauthorized access was made via third-party software installed on the Drupal.org server infrastructure, and was not the result of a vulnerability within Drupal itself. Drupal team have worked with the vendor to confirm it is a known vulnerability and has been publicly disclosed. They are still investigating and will share more detail when it is appropriate. Upon discovering the files during a security audit, the security team has already shut down the association.drupal.org website to mitigate any possible ongoing security issues related to the files. The Drupal Security Team then began forensic evaluations and discovered that user account information had been accessed via this vulnerability. The suspicious files may have exposed profile information like username, email address, hashed password, and country. In addition to resetting your password on Drupal.org, it is also recommending a number of measures (below) for further protection of your information, including, among others, changing or resetting passwords on other sites where you may use similar passwords. 

As a precautionary measure of the said security breach, Drupal Security Team has reset all Drupal.org account holder passwords and are requiring users to reset their passwords at their next login attempt. A user password can be changed at any time by taking the following steps. 
  1. Go to https://drupal.org/user/password 
  2. Enter your username or email address. 
  3. Check your email and follow the link to enter a new password. It can take up to 15 minutes for the password reset email to arrive. If you do not receive the e-mail within 15 minutes, make sure to check your spam folder as well.
Counter Measures that Drupal has Taken to avoid such mishap is something followed- as attacks on high-profile sites (regardless of the software they are running) are common, Drupal strive to continuously improve the security of all Drupal.org sites. To that end, Drupal have taken the following steps to secure the Drupal.org infrastructure:
  • Staff at the OSU Open Source Lab (where Drupal.org is hosted) and the Drupal.org infrastructure teams rebuilt production, staging, and development webheads and GRSEC secure kernels were added to most servers
  • Drupal is scanning and have not found any additional malicious or dangerous files and making scanning a routine job in their process
  • There are many subsites on Drupal.org including older sites for specific events. Drupal created static archives of those sites.

This security breach of Drupal which affected more than 967,000 users is giving us a remind of the decent history of breach where we have seen a slew of attacks against the following sites: ScribdGuild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  Nvidia,BlizzardPhilipsZyngaVMWareAdobe Twitter  New York TimesApple and so on. 







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Angelina Jolie & Lady Gaga Became Victim of Ongoing Celebrity Hacking

Posted by Avik Sarkar On 4/05/2013 06:31:00 pm

Angelina Jolie & Lady Gaga Became Victim of Ongoing Celebrity Hacking 

Now a days it has became a fascination for cyber criminals to target and hack celebrities and public figures. Earlier we have seen similar scenario many a time. Last month an unnamed hacker released personal details of many public figure, national leaders, celebrities. The hacked data dubbed "The Secret Files" by the hackers contains personal information and credit reports (including social security numbers, details of their mortgages, addresses, and details of their credit card and banking details) was made public by those hackers on a website. Now we have past just a couple of weeks, yet again the same massacre took place, the hackers returned to the Internet after a brief hiatus and immediately hit six more. 
Angelina Jolie who played a key role in one of the most fine hacking movie named "Hackers" herself became victim to hackers in real life, as well as Jolie; Lady Gaga, NRA advocate Wayne LaPierreDennis RodmanMichael Vick, Secret Service Director Julia Pierson and Robert De Niro
Like earlier, this time also the nature of the hack was similar to the previous the hackers have posted what they claim to be the social security numbers, mortgage amounts, credit card info, car loans, banking and other info for the celebs listed on their site. Last time, the website; where the hacker have posted those hacked credentials; were shutdown by the authorities. But it's now back up and running with a new domain extension (.re) that suggests it's based out of the French island of Réunion located off the coast of Madagascar -said TMZ in an exclusive report. Again also the same style were followed by the hacker group and leaving the very same message saying - "If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve."
According to sources - Jolie's page (prepared by the hacker) includes what is said to be her social security number as well as her credit report, which can be downloaded. There are addresses listed as well, but they are all business addresses, likely for her lawyer and other people she employs. The same information for Lady Gaga and Johansson is also available. However, Johansson's page also features a photo of her which became public through a previous hacking incident. The FBI has already started investigation, but so far no arrest have been made. In 2011 another high profile hack taken place, where the hacker targeted several celebrities like Scarlett Johansson & few more; while leaking nude photos. Later FBI carried out a special operation named 'Hackerazzi' which put a full stop in that issue and also FBI arrested the master mind named Christopher Chaney was sentenced to imprisonment after pleading guilty. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'The Secret Files'- Hackers Exposed Personal Details of Celebrities, Public Figure, FBI Director & National Leaders

Posted by Avik Sarkar On 3/18/2013 04:15:00 am

'The Secret Files'- Hackers Exposed Personal Details of Celebrities, Public Figure, FBI Director & National Leaders 

Yet again celebrities fallen victim to cyber attack, no this time not the nude photo but confidential personal information. Renowned public figure, national leaders, celebrities like Kim Kardashian, US Vice President Joe Biden, Hillary Clinton, Mel Gibson, Michelle Obama, Ashton Kutcher, Jay Z, Beyoncé, Paris Hilton, Britney Spears, Sarah Palin, Hulk Hogan, Donald Trump and Arnold Schwarzenegger together became prey. The list does not end here, the hacker catches two more big fishes in his net and they are head of the Los Angeles police force Charlie Beck and FBI Director Robert Mueller. Many of you might be astonished of how such big public figure, including Vice President, FBI Director became victim in single round of cyber attack! Let me tell you what exactly happened- the hacked data dubbed "The Secret Files" by the hackers contains personal information and credit reports (including social security numbers, details of their mortgages, addresses, and details of their credit card and banking details) was made public by those hackers on a new website, as shown in the picture below. 

The hacker left a message or in other word a satire while saying "The Secret Files - If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve." Such hack, is very rare, where numbers of big fish get caught. The nature of this hack can be categorized as a clear identity theft. But the question is how? Well the answer is some of the United States' top credit bureaus have come forward and acknowledged that fraudulent and unauthorized access to the records of well-known figures have taken place. Most of the reports were apparently obtained from one of the three major U.S. credit ratings agencies Equifax, TransUnion and Experian — via a special Internet portal they maintain for the public to check their own credit ratings. All three companies have said that some of their reports had been fraudulently accessed since Monday by someone using personal data about the victims. Security experts said that suggests the attack is a “social hack” rather than a classic cyber security data breach


-Source (Sophos & WT)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LulZsec Hacker Jeremy Hammond Denied Bail & Have to Face 30 Years in Prison

Posted by Avik Sarkar On 12/02/2012 07:02:00 pm

LulZsec Hacker Jeremy Hammond Denied Bail & Have to Face 30 Years in Prison 

More trouble coming towards LulzSec, as the bail appeal of former LulzSec hacker Jeremy Hammond has been denied by the court. Hammond widely known as "Anarchaos" have to face a potential sentence of 30 years to life for alleged hacking crimes is probably enough to get the attention of most 27-year-olds. And that is what U.S. District Judge Loretta Preska told Hammond last week that he could face if he is convicted on all counts. Hammond, much better known in the world of hactivism by various online aliases including "Anarchaos," "sup_g," "burn," "yohoho," "POW," "tylerknowsthis," and "crediblethreat," has been held without bail since his arrest in March on charges connected with last year's hacking of Strategic Forecasting, or Stratfor, an Austin, Texas-based international intelligence broker, by AntiSec, an offshoot of LulzSec, which is in turn an offshoot of the hacktivist collective Anonymous.
The three-count federal indictment, brought in the Southern District of New York, charged him with conspiracy to commit computer hacking, computer hacking and conspiracy to commit access device fraud. More specifically, the government alleges that starting last December, Hammond and others from AntiSec stole information from about 860,000 Stratfor subscribers, including emails, account information, and data from about 60,000 credit cards. The government alleges that he published some of that information online, and used some of the stolen credit card data to run up at least $700,000 in unauthorized charges. He is also accused of giving about five million internal emails to WikiLeaks, which were published under the name The Global Intelligence Files.
Apparently unknown to Hammond, however, was that the then-leader of AntiSec, Hector Xavier Monsegur, a New York hacker known by the alias "Sabu," had been arrested the previous June and agreed to cooperate with the FBI. So, at least some of the Stratfor information Hammond uploaded was to a honey pot server maintained by the FBI. At a hearing last week, Hammond was denied bail, based on Judge Preska's determination that he was both a danger to the community and a flight risk. He had also recently been added to the Terrorist Watch List, said Sue Crabtree, a member of the Jeremy Hammond Solidarity Network and a spectator at his bail hearing. Crabtree said Hammond didn't even have a passport. The bail denial sparked another round of protest from Hammond's supporters. Anonymous published a message on Pastebin demanding that Preska recuse herself for conflict of interest. The group said her husband, Thomas J. Kavaler, was among Stratfor's clients, and therefore one of the alleged victims of the hack. Kavaler is a partner at Cahill Gordon & Reindel LLP in New York City.

"Judge Preska by proxy is a victim of the very crime she intends to judge Jeremy Hammond for," Anonymous wrote in a message posted last Friday. "Judge Preska has failed to disclose the fact that her husband is a client of Stratfor and recuse herself from Jeremy's case, therefore violating multiple Sections of Title 28 of the United States Code."
Beyond that, a writer identified only as "NA" on the website FreeHammond.com, argued that "Hacktivists are not criminals! Jeremy is alleged of a crime that has exposed the corruption and exploitation of the very State prosecuting him," and suggested entrapment by the FBI as well.
Renowned security expert Kevin Mitnick said it is possible that the government is trying to scare Hammond to get him to cooperate. Or, it could be designed to send a message to Anonymous members that what they view as sticking it to the man could yield some very serious consequences. Hammond is scheduled to go to trial sometime next year.



 -Source (CSO Online)







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Personal Data of 35,000 Israeli People Leaked By Kosovo Hackers Security (KHS)

Posted by Avik Sarkar On 11/19/2012 03:03:00 am

Personal Data of 35,000 Israeli People Leaked By Kosovo Hackers Security (KHS)

More hackers taking part in the Israeli rampage dubbed Operation Israel. As soon as the story of bombing and air strike in Gaza get spotted on the social networks, we have seen immediate protest coming from almost every part of the world. In case of digital bombing, then it was first Anonymous who called Operation Israel, then hackers from different part of the world joined and contributed in this combined protest. So far we have seen along with Anon, Pakistani hacker Hitcher from Muslim Liberation Army, Indian hacker Godzilla have played vital role in this rampage. According to sources more than 44 million hacking attempts have been made on Israeli government web sites since Wednesday. Attempts on defense related sites have been the highest, while 10 million attempts have been made on the site of Israel's president, 7 million on the Foreign Ministry and 3 million on the site of the prime minister.
But its yet not over, many more to come, as another very popular hacker collective group named Kosovo Hackers Security (KHS) have taken part in #OpIsrael. At the very first phase of their attack Kosovo Hacker's Security Group has attacked many servers belongs to Israeli govt, corporate & other major sectors. Thus the hacker group has gathered documents of more that 35,000 Israeli people including full name, email-id, postal address, phone number, passwords, fax & so on. According to KHS those leaked data belongs to Israeli citizen, along with Govt employs, police and several other sensitive personalities. All those leaked data are made public by the hacker group and can be found in 1337.al. KHS leader & Hotmail hacker, Th3 Dir3ctorY vows to engage more cyber attack against Israel while saying "Israel is attacking Gaza without any proper reason, so if they don't stop doing that we will attack in the energy sector & nuclear area of Israel and we will attack Israel with very bad viruses..." Before this leak, earlier in this year KHS also exposed more than 7 thousand credit card details of Israeli people. Also this hacker group was behind several attacks against Ukraine, Greece, Hotmail, IBM and so on.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Teen Hacker "Cosmo the God" of Underground Nazi Sentenced 6 Yrs Internet Ban By California Court

Posted by Avik Sarkar On 11/12/2012 06:38:00 am

Teen Hacker "Cosmo the God" of Underground Nazi Sentenced 6 Yrs Internet Ban By California Court

A teenager hacker from an infamous hacker collective group named Underground Nazi faced Internet ban. On Wednesday the 15 years old hacker known as "Cosmo" or "Cosmo the God" was sentenced in juvenile court in Long Beach, California. According to sources, Cosmo pleaded guilty to multiple felonies in exchange for a probation, encompassing all the charges brought against him, which included charges based on credit card fraud, identity theft, bomb threats, and online impersonation. 
This newly formed hacker group Underground Nazi had taken the spot light in January this year, when they hacked UFC.com (Ultimate Fighting Championship). Later they involved them selves in mass protest against controversial privacy act SOPA & PIPA. The protest was dubbed Operation Megaupload (#OpMegaupload), where hacktivist Anonymous  along with hackers around the globe stand together against the take down of Megaupload.com. In the middle of 2012 Cosmo was also responsible for Twitter outage, where Cosmo along with few other UG Nazi members performed massive denial of service attack to interrupt the service of Twitter. Also it has been found that, Cosmo pioneered social-engineering techniques that allowed him to gain access to user accounts at Amazon, PayPal, and a slew of other companies. He was arrested in June during a part of a multi-state FBI sting. 
Representatives from both the Long Beach district attorney and public defenders offices refused to comment on the case, given Cosmo’s status as a juvenile. However, according to Cosmo, the terms of the plea place him on probation until his 21st birthday. During that time, he cannot use the internet without prior consent from his parole officer. Nor will he be allowed to use the Internet in an unsupervised manner, or for any purposes other than education-related ones. He is required to hand over all of his account logins and passwords. He must disclose in writing any devices that he has access to that have the capability to connect to a network. He is prohibited from having contact with any members or associates of UG Nazi or Anonymous, along with a specified list of other individuals. He had to forfeit all the computers and other items seized in the raid on his home. Also, according to Cosmo, violating any of these terms will result in a three-year prison term. The probationary period lasting until age 21 is standard, but other terms were more surprising.



-Source (Wired) 









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hacker Steals 3.6 Million South Carolina Social Security No & Also Exposed 387,000 Card Details

Posted by Avik Sarkar On 10/29/2012 04:36:00 am

Hacker Steals 3.6 Million South Carolina Social Security Number & Also Exposed 387,000 Card Details

The year 2012 is going from bad to worse for the cyber space, as yet another big data breach happened which effected more than 4.7 million residents of South Carolina at risk of identity theft. Anyone who filed a South Carolina tax return in the past 14 years may have had their Social Security number stolen and has been urged by the state government to immediately enroll in consumer protection services. The U.S. Secret Service detected a security breach at the S.C. Department of Revenue on Oct. 10, but it took state officials 10 days to close the attacker’s access and another six days to inform the public that 3.6 million Social Security numbers had been compromised. The attack also exposed 387,000 credit and debit card numbers. The stolen data included other information people file with their tax returns such as names and addresses. Businesses’ taxpayer identification numbers also potentially have been comprised in the attack that is being described as one of the nation’s largest against a state agency. The hacker began accessing the Department of Revenue’s computer system in August, but wasn’t noticed by the Secret Service until October, giving him about two months to gather the data in what is one of the largest computer breaches in the US. Most of the data had not been encrypted, meaning the hacker would not need a key to a secret code to read the stolen data. Revenue director James Etter said none of the Social Security numbers were encrypted and about 16,000 credit card numbers were not encrypted.
“The number of records breached requires an unprecedented, large-scale response by the Department of Revenue, the State of South Carolina and all our citizens,” South Carolina Gov. Nikki Haley said during a news conference. “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected.” 
S.C. Inspector General Patrick Maley said nine agencies had been evaluated thus far, and some corrective action had been taken. There was no overarching security policy within state government, he said. No one at the Revenue Department or within the state’s information technology division has been disciplined over the latest attack.  
While this case of hacking was the largest in US history, it wasn’t the first. On March 30, 2012, officials in Utah discovered that one of their health department servers had been hacked. That time also a large number of Social Security numbers were stolen from the serverincluding those of children. Here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: AdobeGuild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  NvidiaBlizzard and  Philips. And after this breach Adobe also enlisted its name among those who was fallen victim to cyber criminals in this year. For all the latest on cyber security and hacking related stories; stay tuned with VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous

Posted by Avik Sarkar On 10/20/2012 12:07:00 pm

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous 

Massive attack against banking and financial sector continues, this time HSBC became the latest victim of cyber attack. The attack which interrupt the service for 10 hours long were mainly originated from Iran and Russia. After 'Izz ad-Din al Qassam Cyber Fighters' now it was the time for Fawkes Security, an offshoot of hacktivist group Anonymous, quickly took credit for the attack, acknowledging the take down in posts yesterday afternoon on Twitter and Pastebin The group claimed to have knocked HSBC’s main site, along with its US, UK and Canadian counterparts offline and on Friday,claimed it logged 20,000 debit card details from the site while it was down. 
According to HSBC newsroom- "On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world." But HSBC denied any sort of data loss. Fawkes Security claimed to have details of more than 20K cards, but in their release HSBC said "This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking." 
But now the whole situation is under control, websites belonging to British bank and financial services company HSBC are back online and working normally. According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time. 
New York Stock Exchange, Bank of America, Wells Fargo, US Bank and PNC was brought down by few hacker collective group as protest against the anti Islamic movie. After this attack the name of HSBC has also been enlisted with those poor victims (affected banks & finance sector) who suffered DDoS attack in last month.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hacker Stolen 300K Student Information From Florida College Computer

Posted by Avik Sarkar On 10/14/2012 06:25:00 pm

Hacker Stolen 300K Student Information From Florida College Computer 

While fighting against the rising amount of cyber threats, the cyber security domain is getting stronger and developed everyday. But till today its not as up-to dated as it should be, and that is why every day the news of security breaches are being spotted in the wild. In the last few months we have been a slew of attacks against the following sites: Guild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  NvidiaBlizzardPhilips and Adobe. And it was the turn for Florida Panhandle College. According to sources, a massive security breach hit the main system of Florida Panhandle college, which effected the records of more than 300,000 students, faculty & other employeesEducation officials said that the computer hackers accessed confidential information of staff and students in a massive security breach. A breach that at first involved employees at Northwest Florida State College was much larger than suspected and now potentially involves student records from across the state, state and college officials said. The Department of Education said hackers stole 200,000 records including names, Social Security numbers and birth dates for any student statewide who was eligible for Florida’s popular Bright Futures scholarships for the 2005-06 and 2006-07 school years. 

The hackers also stole more than 3,000 employee records, including some that contained confidential financial information. Some 76,000 records containing personal identification information from students who attended the college was also hacked. “We speculate this was a professional, coordinated attack by one or more hackers,” said Northwest Florida State College President, Ty Handy, in a memo that went out to employees in this week. According to Florida College System Chancellor Randy Hanna in a statement. “While some of the contact information is dated, we will be trying to reach every student whose records may have been captured.” Because of the scope of the breach, Federal Authorities have joined the local and state investigation that got under way last week, confirmed the authority.
The breach occurred sometime between late May and late September. College officials said in a news release that 50 employees to date have reported issues with identity theft, including the college president, faculty and staff. The information has been used to either obtain personal loans or to take out a Home Depot credit card. 


-Source (CBS)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI's Internet Crime Complaint Center (IC3) Issues Latest Internet Scam Alerts

Posted by Avik Sarkar On 9/26/2012 01:37:00 am

FBI's Internet Crime Complaint Center (IC3) Issues Latest Internet Scam Alerts

The Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recent cyber crime trends and new twists to previously-existing cyber scams. 


TRIANGLE CREDIT CARD FRAUD:- 

Triangle Credit Card Fraud is a common scam known to affect many on-line merchants. It has been called "Triangle Credit Card Fraud" because there are three primary parties involved or impacted by the scam.
The first party is the fraudster who acts as a seller on a popular auction or marketplace site. The fraudster "sells" a product to the second party, the buyer that knows nothing about the scam. The buyer pays the seller for the product or service. The seller then needs to deliver the product or service to the buyer and does so by placing an order with the manufacturer of the product or service to the buyer and does so by placing an order with the manufacturer of the product or service, the third party. That order will contain the buyer’s information for shipping and stolen credit card information for billing. When the company receives the order, the billing and shipping information is all legitimate, thus it looks like an order being placed as a gift, so the company delivers the product or service.
When the card holder finds a fraudulent charge on their card, they may file a dispute with the credit card company resulting in a chargeback for the company. This scheme is often much more complex as it is often led by overseas criminals who recruit established sellers (often referred to as mules) on auction or marketplace sites to "sell" the products. Once a sale is completed, the mule will forward the buyer information and the bulk of the money to the fraudster to place the fraudulent order. Once a mule becomes trusted, they are often allowed to recruit other mules, leading to a complex pyramid of fraudsters and mules.
Through the on-line merchant community, many companies have been made aware of this scheme and have had great successes with stopping the illegal activity using fraud prevention and detection solutions as well as successful criminal prosecutions.

NEW TWIST TO THE WORK-AT-HOME SCHEME:-

The IC3 has previously reported on work-at-home schemes where victims advised they applied for employment through on-line resumes. The alleged employers used the names of well-known financial institutions and industry agencies to lure their victims into the scheme. The potential employees were contacted via e-mail and interviewed for various positions using Yahoo! Instant Messenger.
In some cases, the employees were required to purchase various software packages to perform the tasks required for their employment. The employees received a check and were instructed to keep a portion of the funds for supplies and wire the remaining funds to another individual. Once the employee wired the funds, the check was returned as counterfeit. The IC3 has received over 80 complaints identifying a twist to the scheme reporting that employees were asked to post employment advertisements on Craigslist and provide full details of a credit card, including owner name, address, card number, security code, and the expiration date of the card. In doing so, the victim unknowingly became a recruiter for the fraudster.

NEW TWIST TO THE HIT MAN SCAM:-

Recent complaints reported to the IC3 identified a new twist to the Hit Man Scam The victims informed that the e-mails advised they have been targeted for assassination and asked them to purchase a security alarm to use if they see suspicious activity. The e-mails were signed by Agent Bauer of the International Intelligence Bureau and included the following language:

You have been targeted for assassination over a past legal financial matters. A hired international assassin has been hired to kill you. All information and concrete evidence will be forwarded to you, but that should be after the apprehension of the assassin. Please do not disclose this information to any body, including any other enforcement personal in your region. Our effort to trap him might be jeopadise , if our strategies are expose by other enforcement agencies behind this crime. From this moment see anybody as somebody that wants to kill you.
The private international investigator tracking the assassin , wants you to purchase our device security alarm, as you are expected to press the device alarm if you suspect any activities . We can come to your rescue through any of our attached security personel, and this is possible within our network close to you in less than 10 minutes.
Please try to cooperate with us. We wait to hear from you.

Recipients must be cautious of e-mails purportedly from any government agency endorsing a product or encouraging the recipient to send money for any reason. The United States government does not endorse products via e-mail.


-Source (ic3.gov)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search