Monday, August 17, 2009

Monday 08/17/09

Miami man indicted for massive credit hack
A 28-year-old Miami man was indicted Monday for the largest credit and debit card theft ever prosecuted in the U.S., with data from more than 130 million credit and debit cards stolen, the U.S. Department of Justice said.

----------

Opinion: It's the money, stupid: Why nobody wants to be the cybersecurity czar (and why they should be happy to take the job)
Candidates should consider the benefits not of the job itself but of the prestige that comes with having held the title.

----------

Heartland CEO on Data Breach: QSAs Let Us Down
For Heartland Payment Systems Inc. CEO Robert Carr, the year did not start off well, to say the least.

Heartland CEO Must Accept Responsibility
I just read Bill Brenner's interview with Heartland Payment Systems' CEO Bob Carr [ Heartland CEO on Data breach: QSAs Let Us Down] and truthfully, my blood is boiling.

----------

Bored bureaucrat pleads guilty to passport snooping
A fifth person who has worked for the U.S. Department of State has pleaded guilty to illegally accessing passport application files stored in a computer database, the U.S. Department of Justice announced.

Kevin M. Young, 42, of Temple Mills, Md., pleaded guilty today in U.S. District Court for the District of Columbia to one count of unauthorized computer access. He is scheduled to be sentenced Dec. 9.

----------

Three indicted for hack attacks on Heartland, Hannaford
A Miami man and two Russians today were indicted by a grand jury in New Jersey on charges of conspiring to commit some of the largest data breaches in U.S. history.

Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal more than 130 million credit and debit card numbers along with personally identifying information from five companies, including Heartland Payment Systems Inc., 7-Eleven Inc. and Hannaford Brothers Co. The two other companies were not named in the indictment because their breaches have not yet been made public.

----------

Microsoft planned to bury XML developer, says federal judge
Microsoft knew of the patent held by i4i as early as 2001 but nevertheless set out to make the Canadian developer's software "obsolete" by adding a feature to Word, according to court documents.

The patent infringement case brought by Toronto-based i4i resulted in a $290 million judgment against Microsoft and an injunction that bars Microsoft from selling Word 2003, Word 2007 and Word for Mac 2008 in their current forms.

In a 65-page summary opinion dated Aug. 11, U.S. District Court Judge Leonard Davis said that evidence presented during the May 2009 jury trial showed Microsoft had met with i4i executives as far back as 2001, knew of the firm's patent for XML editing, and yet did nothing to guarantee that its implementation of "custom" XML would not infringe the i4i patent.

----------

Court fines man $210,000 for selling software copies
A U.S. judge has ordered a Delaware man who sold copies of software packages on an Internet auction site to pay $210,563 in damages and court costs, the Business Software Alliance (BSA) announced today.

----------

Hackers put social networks such as Twitter in crosshairs
Web sites such as Twitter are becoming increasingly favored by hackers as places to plant malicious software in order to infect computers, according to a new study covering Web application security vulnerabilities.

----------

Georgia cyberattacks linked to Russian organized crime
The cyberattacks against Georgia a year ago were conducted in close connection with Russian criminal gangs, and the attackers likely were tipped off about Russia's intent to invade the country, according to a new technical analysis, much of which remains secret.

----------

Flash Cookies Track Even Privacy-conscious Surfers, Study Finds
A new study on local shared objects, aka Flash cookes, found that they can be used to re-create deleted http cookies to track visitors.

----------

Study Touts Internet Explorer 8 As Worlds Most Secure Browser
A recent report claims that Microsoft's Internet Explorer 8 is the world's most secure browser.

----------

US tests censorship circumvention tool; Chinese shrug
August 17, 1:09 p.m. UTC - by Jacqui Cheng Posted in: The Web
A US agency is working on a system that will allow people to get around government Internet censors by using e-mail. The tool will be tested in China and Iran, where it should offer yet another option for those stuck behind the filters.
Read more

----------

Houston Starts Whole Body Imaging
The Transportation Security Administration (TSA) has announced that it will begin testing two types of advanced imaging technology at George Bush Intercontinental Airport, Houston. Millimeter wave and backscatter imaging technologies are designed to capture, record, and store detailed images of individuals undressed. Previously, the Privacy Coalition had asked that the use of the devices should be suspended pending an investigation. The House of Representatives recently passed legislation that would establish clear privacy safeguards for the devices. See also EPIC's page on Whole Body Imaging.

TSA to begin testing imaging technology at Houston airport, PR Newswire US, August 14, 2009.
EPIC on August 14, 2009 3:46 PM
.

----------

Linux kernel vulnerability fixes
Kernel developers and some Linux distributors have released fixes for the critical vulnerability in the Linux kernel disclosed last week more…

----------

Police Sue Bosses to ProtectTheir Confidential Sources
By JOE HARRIS
ST. LOUIS (CN) - The St. Louis Police Officers' Association seeks an injunction to stop the Police Department from forcing officers to reveal their sources. The union says law enforcement will suffer if officers can't promise anonymity to informants, but two officers were ordered to identity confidential informants or face discipline and possible termination.

----------

TJX Hacker Charged with Heartland, Hannaford Breaches
The constellation of hacks connected to the TJX hacker is growing.

Albert “Segvec” Gonzalez has been indicted by a federal grand jury in New Jersey — along with two unnamed Russian conspirators — on charges of hacking into Heartland Payment Systems, the New Jersey-based card processing company, as well as Hannaford Brothers, 7-Eleven and two unnamed national retailers, according to the indictment unsealed Monday. Gonzalez, a former Secret Service informant, is already awaiting trial over his involvement in the TJX hack.

Prosecutors say they’re investigating other breaches and have not ruled out Gonzalez’s involvement in even more intrusions.

----------

Scammers Love Your Money
Monday August 17, 2009 at 9:28 am CST

... I searched the French Skyrock social networking platform and discovered the photos and videos from their exploits. Each crook has his own blog entries and is attached to a gang web page were each member is listed in a friends list. They are plenty boastful. Among the group names, we have:

les banquiers arabes (the Arab bankers)
la banque africaine (the African bank)
les boucantiers de la Cote d’Ivoire (The Ivory Cost boucantiers)
les plus riches (the richest)

----------

No comments: