April 7th, 2010
RALEIGH, N.C. — A Bank of America Corp. employee plotted to deploy malicious computer code within the company’s systems so that ATM machines would dispense cash without any record of a transaction, federal prosecutors allege in court documents.
Rodney Reed Caverly was tasked with maintaining and designing computer systems at the bank, including computers that conducted ATM transactions. Prosecutors in the western district of North Carolina said he sought to use computer code within the company’s protected computers so that the ATMs would make fraudulent disbursements.
Caverly was able to obtain more than $5,000 during a seven-month period in 2009, prosecutors allege.
The details of Caverly’s case were filed on Thursday in a “bill of information” document, which typically signals that a plea deal is forthcoming. An attorney for Caverly, Christopher Fialko, declined to comment. Federal prosecutors didn’t return a phone call.
More Here
Posted in
Security |
No Comments »
February 8th, 2010
“Us techie’s of the world argue that if you don’t want something to be seen don’t send it via email.”
Anyone with an e-mail account likely knows that police can peek inside it if they have a paper search warrant.
But cybercrime investigators are frustrated by the speed of traditional methods of faxing, mailing, or e-mailing companies these documents. They’re pushing for the creation of a national Web interface linking police computers with those of Internet and e-mail providers so requests can be sent and received electronically.
CNET has reviewed a survey scheduled to be released at a federal task force meeting on Thursday, which says that law enforcement agencies are virtually unanimous in calling for such an interface to be created. Eighty-nine percent of police surveyed, it says, want to be able to “exchange legal process requests and responses to legal process” through an encrypted, police-only “nationwide computer network.
Police Want A Backdoor To Your Data”
Posted in
Security |
No Comments »
February 8th, 2010
The lawsuit, filed by Experi-Metal Inc. (EMI), in Sterling Heights, Mich., charges that Dallas-based Comerica Bank effectively groomed its customers to become phishing victims by routinely sending them e-mail messages that asked recipients to click a link to update the bank’s security technology. The company also alleges that Comerica’s security protections for customers are not commercially reasonable, because the phishing scam routed around the bank’s 2-factor authentication system.
Phishing Attack
Posted in
Security |
No Comments »
February 8th, 2010
Patricia Latimore, chief financial officer at the United Way of Massachusetts Bay and Merrimac Valley, said unknown attackers tried to initiate a number of bogus financial transfers out of the organization’s bank account, but that the United Way was able to work with its bank to block or reverse the unauthorized transfers.
The intruders attempted to send more than $110,000 in unauthorized payroll transfers to at least a dozen individuals across the United States who had no prior business with the United Way chapter. At least one large wire transfer was attempted, for nearly $40,000, to a 32-year-old man in New York.
William Hong, of Flushing, N.Y., said he was approached in late December by an entity calling itself the Classic Group. Hong said the company, which gave its Web address as classic-groupco.ws, told him it had found his resume on Monster.com and asked would he like a work-at-home job as a financial manager?
Hong, who is and was unemployed at the time, said he took the job, and that the application process required him to fax an employee agreement, a canceled check, a copy of a utility bill or his drivers license, along with his bank account information. Hong gave his erstwhile employers the account and routing numbers for Merging Stone Capital Group Inc., a company he had started several years ago.
Social Engineering Alive and Well
Posted in
Security |
No Comments »
February 8th, 2010
Mozilla confirmed late Thursday that it failed to detect malware in a pair of Firefox add-ons, which may have infected up to 4,600 users.
The add-ons have been removed from Firefox’s official add-on download site.
According to an entry on the Mozilla Add-ons blog, Sothink Web Video Downloader 4.0 and all versions of Master Filer were infected with Trojan horses designed to hijack Windows PCs. Both add-ons were in the “experimental” area of Firefox’s add-on download site, where newer extensions remain until they undergo a public review process. To install experimental add-ons, Firefox users must view and accept an additional warning.
Mozilla Vulnerability Slips Through Security
Posted in
Security |
No Comments »
December 22nd, 2009
“It’s gotten completely out of hand. The bad guys are going to some local registries in Europe and getting massive amounts of IP space and then they just go to a hosting provider and set up their own data centers,” said Alex Lanstein, senior security researcher at FireEye, an antimalware and anti-botnet vendor. “It takes one more level out of it: You own your own IP space and you’re your own ISP at that point.
“If there’s a problem, who are you going to talk to? It’s a different ball game now. These guys are buying their own data centers. These LIRs and RIRs aren’t going to push back if you say you need a /24 or /16. They’re not the Internet police,” Lanstein said.
More Here
Posted in
Security |
No Comments »
December 19th, 2009
Waikato District Health Board has been crippled by a computer worm which has seen every PC in the organisation shut down.
While the main hospital in Hamilton and smaller outlying hospitals were continuing to function, spokeswoman Mary-Ann Gill said it was important people only came for treatment if it was absolutely necessary.
Emergency care was still available but those arriving for routine appointments were being affected, as were GPs who often made referrals to hospitals via email.
“We are asking GPs to only make urgent referrals,” she said.
More Here
Posted in
Security |
No Comments »
December 19th, 2009
BOSTON – A computer hacker who was a force behind one of the largest cases of credit card theft in US history says he has a developmental disorder and is asking for a reduced sentence.
Albert Gonzalez, of Miami, admitted invading the computer systems of such retailers as TJX Cos., BJ’s Wholesale Club and Sports Authority. Federal authorities say tens of millions of credit and debit card numbers were stolen.
His lawyers have submitted a report from a psychiatrist who concluded his behaviour was consistent with Asperger’s syndrome. That’s a form of autism.
Gonzalez was scheduled to be sentenced on Monday. The hearing has been postponed indefinitely so prosecutors can consider the psychiatrist report.
His lawyers are asking for a sentence at the lower end of the 15 to 25 years in his plea agreement.
- AP
Posted in
Security |
No Comments »
October 29th, 2008
MOSCOW, October 9 /PRNewswire/ — ElcomSoft Co. Ltd. accelerates the recovery of WPA and WPA2 encryption
used in the Wi-Fi protocol by employing the new-generation NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fiencryption up to 100 times faster than by using CPU only.
Elcomsoft Distributed Password Recovery supports both WPA and the newer WPA2 encryption used in the majority of Wi-Fi networks, allowing breaking Wi-Fi protection quickly and efficiently with most laptop and desktop computers. The support of NVIDIA graphic accelerators increases the recovery speed by an average of 10 to 15 times when Elcomsoft Distributed Password Recovery is used on a moderate laptop with NVIDIA GeForce 8800M or 9800M series GPU, or up to 100 times when running on a desktop with two or more NVIDIA GTX 280 boards installed. Governments, forensic and corporate users will benefit from vastly increased speed of breaking Wi-Fi protection provided by Elcomsoft Distributed Password Recovery.
Though this software has to be purchased it has been reported as being seen on some P2P networks already.
Russia Company Breaks WIFI Security
Posted in
Security |
No Comments »