TweakTown NewsRefine News by Category:
Nonprofit organization Goodwill Industries reportedly suffered a data breach and customer credit card data is at risk. The company was first contacted last Friday by federal authorities, informing them of the potential data theft affecting American stores.
It's unknown how many stores have been impacted, but fraud details have been tracked to a pattern that hit at least 21 states, including California, Colorado, Pennsylvania, Texas, Washington, Wisconsin and others spread across the country. Goodwill is investigating with a newly created "response team":
"We are proactively engaged with the payment card industry contacts, the Secret Service and all Goodwill headquarters to identify what problem, if any, exists so that we can take prompt and appropriate actions as well as communicate appropriately to any affected parties."
Cyberattacks are increasingly difficult to detect and defend against, with foreign state-sponsored hackers sometimes able to compromise large amounts of data. Both businesses and customers struggle following data breaches, and the direct cost of cybercrime negatively hurts everyone, security specialists continue to warn.
Heartbleed gained attention because of the threat it posed to casual consumers, but these issues remain a significant problem for businesses and security leaders.
"I think that these kinds of issues are really symptoms of a bigger problem," said Richard Ford, head of Florida Institute of Technology's Department of Computer Science and Cybersecurity, in a press statement. "Our entire computing infrastructure - and that includes embedded devices and control systems - is highly vulnerable to attackers. We have built a very complex ecosystem around us, and it is both critical to the smooth functioning of our lives and very fragile. I worry not about a cybercriminal, but an attacker who simply wants to destroy."
The man and woman involved in an Apple-themed phishing scheme, in which they sent emails that looked like Apple warning of security issues, were sentenced to a combined 14 years in prison. Both Radu Savoae, 28, and Constanta Agrigoroaie, 23, plead guilty to six counts of possessing fraudulent ID cards, equipment to make fake bank and ID cards, and conspiracy to commit fraud.
In addition to the phishing operation, police authorities found cloned credit cards and fake Spanish and Romanian identification cards in their apartment. A spreadsheet found on the pair's computer also listed out fraudulent transactions for flights, vehicle insurance and other data given to to local pickpockets operating in the area.
For every major cybercriminal yanked off the streets, federal and local law enforcement struggle to keep up. Unfortunately, it usually takes a large amount of victims before banks and authorities catch on and launch investigations.
The Anonymous hacker group reportedly hacked the official Kenya Defense Ministry Twitter account that is used to share information about the military's operations. The breach is now being investigated by Kenyan military technicians, and no internal military systems were compromised by the breach. Anonymous supporters have targeted Kenya, Zimbabwe and Twitter accounts used by other African governments.
In a tweet posted to the KDF website today: "Account hacked Again by @anon_0x03 and Anonymous Kenya F**K YOU ARMY!"
The @kdfinfo account was hacked by @Anon_0x03, with Kenya political actions mocked and criticized, including the following topics: animal poaching, ivory trafficking, corruption, drugs, and continued tribalism. Anonymous has taken offense to Kenya President Uhuru Kenyatta, claiming he's only interested in defending the rich - and not doing enough to keep regular civilians safe and secure.
For the second time in the past month, AskMen.com was compromised, with malicious code injected on the company's server sending out attacks. AskMen is reportedly looking into the security issue after being contacted by security software company Malwarebytes.
In the previous attack, visitors were being targeted by malicious code courtesy of the Nuclear Pack exploit kit, Websense researchers discovered. The attack started by redirecting users to another website, and then a Java exploit (CVE-2013-2465) and Adobe PDF exploit would be installed.
Cybercriminals are capitalizing on media attention of the Malaysia Airlines MH17, with a constant barrage of tweets, Facebook status updates, and emails promising additional information about the crash. Most recently, a reported "video" of the Malaysia Airlines crash posted on Facebook actually links to a pornographic website - and other similar spam efforts are likely on the way.
"When a disaster like this happens it's a great opportunity for all sorts of scammers," said Ken Gamble, Australian chapter chairman of the International Association of Cybercrime Prevention, in a statement to the media. "It's a great opportunity to prey on people's vulnerabilities and emotion is the greatest one."
Cybercriminals typically launch spam attacks following major international incidents - and it's becoming easier - as news is so frequently shared via email and social media. As emotions run high, criminals want to compromise users as they try to learn more about the incident and share details with friends online.
The battle continues against the use of card skimmers to steal debit and credit card information from customers, with data being stolen at ATMs, gas stations, and other similar locations. Data skimmed often is sold online or used to clone the credit card for use locally, with customers, banks, and law enforcement typically one step behind.
Criminals are using handheld skimmers and small devices that can be installed to compromise point-of-sale (POS) systems. The newer generation electronic skimmers can be installed and remotely controlled inside of ATMs or other POS machines - and often times can be very difficult to detect. Banks and security experts recommend customers always pay attention to their bank statements and credit card bills, in case mysterious charges begin to appear.
"[The skimmer is] hidden, the person using it will never see it, it's simple to add, it's simple to modify it," said Dan DeFelippi, a former credit card hacker. "It only takes seconds to open it up and put it in there. They're ubiquitous. There are gas pumps everywhere. You can easily find a gas station to do it at and go back and gather."
Almost thirty percent of security experts would conduct an overhaul of current enterprise security if they had the necessary resources and opportunity to make changes, according to a survey conducted by Websense. There is a lack of communication between IT security and company decision makers, as many current security systems are outdated and unable to defend against some attacks.
"This Ponemon Institute security survey highlights that a lack of communication, education and inadequate security systems is making it possible for cybercriminals to attack organizations across the globe," said John McCormack, Websense CEO, in a press statement. "It's not surprising that many security professionals are disappointed with the level of protection their current solutions provide, as many still use legacy solutions that cannot disrupt the kill chain to prevent data theft."
Advanced persistent threats (APTs) remain a top concern among organization security experts, with APTs typically serving as well-coordinated attacks aimed at single corporations. The stealth attack is continuous and many users are unaware they've been compromised - stealing confidential data that can be sold or used for ransom.
The owner of ConnectZone.com, Daniel Oberholtzer, has been sentenced for participating in conspiracy to traffic in counterfeit goods, receiving 37 months in federal prison. The company must forfeit $716,778 that was collected for selling counterfeit products, advertising the sale of network products that were promoted as Cisco products.
"Innovation and our economy demand that the intellectual property of businesses be protected," said Jenny Durkan, U.S. Attorney, in a statement. "Here, the defendants used the hard earned brands of others and slapped it on inferior products."
Business owners and law enforcement have stepped up civil and criminal complaints against Internet pirates and counterfeiters. Leaders of organized rings conducting illegal business are being indicted and face prison time if found guilty.
More than half of the malware detected originated from the United States, a 12 percent increase just two quarters ago, according to security company Solutionary. In addition, around half of all malware sent came from 10 Internet service providers and hosts, the company says in its latest quarterly report.
The list as compiled by Solutionary: Amazon Web Services, Akamai, Akrino, Google, OVH, Hetzner Online, GoDaddy, CloudFlare, Website Welcome and CDN. However, GoDaddy - once well-exploited by cybercriminals to launch attacks, saw a decrease in malware hosting activity by customers.
"The findings on hosted malware in the Q2 threat report reinforce our research from 2013 and provide additional insights into the mindset and cunning of today's attackers," said Rob Kraus, Solutionary SERT team director of research, in a statement. "The findings should provide the information security community with a good understanding of the threat landscape so they better understand the adversaries' behavior."