Cheap Internet of Things devices like Foscam's home CCTVs are designed to covertly tunnel out of your home network, bypassing your firewall, so they can join a huge P2P network of 7 million other devices that is maintained and surveilled by their Chinese manufacturer.
Say you've just scammed someone out of all their financial details using an online fraud, but now you need to call up their bank and impersonate them, and you don't speak their language, have the wrong accent, or are of a different gender — what do you do?
It's not bad enough that Paypal is prone to shutting down your account and seizing your dough if you have a particularly successful fundraiser — they also have virtually no capacity to prevent hackers from changing the email address, password and phone numbers associated with your account, even if you're using their two-factor authentication fob.
Some Safeway customers in California and Colorado who used debit/credit cards have had their card numbers and PINs slurped up by criminals who then took the cards out for spending sprees.
Cops covertly buy stolen cards from underground sites to figure out where they came from, and so these sites implement security measures that try to figure out whether a purchaser is an undercover cop, and refuse to sell to them if they trip a positive result.
CISA won't make you and I any more secure, and it threatens what's left of our online privacy. The very helpful sounding "Cybersecurity Information Sharing Act" will definitely help the government, though: it'll make it a lot easier for technology companies to share your personal data with the government, and everyone knows that this data never ends up in the wrong hands, so you're fine. — Read the rest
Mostly it's your record locator and frequent flier number, but with that, an attacker can access the ticket record, see your future flights, your email address, and the details of the emergency contacts you'd added to the reservation.
Security blogger Brian Krebs is among those hot on the trail, and he "may have a new lead," according to the New York Times.
— Read the restOn Wednesday, Brian Krebs, the well-known security blogger posited a new theory about who may have hacked the site, which helps arrange extramarital affairs.
Emails sent by the "have an affair" dating network's CEO suggest the firm "hacked" rival Nerve.com in 2012, taking its user database.
Brian Krebs:
— Read the rest"They did a very lousy job building their platform. I got their entire user base," [Ashley Madison CTO Raja] Bhatia told [CEO Noel] Biderman via email, including in the message a link to a Github archive with a sample of the database.
A vast data dump, purportedly exposing millions of users of a hookup service for cheating spouses, has been confirmed.
In a statement, Ashley Madison spokesman Anthony Macri (right) said the dump was a criminal act. He didn't mention that the company had kept the data, for reasons unknown, after charging its users to have it permanently deleted. — Read the rest
Ashley Madison is a social network for people who want to cheat on their spouses. It's been hacked and "large caches of user data posted online," reports Krebs on Security.
The privacy of some 37 million account-holders is at stake, though the bulk of the dataset is apparently being withheld and its contents remain uncharted territory. — Read the rest
An activist couple (she's a neurscientist, he's a psychologist who successfully treated his depression with psychedelics) (they fight crime!) are raising $1M on Indiegogo to fund production of medical-grade MDMA and psilocybin.
"A group of ethnic North Koreans residing in Japan known as the Chongryon are critical to North Korea’s cyber and intelligence programs, and help generate hard currency for the regime. "
"The recent hacker break-in at Sony Pictures Entertainment appears to have involved the theft of far more than unreleased motion pictures," writes Brian Krebs.
There are many points of security failure along the way that leave your financial data vulnerable to theft.
Enough Hilton Hhonors points to cover $1200 worth of stays can be bought for $12, and the crooks who're inside your account can use your associated credit-card to buy more points and more hotel rooms for themselves.
The older machines — about half of them running Windows XP, which no longer receives security updates — are very vulnerable to "jackpotting" attacks where criminals trick the machines into paying out money without correctly debiting any account, to the tune of millions.
Someone sent Brian Krebs an envelope of counterfeit $100 and $50 bills, apparently manufactured by Mrmouse, the counterfeiter whom Krebs outed for selling his notes openly on Reddit.
Security journalist Brian Krebs documents a string of escalating extortion crimes perpetrated with help from the net, and proposes that the growth of extortion as a tactic preferred over traditional identity theft and botnetting is driven by Bitcoin, which provides a safe way for crooks to get payouts from their victims. — Read the rest
In an echo of the massive breach of credit-card numbers from Target, credit-card numbers from thousands of PF Chang's customers who used their cards at the restaurant between March and May 2014 are being sold on the criminal underground. Rescator, the criminal selling the PF Chang's customers' card, has branded his product "Ronald Reagan", and offers cards at different prices based on whether they're regular, gold or platinum cards.
