CIMIP - Center for Identity Management and Information Protection

March 2010 News Archive

March 31, 2010

JC Penney tried to block publication of data breach

IDG News Service - Retailer JC Penney fought to keep its name secret during court proceedings related to the largest breach of credit card data on record, according to documents unsealed on Monday. full article

Hacker Finds a Way to Exploit PDF Files, Without Vulnerability

A security researcher has managed to create a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities. full article

Facebook Revealed Private Email Addresses Last Night

A brief rift in the Facebook privacy shield has been healed, but not before dozens of people documented it. For about 30 minutes late Tuesday, private email addresses were revealed—and then, just as suddenly, they were hidden again. full article

Online Thieves Take $205,000 Bite Out of Missouri Dental Practice

Organized computer criminals yanked more than $200,000 out of the online bank accounts of a Missouri dental practice this month, in yet another attack that exposes the financial risks that small- to mid-sized organizations face when banking online. full article

Moscow Bombings, TJX Hacker Spur Black Hat Campaigns

Spammers and malware writers have wasted no time in taking advantage of Monday's bombings in Moscow, opening up a campaign on Twitter to point users to malicious sites. full article

Millions in China have no antivirus software, survey shows

IDG News Service - The massive number of Chinese Internet users running no antivirus software increased last year, a survey showed, even though online security risks continued to multiply in the country. full article

San Francisco Says $1 Million Is Missing From Its Accounts

SAN FRANCISCO (CN) - San Francisco claims that $1 million it set aside for low-income homeowners for lead abatement and other rehabilitation was pilfered by a company that had managed city escrow accounts since 1990. full article

McDonald's Settles Case Over Posting of Nude Photos

Court records indicate that McDonald's Corp. (NYSE: MCD) and a franchisee have settled a $3 million lawsuit in which a customer said nude photos of his wife were copied from a cell phone he left in a McDonald's restaurant. full article

Law Firm Aided African Scam, Investors Say

CLEVELAND (CN) - Investors claim a law firm helped a woman bilk them for more than $1 million in an African boondoggle that promised them a $14.5 million inheritance from Burkina Faso - if they paid certain "fees" first. Nine people and two corporations say they handed over the money because two attorneys in the Cleveland branch of Baker & Hostetler backed up Willia Burton's story about the inheritance. full article

Google: Malware targets Vietnamese activists

IDG News Service - Google says that politically motivated malware has been used to spy on Vietnamese computer users and attack activist blogs over the past several months. full article

Receiver Tracks Down $78M Ponzi Scheme

PHILADELPHIA (CN) - The receiver for a $78 million Ponzi scheme filed six federal complaints this week to recoup money from "winning investors" who got payouts before Joseph Forte's scam collapsed. Like Bernie Madoff, Forte, who was sentenced to 15 years in prison, never reported a losing quarter no matter how the market performed. full article

Sophos reveals defense for search engine hack attacks

Security firm Sophos has published research on the automated tools used by search engine optimisation (SEO) hackers and how companies can protect themselves. full article

Warwickshire County Council breaches Data Protection Act

Warwickshire County Council has landed in hot water with the Information Commissioner's Office (ICO) after the theft of two computers and the loss of a memory stick containing personal data. full article

March 30, 2010

Bank Employee Finds Skimmer On ATM

Device Used To 'Skim' Customer Information

A Bank of America employee from Palm Coast said he was using the ATM at the Bank of America located on Clyde Morris Boulevard in Daytona Beach when he immediately noticed the skimming device. full article

Calif. Woman Convicted of Stealing Identity to Get Breast Implants

Yvonne Jean Pampellonne was sentenced Monday in Westminster for using a fraudulent line of credit to obtain $12,000 in cosmetic surgery, including breast implants and liposuction. full article

March 29, 2010

Company says 3.3M student loan records stolen

Data on 3.3 million borrowers was stolen from a nonprofit company that helps with student loan financing. full article

Microsoft defends Windows 7 security after Pwn2Own hacks

Just days after a pair of researchers outwitted major Windows 7 defenses to exploit Internet Explorer (IE) and Firefox, Microsoft said the measures aren't meant to "prevent every attack forever." full article

Thousands of stolen bank account numbers seized in Ontario

Police have seized thousands of bank account numbers stolen by an identity theft ring and charged six people with 80 criminal offences. full article

Customers warned of counterfeits at computer fairs

Counterfeit electronics could be harming the technology industry by lowering consumer satisfaction and confidence in a brand, the Australian Customs and Border Protection service has warned. full article

iPhone and IE8 hacked in Pwn2Own contest

Hackers successfully exploited a handful of zero-day vulnerabilities, Wednesday, quickly cracking a flaw in the popular Apple iPhone. Zero-day vulnerabilities in Apple Safari 4, Mozilla Firefox and Internet Explorer 8 were also exploited by the security researchers during TippingPoint's Pwn2Own contest at the 2010 CanSecWest Applied Security Conference. full article

Phishing email scams man out of R24 000

A businessman has been scammed of R24 000 after he responded to an Absa Bank phishing email that seemed so authentic it appeared to refer to Internet banking problems he had reported to his bank. full article

N.Y. agent arrested for allegedly collecting $5,000 in fake applications

A self-employed insurance agent from New York was recently arrested, accused of collecting $5,000 in advance sales commissions through fake applications. full article

Identity Theft Ring Defrauds Hospital Patients

Seven Chicago area women are being held in connection with an identity theft scam that affected hundreds of people from across the country, many of whose information was stolen from medical records at Northwestern Medical Faculty Foundation. full article

Medical identity theft growing, and at no small price

Sierra Morgan was billed $12,000 on her health care credit card in November for liposuction, a procedure she never requested or received. full article

Trojan poses as Adobe update utility

Miscreants have begun creating malware that overwrites software update applications from Adobe and others. full article

March 26, 2010

Gonzalez gets 20 years for TJX credit card scam

Prosecutors called theft 'unparalleled'

IDG News Service - BOSTON -- As his parents and sister silently wept, hacker mastermind Albert Gonzalez was sentenced Thursday in U.S. District Court to two concurrent 20-year stints in prison for his role in what prosecutors called the "unparalleled" theft of millions of credit and debit card numbers from major U.S. retailers. full article

Suspected Twitter infiltrator: 'I'm a nice hacker'

PARIS – He's unemployed and isn't much of a computer expert. The Frenchman accused of infiltrating Twitter and peeping at the accounts of President Barack Obama and singers Britney Spears and Lily Allen says he wanted to reveal just how vulnerable online data systems are to break-ins - and he says he didn't mean any harm. full article

HSBC Database Breach Highlights Lack Of Accountability For IT Super Users

IT specialist had abused his database privileges to steal records of approximately 24,000 HSBC clients

As new details continue to emerge this month about an initially undetected large-scale database pilfering by a former IT worker at HSBC, security experts hope it will highlight one of the most glaring weaknesses in many a financial institution's database protection scheme: poor accountability for IT super users. full article

Most users don't change password often enough, report says

Security firm Symantec on Friday released survey results that showed about 63 percent of consumers don't change their passwords often enough, 45 percent just use a few passwords alternately for all accounts, and some 10 percent don't even change their passwords at all. full article

Cloud security weaknesses prompt call for global data protection law

European leaders have called for a worldwide agreement on data protection to address the data security weaknesses of cloud computing. full article

State Says 'Dream Scholars' is a Nightmare

MINNEAPOLIS (CN) - The Minnesota attorney general says a California company called Dream Scholars preys upon parents by falsely claiming that it provides college scholarships to underprivileged kids, and that their children showed interest in its SAT and ACT preparation materials. But the Dream Scholars Foundation has never handed out any scholarship money, and it automatically enrolls victims in a "free" online program, then charges them $55 a month, the state says. full article

Millions of e-mail users still respond to spam, survey reveals

Despite more than 80% of e-mail users being aware of bots, tens of millions respond to spam in ways that could leave them vulnerable to a malware, a worldwide online survey has revealed. full article

Europe seeks more privacy against terror searches

The European Commission has agreed a new mandate for negotiating the transfer of details of private banking transactions to the US, in a move designed to fight terrorism. full article

Police set high-tech honeytraps for burglars

Police are to spent £2m to set up high-tech "honeytraps" to catch burglars and vehicle thieves, the Home Office says. full article

March 25, 2010

U.S. Faces Cyber Security Gap Without Training, Education

As discussions about the federal approach to cyber security continue to percolate across the highest levels of government, one of the most important steps policymakers can take is to nourish the education and training of a new crop of security experts, a senior administration official said here at the FOSE government IT show. full article

Security Breach In Some Union First National Bank Accounts

Some Union First Market Bank customers are upset after learning their private account information is accessible to other customers. full article

Brazil tops global spam rankings

Brazil, India, Vietnam, USA and Russia head the ranking of countries from which most spam was sent during the first two months of the year, according to a study by Panda Security. full article

U.S. electrical grid probed but not yet attacked, says paper

Evidence suggests that "unknown foreign entities" have probed computer networks controlling the U.S. electrical grid, which would become a target during a cyber attack, according to a paper from the Center for Strategic and International Studies. full article

Obama's Twitter account hacker arrested

French police have arrested a hacker who sabotaged the account of US President Barack Obama in one of his attacks on the wildly popular micro-blogging site Twitter. full article

Cybersecurity Bill Passes Senate Committee

A crucial piece of cybersecurity legislation is one step closer to becoming law after being approved during a Commerce, Science & Transportation Committee hearing Wednesday. full article

Woman gets 3 years for credit-card thefts at park

A Wyncote woman was sentenced yesterday to three years in prison in connection with credit-card thefts from people visiting Valley Forge National Historical Park and other public recreational spaces in 2006, the U.S. Attorney's Office said. full article

Haddonfield students arrested in computer hacking

Several Haddonfield Memorial High School students are under police investigation on accusations they hacked into the school's computer system. full article

Fraud ring targeted 5 local credit unions — 21 arrested, 21 wanted

Authorities are searching for an Orlando woman whom they say led a fraud and identity theft ring that stole more than $200,000 from Central Florida credit union members over a three-year period, according to the Florida Department of Law Enforcement. full article

Gonzalez Lawyers, Judges Debate Data Breach Costs

When two Boston-based federal judges sentence Albert Gonzalez Thursday (March 25) and Friday (March 26) for a rash of retail cyber-break-ins that he confessed to orchestrating, the exact sentence may be academic full article

Cyber Attacks Reported By 100% Of Executives

A study conducted by the Ponemon Institute and sponsored by IBM shows growing recognition among C-titles executives of the importance of data protection. full article

Medical identity theft poses new risks

With all the privacy laws and safeguards in place, you'd think your medical records are safe from ID thieves. A new report shows some of those protection could actually be putting you at risk. full article

Drug dealing, Medicaid fraud case nets 15 guilty pleas in New Jersey

Fifteen defendants have pleaded guilty for their roles in a black-market prescription narcotic drug ring that involved Medicaid being billed for phony doctor visits and medicines never dispensed. full article

Columbia man sentenced for mortgage fraud

Acting United States Attorney Kevin F. McDonald stated that Randal Antoine, age 36, of Columbia, was sentenced today in federal court to serve eight years in federal prison for a mortgage fraud scheme. Antoine pled guilty last November to wire fraud and illegally using Social Security numbers in connection with the scheme. United States District Judge Cameron McGowan Currie imposed the sentence. full article

Police: Woman with hundreds of IDs said she needed them to 'buy groceries'

A 27-year-old woman is facing 12 identity theft counts as prosecutors allege she was caught with hundreds of names and credit card numbers. full article

March 24, 2010

Students to face cyberbullying charges

A California appeals court has ruled that several Los Angeles high school students who made derogatory and threatening comments on a fellow student's Web site can be charged with hate crimes and defamation. full article

Cyber Attack on U.S. Firms, Google Traced to China

The cyber attack on Google and other U.S. companies was part of a suspected Chinese government operation launched last year that used human intelligence techniques and high-technology to steal corporate secrets, U.S. government and private-sector cybersecurity specialists told The Washington Times. full article

Man Pleads Guilty to Stealing Identities in Fraud Scheme

Robert Leroy Maxwell, 45, has pleaded guilty to identity theft and other charges in a fraud scheme that cost banks and businesses in Kansas City, Kan., Olathe and elsewhere a total of more than $30,000. full article

2 charged in H&R Block identity theft case

After Highland, Ind., police pulled over a driver for suspicion of driving under the influence, one officer noticed a female passenger nervously fidgeting in the back seat. full article

Senate bill seeks crack down on cybercrime havens

Foreign countries that turn a blind eye to cybercrime would lose US financial assistance and resources under a bill introduced Tuesday in the Senate. full article

Your health, tax, and search data siphoned

Google, Yahoo, Microsoft's Bing, and other leading websites are leaking medical histories, family income, search queries, and massive amounts of other sensitive data that can be intercepted even when encrypted, computer scientists revealed in a new research paper. full article

Gillibrand: Cybercrime Costs NY Businesses Approximately $4.6 Billion Each Year

As New York businesses lose approximately $4.6 billion as a result of cyberattacks and with a growing threat of cybercrime internationally, U.S. Senators Kirsten Gillibrand (D-NY) and Orrin Hatch (R-UT) today introduced the International Cybercrime Reporting and Cooperation Act – new bipartisan legislation that would enhance America’s cooperation with other countries to combat cybercrime and keep America safe. full article

WiFi Hotspots Leading to More Cybercrime

The spread of open wireless networks in cities is making it easier for cybercriminals. full article

Canada unprepared for massive cyber-attack: Expert

Canada is woefully unprepared for a massive cyber-attack that is within reach of any run-of-the-mill hacker and could cripple the business of the nation, warns a leading security expert. full article

OCR Needs Consent To Reveal Health Data Breach Violators

Some industry experts are questioning the Office for Civil Rights' policy of not posting the names of entities that report health data breaches affecting 500 or more individuals without written consent from the entity, HealthLeaders Media reports. full article


Jeffrey H. Sloman, United States Attorney for the Southern District of Florida, Michael K. Fithen, Special Agent in Charge, U.S. Secret Service, John V. Gillies, Special Agent in Charge, Federal Bureau of Investigation, Miami Field Office, and James K. Loftus, Director, Miami-Dade Police Department, announced today that, on March 18, 2010, a federal grand jury returned a four count indictment charging Marcos Salazar, Elaine Power, Carlos Gonzalez, and Alvaro Zambrana with a mortgage fraud scheme, using the stolen identification information of another individual, which resulted in the approval and disbursement of two mortgages from JPMorgan Chase Bank, totaling approximately $610,000. Defendants Salazar, Gonzalez, and Zambrana were arrested and made their initial appearances in federal court today. Defendant Power remains at large. full article

Bail set at $1.5 million in Indian ‘Romeo’ theft case

Bail has been set at $1.5 million for an Indian man who authorities say romanced fellow countrywomen he met online and then stole from them to fund a jet-setting lifestyle. full article

Zurich Insurance loses 600k records on backup tape

Zurich Insurance has promised to improve its information security after losing personal financial information on 46,000 British clients through careless handling of unencrypted backup tapes. full article

UK warns of Israel travel amid passport scandal

British citizens who travel to Israel should be aware that their passport details could be captured for "improper uses," Britain's Foreign Office warned Tuesday. full article

Deal reached in Whitlock fraud case

Colorado Attorney General John Suthers announced a settlement with Donald Sterling Whitlock that secured full restitution for the victims of his identity theft and commercial-lending scheme. full article

Proposed US law would single out cybercrime havens

A bill introduced in the U.S. Senate Tuesday would compel the White House to identify international cybercrime havens and establish plans for cleaning them up. full article

Internet Explorer vulnerable to hackers, warn experts

Criminals are stepping up their attacks leveraging an unpatched flaw in Microsoft's Internet Explorer browser, using it to install fake antivirus products and malicious back doors on victim's computers. full article

Beware of lucky-draw scam via text message

MOBILE-PHONE users, beware. Police warned yesterday of a text-message scam to get people to pay an 'administrative fee' or a 'tax' for a cash prize that they had supposedly won in a lucky draw. full article

U.S. said to be eyeing cybersecurity ambassador role

Goal is to have U.N. representative for cybersecurity policies, says Wall Street Journal full article

Law enforcement lobbies hard for ICANN changes

U.S. and U.K. law enforcement officials are trying to marshal support for changes that would make it more difficult for criminals to register domain names under false details. full article

FBI lists Top 10 posts in cybercriminal operations

Cybercrime organizations often run like corporations, staffed by experts in specific jobs full article

Lawmakers Eyeing National ID Card

Lawmakers are proposing a national identification card — what they’re calling “high-tech, fraud-proof Social Security cards” — that would be required for all employees in the United States. full article

FBI’s Chabinsky outlines the Bureau’s uphill battle against cyber-crime

The “bad guys” perpetrating cyber-crimes around the world are taking their activities deeper underground, typically are becoming specialists in one specific aspect of their trade, and are making so much money they are giving up their day jobs. full article

eBay Teams With FBI to Fight Retail Theft

The alliance, which also includes the National Retail Federation, aims to attack the billions of dollars in retail theft that occurs each year by limiting what can be fenced online. full article

FBI Underboss Outlines Anatomy of a Cyber Gang

As cyber criminals grow ever more sophisticated and organized, law enforcement agencies have had to step up their game to keep pace. One of the top men at the FBI shares what the bureau is doing to combat cyber crime. full article

Prosecutors Seek 25 Years for Hannaford, BJ’s Hacker

Prosecutors are seeking 25 years in prison for the computer hacker who breached the security of retailers including Hannaford Bros. and BJ’s Wholesale Club, according to a sentencing memorandum filed in U.S. District Court here. full article

March 23, 2010

Federal Judge Orders $4.7 Million in Restitution in Telemarketing Case

Chalk up a win for the Federal Trade Commission now that U.S. District Judge Donetta W. Ambrose of the Western District of Pennsylvania has shut down a telemarketing operation run by an East Pittsburgh firm and ordered more than $4.7 million in restitution to consumers. full article

FBI Fights Cybercrime in E. Europe

The FBI is embedding agents in Estonia and Ukraine to help local authorities crack international cybercrime cases.

Computerworld — Hoping to catch cybercrooks, the FBI has begun embedding agents with law enforcement agencies in Estonia, Ukraine and the Netherlands. full article

Symantec names riskiest U.S. cities for cyber crime

Seattle is most dangerous when it comes to cyber crime, while Boston, Washington D.C., San Francisco, and Raleigh, N.C., round out the top five full article

Former iSoft financial controller admits providing false auditing information

The Accountancy and Actuarial Disciplinary Board has disciplined Ian Storey, a former iSoft financial controller, for falsifying auditing information. full article

Class Claims Ameriprise Presided Over Ponzi

OMAHA (CN) - Securities America, a subsidiary of Ameriprise Financial, ran a $700 million Ponzi scheme in promissory notes, investors say in a federal class action. The class claims Securities America ignored repeated warnings from its advisers to disclose the truth, and claimed that providing risk information to its own brokers and investors would "be a bad thing." full article

Over 120 000 Sanoma User Credentials Stolen

Not exactly a startup news per se, but a healthy reminder to all those working with user credentials in their online services. One of the largest, if not the largest, online identity thefts has just occured in Finland. full article

Compensation should be paid for personal data loss, says report

Compensation should be paid to anyone whose personal details are lost by the Government or a private company, according to a report backed by the information watchdog. full article

Hacked personal data originating from China

Have you ever wondered why you get so many unwanted spam text messages and e-mails? The answer might be found in China. full article

Organized Crooks Hit NJ Town, Ark. Utility

An Arkansas public water utility and a New Jersey town are the latest victims of an organized cyber crime gang that is stealing tens of millions of dollars from small to mid-sized organizations via online bank theft. full article

State Agency ID Theft May Affect 11,000

On Monday, Office of Policy Management Secretary Robert Genuario announced that as many as 11,000 people may be affected by identity theft at the state agency. full article

Police seize computers in ACIC investigation

Arkansas State Police have served two search warrants and seized computers and other items from the home and office of a local bail bondsman, apparently in relation to its investigation of the alleged misuse of police passwords to illegally obtain private information on local residents full article

Patient Billed for Phony Liposuction as Medical ID Theft Rises

Sierra Morgan was billed $12,000 on her health-care credit card in November for liposuction, a procedure she never requested or had. full article

Tips to avoid seven tax scams

Have you ever been contacted by someone claiming to know a secret that will help you significantly reduce your tax bill or avoid paying taxes altogether? Have you ever received an e-mail from the IRS asking for personal information? full article

Social Security Numbers Stolen From Furnace Rebate Applicants

Police are investigating the theft of personal information — including Social Security numbers, names and addresses — from as many as 11,000 people who had applied for furnace rebate programs with the state. full article

IRS Cybersecurity Flaws Put Taxpayers At Risk

As the IRS deadline for filing 2009 personal income taxes nears, the Government Accountability Office has released a report that calls into question the security of the information U.S. taxpayers are sending to the agency. full article

Critical Firefox bug fixed one month after disclosure

Just days before the start of a hacking contest set to target Web browser vulnerabilities, Mozilla has patched its flagship Firefox browser. full article

The FBI is Now Following You–On Twitter

If you’re a wanted criminal, choose your Farmville neighbors wisely. Instead of peeking over a picket fence at the strawberry patch belonging to the mysterious red-head who just friended you on Facebook, you could be looking through steel bars straight at the FBI agent that caught you full article

Russia arrests WorldPay hackers after FBI plea

Three men accused of being involved an audacious attack on US ATM machines in 2008 have been arrested by the feared Russian Security Service (FSB) in an event that is being interpreted as marking a sea change in Russian policy towards cybercrime. full article

Cyber criminals targeting World Cup fans: Internet security firm

An Internet security firm has revealed that football fans across the world are being targeted by cyber criminals in the run-up to the World Cup, which gets under way in South Africa on June 11, with a wave of spam e-mails, fake offers and attempts to steal banking details. full article

Gates: Pentagon investigating alleged private spy network

US Defence Secretary Robert Gates today said he had potential concerns about an alleged spying network of contractors in Afghanistan and Pakistan run by a Pentagon official, but that he still lacked information about the reported operation. full article

Secret Service Paid TJX Hacker $75,000 a Year

Convicted TJX hacker Albert Gonzalez earned $75,000 a year working undercover for the U.S. Secret Service, informing on bank card thieves before he was arrested in 2008 for running his own multimillion-dollar card-hacking operation. full article

Police to seek int'l support in Gumblar computer virus probe

TOKYO — Police said Tuesday they will seek cooperation from authorities in five European countries in investigations into cases suspected to involve the Gumblar computer virus or variants, in which websites run by Japanese companies have been altered to redirect users to harmful sites. full article

ISV: Internet filter threatens national security

The Federal Government’s proposed ISP-level filtering may have “unintended consequences” on Australia’s national security, local software player, Ey3, claims. full article

March 22, 2010

Moscow gets tough on cybercrime as ID theft escalates

Russia has quietly arrested several suspects in one of the world's biggest cyberbank thefts, raising hopes of a previously unseen level of official co-operation in a country that has been a haven for criminals. full article

Airport Worker Accused Of "Skimming" Credit Cards

An Orlando International Airport parking garage worker is accused of using a credit card-scanning device to skim money from customers. full article

Firm denies hacking, stock manipulation charges

A Cyprus-based company accused of manipulating stocks on U.S. exchanges via compromised trading accounts denied the allegations on Friday, placing blame on "Russian swindlers." full article

Who's the Boss in Cloud Land?

But the concept raises numerous questions about security, compliance and responsibility. "We vendors haven't done a good enough job for you. We've hyped our technology and not delivered. If we're going to build security solutions, they must be more usable," said Phil Dunkelberger, president and CEO of PGP Corp. full article

Victorinox offers hackers £100,000 challenge

Swiss Army Knife maker Victorinox is asking the best of Britain's hackers to try and beat the biometric security built into its latest USB Flash drive-fitted penknife. full article

Germany warns surfers against Firefox

German's official cyber-security response team is advising surfers not to use Firefox pending the release of a patch to defend against a critical unpatched vulnerability. full article

Personal Finance: As ID theft grows, be on guard online

Sitting at the computer to pay your bills, go shopping or do your banking is common. It's quick, convenient and oh-so-green. full article

New ID Theft Threat: Facebook Cloning

It could be happening to you right now, you could be cloned on Facebook. This isn't a form of flattery, instead it's a means to steal your identity. full article

Report 1.8 Billion Cyber Attacks Per Month

You read that right. While the US government sits high on its perch, snipers are taking aim 60 million times a day. The Senate Security Operations Center alone receives 13.9 million of those attempts per day. full article

The Norton Top 10 Riskiest Online Cities Report Reveals Who’s Most Vulnerable to Cybercrime

Cybercrime, a threat that affects one in five online shoppers* and cost Americans $560 million in 2009 due to online fraud**, may hit closer to home than many realize. Norton from Symantec (Nasdaq: SYMC) teamed up with independent research firm Sperling’s BestPlaces to find and expose the nation’s top 10 cities most vulnerable to cybercrime. full article

Burlington is Canada’s riskiest online city, study says

Burlington, Ont., is the riskiest city in Canada when it comes to cybercrime, according to a study commissioned by Norton from Symantec, a company that sells online security software. full article

Beware of tax scams, IRS says

If you get a Facebook message, Twitter tweet or unexpected e-mail that purports to be from the IRS, don't trust it -- and don't give out personal information. full article

Illinois man remains in jail in check fraud case

An Illinois man was arrested in a Roseville-area motel in connection with what is believed to be a multistate payroll check and credit card fraud ring that victimized local banks and businesses, police said Saturday in a news release. full article

As health data goes digital, security risks grow

Over the next four years, the amount of personal medical information online will increase exponentially, opening up new avenues for hackers to expose personal data that, unlike financial information, can result in a permanent violation of privacy. full article

March 19, 2010

For cyberwarriors, murky terrain

By early 2008, top U.S. military officials had become convinced that extremists planning attacks on American forces in Iraq were making use of a Web site set up by the Saudi government and the CIA to uncover terrorist plots in the kingdom. full article

Former National City Bank debit accounts hacked

PNC Financial Services Group Inc. said Thursday it is investigating a breach of accounts affecting former National City Bank customers and their debit-card accounts. full article

20 Banking Breaches So Far in 2010

There have been 171 reported data breaches so far in 2010, and 20 of these involve financial services companies. full article

Dumped documents lead to internal investigation

Albany Police have launched an internal investigation after sensitive city documents were found near an alley garbage can. full article

Town of Poughkeepsie recovers $378,470 stolen by hackers

Town of Poughkeepsie officials Thursday night announced the town has recovered more than $378,000 in town funds alleged to have been stolen by cyber thieves. full article

New victims sought in ID theft probe

Sheriff's detectives investigating an identity theft case involving a Valencia laboratory publicized the crime Wednesday in the hope of finding other victims and suspects. full article

Virgin Mobile fined for pushing mobile spam

Virgin Mobile has been fined for sending spam messages to Australian mobile users who'd already opted out of receiving promotions. full article

Vodafone Spain admits 3,000 smartphones shipped with Mariposa

Vodafone Spain has accepted that 3,000 customers were potentially exposed to malware after Mariposa botnet agents strayed onto the HTC Magic smartphone. full article

Doctor, attorney among 19 charged in ‘Operation Big Fish’ auto fraud

Numerous defendants, including a chiropractor and an attorney, are accused of defrauding more than 19 insurers out of $549,000 through a staged auto accident ring in California dubbed “Operation Big Fish” by prosecutors. full article

FBI suspends IT overhaul

The FBI has put the brakes on key aspects of its massive computer overhaul project, at a cost of up to $30 million in overruns, to deal with design changes and technical problems, the New York Times reported. full article

Have agencies scrubbed the Conficker worm from their systems?

A company that has been tracking the scanning activity of the prolific Conficker worm says that traffic from infected government systems has dropped off significantly in recent months, which could indicate a successful effort to remediate infections. full article

Identity theft up by 20%

Information services group Experian said it handled more than 5,000 cases where people had had their identities stolen during the year, nearly a fifth more than in 2008. full article

Internet-related crime rose 110% in 2009

Victims of investment scams, phony work-from-home offers and fraudulent companies offering access to stimulus money reported a record number of financial losses in 2009. full article

FBI Says Cybercrime Skyrocketing

A new report from the FBI says the rate of cybercrime incidents is growing rapidly at a cost of hundreds of millions of dollars a year.

The latest data from the FBI's Internet Crime Complaint Center (IC3) confirms what online banks, security software vendors and Internet users have been complaining about for years: cybercrime is skyrocketing and costing people millions of dollars with no end in sight. full article

Spammers not affected by arrests

Bangalore: Even after series of arrest, net access cutoffs and by infiltrating command systems, spamming is still seen as a lucrative job for cyber criminals. There are four such networks which have been blocked completely but this has not inconvenienced hi-tech criminals who found other routes to send spam, say experts, according to BBC. full article

UK ahead of EU in cyber attack defences

The UK needs to work more closely with Nato to fend off cyber attacks on critical national infrastructure from Russia and China, but is otherwise “reasonably well-placed" to cope with such incursions. full article

'Cyber attack brought down national election website'

Arolen S.A., a firm contracted by private telecommunications company UNE to provide technical services for the recent congressional elections, blamed a cyber attack for downing the national elections webpage of the National Registry. full article

New Cybersecurity Act Eliminates Internet Kill Switch

In a rewritten version of the cybersecurity bill, President Obama no longer has a kill switch for the Internet. full article

March 18, 2010

States give inmates access to personal data of others

WASHINGTON — Prisons in eight states let convicts work in jobs that give them access to Social Security numbers and other personal information for the public, despite years of warnings that the practice should end, a federal audit finds. full article

Hacker Disables More Than 100 Cars Remotely

More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments. full article

Facebook to Pay $9.5 Million on Privacy Claims

(CN) - A federal judge in San Jose approved a $9.5 million consumer class action settlement against Facebook, stemming from its Beacon advertising program that the class claimed violated peoples' privacy. The controversial program launched in November 2007 allowed Facebook members to view their friends' purchases at Internet retailers like Zappos,, Blockbuster and Hotwire. full article

1 in 4 kids have tried hacking

Despite 78% agreeing that it is wrong, 1 in 4 of UK’s children have tried their hand at hacking into others’ Facebook accounts mostly by surreptitiously using the victims passwords. And it’s not just the boys – 47% admitting guilt are girls. full article

Windows XP: No IE9 for you

Microsoft becomes first major browser maker to drop support for world's most popular OS

Computerworld - Microsoft's new browser, Internet Explorer 9 (IE9), will not run on Windows XP, now or when the software eventually ships, the company confirmed Tuesday. full article

Flaw In Microsoft's Hypervisor Lets Attackers Bypass DEP, ASLR

Virtual PC hypervisor bug and proof-of-concept revealed by Core Security Technologies -- but Microsoft says it's not technically a vulnerability

Core Security Technologies has discovered a flaw in Microsoft's Virtual PC hypervisor that can be used by an attacker to cheat built-in, advanced security features in Windows. full article

Malware found on another HTC Magic smartphone

Second occurrence of malware on SD card shipped with the Android-based smartphone shows it could be a bigger problem with quality assurance

Traces of the now defunct Mariposa botnet has been found on another HTC Magic from Vodafone in Spain, security company Panda wrote in a blog post on Wednesday. full article

Student information part of security breach

According to Liz Latt and Beth Fortune in Public Affairs, a professor's desktop computer, containing the names and social security numbers of 7,174 current and former students, was stolen some time during the weekend of Feb. 6. full article

Madoff Computer Programmers Charged

MANHATTAN (CN) - Two computer programmers who worked for Bernie Madoff were charged on Wednesday with conspiracy and falsifying records, federal prosecutors said. Jerome O'Hara and George Perez are charged with maintaining programs that generated bogus records that fooled the SEC. full article

Child porn blocked by new 'fingerprint' system

Organisations are being offered an unusual new anti-child porn system that can identify and block real, individual images by comparing them to one of the world's largest databases of such pictures. full article

New Password-Stealing Virus Targets Facebook

Virus Attempts to Steal Banking Passwords, Other Sensitive Information

BOSTON (Reuters) - Hackers have flooded the Internet with virus-tainted spam that targets Facebook's estimated 400 million users in an effort to steal banking passwords and gather other sensitive information. full article

ACMA alleges Virgin Mobile spamming

The Australian Communications and Media Authority (ACMA)has accepted an enforceable undertaking from Virgin Mobile related to breaches of the Spam Act. full article

Security organisation gives IE9 warning

SANS Institute says security professionals and hackers both to profit from 'kicking the tyres' on IE9 full article

Estonia Defense Minister: Cyberattacks Will Grow

Three years after a widespread cyberattack temporarily shut down the Estonian economy, Estonia's defense minister said such incidents will only continue to grow. full article

Cybersecurity needs global rules: British lawmakers

(Reuters) - Europe's online security would best be served by developing global cyber regulation, ending current "ad hoc" international efforts, British lawmakers said on Wednesday, echoing industry calls for worldwide rules. full article

U of C warns patients after computer virus hits medical records

CALGARY - Thousands of patients at a University of Calgary clinic are being warned their personal health information could have been compromised after viruses infected a medical computer. full article

Madoff Beaten in Prison

Ponzi Schemer Was Assaulted by Another Inmate in December; Officials Deny Incident

Bernard Madoff, who is serving a 150-year sentence in North Carolina for running a fraud scheme that cost investors billions of dollars, was physically assaulted by another inmate in December, according to three people familiar with the matter. full article

'Jihad Jane' suspect pleads not guilty

Philadelphia, Pennsylvania (CNN) -- The American woman who authorities say called herself "Jihad Jane" pleaded not guilty Thursday to charges that she tried to help terrorists and kill someone in another country. full article

March 17, 2010

State agency’s internal data breached

MIAMI — A Florida Department of Law Enforcement analyst has been suspended for allegedly using critical law-enforcement databases to look up private information about her co-workers, their families and even at least one private citizen. full article

IRS, DOJ use social media sites to track deadbeats, criminal activity

Documents offer peek at use of social networking sites in investigations

Computerworld - Advocacy group the Electronic Frontier Foundation has obtained documents showing how law enforcement agencies and the Internal Revenue Service are gathering information from social networking sites for their investigations. full article

Fake PIN pad units in US chain store

As soon as we got used to the idea that we have to be very careful when using ATMs because they might be "skimming" devices attached onto them, we have to rearrange our way of thinking because it appears that no card terminal is safe. full article

Felon Ran $200 Million Ponzi, Victims Say

REDDING, Calif. (CN) - Eighteen investment LLCs say they were taken for more than $200 million by a recidivist felon who'd already served prison time for a $5 million gold swindle. James Koenig and his cohorts face 79 criminal charges in California after swindling 1,000 investors for $200 million, allegedly to invest in tax-sheltered senior housing centers across the nation. full article

$100 Million Ponzi Alleged; Leaders Vanish

MANHATTAN (CN) - A Colombian couple took $100 million from hundreds of investors in a Ponzi scam through their Florida-based company, FIT International Group, and when they were nailed for it, claimed to be distributing their remaining $12,690.74 "for the 'benefit' of creditors," a RICO class action claims in Federal Court. full article

Trucking the Money Away ...

MINNEAPOLIS (CN) - Transporta, supposedly a trucking company, was just a vehicle for a $6 million Ponzi scheme, a lender claims in Hennepin County Court. The company and its Denver and/or South Carolina-based owner, Michael Casazza claimed to have government contracts, but "Transporta LLC was not a real trucking company and had no government contracts," according to the complaint. full article

Scotts Valley couple suspected in three-county ID theft case

SANTA CRUZ — A simple theft report spun out into a spiderweb of illegal activity and led to the arrest of two career criminals suspected of stealing mail to forge checks and steal people's identities, the Sheriff's Office reported. full article

Judicial Services Officer Charged with Identity Theft

Richland County (WLTX) -- Richland County deputies have arrested and terminated a Judicial Services Officer accused of identity theft. full article

New Internet browser threat sneaks by traditional defenses

Internet browser threat 'DNS rebinding' alters nothing and is impossible to trace, researchers say

An undetectable browser exploit that bares corporate networks to attackers tops the list of the most potentially effective new attacks that have been devised by researchers seeking vulnerabilities to take advantage of, according to a study by White Hat Security. full article

Iran hacks opposition Web sites, arrests cyber activists

Iranian government say sites were affiliated with US espionage networks

Iran's Islamic Revolutionary Guards Corps hacked into 29 Web sites affiliated with U.S. espionage networks, Iran's semi-official Fars News Agency reported on Sunday. full article

SEC: Stocks boosted via hijacked accounts

A U.S. federal judge has agreed to freeze the assets of a company being accused of manipulating the stocks of 38 companies listed on the Nasdaq and New York Stock Exchange via compromised trading accounts, the U.S. Securities and Exchange Commission said Tuesday. full article

News of Corey Haim's funeral lead to fake AV

Corey Haim's death is old news by now, but fans of the prematurely deceased teen idol are still on the lookout for information concerning his death. full article

Caterers 'had access to patient files'

CATERING staff were able to access confidential patient information held on a €60m HSE record system which is being rolled out across the country. full article

Caterers 'had access to patient files'

CATERING staff were able to access confidential patient information held on a €60m HSE record system which is being rolled out across the country. full article

Fundraiser who vanished says he has new event

A Maryland man who vanished in January 2009 with thousands of dollars that he raised for a presidential inaugural ball for veterans that never happened — leaving sponsors, entertainers and ticketholders in the lurch — is back. full article

March 16, 2010

Tax mix-up riles woman

Darlene Clifford is concerned about her financial privacy after she received someone else's RRSP tax receipt. full article

'Customer data from Vodafone, Unitymedia was stolen - report'

Customer data of Vodafone Germany and German cable network operator Unitymedia have been sold on the black market by dubious call centres, according to German magazine Capital citing from the investigation files of the state prosecutor's office in Bonn. full article

Arrest leads to large cache of stolen credit cards, driver's licences, computers

City police found a stash of stolen credit cards, driver’s licences, debit cards and computers when they arrested a man wanted on 141 warrants last Friday. full article

Wrong T4s accidentally mailed to former staffers of MPs

OTTAWA — The House of Commons has launched an internal probe in the wake of an "administrative error" that resulted in hundreds of personal income tax forms mailed to the wrong addresses, Canwest News Service has learned. full article

Anti-virus suites still can't block Google China attack

The vast majority of consumer anti-virus products are still failing to block the Operation Aurora exploits used in the high profile attack against Google and other blue-chip firms last December, according to independent tests. full article

Crooks plant fake payment card terminals at multiple stores

Crooks planted bogus payment card processing terminals at multiple locations operated by the Hancock Fabrics chain store that allowed for the theft of sensitive financial data from customers, the company warned. full article

Facebook users warned over stalk-my-profile scam

A bogus application that lures Facebook users by falsely offering to show who has been viewing their profile has been exposed as a scam. full article

Police: Ledyard woman took USD49,000 in iPhone scam

If you want a cautionary tale about doing business with a company you don't know anything about, consider the story of a California businessman - I'll leave his name out of it - who ordered a batch of Apple iPhones last August from a liquidator who gave an address here in Ledyard. full article

Curious Employee Foils Corporate Credit Card Fraud Scam

Molly treasurer at XYZ Corp. in Miami, opened an e-mail from a former colleague who no longer worked for the organization. The e-mail read: “Hi Molly, there should be a refund of $716 on my old corporate Visa card from the IP Conference. I paid for, but did not attend, the conference and did not turn in the charge to XYZ for reimbursement. Can you have Visa issue a refund check to me? Thanks very much for your help.” full article

Delta: Phishing emails sent to customers

Delta Airlines issued a warning to its customers Monday warning about fraudulent emails sent out within the last 24 hours. full article

Bacteria Trail Betrays Identity Of Computer Users

Raising new privacy concerns, research shows that the DNA signatures of bacteria transferred to objects by human touch can be used for identification. full article

Feds arrest their first bank bailout fraud suspect

Federal authorities on Monday charged the former chief executive of a New York bank with being the first suspect to try and rip off taxpayer funds from the Troubled Asset Relief Program. full article

As Family Mourns Toddler's Death, Thieves Steal Her Identity

Someone saw the drowning death of a 21-month-old child as a chance to cash in. full article

State Police warns of phone calls from bogus “census takers”

Citizens of Wayne County are reminded that they should NOT under any circumstances give their personal identification such as Social Security Numbers, Date of Birth, Bank Account information, or schedule of when they will be home to any persons calling them in an unsolicited manner, said Cpl. Danny Martin, Pa. State Police- Honesdale. full article

March 15, 2010

Cyber Attack Dents Body Shop

A recent cyber attack on an auto body shop resulted in the theft of more than $200,000. full article

IRGC's Cyber Department Hacks 29 US-Backed Websites

The Islamic Revolution Guards Corps (IRGC) on Sunday announced that its cyber teams have hacked 29 websites affiliated with the US espionage network. full article

IT contractors convicted of UK casino hack scam

A pair of UK hackers who used false betting slips in a bid to con casinos into paying out on bogus gambles were undone by greed and a schoolboy maths error, a court heard. full article

IPL makes netizens easy bait to cyber criminals

New Delhi: With big-ticket sporting events like the football world cup and Commonwealth Games round the corner, Indians are more vulnerable to cyber crimes such as phishing and malware, says security protection software firm Symantec. full article

Phishing attack at University of Michigan

The University of Michigan has become the target of a new type of sophisticated and malicious email attack on university email accounts. full article

Cybercrime losses double in 2009

Losses from cybercrime and online scams more than doubled in 2009 to $559 million as Internet criminals used more sophisticated techniques, an FBI-led task force said on Friday. full article

Royal Bank of Scotland raiders' huge £6m haul in just 12 hours

COMPUTER hackers linked to the Russian mafia robbed Royal Bank of Scotland customers of £6million in 12 hours. full article

St. Louis police say computer was attacked

24 people may have had their personal information compromised following the cyber attack of one computer in the St. Louis Metropolitan Police Department, authorities said. full article

New reports of data breaches

Thousands are left at risk in Mass.

A number of companies, including Boston insurance giant John Hancock Financial Services, have in recent months reported stolen laptops and other breaches of data security, potentially exposing personal information about thousands of Massachusetts residents. full article

Man pleaded guilty to identity theft

A former Independent Health employee has begun a prison sentence of one and a third to four years for identity theft. full article

TD Bank worker charged with fraud

A former switchboard operator for TD Bank in Mount Laurel provided customer information to accomplices who withdrew more than $200,000 from victims' accounts, federal authorities say. full article

Sex offender caught after 33 years on the lam

A sex offender has been arrested after 33 years on the run, according to reports. full article

State leads investigation of sheriff's deputy alleged to have taken reports, data

A Lake County Sheriff's deputy is the subject of an ongoing investigation involving the alleged theft of documents and massive amounts of protected data, surveillance of fellow deputies and allegations that he posted an investigative report on the Internet because of political motivations. full article

S.Korea to probe huge online data leak

South Korea said Friday it would launch a probe into security systems of major retailer Shinsegae and 24 other companies after private data on some 20 million customers was leaked. full article

Federal indictment alleges doctors aided in $1 million health fraud

Two Illinois doctors and a billing employee were indicted on federal health care fraud charges, accused of submitting false claims of more than $1 million to obtain payments from insurers for services never provided and for inflating claims for work they did perform. full article

March 12, 2010

Database state breached 11 times

Home Secretary Alan Johnson has given Parliament some details on the most recent breaches of the various identity databases held by his ministry. full article

TJX Hacking Conspirator Gets 4 Years

Humza Zaman, a co-conspirator in the hack of TJX and other companies, was sentenced Thursday in Boston to 46 months in prison and fined $75,000 for his role in the conspiracy. The sentence matches what prosecutors were seeking. full article Shuttered After Fraud Complaints

Audio visual cabling giant shut down its Web site – possibly for the next couple of weeks – while it investigates the possible compromise of its customer credit and debit card information. full article

Computer stolen from bank contained customer information

THEFT, WILSON MILLS ROAD: On March 1, a financial advisor at US Bank, 5154 Wilson Mills, reported a laptop missing from his desk. full article

Ex-TSA worker allegedly sabotaged computer containing terrorist data

A former Transport Security Administration analyst has been indicted with trying to sabotage a computer that contained a database for screening potential terrorists who may be trying to fly in the US. full article

Bank phishing profits up by 14 per cent

Online banking losses rose last year by 14%, according to the UK Cards Association, although overall losses card fraud fell. full article

Rise in online fraud highlights computer security needs

Individuals need to step up their computer security efforts as online fraudsters increasingly target home users rather than larger corporations, it has been claimed. full article

Sarah Palin testifying against hacker

Former Alaska Gov. Sarah Palin will testify in person next month against a college student who hacked into her e-mail account during the presidential campaign, Palin’s lawyer confirmed to POLITICO. full article

India, Mexico, Brazil have most Mariposa bots

An analysis of the dismantled Mariposa botnet has revealed that it consisted of 13 million infected PCs spanning 190 countries and 31,901 cities worldwide, according to anti-virus vendor Panda Security. full article

Koobface worm can double command and control servers in 48 hours

The Koobface worm, which targets social networking sites, can double the number of command and control (C&C) servers in 48 hours, says security firm Kaspersky Lab. full article

USB stick blamed for DHB's virus shut-down

A USB stick inserted in a carpark booth computer at Waikato Hospital has been blamed for bringing down the district health board's computer network in December last year. full article

Turkey examines PKK hacker ring

Turkish police rounded up more than 20 suspects in 13 provinces on allegations of computer hacking and ties to the outlawed Kurdistan Workers' Party. full article

McAfee inadvertently speeds creation of Metaploit IE exploit pack

A security researcher has credited McAfee for helping him to develop exploit code that cracks open an unpatched flaw in older versions of Internet Explorer. full article

Safari update cages numerous security bugs

Apple published an update of its Safari browser on Thursday that plugs 16 security vulnerabilities. full article

SSD tools crack passwords 100 times faster

Password-cracking tools optimised to work with SSDs have achieved speeds up to 100 times quicker than previously possible. full article

Drummond Group in EHR testing for the "long term"

Officials at Drummond Group, Inc., announced on the company's blog that after a "thorough review" of the recent notice of proposed rule making, it will apply this year to become an Office of the National Coordinator-Authorized Testing and Certification Body (ONC-ATCB). full article

Vodafone HTC Smartphone Ships With Malware

Researchers at antivirus software vendor Panda Security are used to finding malicious code in every nook and cranny of the Internet. But this week they stumbled across something even more concerning: a colleague's new Vodafone HTC Magic smartphone was shipped with a motley assortment of malware samples, including the potent Mariposa botnet. full article

Medical records found in drive-thru trash can

When a fast food worker found three folders with private information on three different people, he decided to call KENS 5. We tracked down the three men who were none too happy to find their personal information compromised. full article

Financial ID theft on rise

Protecting your personal information requires more than keeping your credit card safe as savvy thieves now target businesses and organizations that have access to personal data. full article

Utah State Legislature ID Law

New legislation is being introduced in the Utah State Legislature that supporters say would help protect children from identity theft. Utah Attorney General Mark Shurtleff is pushing the bill aimed at protecting the identity of Utah state children. full article

Medical Records the Latest Target for ID Thieves

Health insurance is becoming a new target for identity thieves. full article

SEC halts alleged Ponzi scheme targeting Ill., Calif. retirees

The U.S. Securities and Exchange Commission received an emergency court order to shut down an alleged Ponzi scheme targeting retirees in California and Illinois it says took in $20 million with only $900,000 currently in the possession of the alleged perpetrators. full article

Owner of Club Kalua Arrested for Allegedly Running $2 Million Queens Mortgage Scheme

Queens County, the new hotbed of white collar crime and prosecutions, is the home of another alleged fraudulent scheme being prosecuted by the Queens County District Attorney's Office. According to a Queens County District Attorney's Office press release, Roger Arias, Martina Duran (a.k.a. Gladys Arroyo), Aldo Bussi, Ramon Gaston, and Percy Randall are alleged to have taken part in a $2 million Mortgage Fraud and Identity Theft scheme. full article

ZeuS botnet code keeps getting better for criminals

New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC. full article

Security industry faces attacks it cannot stop

Analysis: Today's security products not much help for advanced persistent threat attacks full article

Tighter security coming for .org names

The Public Interest Registry will add an extra layer of security known as DNS Security Extensions (DNSSEC) to the .org domain in June -- a move that will protect millions of non-profit organizations and their donors from hacking attacks known as cache poisoning. full article

March 11, 2010

Man charged with faking medals goes to court

HUNTSVILLE, Ala. — A 26-year-old man accused of wearing military medals he didn't earn is due in federal court in Huntsville on Thursday for arraignment. full article

HSBC: Data Theft Incident Broader Than First Thought

HSBC said Thursday about 15,000 accounts of its Swiss private banking unit were compromised after an employee allegedly stole data, some of which ended up in the hands of French tax authorities. full article

Former TSA analyst charged with computer tampering

IDG News Service - A U.S. Transportation Security Administration analyst has been indicted for allegedly tampering with databases used by the TSA to identify possible terrorists who may be trying to fly in the U.S. full article

$20 Million Ponzi in L.A., SEC Says

LOS ANGELES (CN) - The SEC obtained an emergency order to stop a $20 million Ponzi scam that invited suckers to meetings at country clubs and banquet halls, then promised 11 percent returns on "Turkish Eurobonds," federal prosecutors say. The SEC says Francois Durmaz and Robert Pribilski preyed on retirees through USA Retirement Management Services, with offices in Irvine, Los Angeles, and Oakbrook Terrace, Ill. full article

FTC Releases Agenda for Final Roundtable on Consumer Privacy

The Federal Trade Commission has released the agenda for its final roundtable on consumer privacy issues scheduled for March 17, 2010, at the FTC Conference Center, 601 New Jersey Ave,. NW Washington DC, 20001. The Roundtable is the last of three public events designed to explore the privacy challenges that are posed by technology and business practices that collect and use consumer data. The agenda, includes a panel addressing Internet architecture and privacy issues, panels focusing on health and other sensitive consumer information, and a concluding panel to discuss lessons that have been learned from all three roundtables and possible ways forward. full article

Thrivent Financial Suffers Breach Of Security

A Great Lakes-based insurer says it has suffered a security breach that may have compromised sensitive client data. full article

Six newly revealed breaches on HHS site

It seems that using the new HHS/OCR web site will be even more difficult to use than I anticipated, as they are sorting breach reports by the date of breach, not date that the incident was added to their site, so I have to review the entire list to see what’s been added instead of just looking for what’s new at the top of the list. full article

Reader exploit prompts Adobe update alert

Malicious PDF downloads a Trojan backdoor onto systems that have not implemented the patch issued only three weeks ago full article

Citibank apologizes after exposing 600,000 Social Security numbers

Read any good envelopes lately? If you did and you have criminal intent, you might have just won the identity-theft lottery. full article

EU Parliament rejects secretive ACTA in vote for openness

Computerworld UK - The European Union's Parliament has approved a common resolution that calls for openness over the Anti-Counterfeiting Trade Agreement (ACTA), voting 663-to-13 vote that ACTA contradicts agreed EU laws on counterfeiting and piracy online. full article

Pennsylvania's Web security officer leaves post a week after talking about PennDOT hacking incident

Last week, Pennsylvania’s chief information security officer Robert Maley was at an information security conference in San Francisco talking about a hacking incident involving PennDOT’s computers. This week, Maley is gone. full article

March 10, 2010

LifeLock Will Pay $12 Million to Settle Charges by the FTC and 35 States That Identity Theft Prevention and Data Security Claims Were False

LifeLock, Inc. has agreed to pay $11 million to the Federal Trade Commission and $1 million to a group of 35 state attorneys general to settle charges that the company used false claims to promote its identity theft protection services, which it widely advertised by displaying the CEO’s Social Security number on the side of a truck.. full article

VA investigating security breach of veterans' medical data

The Veterans Affairs Department's inspector general has launched a criminal investigation into a physician assistant's alleged downloading of veterans' clinical data at its Atlanta medical center, sources have told Nextgov. full article

Breaches Affecting 500 or More Individuals

As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. The following breaches have been reported to the Secretary. full article

Breach hits hundreds of employees

A data breach involving unauthorized access to paper records of Brown employees and their family members occurred in December, and Brown officials were notified of the breach Jan. 5, said David Sherry, chief information security officer. full article

UTMB sends more letters to possible ID theft victims

One month after mailing letters to 1,200 patients whose confidential information may have been stolen in 2009, the University of Texas Medical Branch at Galveston this week sent 1,200 letters to other patients whose financial data could have been breached by the same person. full article

Perceived Security vs. Real Vulnerability: Is Your Data at Risk?

Combining the benefits of automated governed and managed file transfer in one centralized, highly secure platform allows organizations the flexibility to implement more modern, efficient file transfer processes, easily add new partners, and speed up the delivery of new business services to customers. full article

UK plastic fraud losses fall for first time in 3 years

Online banking losses up though full article

Twitter adds filter to cut phishing lines

Twitter has tightened up security procedures in order to curtail phishing attacks against users of the micro-blogging service, which have become rampant over recent weeks. full article

Suburban woman accused of using net to recruit terrorists

Feds cuff JihadJane

Fears of increased identity fraud as bankruptcy goes online

The introduction of a new online system for bankruptcy petitions has raised concerns that fraudsters may use the system for criminal activity. full article

Cybersecurity program has serious defects, GAO says

Implementing the Comprehensive National Cybersecurity Initiative, a broad program intended to protect the nation’s cyber infrastructure, has been hampered by a lack of coordination and transparency, according to the Government Accountability Office. full article

Phony Web Site Targets Madoff Victims, Claims $1.3B Discovered In Hideout

Victims of Bernard Madoff's Ponzi scheme are being warned of another possible scam – a suspicious Web site claiming $1.3 billion has been recovered from a Madoff hideout in Malaysia and asking investors to submit personal information to obtain their share of the money. full article

Woman admits to stealing her young daughter's identitity

Misti Cope, 31, was accused of defaulting on $1,200 in payments to Duke Energy in May 2007 on an account in her then-4-year-old daughter’s name, Hamilton County court records show. full article

Those seeking license renewal driven to frustration

For Charlotte Cooper, getting a renewed Florida driver's license has been a challenge to her patience as well as her pocketbook. full article

March 9, 2010

Prosecutors charge trio in identity theft ring that netted $2 million

Prosecutors charged a trio of suspected identity thieves each with nearly two dozen criminal charges Monday for allegedly taking $2 million by using credit card skimming technology at gas pumps. full article

Missing Hard Drive Risks ID Of 35,000 Ark. Soldiers

The Arkansas National Guard now said 35,000 current and former soldiers are at risk of identity theft because of a missing computer hard drive. full article

IRS warns of e-mail scam

The Internal Revenue Service warns taxpayers that e-mail scams are circulating that fraudulently use the IRS name or logo as a lure. full article

Cybercrimes expand to global brands

While financial institutions still top the phishing radar, cybercriminals are now moving beyond to top brands, with one of the recent victims being a hardware manufacturer, according to the latest Anti-Phishing Work Group report. full article

Seagate identity thieves nabbed for murder

Swiping Irina Malezhik and Viktor Alekseyev’s identities wasn’t enough. Dimitry and Julia Yakovlev had to take their lives as well, federal prosecutors announced last week when they filed murder and fraud charges against the Sea Gate couple. full article

Medical Identity Theft: How to Protect Yourself

Victims Say Credit Reputations Ruined by Medical Identity Thieves full article

The dark side of digital ‘love’

Sometimes, the click of a mouse can be a hurtful tool in the wrong hands full article

Sophisticated Minnesota fraud ring has global tentacles

Investigators say members steal ID, credit card and ATM data from banks and trash cans. full article

Brother, can you spare an identity?

A South Philadelphia man pleaded guilty in federal court yesterday to stealing his brother's identity in connection with a scheme to fleece the Veterans Administration for free medical benefits at a methadone clinic. full article

High School Reunion Ruin: Sued Over Opt-Out Privacy Setting Change

Two members of networking site have sued the service for allegedly violating their privacy by revising the service to make members' information more accessible to the Web at large. full article

Opera confirms critical browser bug

Opera Software yesterday confirmed a critical vulnerability in its Windows desktop browser, and said it is working on a patch. full article

FDIC: Hackers took more than $120M in three months

Ongoing computer scams targeting small businesses cost U.S. companies $25 million in the third quarter of 2009, according to the U.S. Federal Deposit Insurance Corporation. full article

Police: Man Eyed in 2nd Calif. Teen Murder

A registered sex offender charged with murdering a teen girl last month is a focus of the investigation into the death of a 14-year-old girl whose remains were found more than a year after she disappeared near her school, police said Monday. full article

March 8, 2010

IT scurries to meet e-health records deadline

Health care providers must start EHR projects before the feds finish writing the rules

Computerworld - U.S. hospitals and physicians have four years to deploy comprehensive electronic health records (EHR) systems if they hope to snag some of the billions of dollars the federal government has earmarked to reimburse them for the work. full article

USB battery charger installs Trojan

The software that shows to which extent the battery is charged through the Energizer DUO USB recharger comes bundled up with a Trojan, says US CERT. full article

Is chasing cybercrooks worth it?

(CNN) -- This week's arrests of three men in connection with one of the world's largest computer-virus networks may seem like great news -- perhaps even a sign authorities are starting to win the war against cyberthieves. full article

Thailand approves credit card hacker's extradition to US

IDG News Service - A Thai court has approved the extradition to the U.S. of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the U.S. full article

Zuckerberg hacked into journalists' email?

The renowned Facebook co-founder has been accused three years ago of stealing the source code and the business plan for the social network from some Harvard colleagues and for sabotaging their efforts by delaying the development of their site so that Facebook could be the first one to see the light. full article

Phishers Targeting More Online Brands

The latest survey by the Anti Phishing Working Group shows that organized phishing syndicates are working all the angles to get their hands on the most valuable data. full article

Spear phishing aimed at high-value targets increases

Spear phishing aimed at high-value targets increases. The Anti-Phishing Working Group (APWG) released its Q4, 2009 Phishing Activity Trends Report, which reveals that eCrime syndicates are expanding the base of brands they exploit for online fraud far beyond major financial institutions and online merchants, with the number of hijacked brands reaching a record 356 in October, up nearly 4.4 percent from the previous record of 341 in August 2009. full article

Police get Webcam pictures in school spy case

Two IT employees at Pennsylvania's Lower Merion School District have been put on administrative leave, and pictures taken from Webcams on school-issued computers have been turned over to the local police department, according to the attorney of one of the employees now on leave. full article

Shands notifies 12,500 patients that data at risk

Shands HealthCare has notified about 12,500 patients that a laptop containing their medical information was stolen in January. full article

UWMC patient financial information compromised

In early February, an employee of the National Collection Office (NCO) Financial Systems Inc., a debt-collection agency that UW Medicine contracts with, violated security and compromised at least 50 confirmed contacts, and as many as 80 more are being investigated. full article

Argos exposes customers' credit-card numbers in emails

High street retailer Argos has compromised its customers' security by sending their credit-card details - including the vital security code - in unencrypted emails. full article

UT Southwestern alerts patients of possible identity theft

The University of Texas Southwestern Medical Center is advising 12,000 patients to guard against fraud after a former employee was found in possession of a limited amount of patient billing data. full article

Westin hotel in LA reports possible data breach

IDG News Service - People who stayed at the Westin Bonaventure Hotel & Suites in Los Angeles last year and used their credit or debit card to eat there should keep a close eye on their bank statements. full article

Internet hit by wave of ransom malware

Criminals re-used an attack from 2008 to hit the Internet with a huge wave of ransomware in recent weeks, a security company has reported. full article

US citizen a key player in alleged Italian telecom fraud

IDG News Service - An apparently well-connected Soviet-born U.S. citizen has emerged as a key player in a massive Italian telecom fraud, according to court documents and published reports. full article

Feds indict couple again in theft, sale of patients' data

Last year, they were charged with running a racket to pilfer patient records from Jackson Memorial Hospital to sell to lawyers for personal-injury claims. full article

Biometric answer to ID fraud has limits: expert

(Reuters) - The advent of the electronic frontier will limit the kind of identity fraud perpetrated by the killers of a Hamas commander in Dubai but will not eradicate the practice entirely, a border security expert says. full article

Fake drug peddlers hijack academic websites

Legal sites are often compromised and used as a stepping stone through which the user is taken to a malicious site. full article

Security and Privacy? Forget About It

Securing the United States' digital infrastructure against foreign and domestic cyberattacks could mean less privacy for Internet users. Security experts are debating just how far the government should be allowed to snoop -- or whether private enterprises, not government agencies, should be the ones doing the snooping in the first place. full article

Paypal freezes Cryptome

eBay Inc has suspended Cryptome's PayPal account, confiscating donations made to the site in the past two weeks. New York architect John Young has refunded around $5,300 to donors. full article

Four Indicted in $25 Million Scheme Defrauding and Hacking Ticketmaster,, and Other Ticket Vendors

Three men who used fraud, deceit, and computer hacking to make more than $25 million by acquiring and reselling more than 1.5 million of the most coveted tickets to concerts, sporting events, and live entertainment throughout the United States surrendered to federal authorities this morning after being charged in an Indictment, U.S. Attorney Paul J. Fishman announced. full article

E-Verify misses half of illegal workers, can't detect fraud, research company says

The system that Congress and the Obama administration want employers to use to help curb illegal immigration is failing to catch more than half of the unauthorized workers it checks, a research company has found. full article

S. Florida couple accused of stealing, selling patient info — again

Last year, they were charged with running a racket to pilfer patient records from Jackson Memorial Hospital to sell to lawyers for personal-injury claims. full article

FBI Warns Brewing Cyberwar May Have Same Impact as 'Well-Placed Bomb'

NATO and America's European allies are sounding the alarm over what they say are increased cyber attacks originating from China that are targeting key government and intelligence computers. full article

Rai$ing the dead in Medicaid 'rip-offs'

Paging Dr. Frankenstein. A massive state audit claims that health-care providers billed Medicaid for services provided to 287 dead patients. full article

March 5, 2010

FBI embeds cyber-investigators in Ukraine, Estonia

IDG News Service - Hoping to catch cybercrooks, the FBI has begun embedding agents with law enforcement agencies in Estonia, the Ukraine and the Netherlands. full article

Class Says Internet Dating Site Loots Their Address Books

LOS ANGELES (CN) - Internet dating site loots email address books and uses them to solicit new members with viral email that makes it appear the messages come from friends, according to a federal class action. The class claims that Irvine-based WooMe promises it will not use their personal email information, but uses licensed software to copy their "entire email address book ... to send its solicitation emails to all the users' contacts who are not WooMe subscribers." full article

Cloud security, cyber war loom over RSA Conference

Trusting corporate data to the cloud is a risk to be dealt with, experts say

SAN FRANSISCO -- Cloud security loomed over the RSA Conference this week as a major concern of business, but worry about the threat of cyber war was also strong, with officials from the White House and FBI weighing in to encourage private participation in government efforts to defend information and communications networks. full article

FBI Director: Hackers have corrupted valuable data

Robert Mueller called the attacks a threat to the nation's security

IDG News Service - Hackers breaking into businesses and government agencies with targeted attacks have not only stolen intellectual property, in some cases they have corrupted data too, the head of the U.S. Federal Bureau of Investigation said Thursday. full article

Miami Couple Accused of $135 Million Ponzi Scheme

Business owners allegedly targeted investors at charitable and religious gatherings and at social functions in their home, according to the SEC

The Securities and Exchange Commission on Wednesday charged a prominent Miami-based business leader and his wife with fraud, alleging they conducted a $135 million Ponzi scheme involving real estate investments from hundreds of elderly Cuban-American investors living in South Florida. full article

Purcell lawyers in complaint over data breach

Lawyers for the ex-boss of Glasgow City Council say claims in a newspaper relating to his health were leaked by former colleagues.

The complaint relates to reports in The Scotsman newspaper, which claimed Mr Purcell's in-house team of advisers were about to reveal the reasons behind his sudden departure as head of Scotland's largest local authority. full article

How Koobface has evolved to stay a step ahead

The Koobface worm is a case study of how swiftly cybercriminals react to emerging trends. Koobface first appeared in the fall of 2008 just as social networks were getting hot. Its creators initially sent Facebook users friendly messages asking them to click on a link to see a video. full article

Cyber Threats Pit Privacy Versus Security

Security experts are torn between just how far the government and the private sector should go to protect critical data from cyber criminals without violating individual rights. full article

ICO urges data protection

A report urging organisations to put a value on personal information and invest in privacy protection was released by the Information Commissioner's Office this week. full article

Prosecutors: ID theft case takes deadly turn

New York (CNN) -- An identity theft case involving a Brooklyn couple has taken a more serious turn, according to federal prosecutors. full article

March 4, 2010

DoD to reduce use of Social Security numbers

The Defense Department is preparing to launch a military wide effort to reduce the use of Social Security numbers to lower the chances of identity theft for military and civilian workers and contractors. full article

Tracing attack source key to cybersecurity strategy, Chertoff says

Former DHS chief talks of difficulties in creating a national deterrence plan

Computerworld - SAN FRANCISCO -- The difficult task of identifying the true sources of cyber attacks remains one of the biggest challenges in the development of a national cybersecurity strategy, former Department of Homeland Security Secretary Michael Chertoff told Computerworld in an interview at the RSA Security conference here today. full article

Maine Bill Would Restrict Birth, Marriage Records

AUGUSTA, Maine (AP) ? Maine lawmakers heard arguments Wednesday for a bill that would restrict the release of birth and marriage records as a way to combat fraud and identity theft. full article

Israeli raid called off after Facebook slip

JERUSALEM — The Israeli military says a planned raid on a West Bank village was called off after an Israeli soldier disclosed its details online. full article

Tweet this: Social network security is risky business

Panel discussions at RSA focus on a more social attack vector

Computerworld - SAN FRANCISCO -- Businesses are still trying to figure out what to make of social networking. The knee-jerk impulse at some companies is to ban its use because it's insecure and seen as unproductive, while at others it's viewed as, in fact, the way a lot of people now get work done. full article

Credit Repair Scammers Settle FTC Charges

A credit repair company that falsely claimed it would help boost consumers’ credit ratings will settle Federal Trade Commission charges filed last year as part of “Operation Clean Sweep,” a federal-state crackdown on credit repair scams. full article

New BlackEnergy Trojan Targeting Russian, Ukrainian Banks

Botnet lets attackers steal online banking credentials and DDoS Russian and Ukrainian banks

SAN FRANCISCO -- RSA Conference 2010 -- Russian hackers have written a more sophisticated version of the infamous BlackEnergy Trojan associated with the 2008 cyberattacks against Georgia that now targets Russian and Ukrainian online banking customers. full article

Financial Services Firms Ripe for Data Attacks

Study finds porous data protection policies and technologies are putting millions of customers -- and their assets -- at risk.

Sloppy operating practices across the financial services sector leave firms vulnerable to breaches that could expose sensitive data or put customers' and employees' privacy at risk, according to a new study from the Ponemon Institute. full article

Feds weigh expansion of Internet monitoring

SAN FRANCISCO--Homeland Security and the National Security Agency may be taking a closer look at Internet communications in the future. full article

RSA authentication weakness discovered

The most common digital security technique used to protect both media copyright and Internet communications has a major weakness, University of Michigan computer scientists have discovered. full article

Monster botnet held 800,000 people's details

Fourth zombie admin could be in South America

The Mariposa botnet had the power to dwarf Georgia and Estonia cyberattacks if it had been used to launch denial of service attacks, say Spanish police. full article

eBay scammer gets four years

The leader of a UK-based gang who made millions selling counterfeit luxury golf kit and other knock-off goods through auction site eBay has been jailed for four years. full article

Data mining

Doctors ease into electronic records; barriers to braodband expansion; and the decade's biggest data losses

Physician offices have increased their use of electronic health records by 9.7 percent in the past year, according to a survey by research firm SK&A. In the United States, 36.1 percent of medical offices now use EHRs, compared with 32.9 percent a year ago. full article

Hacking human gullibility with social penetration

Security penetration testers Mike Bailey and Mike Murray rely plenty on attacks that exploit weaknesses in websites and servers, but their approach is better summed up by the famous phrase "There's a sucker born every minute". full article

March 3, 2010

RSA 2010: identity management key to cloud security, says Microsoft’s Scott Charney

Identity is important on the internet, but this is amplified in the cloud, says Scott Charney, corporate vice-president of Microsoft's Trustworthy Computing Group. full article

Medical identity theft strikes 5.8% of U.S. adults

Network World - Identity thieves are not only interested in tapping financial resources, but are also after your medical identification data and services. full article

Nonprofit Says it Was Scammed for $2M

(CN) - An Ohio-based Ponzi scammer used his businesses, Money Market Alternative and Hybrid Money Market Management, to bilk a Swedish nonprofit of nearly $2 million, the Vasa Order of America claims in Cuyahoga County Court, Cleveland. The Akron Beacon-Journal reported that previous lawsuits accused lead defendant Enrique Villalba of taking as much as $18 million in the Ponzi scam. full article

Spanish police take down massive Mariposa botnet

IDG News Service - Spanish authorities have arrested three men in an operation that has crushed a major botnet network of infected computers. full article

Ponemon Study: Voice Calls May Be At Risk

83 percent of companies do not train users on the dangers of using cell phones in high risk areas, survey says

SAN FRANCSICO -- RSA Conference 2010 -- A survey released today by the Ponemon Institute suggests that large and medium businesses are putting themselves at risk of cell phone voice call interception. full article

Microsoft exec suggests Internet tax to pay for cyber security

Charney equates infected PCs with infected people, and suggests the equivalent of quarantines to stop malware from spreading

How will we ever get a leg up on hackers who are infecting computers worldwide? Microsoft's security chief laid out several suggestions Tuesday, including a possible Internet usage tax to pay for the inspection and quarantine of machines. Today most hacked PCs run Microsoft's Windows operating system, and the company has invested millions in trying to fight the problem. full article

Man swallows flash drive, charged with obstruction

Think of the worst thing you have ever swallowed. Haggis, perhaps? Maybe pig's ear? Arguments you have swallowed don't count. You see, I want to get you into the appropriate mood for the story of Florin Necula. Necula seems to have gotten himself into a bothersome situation with the upstanding members of our Secret Service. full article

Debt Collectors Will Pay More Than $1 Million to Settle FTC Charges

Claimed Debts Were Owed Despite Consumers’ Disputes

A nationwide debt collector has agreed to pay a civil fine of more than $1 million to settle Federal Trade Commission charges that it violated federal law by inaccurately reporting credit information and pressing consumers to pay debts they often did not owe. full article

White House Offers Glimpse of Cybersecurity Program

The White House yesterday released a newly declassified description of the Comprehensive National Cybersecurity Initiative (CNCI), a highly classified program that is intended to protect U.S. government computer networks against intrusion and disruption. full article

'Shoulder surfing' latest way identity thieves target you

TEMPE, AZ -- You could be a victim of identity theft and never know it. full article

File-Sharing Software Potential Threat to Health Privacy

The personal health and financial information stored in thousands of North American home computers may be vulnerable to theft through file-sharing software, according to a research study published online in the Journal of the American Medical Informatics Association. full article

ER worker accused of stealing dying man’s credit cards

This is not the first time we’ve heard about hospital workers stealing dying patients’ credit cards or information, but it is nonetheless distressing. Candice Ferrette reports on a case at Westchester Medical Center in NY, where a patient care technician in the emergency room has been accused of stealing credit cards from a dying plane crash victim and then going on a high-end spending spree. The theft was not the first incident in which the technician was involved, it seems. He was also accused of stealing a credit card from another emergency room patient in October. full article

Lawsuit filed against Elgin clinic over P2P breach

Officials from a local medical clinic remained silent Monday about claims they allowed sensitive information on AIDS patients to be leaked. full article

Woman charged with stealing patients' identities

Detectives have arrested a West Palm Beach-area woman, accusing her of stealing personal information of diabetes patients. full article

Zombie tactics threaten to poison honeypots

Innovations in botnet technology threaten the usefulness of honeypots, one of the main ways to study how bot herders control networks of zombie PCs. full article

BMA branch opposes fast rollout of summary e-records

A branch of the British Medical Association has issued a statement supporting the concerns of doctors who are reluctant to allow patient records to be uploaded to a central database as part of the £12.7bn NHS IT scheme NPfIT. full article

March 2, 2010

Data theft creates notification nightmare for BlueCross

IDG News Service - A break-in one evening last October at a shopping mall in Chattanooga, Tennessee, is proving expensive for BlueCross BlueShield of Tennessee. full article

Four indicted for $25M online ticket fraud scheme

Wiseguy Tickets allegedly hacks its way to Springsteen, Rose Bowl, Broadway tickets

Computerworld - Four men have been indicted for illegally buying and reselling tickets to major concerts, a Rose Bowl game and tapings of the television show Dancing with the Stars. full article

Microsoft: Don't Press F1 Key in Windows XP

Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE). full article

Court rules anti-terror data storage illegal

In a victory for privacy advocates, Germany’s highest court on Tuesday knocked down an anti-terrorism law that allows authorities to store all phone and internet records of private citizens. full article

Former Bank Vice President Sentenced for Fraudulently Transferring Money from Clients’ Accounts

Made 21 Fraudulent Wire Transfers in Seven Months Totaling $226,000

BALTIMORE, MD—U.S. District Judge J. Frederick Motz sentenced Andrew Rosenfeld, age 39, of Ellicott City, Maryland, today to one year and a day followed by five years of supervised release for conspiracy to commit bank fraud. Judge Motz also ordered that Rosenfeld pay restitution of $226,000. full article

Spam disguised as spam notification

In their constant battle against anti-spam filters, spammers have recently started to camouflage their messages as spam quarantine notifications. full article

Botnets cause surge in February spam

Spam now accounts for close to 90 percent of all e-mail worldwide due to a surge in February, according to Symantec. full article

PS3 console errors fixed, leap year bug to blame

Reports are still scattered, but after testing our own PS3, it appears the global 8001050F error that left most non-Slim PS3 consoles essentially unplayable seems to be fixed. We're guessing this issue was corrected on the server side of things, as there was no update or download required; our console just worked. full article

Top 7 threats to cloud computing

The Cloud Security Alliance and HP have presented today new research findings that detail the potential threats linked to the use of cloud services. full article

Industrialized Cyberattacks Infect Educational Servers Worldwide

Imperva report warns that hackers have become industrialized and represent an exponentially increased threat to individuals, organizations and government

REDWOOD SHORES, CALIF., "March 1, 2010" Imperva, the data security leader, today released a new report warning that hackers have become industrialized and represent an exponentially increased threat to individuals, organizations and Government. Imperva's report says the emerging industrialization of hacking parallels the way in which the 19th century revolution advanced methods and accelerated assembly from single to mass production. The result is that today's cybercrime industry has transformed and automated itself to improve efficiency, scalability and profitability. full article

One quarter of Germans fine with microchip skin implant

It sounds like something from a creepy science-fiction film, but a poll published on Monday showed one in four Germans would be happy to have a microchip implanted in their body if they derived concrete benefits from it. full article

Chelsea King's Disappearance: Who Is Watching California's Sex Offenders?

Investigators Searching California Coastline After Finding Piece of King's Clothing

Chelsea King's family is holding out dwindling hope that their bright-eyed daughter will one day return home, but the growing link between the missing San Diego-area teenager and a known child molester has raised questions about why he was allowed on the street. full article

Lockheed seeks to predict cybersecurity threats

GAITHERSBURG, Maryland (Reuters) - Lockheed Martin Corp, the No. 1 information technology provider to the U.S. government, is working hard to better predict and protect against increasingly sophisticated and stealthy cyber attacks. full article

Medical Files Left in Recycle Bins

A visit to the doctor’s office is supposed to make you feel better, from a sore throat to wheezing and coughing. But some patients are now feeling sick to their stomachs after FOX 5 uncovered a serious threat to their privacy. full article

Old Brit Faces Long Term for Fraud

LOS ANGELES (CN) - A 65-year-old British man faces up to 170 years in federal prison for bilking investors of $7.3 million and spending the money on a high-priced home and a Land Rover. A jury took just 20 minutes to find him guilty after a 2-week trial, the U.S. Attorney's Office said. full article

Police: Little Falls woman stole identity

LITTLE FALLS — A Little Falls woman was charged with stealing someone’s identity in connection with theft allegations, according to city police. full article

Police: Fake bridal show signs up thousands

Authorities say around 6,000 people and vendors signed up for the scam

BOSTON - Scammers set up a Web site advertising a fake bridal show billed as the "biggest and most extravagant" and used it to steal from thousands of brides-to-be and their vendors, who were lured by chances to win "fabulous gifts and prizes," police and FBI experts said Monday. full article

Ethical considerations in P2P research

Michael Zimmer has recently raised ethical questions about research utilizing publicly available information from sites such as Facebook and Twitter. Similarly, ethical questions have also been raised by a group of researchers who investigated exposure of personal financial information and personal health information on peer-to-peer or file-sharing networks. full article

March 1, 2010

More than 100 companies targeted by Google hackers

IDG News Service - The hackers who broke into Google two months ago have gone after more than 100 companies, according to an estimate by security vendor Isec Partners. full article

Student Fined $27,750 for Sharing 37 Songs

(CN) - The 5th Circuit ordered a college student to pay $27,750 for illegally sharing 37 copyrighted songs on a peer-to-peer file-sharing network. The court rejected the former high-school cheerleader's claim that she was "too young and too naïve" to understand that CD copyrights applied to downloaded music. full article

58 percent of software vulnerable to security breaches

Veracode released a "State of Software Security" report detailing vulnerabilities found in software that large organizations rely on for business critical processes, which finds that more than half of the nearly 1,600 internally developed, open source, outsourced, and commercial applications analyzed when first submitted contained vulnerabilities similar to those exploited in the recent cyber attacks on Google, the U.S. Department of Defense, and others. full article

Microsoft to target other botnets with legal weapon

Acknowledges it's too soon to judge its fight against Waledac bots

Computerworld - Microsoft has several other botnets in its crosshairs, and believes it can use the same legal tactic against them that it deployed last week to strike at the Waledac botnet's command-and-control centers. full article

Kate Middleton set for £10,000 privacy victory

KATE MIDDLETON, the girlfriend of Prince William, is set to win a controversial claim for alleged invasion of her privacy. full article

Beware of fake Security Essentials software

Microsoft has warned users to be wary of sites promoting fake versions of its free Security Essentials anti-malware software. full article

DarkMarket credit card fraudster jailed for five years

The man who set up DarkMarket, an online supermarket for credit card fraudsters, has been jailed for almost five years. full article

FTC to Appeal Ruling in 'Red Flags' Case

The Federal Trade Commission will appeal a ruling from October that stripped the agency of its authority to enforce new anti-fraud rules against lawyers. full article

Payment Processing CEO Banned from the Business; Company Illegally Debited Millions from Consumers’ Bank Accounts

The chief executive officer of a payment processing company will be banned from the business as part of a settlement resolving Federal Trade Commission charges that the company illegally debited millions of dollars in bogus charges from consumers’ bank accounts. full article

Hacker posts risque First Direct tweet

First Direct's Twitter account has been hacked by a spammer who used it to post a link to an adult sex site. full article

Cyber warriors gather as online battles rage

US national security leaders and top cyber warriors from around the world are gathering here to plot defenses against criminals and spies that increasingly plague the Internet. full article

To Catch a Thief on Facebook

Khayree Billingslea, 19, a freshman at Arizona State University, was given an unpleasant surprise when police showed up at his honors dorm room, handcuffed him and escorted him out of the building. full article

Britney Spears’ Attorneys Worried About Personal Leaks

Britney Spears’ conservatorship attorneys, Geraldine Wyle and Jeryll Cohen, are worried that personal and medical information will leak out into the media unless it’s put under legal lock and key – and have taken steps to do just that. full article

4 more healthcare breaches from 2009

Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009. Some of the breaches described in the notifications were reported in the media at the time, but I spotted a number of previously unknown breaches from the healthcare sector or reports that either update us or provide additional information that may be of interest. full article

Talking Bots with Japan’s ‘Cyber Clean Center’

I’ve grown fascinated over the years with various efforts by Internet service providers to crack down on the menace from botnets, large groupings of hacked PCs that computer criminals remotely control for a variety of purposes, from spamming to hosting malicious software and attacking others online. Indeed, botnets problem have become such a global menace that entire countries are now developing anti-botnet programs in collaboration with domestic ISPs. full article


Contact Information

Center for Identity Management and
Information Protection
Dr. Donald Rebovich,
Executive Director
Utica College
1600 Burrstone Road
Utica, NY 13502