CIMIP - Center for Identity Management and Information Protection

November 2011 News Archive

November 30, 2011

Report: Computer Hacking, Theft Of Government Secrets Alleged In News International Probe

A report from The Guardian claims that detectives working for Rupert Murdoch's News International may have siphoned off classified intelligence documents from MI5, Britain's domestic intelligence agency. full article

Former Platteville police chief accused of identity theft

PLATTEVILLE, Colo. -- The former police chief of Platteville in northern Colorado faces embezzlement and identity theft charges. full article

Key associate in ID theft ring pleads guilty

A Ridgefield woman pleaded guilty to federal conspiracy and fraud charges Tuesday, admitting she was the second-in-command of a large-scale identity theft and bank-fraud ring based in Bergen County. full article

FTC, Facebook reach privacy agreement

WASHINGTON, Nov. 29 (UPI) -- Facebook, accused of deceiving its customers, has agreed to take steps to assure their privacy won't be violated in the future, U.S. regulators said Tuesday. full article

Foreign hackers targeted Canadian firms

A leading cyber-crime expert says foreign hackers who launched a massive attack on Canadian government computers last fall also broke into the data systems of prominent Bay Street law firms and other companies to get insider information on an attempted $38-billion corporate takeover. full article

Hackers target U.N., World Bank personnel

A new hacker group on Tuesday claimed to have leaked the email addresses and passwords of more than 100 individuals at the United Nations. full article

Facebook virus alert: Worm hidden in image of two blondes

A new worm is spreading on Facebook: once downloaded, it tempts the user into opening it by masquerading as a screensaver with a thumbnail image of two blonde women. full article

Anonymous launches OpRobinHood against banks

'We have come to take the 99%'s money back'

Anonymous and other hacktivists have joined together to launch an attack on banks in response to recent crackdowns against the Occupy protest movement. full article

BUSTED! Secret app on millions of phones logs key taps

Researcher says seeing is believing

An Android app developer has published what he says is conclusive proof that millions of smartphones are secretly monitoring the key presses, geographic locations, and received messages of its users. full article

November 29, 2011

Ten Arrested In Mail, Identity Theft Case

An investigation into mail and identity theft that began over the summer has resulted in the arrests of ten suspects, the El Paso County Sheriff's Office reports. full article

Philadelphia Man Sentenced To 15 Years In Prison For Identity Theft Ring

PHILADELPHIA (CBS) – A Philadelphia man, convicted last June of running an identity theft ring involving 24 other people, was sentenced Monday to more than 15 years in prison. full article

Parents Call Dead Son’s Identity Theft “Modern Day Grave Robbing”

SANDWICH (CBS) – Some grieving Cape Cod parents say scam artists are adding to their suffering after the loss of their only son. full article

Four charged in New Jersey insider abuse identity theft cases

Defendants sold victims' personal information obtained through their jobs in state government and the tax department

The Mercer County, New Jersey prosecutor's office said it ended a seven-month identity theft investigation by charging four defendants in identity-theft related activities. According to the prosecutor, each defendant used their insider access to obtain the information they purportedly sold. full article

KC woman could face 22 years in prison for role in adoption scam

A Kansas City woman on Monday admitted her role in scamming 14 couples across the country in a scheme in which she pretended to be pregnant with twins and willing to let others adopt them. full article

13 MILLION gamers in ID theft scare after Nexon breach

Game items offered to punters who change their passwords

An estimated 13 million gamers have been left at greater risk of ID theft following a breach at gaming firm Nexon. full article

Facebook Worm Spreading, Installing Zeus Bot

A new worm has popped up on Facebook, using apparently stolen user credentials to log in to victims' accounts and then send out malicious links to their friends. The worm also downloads and installs a variety of malware on users' machines, including a variant of the Zeus bot. full article

Feds Take Down 131 Counterfeiting Sites

It’s going to be considerably harder to get that sweet, knock-off Louis Vuitton bag you’ve been eyeing, and you can thank the US Immigrations and Customs Enforcement Agency (ICE) for that. The agency reportedly seized control of some 130 websites last week in advance of Black Friday and Cyber Monday, according to a report from The Register. full article

SMS Trojans Spreading to the Rest of the World

SMS Trojans that ride along on supposedly benign mobile apps and then send out messages to high-priced numbers have been a problem in some Asian and Eastern European countries for several years now, most notably in Russia and China. But now the attackers have realized that there's a whole big world of users out there to target and have begun going after people in other countries with new strains of SMS malware. full article

November 28, 2011

Look out for Cyber Monday deals - and scams

(RNN) - The nation's biggest shopping day of the year has come and gone, but that doesn't mean the deals are history. Online retailers are rolling out big savings for those who are logging on and checking out on Cyber Monday. full article

AT&T hackers have terrorist connections, say Philippines police

IDG News Service - The FBI and police in the Philippines have jointly busted a ring of four alleged hackers in Manila with connections to a terrorist group in Saudi Arabia, the Criminal Investigation and Detection Group of the Philippines police said last week. full article

Scammers steal IRS refunds with ease

Identity-theft crimes have soared in the electronic age, with crooks graduating from everyday credit-card fraud to stealing people’s identities such as Social Security numbers for income tax-return scams. full article

Presumed iTunes Gift Certificate Contains Malware

Berlin, November 22, 2011 – The eleven Research Team has issued a warning against e-mails which promise a gift certificate for the popular Apple online music service iTunes. The e-mails have the subject line „iTunes Gift Certificate“ and promise a 50 dollar discount for everyone shopping at the iTunes Store using the code which is allegedly contained in the attachment. This, however, consists of a Zip file which contains executable files that install themselves into two separate Windows folders and which are activated with every Windows start. The malware is most likely a Trojan which opens a connection to a remote server from which it awaits further orders. From there it can download any kind of malware to the infected server. full article

Spooks take the wheel in UK's £650m cyber-war operations

Analysis The British government's Cyber Security Strategy is giving the intelligence agencies a greater role than ever in defending business and the public against internet threats. full article

Utah professor arrested for allegedly viewing child porn on flight

(CNN) -- A University of Utah professor, arrested over the weekend for allegedly viewing child pornography on his laptop during a flight, will be arraigned on Monday in a Boston court. full article

November 22, 2011

Anonymous Hacks, Leaks E-mails, Voicemails of California Special Agent

Calling it a form of "electronic civil disobedience," hacktivist group Anonymous took aim at a special agent from the California Department of Justice on Friday. The group spilled 38,000 e-mails containing “computer forensics techniques, investigation protocols as well as highly embarrassing personal information,” according to a press release on Pastebin. full article

Update: AT&T says attempted hack of customer accounts failed

Of its 100 million wireless customers, less than 1% affected

Computerworld - AT&T on Monday acknowledged an organized attempt to hack information on fewer than 1% of its 100 million wireless customers, but said no accounts were breached. full article

Identity theft victim wrongly arrested, calls Help Desk

ATLANTA -- Mashara Williams is a successful architect. She is married, eight months pregnant and has a perfectly clean criminal history. And up until Monday, thanks to identity theft, she also had an arrest record. full article

Holocaust survivors info stolen by North Miami Jewish agency worker, feds say

Identity theft may have reached a new low over the weekend when an employee of a Jewish community organization got busted on charges of selling a bunch of Holocaust survivors' identity information for a sum of $1,000. full article

Mooresville woman accused of identity theft

MOORESVILLE, N.C. -- A Mooresville woman is accused of stealing someone’s checking account number and using that to pay her electric bills. full article

Health care worker sentenced in Scarsdale identity theft

A home health-care worker was sentenced Monday in White Plains to four years in federal prison for stealing the identities of the elderly Scarsdale couple for whom she worked. full article

Maine man gets 6 years in tax fraud scheme

PORTLAND, Maine—A former Arundel man has been sentenced to more than six years in federal prison for seeking fraudulent tax refunds totaling nearly $216,000 in other people's names. full article

With 4 Million Ghost Click Victims, FBI Hoping A Few Step Forward

The news last month was of the bust up of the biggest cyber crime ring in history, with 4 million victims and $14 million in losses. Now the FBI is hoping a few of those victims step forward to help with the prosecution. full article

November 21, 2011

Report warns of cyberspying by China, Russia

Computerworld - The U.S. can expect more aggressive cyberespionage efforts from China, Russia and other countries looking to collect information in areas such as pharmaceuticals, defense and manufacturing, according to a new government report. full article

Hacker Says Texas Town Used Three Character Password To Secure Internet Facing SCADA System

In an e-mail interview with Threatpost, the hacker who compromised software used to manage water infrastructure for South Houston, Texas, said the district had HMI (human machine interface) software used to manage water and sewage infrastructure accessible to the Internet and used a password that was just three characters long to protect the system, making it easy picking for a remote attack. full article

New York Theft Ring Recruited Waiters to Steal Information from Customers, Authorities Say

An ambitious and disciplined identity-theft ring recruited waiters at steakhouses and other high-end New York restaurants to steal diners' credit-card information, then used it for luxury shopping sprees, authorities said Friday. full article

Man sentenced for fraud, identity theft

A Florida businessman who operated a $200,000 credit-card fraud and identity-theft scheme that was investigated by a task force that includes a Greenwich police detective was sentenced Friday in a New Haven federal court to 61 months in prison. full article

Haverford man charged in harassment, stalking CBS anchor

HAVERFORD – Philadelphia police have charged a township man with harassment, identity theft and related offenses. full article

Who's been scanning your credit card?

Sometimes an invention can solve a problem. At other times, it can leave you wondering: Was this a problem to begin with? Think of the difference between a TV remote control and a Flowbee. Everyone likes to change the channel without getting out of the Barcolounger, but how many people want to cut hair using a vacuum cleaner? full article

Police Search For More Suspects In ID Theft Ring

DENVER (CBS4) – Police are asking for help finding five more people they say were involved in an identity theft ring. full article

25 Worst Internet Passwords

If “password” is your password, chances are you’ve been the victim of a hack attack. full article

Couple link identity theft to McDonald's drive-through visit

For weeks, Jennifer and Anthony Bossuyt were stumped about a series of liquor store charges that appeared on their debit card. full article

Lax Security to Blame for NASDAQ Hack

The cyber attack on the NASDAQ OMX Group late last year was the result of shoddy security, according to a new report via Reuters. full article

Apparent cyberattack destroys pump at Ill. water utility

In separate incident, hacker claims access to SCADA system at Houston utility

Computerworld - A pump at a public water utility in Springfield, Ill. was recently destroyed after cyberattackers gained access to a SCADA system controlling the device, according to a security expert who said he obtained an official report about the incident. full article

Feds back off on Jan.1 eHealth standards deadline

U.S. health officials delay enforcement until March 31, 2012

Computerworld - The U.S. Centers for Medicare & Medicaid said Thursday that it will delay enforcement of a deadline for healthcare providers to roll out a new version of a standard governing how medical transactions are processed. full article

FBI To Probe California University Hack That Changed Student’s Grades

More than 60 current and former students at Santa Clara University had their academic records hacked into and grades changed – for the better, according to a letter posted to the school’s site on Monday by university president Michael Engh. full article

Stolen Desktop Computer Exposes Data Of Nearly 4 Million Patients

Healthcare organization was in the midst of an encryption rollout when unencrypted machine was stolen

A desktop computer stolen from healthcare organization Sutter Medical Foundation has potentially exposed the personal information of nearly 4 million patients. full article

November 15, 2011

IRS Security Deficiencies May Put Taxpayer Data At Risk

Information security failings are making it impossible for the U.S. Internal Revenue Service (IRS) to get its financial house in order and could be putting taxpayers' sensitive information at risk, according to a financial audit of the agency by the Government Accountability Office (GAO). full article

Texas man convicted of trying to sneak out of US to join al-Qaida, faces 20 years in prison

HOUSTON — A Texas man accused of attempting to sneak out of the country with restricted U.S. military documents, money and equipment in order to join al-Qaida was convicted Monday of trying to help the terrorist organization. full article

Alleged ‘Felony Lane Gang’ member caught

Secret Service targeting identify-theft ring

The United States Secret Service and the Hampton Police Department are trying to apprehend members of an identity-theft ring. full article

Muscatine woman facing charges for using debit card

MUSCATINE, Iowa — A Muscatine woman has been accused of theft, identity theft, and fraudulent use of a credit/debit card. full article

Anonymous Finland Wages War on Mining, Leaks 500,000 E-mails

The Finnish arm of the Hacktivist collective Anonymous announced their intent to wage a war against domestic mining company Talvivaara over the weekend, according to a press release posted to the Pastebin file sharing Web site on Saturday. full article

Phone hacking victims' QC hit by trojan infection

The opening day of a judicial inquiry into phone hacking and other privacy-invading skullduggery by the British media was briefly interrupted on Monday - by a suspected Trojan horse infection. full article

Man charged with identity theft in Columbia County

HUDSON -- New York State Police arrested 27-year-old Sekhou Toure on Thursday in connection with cases of local identity theft. full article

Police charge NYC man in connection to Greenport identity theft ring

GREENPORT - A New York City man, already charged in connection with several hundred identity theft cases in the area is facing new charges. full article

ID theft suspect back in jail

COLUMBIA COUNTY — The man recently arrested in connection with rampant local identity theft was released from jail Nov. 10, but re-arrested the same day and is back in jail. full article

Franconia doctor charged with prescription fraud waives preliminary hearing

A Franconia Township doctor waived a preliminary hearing Wednesday for numerous alleged counts of prescription fraud, prescribing in bad faith, prescribing to a drug-dependent person, identity theft, corrupt organizations and dealing in proceeds of unlawful activities. full article

Man who posed as plastic surgeon cuts plea deal

PORTLAND, OR (KPTV) - A 21-year-old man admitted Monday he had pretended to be a doctor at Oregon Health and Science University hospital and committed identity theft and other crimes. full article

Muscatine woman facing charges for using debit card

MUSCATINE, Iowa — A Muscatine woman has been accused of theft, identity theft, and fraudulent use of a credit/debit card. full article

November 14, 2011

Guilty pleas for leaders in card-skimming ring

One of the leaders in an identity-theft ring that stole the credit card numbers of hundreds of D.C.-area consumers has pleaded guilty and the other is scheduled to do so on Monday. full article

Hackers may have spent years crafting Duqu

Gang customized attack files for each target, says Kaspersky Lab

puterworld - The hacker group behind Duqu may have been working on its attack code for more than four years, new analysis of the Trojan revealed Friday. full article

Steam’s 35 Million Users Compromised in Hack

Gamers who use the digital distribution network Steam were warned that their account information may have been exposed to hackers following a compromise of the company's Web page and back end databases. The incident yielded a slew of sensitive customer information, including user’s passwords and encrypted credit card numbers, Steam said. full article

Iran wrestles Duqu malware infestation

Son of Stuxnet cyberweapon makes landfall in Tehran

Iran admitted on Sunday that unspecified computer systems in the country had been infected with the Duqu worm, a strain of malware similar to the infamous Stuxnet worm that sabotaged key nuclear plant systems in the country last year. full article

Platoon Boosts Lawyers Helping Homeless Vets

U.S. Army veteran Caroline Contreras was living in a homeless shelter, struggling with post-traumatic stress disorder, when another problem threatened to push her over the edge: Identity theft. full article

Franconia doctor charged with prescription fraud waives preliminary hearing

A Franconia Township doctor waived a preliminary hearing Wednesday for numerous alleged counts of prescription fraud, prescribing in bad faith, prescribing to a drug-dependent person, identity theft, corrupt organizations and dealing in proceeds of unlawful activities. full article

Cops: Asheville man stole brother's identity

ASHEVILLE — Police say an Asheville man stole his brother’s identity after being arrested for being intoxicated and disruptive. full article

Local woman avoids identity theft scam

A Cranbrook woman wants people to know that identity theft and phone scams can very easily happen to just about anyone. full article

CI pinpoints 200 millionth piece of cloud-based malware

According to Panda, a third of all the malware in existence was created in the first 10 months of 2010.

CSO - The good news is that Collective Intelligence (CI), the engine for Internet security created in 2006 by Panda Security's malware research laboratory, recently processed its 200 millionth malware file via the cloud. That's also the bad news. full article

Man fined after selling unlawfully obtained personal data of online bingo players

A man who made approximately £25,000 from selling unlawfully obtained personal data has been issued with a £1,700 fine and conditional discharge by a UK court. full article

Utah mayor apologizes over photo misuse

The mayor of Utah's second-largest city has apologized to a California man for using his photo without permission while the mayor freelanced a series of articles to promote his city under an alias. full article

Tour de France winner sentenced for hack of doping lab

Trojan siphoned 1,700 confidential files

Floyd Landis, the disgraced US cyclist who was stripped of his 2006 Tour de France victory for doping, was handed a suspended 12-month prison sentence for his part in a hack of an anti-doping lab computer. full article

November 11, 2011

Justice Department Asks Federal Court to Shut Down South Florida Tax Preparer

WASHINGTON – The United States has sued Kenia Marrero seeking to bar her and her business, Kenia Immigration Services, from preparing federal tax returns for others, the Justice Department announced today. full article

Duqu Attackers Using Word Docs As Attack Vector

As the analysis of the Duqu malware continues to evolve, the picture that's emerging is becoming more and more intriguing. The latest bits of evidence uncovered show that not only do the attackers create custom files for each individual attack, there is evidence indicating that they might have been working on Duqu in some form since 2007. full article

U.S. Judge upholds investigators' access to Twitter data

The ruling in the WikiLeaks investigation upheld secrecy in collecting such information

IDG News Service - A District Judge in the U.S. upheld Thursday an earlier order that Twitter must provide certain types of information of account holders to government investigators working on the WikiLeaks case, and declined to unseal records that could provide information on whether the prosecutors had tried to get similar information from other Internet companies. full article

Valve admits forum hack exposed gamers' privates

Steam, the online platform of video game firm Valve Corporation, has admitted that customer personal details including encrypted credit card information might have been exposed by a hack attack last weekend. full article

Identity Theft Suspects Nabbed At Feather Falls Casino

OROVILLE, Calif. -- Deputies arrested four suspects in an identity theft ring after an incident at Feather Falls Casino. Butte County investigators looked into a report of a fraudulent check last week. They uncovered an identity theft ring involving four suspects and at least 15 victims. full article

Malware Writers Use Block Cipher in Latin America

The creators of banking trojan programs in Brazil are using sophisticated block ciphers to encrypt their malware, making detection by anti virus products more difficult. full article

Two arrested from Moss Bluff for burglary and identity theft

Lake Charles – On October 12, Calcasieu Parish Sheriff's Office detectives received a report in reference to a theft that occurred a few days before. full article

S.F. woman gets 9 months for San Bruno blast scam

A San Francisco woman has been sentenced to nine months in jail for posing as a victim of the San Bruno natural gas pipeline explosion to receive free benefits, a prosecutor said Thursday. full article

Portland man accused of a second round of credit card fraud after release from federal prison on similar charges

A man released from federal prison in 2009 after serving two years for using stolen credit card numbers to book flights from Eugene to California, reserve luxury hotel rooms and pay for more than a dozen tickets to Disneyland is back in federal custody. full article

November 10, 2011

Feds Bust $14 m Cybercrime Ring That Hijacked iTunes, Netflix Traffic To Rake in Ad Dollars

An indictment filed in U.S. District Court for the Southern District of New York charges seven individuals with a a global scheme to commit Internet advertising fraud. The scheme infected more than four million machines in over 100 countries with malware. It is believed to have netted the scammers more than $14 million in commissions from online advertisers. full article

Ex-college accounting assistant embezzled $500,000, police say

A former accounting assistant at Antelope Valley College has been arrested and accused of embezzling $500,000. full article

Banks fending off brazen hacker raids on business accounts

Network World - Banks are having to fend off ever more attacks from hackers who break into computers of their business customers and try to make fraudulent funds transfers electronically for large amounts. If you doubt how bad this hacker scourge has become, ask Jorge Solis, senior vice president of security at First Midwest Bank. full article

City IT manager accused of brazenly stealing mayor's email

A former IT manager for the city of Hoboken, New Jersey, was arrested on Wednesday on charges he intercepted emails sent to and from its sitting mayor and other top city officials, and forwarded them to others. full article

Report: Phishing Domain Registrations Way Down

Online criminals registered far fewer Web domains for use in phishing attacks in the first half of 2011, in what may signal a decrease in phishing scams, according to a global phishing survey released this month by the Anti-Phishing Working Group (APWG). full article

Underground call-centre for identity theft uncovered by security researchers

Researchers from security vendor Trusteer have come across a professional calling service that caters to cybercriminals. The business offers to extract sensitive information needed for bank fraud and identity theft from individuals. full article

String of burglaries tied to identity theft ring in Columbia County

While investigating a rash of burglaries in the Warren area, Columbia County Sheriff’s Office investigators believe they have uncovered a burglary and identity theft ring that has tied three suspects with over a dozen home invasions. full article

Victim of hoax call was detained while police investigated threat

BENNINGTON -- A Manchester man was held on $15,000 bail Wednesday after pleading not guilty to accusing another of multiple homicides, causing that man to be detained briefly by police. full article

Two people caught in possession of stolen personal information

TEMPLE - Police have caught two suspects associated with both credit card fraud and identity theft. full article

Women arrested in string of thefts at schools, hospitals, police say

Ziedra Domine Jenkins, 29, and Tomika Lawanna Johnson, 32, were arrested on Wednesday.

A pair of women suspected in numerous thefts and burglaries at schools and hospitals across Central Florida were arrested on Wednesday in Ocoee, police said. full article

Former DC church official sentenced to 8 years

The former chief financial officer of a historic church in Washington has been sentenced to more than eight years in prison for embezzling $850,000 from the institution. full article

Computershare Says No Customer Data Exposed In Breach

The investor services company told Threatpost that an investigation has determined that data stolen by a rogue employee didn't contain shareholder data. However, the company still hasn't retrieved two USB drives containing company email and documents that outline some of Computershare's closely held business plans. full article

November 9, 2011

What's it like to share your SSN with 50 people? Follow a victim's struggle

Jonathan Barnett is also Jose Cruz. And Jesus Ramirez. And Pilar Terrones, Pilar Sanchez, Esmeralda Gonzalez and dozens of other people, at least according to the nation’s identity system. full article

Smart Card Alliance Government Conference Concludes with Updates on Health Security Card and Expanding Uses of PIV for Information Access

Princeton Junction, NJ, November 7, 2011–More than 600 government and technology sector leaders and 40 exhibitors came together at the 10th Annual Smart Card Alliance Government Conference, which took place last week in Washington, D.C. The event brings together a broad spectrum of government users, policy makers, analysts and technologists in a collaborative and informative conference that includes the latest news on a wide range of government smart card programs underway. full article

Vishing and Smishing: How ID Thieves are Ruining Lives

Imagine getting a text message from your bank informing you that your credit card has been compromised and that you need to call the number provided. full article

Two arrested for their roles in a national identity theft ring

Robert A. Hill, 49 years old, formerly from Emanuel County, along with Robert A. Smith, 46, were taken into custody in Atlanta Wednesday, Nov. 2. for their roles in a national identity theft ring. full article

Department of Defense Contractors Replacing Legacy Two-Factor Authentication With YubiKey

PALO ALTO, CA and STOCKHOLM, SWEDEN--(Marketwire -11/09/11)- Yubico, the leading provider of simple, open online identity protection, today announced a rapid increase of YubiKey orders from U.S. Department of Defense (DOD) contractors to replace legacy two-factor authentication tokens. The growing business within the defense sector validates the unique, high security processes provided by Yubico. full article

FTC settles privacy complaint against online ad network

ScanScout's description of how consumers could opt out of data collection didn't work, the agency says

IDG News Service - Online video advertising network ScanScout has agreed to settle U.S. Federal Trade Commission charges that it wrongly claimed that consumers could opt out of receiving targeted ads by changing their computer's browser settings to block cookies. full article

Financial Records of Millions At Risk After Computershare Insider Copies Data To USB... Then Loses The USB

Computershare, the investor services firm, has filed suit against a former employee it charges with making off with thousands of pages of proprietary company documents, including information on shareholder names, account numbers and financial holdings. full article

DARPA gets serious with Internet security

Network World - WASHINGTON -- The Defense Advanced Research Projects Agency (DARPA) had a big hand in creating the Internet and now its wants to get serious about protecting it. full article

Foreign government emails HACKED says TeamP0ison

TeamP0ison has lobbed a file on Pastebin which purports to be a few hundred e-mail accounts complete with passwords. full article

Researchers Warn of Prison Hacks, Opening Cell Doors

Remote hackers springing inmates from their jail cells -- it sounds like a plot lifted from an old episode of "24" or "Prison Break." But authorities are concerned by new research that claims such an attack is feasible. full article

Attorney requests change of venue for Adam Baker trial

NEWTON, N.C. – Adam Baker's lawyer wants a trial on charges of identity theft and obtaining property by false pretenses moved from Catawba County due to publicity surrounding the death of his daughter, Zahra. full article

Trojans, Anonymous, Android threats dominate landscape

In a new report examining the threat landscape over the third quarter, PandaLabs researchers found that five million new malware samples were created from July through September, including a peak of new trojans. full article

Man accused of identity theft for flyer miles

VANNAH, GA (WTOC) - A man accused of using stealing identities for frequent flyer miles perks appeared before a federal judge Monday. full article

8 Ways to Create Stronger Passwords

Fallows and his wife, Deb, followed Gmail’s instructions on recovering a compromised account, and eventually regained access, but they were unable to recover her old emails until Google executives got involved. (Before James Fallows called on his own contacts, who happened to be high-level executives in the company, Google had declined to help them further.) full article

NYC hotel auditor indicted in guest credit card scam

An auditor for a stylish New York City hotel chain has been indicted for allegedly stealing guests' credit-card information and selling it to a man accused of using it to buy $840,000 worth of airline tickets and other items, the Associated Press reports. full article

November 8, 2011

Phony Document Rings Broken Up

Alleged California Ringleader Arrested

It just got a little harder to get a phony driver’s license or Social Security card in the U.S. On November 3, more than 300 law enforcement officers from a variety of federal and local agencies executed dozens of search warrants and arrests involving fraudulent document rings operating in California, Illinois, and Texas that reached into a number of other states and Mexico. full article shut down after 'criminal attack'

Adidas has taken several of its websites offline after an attack last week

IDG News Service - Adidas has been forced to take some of its main websites offline after a "sophisticated, criminal cyber-attack" that took place last week, the company said. full article

Study Finds Online Privacy Tools Fail to Protect Users

Poor design and usability issues make leading online privacy management tools ineffective, according to researchers at CMU's Cylab. The report said the results suggest that the current system of industry-led opt out protections is "fundamentally flawed." full article

'Nitro' Cyberespionage Attack Targets Chemical, Defense Firms

But aspects of the attack are 'like 1998 all over again'

Another wave of cyberespionage attacks -- this time targeting chemical and defense companies and traced to a hacker in China -- used an old-school attack method that harkens back to circa 1998. full article

Anonymous blasts El Salvador offline

The government of El Salvador's websites were taken out on Saturday in what was a weekend of big hacks by the Anonymous collective. full article

Anonymous won't expose Mexican cartel's "servants"

(Reuters) - Latin American members of the activist hacker group Anonymous called off a planned November 5 plan to expose people associated with the Zetas, Mexico's most violent drug cartel, according to the group's blog. full article

Anonymous Targets Capital One, Wal-Mart, Viral Video Judge William Adams, and More

It was a busy weekend for the shadowy collective of Internet hackers and activists that calls itself Anonymous, with claims by the group to have launched attacks that took down the Web pages of both government- and private sector Web sites as well as public- and Internet personalities, including Judge William Adams, the subject of a viral video that shows him reportedly beating his daughter with a belt. full article

US cyber chief says cloud computing can manage serious cyber threats

Network World - WASHINGTON, D.C. -- The security of cloud computing is often debated but such debates seem to be over for the general tasked with running the United States military's cyber command, who sees the technology not only as way to rein in IT costs but a way to more easily protect IT assets. full article

Report: Security From The Inside Out

New report offers retrospective on recent insider attacks, threats, and defenses

IT and network administrators are increasingly concerned about data leaks and attacks from inside the company, but their user awareness training programs are falling short of the mark. full article

CIA monitors up to 5 million tweets daily, report says

Agency's Open Source Center said to use social media to assess reaction to world events full article

Internal Fraud On The Rise, Kroll's Annual Global Fraud Report Reveals

Study shows that 60 percent of frauds are committed by insiders, up from 55 percent last year

NEW YORK, Oct. 18, 2011 – Fraud remains predominantly an inside job, according to the Kroll Annual Global Fraud Report released today. This year’s study shows that 60 percent of frauds are committed by insiders, up from 55 percent last year. Overall, fraud concerns among executives around the globe rose approximately 15 percent led by information theft and corruption and bribery. The findings are contained in a study commissioned by Kroll with the Economist Intelligence Unit of more than 1,200 senior executives worldwide. full article

Danwine Dewayne Renard sentenced for role in identity theft scheme

East St. Louis, IL (KSDK) - A former inmate was sentenced to 12 years in prison for participating in an identity theft scheme while incarcerated. full article

Hoosiers Endure Nightmarish ID Theft Problems

Indiana Reports Increase In ID Theft Complaints

INDIANAPOLIS -- Identity theft is a pervasive problem in Indiana, ensnaring an average of 12 people every day, according to the attorney general's office. full article

Public's help sought in identifying credit card, identity theft suspect

Washoe County Sheriff's detectives are seeking the public's help in identifying a man suspected of credit card and identity theft. full article

Hacks In Sweden Might Affect Personal Data Of 180,000 Users

Attackers penetrate some 58 websites, including popular blogging site

The personal data of some 180,000 Swedish users might be at risk following a series of hacks that have affected some 58 websites. full article

November 7, 2011

Teens' Murderers Leave Online Trail 1.4 Billion Pages Long

Vanity Fair reports that two British Columbia teens convicted of first degree murder used World of Warcraft to plot the rape and murder of a close friend. The result: a trail of online evidence 1.4 billion pages long. full article

KPN stops issuing SSL certificates after possible breach

KPN said it does not appear any fraudulent SSL certificates were issued, though

IDG News Service - The largest telecommunications company in the Netherlands has stopped issuing SSL certificates after finding indications that the website used for purchasing the certificates may have been hacked. full article

Notorious eBay hacker gets 3-year suspended sentence

'Vladuz' repeatedly impaled auctioneer's defenses

Vladuz, the Romanian hacker who repeatedly accessed off-limits parts of eBay's website and then publicly taunted company officials over the security lapses, has been handed a suspended three-year sentence, according to news reports. full article

Israeli Military, Intelligence Sites Down After Threat by Anonymous

The Websites of Israel’s Mossad and Shinbet intelligence services as well as the Israel Defense Forces (IDF) site were knocked offline today following a Nov. 4 threat by Anonymous. However, members of the group may not be to blame. full article

Accused Hollywood hacker does about face, pleads not guilty

Previously apologized for invading celeb's privacy

A Florida man has pleaded not guilty to charges he broke into the email accounts of actresses Scarlett Johansson and Mila Kunis, and as many as 50 other celebrities, and made off with nude photos and personal information. full article

Major DNS Cache Poisoning Attack Hits Brazilian ISPs

There is a large-scale DNS cache-poisoning attack going on in Brazil at the moment, with potentially millions of users affected by a tactic that is forcing the to install a malicious Java applet before they can reach many popular sites, including Google, Gmail and Hotmail. full article

Wi-Fi security do's and don'ts

Network World - Wi-Fi is inherently susceptible to hacking and eavesdropping, but it can be secure if you use the right security measures. Unfortunately, the Web is full of outdated advice and myths. But here are some do's and don'ts of Wi-Fi security, addressing some of these myths. full article

Texas man's terrorism trial to start Monday

HOUSTON (AP) — A Texas man accused of trying to sneak out of the country to go on "jihad" and provide al-Qaida with money, GPS receivers and restricted U.S. military documents will be tried Monday on terrorism charges. full article

New Mac Malware Variants Found in Trojaned Apps Are Stealing Data

Researchers have discovered a series of variants of the DevilRobber Mac OS X Trojan that have a menu of different capabilities, depending upon the strain, and can not only mine Bitcoins using the infected machine's processing power, but also steals files, installs a Web proxy and may steal the user's Safari browsing history. full article

DoJ: Stingray cellphone tracking device falls under Fourth Amendment, but don't ask about it

n 2008, federal authorities arrested David Daniel Rigmaiden on charges of spearheading a massive identity theft ring in Arizona. Rigmaiden allegedly led this operation from January 2005 to April 2008, harvesting some $4 million off of more than 1,900 fraudulent tax returns. He was ultimately nabbed, however, thanks in part to controversial, and somewhat mysterious tool known as a "stingray" -- a device that effectively acts as a fake cell tower, allowing authorities to locate and track a cellphone even when it's not being used to place a call. Since his arrest, the 30-year-old Rigmaiden has been battling the feds in the U.S. District Court of Arizona, on allegations that their tracking tactics constituted an unlawful search and seizure, thereby violating his Fourth Amendment rights. full article

Alleged International ID Theft Ring Founder Vladislav Horohorin Set for US Extradition

Attorney Says That US Government is attempting to Try Case in the Media

New York criminal attorney, Arkady Bukh spoke yesterday in regards to the upcoming extradition of alleged hacker, Vladislov Horohorin. “It seems the US Government has decided that it is better to have court in the media than use the appropriate and legal setting for this case,” says the rather frustrated Arkady Bukh. “My client is having a lot of difficulty believing in justice these days.” full article


Contact Information

Center for Identity Management and
Information Protection
Dr. Donald Rebovich,
Executive Director
Utica College
1600 Burrstone Road
Utica, NY 13502