A Russian organized cybercrime group known for hacking into banks and retailers appears to have breached more than 700 computer systems at software giant Oracle Corp., KrebsOnSecurity has learned. More alarmingly, the attackers appear to have compromised a customer support portal for companies using Oracle’s MICROS point-of-sale credit card payment systems.
In April 2016, security firm Trend Micro published a damning report about a Web hosting provider referred to only as a “cyber-attack facilitator in the Netherlands.” If the Trend analysis lacked any real punch that might have been because — shortly after the report was published — names were redacted so that it was no longer immediately clear exactly who the bad hosting provider was. This post aims to shine a bit more light on the individuals apparently behind this mysterious rogue hosting firm — a company called HostSailor[dot]com.
The U.S. Social Security Administration announced Friday that it will now require a cell phone number from all Americans who wish to manage their retirement benefits at ssa.gov. Unfortunately, the new security measure does little to prevent identity thieves from fraudulently creating online accounts to siphon benefits from Americans who haven’t yet created accounts for themselves.
One basic tenet of computer security is this: If you can’t vouch for a networked thing’s physical security, you also cannot vouch for its cybersecurity. That’s because in most cases, networked things really aren’t designed to foil a skilled and determined attacker who can freely connect his own devices. So you can imagine my shock and horror seeing a Cisco switch and wireless antenna sitting exposed atop of an ATM out in front of a bustling grocery store in my hometown of Northern Virginia.
Kimpton Hotels, a boutique hotel brand that includes 62 properties across the United States, said today it is investigating reports of a credit card breach at multiple locations.
Donald J. Trump has repeatedly bashed Sen. Hillary Clinton for handling classified documents on her private email server, even going so far as to suggest that anyone who is so lax with email security isn’t fit to become president. But a closer look at the Web sites for each candidate shows that in contrast to hillaryclinton.com, donaldjtrump.com has failed to take full advantage of a free and open email security technology designed to stymie email spoofing and phishing attacks.
Far too many otherwise intelligent and talented software developers these days apparently think they can get away with writing, selling and supporting malicious software and then couching their commerce as a purely legitimate enterprise. Here’s the story of how I learned the real-life identity of Canadian man who’s laboring under that same illusion as proprietor of one of the most popular and affordable tools for hacking into someone else’s computer.
Cici’s Pizza, a Coppell, Texas-based fast-casual restaurant chain, today acknowledged a credit card breach at more than 135 locations. The disclosure comes more than a month after KrebsOnSecurity first broke the news of the intrusion, offering readers a sneak peak inside the sprawling cybercrime machine that thieves used siphon card data from Cici’s customers in real-time.
Among the more plunderous cybercrime gangs is a group known as “Carbanak,” Eastern European hackers blamed for stealing more than a billion dollars from banks. Today we’ll examine some compelling clues that point to a connection between the Carbanak gang’s staging grounds and a Russian security firm that claims to work with some of the world’s largest brands in cybersecurity.
In a notable sign of the times, cybercrime has now surpassed all other forms of crime in the United Kingdom, the nation’s National Crime Agency (NCA) warned in a new report. It remains unclear how closely the rest of the world tracks the U.K.’s experience, but the report reminds readers that the problem is likely far worse than the numbers suggest, noting that cybercrime is vastly under-reported by victims.
