Adobe and Microsoft today each issued patches to fix critical security flaws in their software. Microsoft’s February Patch Tuesday includes seven patch bundles addressing at least 31 vulnerabilities in Windows and related software. Adobe pushed out an update that fixes two critical bugs in its Shockwave Player.
State authorities in Florida on Thursday announced criminal charges targeting three men who allegedly ran illegal businesses moving large amounts of cash in and out of the Bitcoin virtual currency. Experts say this is the first case in which Bitcoin vendors have been prosecuted under state anti-money laundering laws, and that prosecutions like these could smother one of the last remaining avenues for purchasing Bitcoins anonymously.
Last week, Target told reporters at The Wall Street Journal and Reuters that the initial intrusion into its systems was traced back to network credentials that were stolen from a third party vendor. Sources now tell KrebsOnSecurity that the vendor in question was a refrigeration, heating and air conditioning subcontractor that has worked at a number of locations at Target and other top retailers.
Adobe Systems Inc. is urging users of its Flash Player software to upgrade to a newer version released today. The company warns that an exploit targeting a previously unknown and critical Flash security vulnerability exists in the wild, and that this flaw allows attackers to take complete control over affected systems.
Ever since news broke that thieves stole more than 40 million debit and credit card accounts from Target using a strain of Point-Of-Sale malware known as BlackPOS, much speculation has swirled around unanswered questions, such as how this malware was introduced into the network, and what mechanisms were used to infect thousands of Target’s cash registers.
Jan. 31 marked the start of the 2014 tax filing season, and if you haven’t yet started working on your returns, here’s another reason to get motivated: Tax fraudsters and identity thieves may very well beat you to it. According… Read More »
White Lodging, a company that maintains hotel franchises under nationwide brands including Hilton, Marriott, Sheraton and Westin appears to have suffered a data breach that exposed credit and debit card information on thousands of guests throughout much of 2013, KrebsOnSecurity has learned.
An examination of the malware used in the Target breach suggests that the attackers may have taken advantage of a poorly secured feature built into a widely-used IT management software product that was running on the retailer’s internal network.
Federal authorities in Atlanta today are expected to announce the arrest and charging of a 24-year-old Russian man who allegedly created and maintained the SpyEye Trojan, a sophisticated botnet creation kit that has been implicated in a number of costly online banking thefts against businesses and consumers.
Multiple sources in the banking industry say they are tracking a pattern of fraud on cards that were all recently used at Irving, Texas-based Michaels Stores, an arts-and-crafts retailer that has more than 1,100 stores in the United States and Canada.
