When you’re shopping for stolen credit and debit cards online, there are so many choices these days. A glut of stolen data — combined with innovation and cutthroat competition among vendors — is conspiring to keep prices for stolen account numbers exceptionally low. Even so, many readers probably have no idea that their credit card information is worth only about $1.50 on the black market.
Several new Internet worms are spreading quite rapidly via a newly-found vulnerability in Twitter.com. While the flaw that powers these attackers will most likely be sewn shut in a matter of hours, if you’re going to frequent Twitter today you’d be wise to use a Twitter client or at least block Javascript on the site, as these worms appear to be spreading with little to no interaction on the part of users.
Adobe Systems Inc. today rushed out a software update to remedy a dangerous security hole in its ubiquitous Flash Player browser plugin that hackers have been exploiting to break into vulnerable systems.
Google said today that it will begin offering users greater security protections for signing in to Gmail and other Google Apps offerings. This “two-step verification” process — which requires participating users to input a user ID, password and six-digit code sent to their mobile phones — effectively means Google will be offering more secure authentication than many U.S. financial institutions currently provide for their online banking customers.
Miscreants who control large groupings of hacked PCs or “botnets” are always looking for ways to better monetize their crime machines, and competition among rival exploit kit developers is leading to several ingenious new features. The SpyEye botnet kit, for example, now not only allows botnet owners to automate the extraction of credit card and other financial data from infected systems, but it also can be configured to use those credentials to gin up bogus sales at online stores set up by the botmaster.
A few weeks ago, I blogged about the financial troubles afflicting ePassporte, an online payment provider whose sudden disconnection from the Visa network left many account holders without access to millions of dollars. I became interested in ePassporte because it… Read More »
The “Stuxnet” computer worm made international headlines in July, when security experts discovered that it was designed to use a previously unknown security hole in Microsoft Windows computers to steal industrial secrets and potentially disrupt operations of critical information networks. But new information about the worm shows that it leverages at least three other previously unknown security holes in Windows PCs, including a vulnerability that Redmond fixed in a software patch released today.
Adobe Systems Inc. warned Monday that attackers are exploiting a previously unknown security hole in its Flash Player, Web multimedia software that is installed on nearly all desktop PCs worldwide.
A recent chat with an individual who was almost tricked into helping organized criminals launder thousands of dollars stolen through e-banking fraud introduced me to one of the most clever and convincing money mule recruitment Web sites I’ve ever encountered.… Read More »
Adobe warned today that hackers appear to be exploiting a previously unknown security hole in its PDF Reader and Acrobat programs. In an advisory published Wednesday, Adobe said a critical vulnerability exists in Acrobat and Reader versions 9.3.4 and earlier,… Read More »