Happy 2nd Birthday, KrebsOnSecurity.com!
I’m taking a short break from some year-end downtime to observe that KrebsOnSecurity.com turns two years old today!
Category Archives: Other
NY ID Theft Ring Used Insiders, Gang Members
Authorities in Manhattan today unsealed indictments against 55 people suspected of operating an identity theft and financial fraud ring, including a number of insiders at banks and companies throughout New York who allegedly helped to steal more than $2 million… Read More »
Ukrainian General Arrested in Cyber Heists
A decorated Ukrainian general was arrested last week in Romania along with two other men suspected of being part of an organized cybercrime gang that laundered at least $1.4 million stolen from U.S. and Italian firms. Apprehended in Iasi, Romania… Read More »
Bugs Money
Talk about geek chic. Facebook has started paying researchers who find and report security bugs by issuing them custom branded “White Hat” debit cards that can be reloaded with funds each time the researchers discover new flaws.
Loopholes in Verified by Visa & SecureCode
Trend Micro’s Rik Ferguson posted a good piece on Thursday about a major shortcoming in credit card security programs maintained by MasterCard and Visa. Although the loophole that Ferguson highlighted may be unsettling to some, fraudsters who specialize in stealing and using stolen credit cards online have been exploiting it for years.
How Much is That Phished PayPal Account?
Compromised PayPal accounts are a valuable commodity in the criminal underground, and crooks frequently trade them in shadowy online forums. But it wasn’t until recently that I finally encountered a proper Web site dedicated to selling hacked PayPal accounts.
Many of the PayPal accounts for sale at iProfit.su have a zero balance, but according to the proprietor of this shop these are all “verified.” PayPal “verifies” an account when a customer agrees to attach a bank account to it; PayPal then sends a micropayment the bank account, and asks the user the value of that mini deposit. A bonus feather: all the hacked PayPal profiles currently for sale at iProfit.su are advertised as having a credit card attached to them, which is another way PayPal accounts can be verified.
The creator of iProfit.su also advertises private, bulk sales of unverified PayPal accounts; currently he is selling these at $50 per 100 accounts – a bargain at only 50 cents apiece.
22 Reasons to Patch Your Windows PC
Microsoft today released 13 software updates to fix at least 22 security flaws in its Windows operating system and other software. Two of the flaws addressed in the August patch batch earned Microsoft’s most dire “critical” rating, meaning that attackers can exploit them to break into systems without any help from users.
New Tool Keeps Censors in the Dark
A new approach to overcoming state-level Internet censorship relies, ironically enough, on a technique that security experts have frequently associated with government surveillance. Current anti-censorship technologies, including the services Tor and Dynaweb, direct connections to restricted websites through a network… Read More »
More Than 100 Arrested in Fake Internet Sales
Law enforcement officials in Romania and the United States arrested and charged more than 100 individuals in connection with an organized fraud ring that used phony online auctions for cars, boats and other high-priced items to bilk consumers out of at least $10 million.
Spammers Sell More Non-Lifestyle Drugs in U.S.
Spam may be synonymous with male enhancement drugs, but new research shows that Americans are far more likely than buyers in other countries to turn to spam-advertised pharmacies to obtain pills to treat serious ailments–a trend that reflects differences in… Read More »
