Wednesday, October 28, 2009
"A 27-year-old Brooklyn man used his job as a computer technician to appropriate the identities of more than 150 employees at the Bank of New York Mellon and steal more than $1.1 million from a wide array of nonprofit groups and other institutions, officials announced on Wednesday.
"The technician, Adeniyi Adeyemi, 27, of Crown Heights, was charged with grand larceny, identity theft, money laundering, scheme to defraud, computer tampering and unlawful possession of personal identification information in a 149-count indictment.
"The fraud started in November 2001 and lasted through April of this year, according to the office of the Manhattan district attorney, Robert M. Morgenthau, which is prosecuting the case.
"Using his position as a contract employee in the information technology department at Bank of New York Mellon, Mr. Adeyemi stole personal identifying information from dozens of employees, using the information to more than 30 bank and brokerage accounts in their names at E*Trade, Fidelity, Citi, Wachovia and Washington Mutual, Mr. Morgenthau said."
From The New York Times...
Tuesday, October 27, 2009
"Remember when the global economic crisis was supposed to drive legions of desperate, unemployed computer programmers into cybercrime? It turns out the real threat comes from unemployed advertising agents.
"Scammers posing as the well known ad agency Spark-SMG tricked Gawker Media into running a fake Suzuki ad last week that served malicious code, according to a report in Silicon Alley Insider. A similar scam hit the New York Times in September, but unlike the newspaper, Gawker has released the e-mails it exchanged with the scammers, and the messages show just how confidently the perps navigated the ad-buy process..."
More at Wired...
Saturday, October 24, 2009
"By 2014, citizen developers will build at least 25 percent of new business applications, according to Gartner, Inc. Gartner said that this advance should both enable end users and free up IT resources. However, analysts warned that IT organizations that fail to capitalize on the opportunities that citizen development presents will find themselves unable to respond to rapidly changing market forces and customer preferences.
"Gartner defines a citizen developer as a user operating outside of the scope of enterprise IT and its governance who creates new business applications for consumption by others either from scratch or by composition.
"`Future citizen-developed applications will leverage IT investments below the surface, allowing IT to focus on deeper architectural concerns, while end users focus on wiring together services into business processes and workflows,` said Eric Knipp, senior research analyst at Gartner. `Furthermore, citizen development introduces the opportunity for end users to address projects that IT has never had time to get to — a vast expanse of departmental and situational projects that have lain beneath the surface.`"
Tuesday, October 20, 2009
"Cybercriminals are growing rich by franchising out scareware distribution operations.
"The trade in rogue anti-virus application can make top-tier distributors an estimated $1.2m a year, net security firm Symantec estimates. A study by Symantec into the psychology of the scam found that 93 per cent of users deliberately downloaded and installed scareware packages, albeit without realising what they were getting for their money.
"Scareware slingers use trickery to mimic the look and feel of legitimate security packages, tapping into users' fears in order to trick them into buying worthless software packages. Some malicious sites use legitimate online payment services to process credit card purchases, offering receipts and serial numbers.
"Marks ended up running scareware packages of little or no utility, at best. Some of these packages install malicious code or reduce the overall security of a client PC, while in other cases users' payment details are used to facilitate further forms of fraud.
"The comparatively low-risk, fast-growing form of cybercrime typically uses an affiliate-based sales model. Symantec’s study found that the top ten sales affiliates of scareware distribution site TrafficConverter.biz earned an average of $23,000 per week."
From The Register...
"Security researchers are seeing a resurgence of Gumblar, the name for a piece of malicious code that is spread by compromising legitimate but insecure Web sites.
"In May, thousands of Web sites were found to have been hacked to serve up an iframe, which is a way to bring content from one Web site into another. The iframe led to the `gumblar.cn` domain. Gumblar would then try to exploit the user's PC via software vulnerabilities in Adobe Systems products such as Flash or Reader and then deliver malicious code.
"Gumblar has also now changed its tactics. Rather than hosting the malicious payload on a remote server, the hackers are now putting that code on compromised Web sites, vendors IBM and ScanSafe say. It also appears Gumblar has been updated to use one of the more recent vulnerabilities in Adobe's Reader and Acrobat programs, according to IBM's Internet Security Systems Frequency X blog.
"The hackers know that it's only a matter of time before a malicious domain is shut down by an ISP. The new tactic, however, `gives them a decentralized and redundant attack vector, spread across thousands of legitimate websites around the world,` IBM said."
"Despite an improving economy, companies aren't moving quickly replace servers, PCs and printers, which will likely cause an increase in failure rates over the next two years, according to Gartner Inc.
"In round numbers, the scheduled replacement of some 3 million servers worldwide, or about 3% of all servers, has been delayed, Peter Sondergaard, Gartner's global head of research, said today at the research firm's Symposium/ITxpo 2009 conference here. He added that the number of delayed replacements should reach 10% of all servers by 2010.
"As a result, Sondergaard said, IT operations `are going to have to start to plan for the impact of increased equipment failure rates.`"
"When CIO Will Weider encouraged employees at Ministry Health Care and Affinity Health System in Wisconsin to use Facebook to spread the word about new programs and successful projects, he was surprised at the result: Few did so.
"`I went in there thinking, 'We've turned these people loose; we'll have 10,000 marketers out there,'` Weider says. But the Ministry Health workforce, it turned out, had been well trained to protect sensitive data, and without explicit guidance on what they could say, their first reaction was to share nothing.
"`We've stressed the importance of data security with our employees, particularly when it comes to patient privacy, and it's kept them from sharing all the great things about work on Facebook,` Weider says.
"That's a good problem to have. Many fear that the popularity of social networking -- among individuals as well as organizations -- will precipitate an increase in social engineering attacks that could result in security breaches that expose corporate data or damage a company's reputation."
More at NetworldWorld...
"When patients visit a physician or hospital, they know that anyone involved in providing their health care can lawfully see their medical records.
"But unknown to patients, an increasing number of outside vendors that manage electronic health records also have access to that data, and are reselling the information as a commodity.
"The revelation comes in a recent New York Times article about how so-called `scrubbed` patient data isn’t as anonymous as people think. The piece focuses primarily on how anonymized data can be cross-bred with other publicly available databases, such as voting records, which subverts the anonymity. Buried near the end of the article is the news that medical data is collected, anonymized and sold, not by insurance agencies and health care providers, but by third-party vendors who provide medical-record storage in the cloud."
More at Wired...
"The massive Zbot botnet that spreads the treacherous Zeus banking Trojan has been launching a wave of relatively convincing phishing attacks during the past few days -- the most recent of which is a phony warning of a mass Conficker infection from Microsoft that comes with a free "cleanup tool."
"The wave of attacks began early last week targeting corporations in the form of email messages that alerted victims of a `system upgrade.` Email is accompanied by poisoned attachments and links; in some cases it poses as a message from victims' IT departments, including their actual email domains, and alerts them about a "security upgrade" to their email accounts. The message then refers victims to a link to reset their mailbox accounts, and the link takes them to a site that looks a lot like an Outlook Web Access (OWA) page, but instead infects them with the Zeus Trojan.
"Today, researchers at F-Secure spotted the botnet spamming out malware-laden email that tries to trick recipients with a convincing lure messages that says, `On October 22, 2009 server upgrade will take place.`
"`What we're seeing is an evolving campaign of different lures to see which one works,` says Richard Wang, manager of Sophos Labs in the U.S.
"The Zbot botnet, which is made up of 3.6 million PCs in the U.S., or 1 percent of all PCs in the country, according to data from Damballa, spreads the deadly Zeus Trojan. Zeus, which steals users' online financial credentials, represents 44 percent of all financial malware infections today, according to Trusteer."
Friday, October 16, 2009
"An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves that browser open to attack, Microsoft's security engineers acknowledged earlier this week.
"One of the 13 security bulletins Microsoft released Tuesday affects not only Internet Explorer (IE), but also Firefox, thanks to a Microsoft-made plug-in pushed to Firefox users eight months ago in an update delivered via Windows Update.
"`While the vulnerability is in an IE component, there is an attack vector for Firefox users as well,` admitted Microsoft engineers in a post to the company's Security Research & Defense blog on Tuesday. `The reason is that .NET Framework 3.5 SP1 installs a 'Windows Presentation Foundation' plug-in in Firefox.`
"What was particularly galling to users was that once installed, the .NET add-on was virtually impossible to remove from Firefox..."
More at Computerworld...
Tuesday, October 13, 2009
"A man who died in a suspected murder-suicide in Mooresville recently lost his UNC Charlotte computer job to state budget cuts after more than a decade working at the university, according to a statement from the school.
"A law enforcement official said Monday evidence suggests one of the parents was involved in the quadruple shooting early Sunday and died from a self-inflicted gun shot wound. The shooting also left the couple's two adult sons in critical condition.
"Iredell Sheriff's Capt. Darren Campbell, the lead investigator, wouldn't say which parent was suspected, saying investigators would wait for initial autopsy reports this week before releasing details.
"He said `nothing stands out` in the family history that might readily explain the violence. The family members do not have criminal records in North Carolina, and police said they hadn't been summoned to the house before.
"Public records and interviews with neighbors indicate the four family members were living in the same home where the shooting occurred, at 130 Peninsula Drive, about a half-mile from Lake Norman.
"Douglas Alan Thomas Sr., 57, and his wife, Linda Malone Thomas, also 57, died in the shooting spree. The sons, Douglas Alan Thomas Jr., 28, and Christian Edward Thomas, 25, underwent emergency surgery Sunday at Carolinas Medical Center.
"UNCC Chancellor Phil Dubois didn't immediately respond to a request for comment Monday.
"But a UNCC spokesman said Monday that Douglas Thomas Sr. lost his job Aug. 31 as a networking specialist in the school's Department of Information & Technology Services. He was one of only 15 university employees laid off by budget cuts and departmental reorganizations.
"A state salary database from May showed he was earning an annual salary of $81,070."
From the Charlotte Observer...
Monday, October 12, 2009
"Integrated Surveillance System is a proposal for fully-integrated surveillance system which leverages Cisco network services on ISR and combines them in a new, smart way to build a security system. With this solution, existing IP phones can be turned on during non-working hours, to monitor any audio signals in the offices. If there are abnormal audio signal patterns, the application notifies external security services or devices such as cell phones, computers, video monitoring systems etc.
"It is a simple and cost effective means to enable a security solution in branch office by leveraging existing network infrastructure. This solution improves manageability of security systems by providing an integrated security framework."
"When Metzti Bryan tried to check Facebook at work a few months ago, the familiar white and blue layout of the social networking website didn’t load. Instead, she was taken to a page with a stern message: `This site is prohibited.`
"In the weeks that followed, other sites were added to the blocked list: Twitter, PerezHilton.com and even the Ontario Lottery and Gaming Corporation’s website.
"Her co-workers were not pleased.
"`There was a big uproar,` said Ms. Bryan, 27.
"But soon after, tempers cooled. It turned out that getting around the restrictions was easy..."
More at The Globe and Mail...
Friday, October 9, 2009
"A huge majority of user-generated comments to blogs and forums are malicious, while tools are largely ineffective.
"Websense's biannual `State of the Internet` report revealed that 95 per cent of user-generated comments to blogs, chat rooms and message boards are spam or malicious. Websense Security Labs also identified a 233 per cent growth in the number of malicious websites in the last six months and a 671 per cent growth during the last year.
"Looking at Web 2.0 security trends, the report found that the websites are increasingly being used to carry out a wide range of attacks, and claimed that `efforts to self-police these Web 2.0 properties have also been largely ineffective`.
"The report said: `Websense research during the period showed that community-driven security tools (asking users to report inappropriate content) on sites like YouTube and BlogSpot are 65 per cent to 75 per cent ineffective in protecting web users from objectionable content and security risks.`"
From SC Magazine...
"Attackers once again are targeting an unpatched vulnerability in Adobe Reader that allows them to take complete control of a user's computer, the software maker warned.
"Adobe said it planned to patch the critical security bug in Reader and Acrobat 9.1.3 for Windows, Mac and Unix on Tuesday, the date of the company's previously scheduled patch release for the PDF reader. According to Security Focus here, attackers can exploit the vulnerability by tricking a user into opening a booby-trapped PDF file.
"`Successful exploits may allow the attacker to execute arbitrary code in the context of a user running the affected application,` the security site warned. `Failed attempts will likely result in denial-of-service conditions.`
"The bug is presently being exploited in `limited targeted attacks,` Security Focus added, without elaborating. Adobe said only that the attacks target Reader and Adobe running on Windows operating systems."
More at The Register...
Thursday, October 8, 2009
"Avatars are creeping into business environments and will have far reaching implications for enterprises, from policy to dress code, behavior and computing platform requirements, according to Gartner, Inc. Gartner predicts that by year-end 2013, 70 percent of enterprises will have behavior guidelines and dress codes established for all employees who have avatars associated with the enterprise inside a virtual environment.
"Avatars are two- or-three dimensional objects that most often resemble a human and are often animated and controlled remotely by a person in a virtual or 3-D Internet environment. In a business setting they are used as visual representations of people.
"`As the use of virtual environments for business purposes grows, enterprises need to understand how employees are using avatars in ways that might affect the enterprise or the enterprise’s reputation,` said James Lundy, managing vice president at Gartner. `We advise establishing codes of behavior that apply in any circumstance when an employee is acting as a company representative, whether in a real or virtual environment. Addendums, specific to virtual environments can be added as required.`"
From Internet Ad Sales...
Wednesday, October 7, 2009
"A former Wachovia Bank executive who had handled insider fraud incidents says banks are in denial about just how massive the insider threat problem is within their institutions. Meanwhile, the economic crisis appears to be exacerbating the risk, with 70 percent of financial institutions saying they have experienced a case of data theft by one of their employees in the past 12 months, according to new survey data.
"Shirley Inscoe, who spent 21 years at Wachovia handling insider fraud investigations and fraud prevention, says banks don't want to talk about the insider fraud, and many aren't aware that it's an `epic problem.`
"`There needs to be more training around this issue,` says Inscoe, who co-authored a book about bank insider fraud called Insidious -- How Trusted Employees Steal Millions and Why It's So Hard for Banks to Stop Them, which publishes later this month. `We are seeing a huge increase in this country of organized crime rings threatening individuals who work in financial institutions and making them [commit fraud on their behalf],` she says."
More at dark reading...
Saturday, October 3, 2009
"The FBI is helping out the Steuben ARC after overseas hackers stole more than $40,000. Police say the hackers went through an employee's microsoft windows computer system. That worker had access to ARC's bank account.
"Authorities say the crooks were from Eastern Europe and used that information to steal the money. Since then, the Steuben ARC has limited their employee's internet access. They've also switched from a Microsoft operating system to Linux, which is said to be tougher to hack."