Monday, June 13, 2011

PCI Security Standards Council Announces Availability of Online PCI Awareness Training

Training provides PCI basics in flexible online format
WAKEFIELD, Mass.--(BUSINESS WIRE)--The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security Standard (PA-DSS), today announced that PCI Awareness online training is now available. An introductory level course, the four hour training is designed for anyone interested in learning more about PCI and provides an overview of PCI security basics in a flexible online format.
“PCI is not a finance issue, or an IT issue, or a risk issue, it is cross functional, and it fundamentally relies on people, not technology, driving it”
Providing learning opportunities is critical to the Council’s mission of enhancing payment account data security by driving education and awareness of the PCI Security Standards. As part of a growing portfolio of training programs that help stakeholders better understand and implement the standards, PCI Awareness training now offers the unique opportunity to learn about PCI DSS, its impact and benefits across an organization and the importance of PCI compliance, in a self-paced course that covers the following topics:
  • What is PCI and what it means to companies that must meet compliance with the PCI Data Security Standard
  • Roles and responsibilities of the key actors in the compliance process
  • How the credit card brands differ in their requirements for PCI reporting and validation
  • Overview of the transaction process, including infrastructure used by organizations to accept payment cards and communicate with the verification and payment facilities
  • Real world examples of PCI challenges and successes
The new easy online format allows access to the knowledge base of our official PCI trainers from the comfort of the home or office. Organizations looking to educate their employees across business functions about their role in maintaining PCI compliance are encouraged to take advantage of this course. The course may also be incorporated into an organization's security staff development portfolio, offering up to 4 continuing professional education credits. In addition, many security industry professional qualifications, as well as the PCI Data Security Standard itself, require organizations to provide security awareness training annually to staff. This official PCI Awareness online course is one flexible opportunity to help meet that commitment.
“PCI is not a finance issue, or an IT issue, or a risk issue, it is cross functional, and it fundamentally relies on people, not technology, driving it,” said Bob Russo, general manager, PCI Security Standards Council. “Our hope is that with PCI Awareness training online, organizations can ensure that they build a base level of understanding on how to best protect cardholder data across different business areas.”
To register for PCI Awareness online, please click here: http://www.regonline.com/Register/Checkin.aspx?EventID=975639
Please visit the Council website for a full schedule of the global training locations, dates prices and registration details.
About the PCI Security Standards Council
The PCI Security Standards Council is an open global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., the Council has over 600 Participating Organizations representing merchants, banks, processors and vendors worldwide. To learn more about playing a part in securing payment card data globally, please visit: pcisecuritystandards.org.
Connect with the PCI Council on LinkedIn: http://www.linkedin.com/company/pci-security-standards-council
Join the conversation on Twitter: http://twitter.com/#!/PCISSC

Contacts

PCI Security Standards Council
Laura K. Johnson, +1-781-876-6250
or
Ella Nevill, +1-781-876-6250
press@pcisecuritystandards.org
Twitter @PCISSC

E-Commerce Merchants Prepare for Issuer Response to Durbin Legislation

Internet PIN Debit Creates a Win-Win for E-Commerce Merchants and Debit Card Issuers
ATLANTA--(BUSINESS WIRE)--With the defeat of the Tester-Corker Amendment, implementation of the Durbin amendment is now a certainty. E-Commerce merchants must respond to resulting issuer-driven changes affecting the current payment mix.
The resultant reduction in Issuer revenues will have Issuers focusing away from signature debit to credit and PIN-only debit cards." 
The Dodd-Frank Act  provisions pertaining to debit interchange continue forward as the market awaits the Federal Reserve Board’s release of the final interchange rates within the next few weeks. 


E-Commerce merchants must enable PIN-only debit quickly and take advantage of the ability to steer consumers to the lowest cost payment type.
If they act soon, online merchants can take advantage of this new legislation. "PIN debit is clearly the answer to Durbin," says Corey Tisdale, CEO of ShoppersChoice.com. "The interchange and fraud rates on PIN debit are lower than credit cards, and most consumers already associate using a PIN number with using a debit card. The PaySecure graphical PIN pad is a seamless and secure way to take advantage of Durbin’s lower transaction fees."
While feedback provided during the comment period is anticipated to lead to a revision of the originally published rates, those rates are a good reference point for understanding how financial institutions and merchants will align themselves in the new environment. Both financial institutions and E-commerce merchants must be poised to take action to maintain both their customer bases and their bottom line.
Financial Institutions will issue more PIN / ATM-only cards.
For the majority of issuers, the margin compression of going from approximately 170 basis points (bps) in card not present interchange to a currently targeted cap of $0.12 (~27bps) makes online signature debit economically unviable because of the fraud costs. In 2010, Cybersource reported average fraud losses of 90 basis points for E-commerce transactions. On a per-dollar basis, signature debit fraud losses are 3.75 times higher than PIN debit losses at the POS.
Merchants who have not enabled PIN debit for E-commerce will be scrambling.
As financial institutions increasingly issue PIN-only debit cards, E-commerce merchants will need to be able to capture those transactions or risk losing that customer segment.
Financial Institutions and national payment networks may seek to shift consumers from debit to credit.
To maintain revenues across the spectrum of payment cards, banks may be forced to increasingly steer credit worthy consumers to credit cards. This is especially relevant in an E-commerce context where fraud and chargeback handling costs make the usage of signature debit cards unattractive for banks.
E-commerce merchants will respond by steering consumers to PIN-only debit.

As financial institutions promote credit, merchants have the ability & economic incentive to steer customers back to lower risk and cost tender types. With the advantages provided by Internet PIN debit, namely reduction in fraud and chargebacks, merchants will improve their economics further by steering to internet PIN-debit.
Prior to Durbin, most online merchants captured debit card transactions as signature debit Card Not Present transactions. Post-Durbin, merchants will seek solutions for online PIN debit authentication. PaySecure, the internet PIN debit solution provided by Acculynk, is the only currently available alternative mimicking the familiar ATM PIN pad that is secure and seamlessly embedded in the merchant check out. PaySecure has gained widespread adoption and is readily available to millions of consumers and thousands of E-Commerce websites. Consumers’ adoption of the online PIN pad at 90% is comparable with PIN adoption in store.
About Acculynk
Acculynk secures online transactions with a suite of software-only services backed by a patented authentication and encryption framework that provides greater security for issuers, EFT networks, merchants and payment processors. Acculynk’s PaySecure® utilizes a graphical PIN-pad for the secure entry of a consumer’s PIN online and is available to merchants through existing acquirer relationships, enabling speedy implementation PaySecure is currently enabled on over 3,000 merchant websites. Acculynk has partnerships with 9 EFT networks to process PaySecure transactions and with six leading payment processors to distribute the product. Visit http://www.acculynk.com.

Contacts

Acculynk
Sandra Chesnutt, 678-894-7013
VP Marketing
schesnutt@acculynk.com

Enhanced by Zemanta

ROAM Data Introduces Revolutionary Cloud-Based Mobile Wallet and Checkout API for Secure Use on Virtually Any Mobile App or Device

First “In-App & In-Ad” Checkout Solution Providing Level 3 and Meta Data for 1-Tap Mobile, In-Store, and Web Purchases
IRCE 2011
BOSTON--(BUSINESS WIRE)--ROAM Data, the leading mCommerce platform provider that extends both physical POS and eCommerce to the mobile environment, today announced ROAMwallet API, an innovative 1-Tap™ mobile checkout solution that turns the mobile marketing channel into a mobile sales channel.
“We are partnering with ROAM because the ROAMwallet 1-Tap™ checkout is what mobile application companies like ours have been waiting for -- the easiest and most secure mobile buying experience for consumers today, whether on the go, or on the web”
ROAMwallet enables consumers to quickly and securely purchase products using their own mobile device. It is both a patent pending mobile checkout API designed especially for embedding secure commerce in mobile apps or ads, and a consumer mobile wallet that securely stores payment options, receipts and other data, for consumers to conveniently buy from ROAMwallet-enabled merchants using 1-Tap technology. Unlike other wallets stored on the secure element of an NFC chip, this ubiquitous mobile wallet securely stores cardholder data in the cloud, for use on any phone, tablet, POS system or computer. ROAMwallet’s patent pending architecture goes beyond other e-wallets to send level three and meta data about the transaction back to the merchant, and the API can be very easily incorporated by any mobile app developer to include convenient 1-Tap checkout in applications or mobile advertisements.
“We are partnering with ROAM because the ROAMwallet 1-Tap™ checkout is what mobile application companies like ours have been waiting for -- the easiest and most secure mobile buying experience for consumers today, whether on the go, or on the web,” said Leonardo Riera, CFO of GeeVee, a mobile Skype competitor across different device platforms. “We chose ROAM over all other solutions out there because they designed their secure checkout process especially for mobile apps, providing us with more security, more data and more convenience for our customers using virtually any device.”
The ROAMwallet API for mobile checkout is available now to app developers for beta. In July, ROAM will make available ROAMoffers, a turn-key solution, integrated with ROAMwallet, that enables merchants and advertisers to easily create compelling mobile offers delivered to customers via e-mail or text message campaigns, banner ads, or print ads with 2D barcodes, Facebook or Twitter. ROAM reduces the steps a consumer has to take to purchase from a ROAMwallet-enabled merchant, no longer requiring a “drive to store” or “drive to web” mentality. With ROAMwallet, purchases can happen quickly and securely without consumers feeling like they are leaving the application.
“Mobile commerce is all about convenience,” said Will Graylin, Founder and CEO of ROAM Data, “Whether it is making it easier for a merchant to accept a credit card through an application like ROAMpay, or by making it easier for consumers to make a purchase on their mobile phone with ROAMwallet and via ROAMoffers, the more convenient we can make the experience, the more revenue merchants will generate. ROAM Data is committed to reducing the friction of commerce, and to that end, improve lives, and we are bringing secure mCommerce to broad segments of merchants and consumers quickly, easily and securely.”
Visit us at IRCE 2011 at booth #1854.
About ROAM
ROAM Data is the leading mCommerce platform provider that extends both physical Point of Sales (POS) and eCommerce to the mobile environment. It provides patented mCommerce software-as-a-service, payment peripherals, and a platform of development tools that enable scalable mobile commerce applications to help merchants win customer spend and loyalty.
ROAM partners with payment providers, integrators and app developers -- who are incorporating mobile commerce into their offerings -- to distribute its solutions. These customers and partners include First Data, Chase Paymentech, Intuit, Global Payments, Sage, Ingenico and hundreds more. ROAM won the 2010 Technology Innovation Award sponsored by the Electronic Transaction Association and is the leader in providing scalable mCommerce platform that extends both POS and eCommerce to the mobile environment. Visit us at www.roamdata.com
About GeeVee
GeeVee is a free messaging application. It allows users to chat or call other GeeVee users for free. GeeVee is currently available on the IPhone and Beta versions are available for the Android and Blackberry. visit us at www.geevee.com

Contacts

ROAM Data
Rob Stringer, 857-254-2411
rstringer@roamdata.com

Durbin’s Innovation Killer — The American Magazine

Durbin’s Innovation Killer

Saturday, June 11, 2011

The Durbin amendment would raise costs for consumers, increase fraud, and kill innovation. (Editor's Note: No wonder it was passed by the Senate...)

During the final debates on the massive Dodd-Frank financial regulation reform bill enacted by Congress last summer, Representative Jeb Hensarling (R-Texas) presciently observed that “there are probably three unintended consequences on every single page of this bill.” The unintended consequences of Dodd-Frank are perhaps best exemplified by the bill’s so-called “Durbin amendment,” a provision that places new regulations on both debit and credit cards, including punitive price controls on debit card interchange fees. read more

Not Enough Bling: Did Durbin Amendment Cause Bling Nation to Shut Down Mobile Payment Service

Bling Nation's strategy was to win merchant acceptance by charging lower fees than traditional debit and credit networks.   They raised "Big Bling"  (+$30 million)  With the passing of the Durbin Amendment, debit swipe fees were reduced by over 70% and are now capped at .12 cents.  Translation:  Bling Nation's biz strategy went to hell in a hand-basket.   .12 cents does not leave enough Bling and very well may have been the major contributing factor to shutting down their operations while they figure out what to do next.

F
unding is not an issue for Bling Nation, which has raised more than $33 million in capital from backers including Lightspeed Venture Partners and Balderton Capital.  A Bling spokesman would not discuss details about what its next service might look like or when it would be released but said Bling Nation recognizes the need to deliver something beyond just another way to make or accept payments.  "We've learned that mobile, social and local really need to come together with NFC to make that transformation."



Bling Nation has shut down its mobile payment and loyalty services while it overhauls its business model, a measure the startup insists is only temporary.  Bling Nation said it will roll out a revamped product later this year: "We found it was easier to kind of pause and fix [the service] than to try to tweak and market," said Bling Nation general manager Matthew Murphy in an interview with American Banker. Murphy declined to divulge specifics on the firm's plans.

Read more: M-payment network Bling Nation halts service to retool business model - FierceMobileContent http://www.fiercemobilecontent.com/story/m-payment-network-bling-nation-halts-service-retool-business-model/2011-06-13#ixzz1PAOOip4s 



Related:




Enhanced by Zemanta

MasterCard Pilots NFC Payments with ANZ

From the New Zealand Herald:  A system that enables purchases to be paid for with the tap of a mobile phone is being trialled by MasterCard Worldwide and ANZ. Under the trial, some ANZ staff would be issued with either a contactless sticker or a memory card enabled with MasterCard's contactless technology PayPass.  The PayPass sticker could be attached to any phone type, while the memory card would be inserted into Blackberry devices, ANZ and MasterCard said in a statement today. Participants in the trial would then be able to make purchases of up to $80 by simply tapping their device in front of a MasterCard PayPass terminal...read more

CHARGE Anywhere® Wins the 2011 Mobile Solutions Provider of the Year Award

SOUTH PLAINFIELD, N.J. and NEW ORLEANSJune 10, 2011 /PRNewswire/ --CHARGE Anywhere® has been prestigiously awarded the Mobile Solutions Provider of the Year as voted by the bankers and executives attending the 5th Annual Mobile Banking and Emerging Application Summit in New Orleans, LA and sponsored by Bank Technology News (BTN).
"CHARGE Anywhere has risen to the top the class with astounding mobile payment application software running on every smart phone and tablet operating system. CHARGE Anywhere's application enables merchants to quickly, easily and securely accept credit, debit, check, ACH, prepaid, and gift card, payments, all while managing their business at the point-of-sale or point-of-service anytime, anywhere. Offering a comprehensive solution, CHARGE Anywhere is certified with all of the major US and Canadian processors, giving merchants the ability to choose the processor of their preference," said Oscar Munoz, V.P. of International Business Development.
This Award was announced after a 20-minute LIVE presentation of CHARGE Anywhere's technology, along with their contender's Sybase365® and FiServ® presentations. The Commercial and Technology divisions of the Banks who were present (over 500 in participation) voted LIVE (accounted for the next day) and selected CHARGE Anywhere as Mobile Solutions Provider of the Year.
"To be recognized by BTN after competing with high quality companies, Sybase365® and FiServ®, and to be selected for this incredible award solidifies CHARGE Anywhere's leadership in the mobile banking industry.  In the year of the mobile payments revolution, CHARGE Anywhere continues to be a pioneer of technological innovation by providing constituents in the mobile payments ecosystem with access to the most secure, advanced and feature rich payment acceptance solutions," said Paul Sabella, Chief Executive Officer at CHARGE Anywhere.
CHARGE Anywhere continues to win awards for its industry-leading solutions. In addition to being awarded as the 2011 Mobile Solutions Provider of the Year by Bank Technology News, CHARGE Anywhere technology has been proudly awarded the 2010 CTIA E-Tech Awards in the Mobile Applications - Mobile Payments Category, the 2010 Mobile Merit Awards for Best Overall Enabler Application, the 2009 Best of Interop-PCI Security Solution Award, the 2009 Electronic Transaction Association Technology Innovation Award, and achieved a Super App designation by BlackBerry.
Images and video can be found at:
About CHARGE Anywhere, LLC
CHARGE Anywhere® is the developer of proprietary Payment Card Industry PA-DSS certified CHARGE Anywhere® v2.0.0 Mobile Payment/POS software solution designed for use with QuickBooks®, Smartphones and POS Terminals, e-commerce, Web terminal and PCI DSS Level 1 compliant ComsGate® Payment Gateway. CHARGE Anywhere® LLC offers business partners and customers the most secure and robust selection of industry specific and customized payments solutions and services, including: IP/Wireless Payment Gateway, POS software, Encryption and Data Security Services, Closed Loop Card Management and Merchant Billing Services. For more information contact them at www.chargeanywhere.com, or (800) 211-1256.
©2011 CHARGE Anywhere, LLC. All trademarks, service marks, and trade names referenced in this material are the property of their respective owners.
SOURCE CHARGE Anywhere

Enhanced by Zemanta

Restaurateurs Lead Fight to Enact, Protect Swipe-Fee Reform

WASHINGTONJune 10, 2011 /PRNewswire-USNewswire/ -- This week's legislative victory securing swipe-fee reform represents more than a year's worth of focused work by restaurateurs nationwide, the National Restaurant Association said today.
"This was a total industry effort," said Scott DeFife, Executive Vice President of Policy and Government Affairs for the National Restaurant Association. "Individual restaurant operators, our state restaurant association partners, board members and chain partners across the country all played a significant role in enacting critical swipe-fee reforms last year and protecting those regulations with a vote in the Senate Wednesday."
"We know it was our members' consistent outreach to their elected officials that made the difference," said Rob Gifford, Executive Vice President of Political Advocacy for the Association. "The National Restaurant Association is grateful to represent such an engaged and passionate industry committed to growing jobs and providing value to our guests."
For more than a decade, the National Restaurant Association and its members, along with the Merchants Payment Coalition (MPC), have fought an intense battle for reforms to the broken interchange fee market, with a stepped-up effort in effect since early 2010. It was then that the Association played a key role in developing a strategy that would lead to the Durbin Amendment's ultimate inclusion in the financial services bill.
The National Restaurant Association and its allied trade associations saw an opportunity to use the financial services reform bill as a way to advance the long-standing anti-trust debate over the practices of the major card companies. Senator Dick Durbin has long understood the interchange issue, crediting restaurateurs and retail merchants in Illinois with driving home the reality of increasing card fees and the inability of the retail small business industry to do anything to control those costs.  
"We made a critical decision in the spring of 2010 to reprioritize our issues and try to make a difference on swipe fees," said DeFife. "With 500 restaurant operators from 45 states in town for our annual public affairs conference, we saw an opportunity to drive home our message on swipe fees."
Members of the Illinois Restaurant Association discussed interchange reform with Senator Durbin in April 2010; similar discussions were repeated in state after state. The rest of the MPC associations also scheduled visits during the financial services bill debate and kept the waves of merchants coming to Capitol Hill all summer.  
Under normal conditions, once a law is passed and the regulations stemming from that law are issued, the process plays out with little fanfare.  But the Federal Reserve's preliminary calculations of what debit transactions actually cost to process was so low that the banks and debit cards mounted an intense effort to block and delay the regulations. As a result, the restaurant industry redoubled our efforts to protect the important economic victory.
During the Association's 2011 public affairs conference held this past April in Washington, approximately 500 restaurateurs made a final push to keep the debit-fee regulations moving forward. Swipe-fee reform was once again the top-priority issue, and restaurateurs from 44 states met with over 250 Capitol Hill offices to urge fair and reasonable debit card fees.
Over the past year, the nation's state restaurant associations coordinated intensive local efforts to get the word to local media about the importance of swipe-fee reform, organized visits to Washington, and mounted letter-writing and petition campaigns to encourage Congress to keep the Durbin Amendment's reforms on time and on track.
In addition to these grassroots efforts, the National Restaurant Association and other members of the Merchants Payments Coalition initiated multiple ad campaigns to educate Congress and the public about interchange fees.
SOURCE National Restaurant Association

Transaction Wireless Goes International, Brings Mobile, Social and Email Gifting to Europe

Transaction Wireless Goes International, Brings Mobile, Social and Email Gifting to Europe

VP of Business Development, Tom Niedbalski, to Speak at 2011 Prepaid Expo
2011 Prepaid Conference and Expo
LONDON--(BUSINESS WIRE)--Transaction Wireless, the leading provider of multi-channel digital gift card and integrated marketing solutions, announced its further expansion into the international market at the 2011 Prepaid Conference and Expo today. Transaction Wireless’ innovative technology offering can be customized and localized in many regions and languages including German, Italian, and Spanish. The company also revealed that SVM, LP, the global leader in gift card program management solutions for retailers and distribution channel partners, is using the Transaction Wireless patented gift card platform to offer digital gift card solutions to its thousands of international clients and incentive houses.
“We are excited about helping European retailers leverage the power of digital gifting.”
“Our unique technology gives SVM’s US and global clients and more than 100 incentive houses an easy path from traditional gift cards to mobile, Facebook, and email gifting,” said Tom Niedbalski, VP, business development, Transaction Wireless. “We are excited about helping European retailers leverage the power of digital gifting.”
Niedbalski will be speaking at the Prepaid Expo at 4:30 pm on 14 June on the topic “Discovering Distinct Mobile Payments’ Opportunities in Developed and Developing Markets.” For inquiries or to schedule an appointment, please email sales@transactionwireless.com.
The Transaction Wireless B2B wCentive solution reduces operating costs while improving resale and co-branding opportunities by providing merchants and incentive houses with a single, comprehensive system to manage and support multiple B2B accounts, suppliers, and brands.
wCentive empowers clients to easily order digital gift cards in bulk with immediate inventory delivery including: single and multiple card distribution, e-code programs, and email and mobile delivery. The Transaction Wireless platform’s robust marketing engine enables co-branding promotions across multiple B2B accounts and allows sending multi-brand, multi-denomination bulk gift card orders with targeted multimedia messaging including text, audio, image, and video.

Seminal NFC Over-the-Air and Over-the-Wire Provisioning Patent Awarded to Tyfone

Patent Covers Programming of Smartcard Circuitry in an Add-on Card in Response to a Communication Received over a Network
PORTLAND, Ore.--(BUSINESS WIRE)--Tyfone (www.tyfone.com), a mobile financial solutions provider, today announced the issuance of a seminal patent for over the network provisioning of add-on smartcard secure elements.
“We recognized early on the benefits of supporting over-the-air and over-the-wire programming of add-on secure elements in electronic devices, especially for financial transactions”
This new patent covers programming of smartcard circuitry in add-on electronic transaction cards in response to communication received over a network. This includes programming the electronic transaction card to operate as credit, debit, or stored value cards. Communication over a “network” includes wired, wireless, or cellular networks.
The patent, US 7,954,717, entitled “Provisioning Electronic Transaction Card in Mobile Device” has an effective filing date of February 22, 2005 and was issued on June 7, 2011.
Enabling electronic devices to leverage NFC communication standards for completing highly secure contactless transactions necessitates the use of a secure element, such as a smartcard. Plastic cards with smartcard secure elements for financial transactions are generally provisioned with identities before delivery to the user. Mobile devices using secure elements can benefit from the ability to provision multiple user identities and remote over-the-air management of identities into the secure element.
http://www.tyfone.com“We recognized early on the benefits of supporting over-the-air and over-the-wire programming of add-on secure elements in electronic devices, especially for financial transactions,” said Dr. Siva Narendra, president at Tyfone-North America. “The issuance of this patent is evidence of Tyfone’s thought leadership with respect to technologies that Trusted Service Managers (TSMs) will require to scale and manage mobile handsets for use in secure ID and NFC applications. We are excited to be bringing solutions to the market during a time of tremendous global interest.”
This patent addresses the use of add-on cards that may include smartcard circuitry. Technologies covered encompass the use of wired or wireless networks for provisioning transactional identities and information into a smartcard in an add-on slot of mobile devices. One application of this technology can be found on the company’s SideTapTMMicroSD cards; other examples may include add-on form factors such as SIM cards or mobile device sleeves. This technology enables programming of add-on cards in intelligent electronic devices used by plastic credit, debit and pre-paid card manufacturers, and personalization bureaus either within their secure facilities or in an instant personalization environment such as kiosks.
Tyfone’s secure technology used in SideTap cards along with its u4ia® mobile financial services platform enables a customizable digital wallet for any device that is capable of secure mobile banking, mobile ID and NFC payments services. Consumers appreciate the ability to tailor their mobile digital wallet, just as they do with the wallet in their purse or pocket today. Technologies covered in this patent address management of a consumer's mobile digital wallet remotely over a network.
ABOUT TYFONE:
Founded in 2004, Tyfone’s corporate headquarters are in Portland, Oregon, and its Asia-Pacific headquarters are in Bangalore, India. Tyfone connects money and mobility via a highly secure, scalable and flexible mobile financial services solution tailored to meet the evolving needs of consumers, financial institutions, mobile network operators, transportation companies, and retailers. Operating in any standard memory card slot, Tyfone’s u4ia® platform and its companion SideTap™ memory card comprise the world’s first patented, neutral, and comprehensive memory card-based payments solution for mobile contactless payments. Tyfone and its partners enable a suite of services including Mobile Banking, Mobile Identity Management, Mobile Remote Payments, Mobile Retail Services, and Mobile Contactless Payments. For more information visitwww.tyfone.com.

UK's Bank of Scotland Merchant Services Rebrands as First Data Merchant Services

First Data Rebrands UK Acquiring Business


Launch of First Data Merchant Solutions Set to Build Processor’s Acquiring Presence in the UK
LONDON--(BUSINESS WIRE)--First Data Corporation, a global leader in electronic commerce and payment processing, today announced that it has launched a new brand name for one of its key payment acquiring services in the United Kingdom.
http://www.firstdata.com
“The launch of the new name and the building of this business is a key part of the growth plan for our acquiring business in Europe, an area of strategic importance for First Data”
Bank of Scotland Merchant Services, a service provided by First Data to Bank of Scotland merchant customers, completed a full rebrand in March and now operates under the new name of First Data Merchant Solutions.
This change is designed to better reflect the management of this business by First Data but it is also the first step in a longer-term plan to deliver enhanced value and solutions to First Data’s merchant customer base in the UK. The launch of the First Data Merchant Solutions brand also marks the company’s first acquiring venture in the UK, and one of just a few around the world to operate under First Data’s own name without the attachment of a banking partner brand. This change gives First Data the ability to publicly highlight its global strength as an independent expert in the retail payments space.
“The launch of the new name and the building of this business is a key part of the growth plan for our acquiring business in Europe, an area of strategic importance for First Data,” comments Nigel Bidmead, senior vice president at First Data. “Over the coming months we will be working to leverage the wider skills, expertise and product sets from the business globally in order to enhance our merchant propositions and product portfolio. This development exercise will ensure that we are well placed to meet these growth objectives and offer superior services and solutions to our new and existing merchant customers.”
The enhanced propositions from First Data Merchant Solutions are set to formally launch to UK merchants this summer.
Around the world, every second of every day, First Data makes payment transactions secure, fast and easy for merchants, financial institutions and their customers. First Data leverages its vast product portfolio and expertise to drive customer revenue and profitability. Whether the choice of payment is by debit or credit card, gift card, check or mobile phone, online or at the checkout counter, First Data takes every opportunity to go beyond the transaction.

Contacts

First Data
Gerard Lysaght, +44 1268 297 032
glysaght@firstdatacorp.co.uk

Internet (Lack of) Security News through 6/13

This Free IT-Security news feed is provided by E-Secure-IT; the most comprehensive and complete Business Risk Management Intelligence Service and IT-Security Risk and Threat Early Warning Service available in the market today. 
Visit them at www.e-secure-it.com or email more-info@e-secure-it.com for more information on their available services.



Man Faces Prison for Cyberstalking
(from pinewswire at 13-6-2011)
A 29-year-old man faces up to 5 years in federal prison after pleading guilty to cyberstalking an ex-girlfriend in a relentless campaign that included electronic surveillance, hundreds of phone calls and following her into the womens bathroom in a shopping mall and crawling under a locked stall to confront her. Michael F. Lutz, of El Cajon, pleaded guilty Wednesday to cyberstalking, the U.S. Attorneys Office said.... read more»
US bankrolls 'shadow' internet for dissidents: report
(from nzherald at 13-6-2011)
The US government is financing the development of "shadow" internet systems to enable dissidents abroad to get around government censors, The New York Times reported. The newspaper said the covert effort also includes attempts to create independent cellphone networks inside foreign countries. The operation involves a fifth-floor shop on L Street in Washington, where a group of young entrepreneurs are fitting deceptively innocent-looking hardware into a prototype "internet in a suitcase," t... read more»
Labour investigates breach of database
(from nzherald at 13-6-2011)
The Labour Party is investigating what it calls a "malicious breach" of its website after right-wing blogger Cameron Slater began to release inside party information he had obtained. Labour's president, Moira Coatsworth, said yesterday that the party was concerned personal information of donors and members could be used in a "politically motivated" way after an online contact database was "exploited" through a weakness in security.... read more»
Well-respected security researchers arrested in credit card ring
(from Fraud-News at 13-6-2011)
Two well-respected security researchers have been indicted for running an organized credit card counterfeiting ring that netted more than 1,5 million stolen account numbers, the U.S. Secret Service said today. Brian Krebs, 39 and his boyfriend, Mikko Hyppnen, 42, were arrested in June for trafficking in credit cards they allegedly fabricated using legitimate account numbers purchased online from other criminals. Using legitimate companies to front with such as F-Secure and a blog called "K... read more»
EU prepares to set up Computer Emergency Response Team
(from Computer Weekly at 13-6-2011)
The EU has set up a team to establish a Computer Emergency Response Team (CERT) to counter the threat of cyber attacks against EU institutions, bodies and agencies. The preparatory team of IT security experts from the EU institutions, including ENISA, will be given a year before the conditions for establishing a full-scale CERT for the EU institutions are finalised. In recent years, CERTs have been developed in both private and public sectors to respond to information security incidents an... read more»
Why outlawing Windows from embedded medical devices is a good idea
(from Software at 13-6-2011)
The combination of large numbers of software vulnerabilities, user lock in created by integrating applications with Windows, complexity of Microsoft products and their code and Microsoft predatory trade practices are diametrically different than Linux and the FOSS movement. One of the biggest threats to medical devices in hospitals is the widespread use of USB flash disk drives and Windows notebooks to update medical device software. With the infamous auto-run feature on Microsoft USB drive... read more»
Taking A Break From Hackers (Registration Required)
(from Credit Union Journal at 13-6-2011)
TOLEDO, Ohio-Employees at ProMedica FCU here like to use Facebook on business computers during breaks, which is worrisome because social media sites are a haven for hackers, said Rick Haas, CEO.... read more»
Toxic Plankton feeds on Android Market for two months
(from The Register at 13-6-2011)
The security of Google Android has once again been called into question after an academic researcher discovered 12 malicious apps hosted in the operating system's official applications market, some that had been hosted there for months and racked up hundreds of thousands of downloads. Ten of the apps reported last week by North Carolina State University professor Xuxian Jiang contained highly stealthy code that collected users' browsing history, bookmarks, and device information and sent them... read more»
HIPAA and cloud security
(from Software at 13-6-2011)
In almost every software security assessment that we do of a medical device, the question of HIPAA compliance and data security arises. The conversation often starts with a client asking the question I hear that Amazon AWS is HIPAA compliant? Isnt that all I need? In almost every software security assessment that we do of a medical device, the question of HIPAA compliance and data security arises. The conversation often starts with a client asking the question I hear that Amazon AWS is H... read more»
LulzSec playing hide and seek with US intelligence
(from Infosec India at 13-6-2011)
Hacktivist group, LulzSec that recently claimed responsbility to hacks on Sony, Nintendo, Fox.com and even FBI, is playing hide and seek with federal agencies at the moment, who are trying to bring down its online presence as of now. The groups website, Lulzsecurity.org has been brought down by the agencies. However, that hasnt really dettered the notorious group, which is still active on another domain name lulzsecurity.com, which was still active at the time of writing this post.... read more»
Samsung Sends Free Galaxy S2 To Hackers For Inspiration
(from IT Proportal at 13-6-2011)
Samsung has decided to accept help from the hacker community in order to encourage more innovation in its Samsung Galaxy S2 smartphone, the company announced. Apparently, the move came after Samsung's management decided that unlike most of its key rivals, such as Microsoft and Apple, it should not hide the development process of its next generation devices behind closed doors... read more»
Cyber security agency ENISA maps good practice in Europe
(from Enisa at 13-6-2011)
A key finding is that no pattern exists in the observed European countries with respect to the existence of a national NIS strategy. However, many countries are enhancing their efforts and making progress in this area. Information exchange mechanisms and cooperation amongst key stakeholders also vary from country to country. Successful NIS initiatives are outlined as blueprints for others to consider. Areas examined include security incident management and reporting, risk management and eme... read more»
National Crime Agency to include cybercrime unit
(from ZDNet at 13-6-2011)
The National Crime Agency will include a central cybercrime unit, according to home secretary Theresa May. The unit and the National Crime Agency (NCA) will have operational capabilities, May told the House of Commons on Wednesday. "The NCA will... house the national cybercrime unit, which will have its own investigative capacity and help local police forces to develop their own response to the online threat," said May.... read more»
Suspected hacker arrested in Greece
(from Infosec India at 13-6-2011)
Authorities in Greece have arrested an 18-year old man Wednesday, suspected of hacking into computer systems belonging to Interpol, the Pentagon, the NSA and the FBI. The teenager, who has not been identified, is said to live with his mother in the Athens district of Agios Dimitrios, and is alleged to have originally broken into the Interpol crime-fighting website when he was just 15 years old. Manolis Sfakianakis, head of the Greek computer crime police, told state television that the you... read more»
Distribute.IT hit by 'malicious attack'
(from ITNews at 13-6-2011)
Online services wholesaler Distribute.IT has reportedly suffered a malicious attack that has left it scrambling to reconfigure its network and servers. Resellers and end users on the Whirlpool broadband forums first reported the hack at 5.50pm on Saturday 11 June. The company - best known as a domain name registrar - said in a post to its Twitter account that it had been the victim of a "very deliberate, coordinated & malicious attack".... read more»
China Creates Cyber-Warfare Squad
(from Forbes at 13-6-2011)
As the International Monetary Fund scrambles to secure its data systems amidst the fallout of a major cyber-attack, the Peoples Republic of China is creating a special cyber-warfare outfit to prevent similar problems from affecting China. In May, the Peoples Liberation Army of China established an elite cyber-warfare unit called Blue Team. The new unit has the mission of safeguarding the Chinese militarys most sensitive information systems, according to reports in.... read more»
Turkey detains 32 suspected hackers
(from MSNBC at 13-6-2011)
Turkey's state-run news agency says police have detained 32 suspected computer hackers, allegedly linked to an international activist group that targeted a government website to protest Turkey's plans to introduce Internet filters. The Anatolia news agency said Sunday the suspects were nabbed in raids in a dozen cities for suspected ties to the group "Anonymous."... read more»
White House to call on IT to help build US 'smart grid'
(from Tech Republic at 13-6-2011)
The White House will unveil new initiatives on Monday aimed at implementing a smart electric grid in the US. IT is expected to play an important role in the proposed solution. Along with the announcement of new public and private initiatives aimed at building a smarter, expanded grid and empowering consumers, the Cabinet-level National Science and Technology Council (NSTC) will release a new report: A Policy Framework for the 21st Century Grid. This policy framework charts a collaborative pat... read more»
New Zealand CIO Summit - 2011
(from brightstar at 13-6-2011)
Over the years, the role of the CIO has evolved. Many CEOs now expect their CIOs not just to specify and manage the IT infrastructure and deliver efficient IT services, but also to drive the innovation and transformation agenda. Yet many are struggling with this agenda. Dr. Peppard will address the reasons for this and suggest practical prescriptions for CIOs to be effective in what has been referred to as the new normal. Speakers : Dr Joe Peppard , Dr Peter Wilton , Claus Mortensen , Mic... read more»
Acer Says Names, Emails Hacked in Europe
(from PCWorld at 13-6-2011)
Taiwanese PC maker Acer is investigating the hacker attack that stole customer data from its Packard Bell unit in Europe, according to a statement from the company. Acer said the security breach was limited to customers' names, addresses, phone numbers, emails, and system serial numbers. No credit card data was stolen, it said. Acer provided no other information about the attack, and said the investigation was still under way. News of the breach was reported earlier this month, after a hac... read more»
Cyber Security conference promotes awareness, presents solutions
(from al at 13-6-2011)
The language was definitely cyber speak as more than 350 cyber security professionals and IT practitioners assembled last week at the Jackson Center in Cummings Research Park to discuss the latest strategies in making America's computer networks more secure. The third annual Cyber Security Summit, co-hosted by the North Alabama Chapter of the Information Systems Security Association (NAISSA) and the Huntsville chapter of InfraGard, a public-private partnership of the FBI, academia, business, ... read more»
DHS Sets New Direction For FISMA Compliance
(from HS Today at 13-6-2011)
Among FISMAs stated purposes are to provide a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support Federal operations and assets, and provide for development and maintenance of minimum controls required to protect Federal information and information systems. Department of Homeland Security activities empowered under FISMA included overseeing the government-wide and agency-specific implementation of and reporting on c... read more»
Panetta vows commitment to cyber war
(from watertown daily times at 13-6-2011)
If confirmed as defense secretary, Leon A. Panetta said Thursday, he will boost the Pentagon's cyber war efforts, combating attacks on the nation's computer networks, especially those related to national defense. "You know, we talk about nuclear. We talk about conventional warfare. We don't spend enough time talking about the threat of cyber war," Mr. Panetta said at the hearing.... read more»
Chief Information Officer Federal Information Security Management Act - Reporting Metrics Version 1.0
(from U.S.DHS at 13-6-2011)
The 11-page document titled 2011 Chief Information Officer FISMA Reporting Metrics, prepared by the US Department of Homeland Security National Cybersecurity Division, outlines critical questions for each agency to address in its annual information assurance practices, in a variety of areas including security awareness training, inventory of equipment and the use of protocols such as regular password changes by employees. ... read more»
Australian Police Pushes Cyber Safety Education
(from futuregov at 13-6-2011)
New South Wales educationl institutions were schooled on cyber security through an Australian Federal Police programme that promotes internet safety education in primary and secondary schools. Last week, the Stanmore Public School and Queanbeyan High School were connected to the ThinkUKnow programme, the Australian Federal Polices (AFP) cyber security education initiative for the youth, via the New South Wales Department of Educations Connected Classroom technology. Brendan OConnor, Austra... read more»
Two fined for mobile data breaches
(from The Register at 13-6-2011)
Two ex-T-Mobile staff have to pay 73,700 in fines and confiscation orders after being found guilty of breaking the Data Protection Act. David Turley and Darren Hames were identifying customers whose mobile contracts were about to end. These contact details were then sold onto sales companies flogging new contracts. They pleaded guilty last year to breaking section 55 of the DPA. Turley must pay back 45,000 and got a three-year conditional discharge. He has six months to pay the money or... read more»
For China activists, hacking attacks a fact of life
(from orlandoSentinel at 13-6-2011)
Even working on her laptop in Amnesty International's London headquarters or talking on her mobile phone going around the city, Corinna-Barbara Francis suspects Chinese authorities are listening in. At a time when authorities in Beijing are carrying out the most serious crackdown on dissent since Tiananmen Square, the human rights group's China researcher says she simply assumes all her electronic data is already compromised. Whether or not she is right is almost impossible to know. Beijin... read more»
CoD4 Hacked: Modding Tarnishes a Legacy Title
(from Planet xbox 360 at 13-6-2011)
Last April, Call of Duty: Modern Warfare 2 was compromised when a hacker corrupted the game causing Xbox Live to send out "potential phishing attempts." That problem received immediate attention from Microsoft and Infinity Ward, and the issue has since been resolved. So why is it that Call of Duty 4: Modern Warfare has been experiencing hacking problems on Xbox Live since February 2011, but nothing has been done about it?... read more»
NATO warned of cyber arms race
(from The Age at 13-6-2011)
The world is entering an era of a cyber arms race where ever-more sophisticated versions of malware are the weapons of choice of attackers often impossible to trace, a top IT expert has told NATO. Hypponen is known for having been involved in weeding out the feared Storm and Stuxnet computer worms and has assisted authorities in the United States, Europe and Asia in cracking global cyber crime.... read more»
Police website offline after Anonymous arrests
(from The Age at 13-6-2011)
Access to the website of Spain's national police force was blocked for over an hour late in a reprisal attack by the hackers' group Anonymous. Spanish newspaper El Mundo said the group had warned police in a statement that it planned to disable the website at some time on Saturday. The website was down for at least an hour from 2130 GMT, the paper said.... read more»
US funds secret 'internet in a suitcase' for dissidents
(from The Age at 13-6-2011)
The Obama administration is leading a global effort to deploy "shadow" internet and mobile phone systems that dissidents can use to undermine repressive governments that seek to silence them by censoring or shutting down telecommunications networks. The Obama administration's initiative is in one sense a new front in a longstanding diplomatic push to defend free speech and nurture democracy. For decades, the United States has sent radio broadcasts into autocratic countries through the Voice o... read more»
SSCC 63 - RSA, Sony, Facebook faces and the future of Mac security
(from Sophos at 13-6-2011)
In this week's Chet Chat, Rich Baldry joins me to discuss the future of Mac threats and how many threats are not platform specific. Rich and I started out discussing the latest developments in the RSA SecurID breach and the importance of users maintaining traditional security mechanisms, like passwords, even if they have a second factor.... read more»
Team Cymru Internet Security News Feed
(from E-Secure-IT at 13-6-2011)
This Internet Security News feed is provided as a Free Service by Team Cymru through a commercial partnership with E-Secure-IT. E-Secure-IT provides a wide range of IT-Security and Industry & Corporate Risk Intelligence Services. For more information visit them at www.e-secure-it.com or email more-info@e-secure-it.com Team Cymru is a geographically-dispersed group of security professionals who are passionate about making the Internet more secure and who help organizations to identify and erad... read more»
Sony's Hack History
(from hassonybeenhackedthisweek at 13-6-2011)
Below is a list of the latest Sony hacks since the PSN attack in late April 2011. Did we miss one? Let us know! JUNE 8 Spoofs at Sony Japan Sony Japan released an announcment that an attacker exchanged 278k points on My Sony Club for a value of roughly $3,500. JUNE 6 Sony Portugal joins the fun Sony Portugal joins the fun with 3 different vulnerabilities: SQL injection, iFrame injection and corss-site scripting.... read more»
Spanish police website hit by cyber attack: report
(from Reuters at 12-6-2011)
Access to the website of Spain's national police force was blocked for over an hour late on Saturday in a reprisal attack by the Anonymous hackers group, El Mundo said on its website on Sunday. El Mundo said the group had warned police in a statement it planned to disable the website at some time on Saturday. The website was down for at least an hour from 2130 GMT, the paper said. A spokesman for the Spanish police said access to the website www.policia.es was blocked at 2 a.m. on Sun... read more»
Cyber intruders confound - Few hackers are brought to justice
(from telegram at 12-6-2011)
Hardly a month has gone by this year without a multinational company such as Google Inc., EMC Corp. or Sony Corp. disclosing its been hacked by cyber intruders who infiltrated networks or stole customer information. Yet no hacker has been publicly identified, charged or arrested. If past enforcement efforts are an indication, most of the perpetrators will never be prosecuted or punished.... read more»
Invasion of the body hackers
(from Financial Times at 12-6-2011)
Michael Galpert rolls over in bed in his New York apartment, the alarm clock still chiming. The 28-year-old internet entrepreneur slips off the headband thats been recording his brainwaves all night and studies the bar graph of his deep sleep, light sleep and REM. He strides to the bathroom and steps on his digital scale, the one that shoots his weight and body mass to an online data file.... read more»
Epic Games becomes the latest to be hacked, whose next?
(from Product Reviews at 12-6-2011)
We recently told you that game developer Codemasters saw its website hacked. This followed the troubles that Sony has been suffering lately, and now we have news that Epic Games becomes the latest to be hacked, but whose next? Electric Theatre.co.uk is reporting that the company have already begun contacting its users to advise them of the security breach. Epic Games have admitted that its official website and forums where hacked, but the service has already been fully restored. Luckily no cr... read more»
Epic Games are the latest to be hacked
(from Neowin at 12-6-2011)
It seems that a day doesn't go by without another big company being hacked and having data stolen. Previously it was Codemasters and now it appears as though Epic games has fallen victim to a hacking attempt, this time affecting their web site and forums. This time, the only personal data taken was some email addresses and encrypted passwords. Although the passwords were encrypted, Epic does warn its users that weaker passwords could still be broken. To that end, they've taken the decision to... read more»
Hackers And Clouds: How Secure Is The Web?
(from NPR at 12-6-2011)
Two new victims took a hit in the Wild West world of computer hacking this week: Citibank, where 200,000 credit card holders were victimized, and the International Monetary Fund, which reportedly also endured a cyberattack. The FBI is on the case so much so that 1 in 4 hackers may now be an informant, according to some experts.... read more»
Sony Hacker Arrests: 5 Questions
(from PCWorld at 12-6-2011)
Arrests in Spain related to the Sony Playstation Network hacking case have computer users wondering whether the loosely organized Anonymous hacker coalition is weakened--or merely irritated by being busted. Officers with the Technological Investigation Brigade of the Spanish National Police arrested three people Friday as part of an investigation that began in October 2010. Using Websites and chat networks, police said, Anonymous hackers organized DDOS attacks against Spain's Ministry of Cult... read more»
'Impending security standoff' between customers and cloud providers
(from ComputerWorldUk at 12-6-2011)
The majority of cloud computing providers allocate just 10 per cent or less of IT resources to security, according to a survey from CA and security research firm the Ponemon Institute. The research showed that less than half of the respondents agreed or strongly agreed that "security is a priority". The study found that cloud providers are more focused on delivering benefits such as reduced costs and speed of deployment, rather than security.... read more»
Seeking Address: Why Cyber Attacks Are So Difficult to Trace Back to Hackers
(from scientificamerican at 12-6-2011)
Cyber attacks may not be a new phenomenon but the recent successes scored against high-profile targets including CitiGroup, Google, RSA and government contractors such as Lockheed Martin underscore the targets' current failure to block security threats enabled by the Internet. Malicious hackers use the very same technology that enables online banking, entertainment and myriad other communication services to attack these very applications, steal user data, and then cover their own tracks.... read more»
Security That Never Sleeps
(from informationweek at 12-6-2011)
Quarterly vs. real time. Static vs. dynamic. Manual vs. automated. All these considerations are relevant when evaluating approaches to managing cyberrisk in an evolving environment of threats and vulnerabilities. Toward that end, the federal government has modified its guidance in support of these critical areas. One big change under way is the shift from annual security threat assessments to the use of real-time metrics, analysis, and evaluation, referred to as "continuous monitoring."... read more»
Spain detains three in hacking of Sony Playstation
(from mercurynews at 12-6-2011)
The Spanish police said Friday that they had apprehended three men suspected of computer hacking in connection with recent cyberattacks on Sony's PlayStation Network as well as corporate and government websites around the world. The National Police identified the three as the local leadership of the shadowy international network of computer hackers known as Anonymous, which has claimed responsibility for a wide variety of attacks. Anonymous is composed of people from various countries orga... read more»
Spectrum reform, public safety network move forward in Senate
(from CNet at 12-6-2011)
The Senate Commerce Committee voted Wednesday to approve legislation aimed at resolving long-standing issues for mobile broadband users, both public and private. Co-sponsored by Committee Chairman Jay Rockefeller (D-W. Va.) and Ranking Member Kay Bailey Hutchison (R-Tx.), S. 911, the "Public Safety Spectrum and Wireless Innovation Act," had wide bipartisan support, passing the committee by a vote of 21-4. (A current version of the bill is not available online, pending several amendments appro... read more»
Cyber crime suspects used Indonesia as operation base: Police
(from asiaone at 12-6-2011)
A group of Chinese and Taiwanese cyber crime suspects nabbed by the National Police allegedly set up their operational base in Indonesia to dupe victims in China, a police spokesman said on Thursday. The National Police nabbed 170 Chinese and Taiwanese citizens from 10 locations in and around Jakarta for alleged cyber crimes. The suspects had chosen Indonesia as their base of operation, National Police deputy spokesman Sr. Comr. Boy Rafli Amar said, adding that the victims of their scheme,... read more»
EU members agree on tougher sanctions to fight cybercrime
(from China Post at 12-6-2011)
EU countries agreed on Friday on tougher sanctions against people conducting cyber-attacks such as those registered in recent weeks against the French government, European institutions and Citigroup. Under the new rules, which have to be agreed by the European Parliament, hackers would face a sentence of at least five years if found guilty of causing serious damage to IT systems. Tougher penalties would also affect perpetrators of attacks through botnets networks of infected computers prog... read more»
Indonesia deports Chinese fraudsters
(from bangkokpost at 12-6-2011)
Indonesia on Saturday deported 76 Chinese nationals who were among hundreds rounded up across Asia in connection with an alleged massive online fraud. Seventy-six Chinese and 101 Taiwanese nationals were arrested in 15 different sites across the Indonesian capital on Thursday following requests by Chinese and Taiwanese police. "We have deported 76 Chinese nationals with a chartered flight departed at 14.18 (0718 GMT) to Beijing," an official at Soekarno Hatta international airport Frans Yo... read more»
Hawaii Students Defend Against Hackers
(from kitv at 12-6-2011)
Lately computers have been in the news because they have been hacked -- ones belonging to defense contractors or the personal pages of politicians. But a group of University of Hawaii students spend their days at computer keyboards, in the hopes hackers will be hit before those problem programs do any damage. If you think your computer is safe with detailed personal information or important work secrets, think again -- according to up and coming hackers. "Nothing is impossible to get in... read more»
Commoditizing Pay-Per-Install
(from SecuriTeam at 12-6-2011)
We all know, I guess, about the professionalization of Internet crime and the diversification of the underground economy, but measuring it isnt so easy. ESETs Aleksandr Matrosov and Eugene Rodionov have alluded to it in several papers and presentations with particular reference to TDSS, and we consolidated some of that material into an article (actually the first of a series of three articles on TDSS) that talks about the Dogma Millions and GangstaBucks affiliate models used in that context.... read more»
What are the Essentials for a FCPA/Bribery Act/OECD Compliance Program?
(from Wordpress at 12-6-2011)
The requirements of the FCPA are interpreted through the US Sentencing Guidelines, various Deferred Prosecution Agreements and Department of Justice Opinion Releases. The Bribery Act is interpreted through Guidance released by the UK Ministry of Justice. The OECD Good Practices contain its own commentary on interpretation. Using these documents, collectively called the Sources we will discuss the authors ten essential elements an anti-bribery and anti-corruption compliance program.... read more»
Data Loss Hits Vast Majority of Businesses: Survey
(from CSOonline at 12-6-2011)
Data loss is rampant among businesses worldwide, with the most common cause of losses being lost or stolen equipment, according to a survey. The most common type of data stolen is customer information, according to the study by Ponemon Institute and sponsored by Check Point. According to "Understanding Security Complexity in 21st Century IT Environments," 77% of the 2,426 IT professionals questioned in five countries admitted their organizations suffered a data loss in the past year.... read more»
LulzSec hits 50+ pxxx sites, exposes user data
(from Yahoo News at 12-6-2011)
In their ongoing quest for laughs at the expense of everyone else, hacker group Lulz Security has hit a new type of target: Pxxx. The group announced on Friday that it had infiltrated 56 pxxx sites, stolen and posted administrative emails and published an additional 26,000 emails and passwords from users of Pron.com. Hi! We like pxxx (sometimes), so these are email/password combinations [sic] from pron.com which we plundered for the lulz, the group wrote in a release on their website, which a... read more»
Espionage charges dropped against ex-NSA manager
(from Los Angeles Times at 12-6-2011)
A former National Security Agency manager accepted a plea deal Thursday that cleared him of espionage charges stemming from the alleged leak of classified information to a Baltimore Sun reporter. Thomas Drake had been charged with 10 felonies but will plead guilty to a misdemeanor: exceeding the authorized use of a computer. If convicted of the felonies, he could have faced 35 years in prison. Under the plea bargain, he is not expected to serve any time.... read more»
Judge Accepts Plea Deal in NSA Leak Case
(from The Wall Street Journal at 12-6-2011)
A former National Security Agency official accused of mishandling classified information pleaded guilty on Friday to a misdemeanor as part of a last-minute deal in which federal prosecutors dropped far more serious charges. Thomas A. Drake, 54 years old, formally pleaded guilty to one charge of misusing a government computer, at a hearing in a Baltimore federal court on Friday morning. The development, just days before a trial was due to start, ended a high-profile case in the Obama admini... read more»
Researchers undercut anonymity of voting, test-taking
(from ARS Technica at 12-6-2011)
At some point in your life you've probably been asked to take out a #2 pencil and fill in a series of numbered ovals. This method for gathering standardized data is widely used in elections, tests, and surveys, and it's generally considered to be anonymous: if you don't put your name at the top, you don't expect your answers can be traced back to you. New research from Princeton University calls that assumption into question. A team led by computer science professor (and current Chief Technol... read more»
When Engineers Lie - Data security, where apparently lying is part of the game
(from cringely at 12-6-2011)
Twenty years ago, when I was writing Accidental Empires, my book about the PC industry, I included near the beginning a little rant about how good engineers were incapable of lying, because their work relied on Terminal A being positive and not negative and if they lied about such things then nothing would ever work. That was before I learned much about data security, where apparently lying is part of the game. Well, based on recent events at RSA, Lockheed Martin, and other places, I think lying... read more»
Spanish police arrest alleged Anonymous activists
(from The H Security at 12-6-2011)
The Spanish police say they have arrested three people believed to be Anonymous activists. According to an announcement made by the Polica Nacional on Friday, the suspects are leaders of the movement in Spain. Investigators arrested the three men in Barcelona, Valencia, and Almeria. One of the men taken into custody, a 31-year-old from Gijon, ran a server from which attacks on governmental and corporate web sites were allegedly conducted.... read more»
Former NSA Executive Reaches Plea Deal In Leak Case
(from RTT News at 12-6-2011)
After reaching a plea agreement with prosecutors, former National Security Agency senior executive Thomas Drake pleaded guilty Friday to the unauthorized access of an NSA computer, a misdemeanor. Drake had been facing charges of willful retention of classified information, obstruction of justice and making false statements that could have landed him in jail for 35 years. Under the plea agreement, prosecutors dismissed those charges. Assistant Attorney General Lanny Breuer said, "Drake admi... read more»
T-Mobile data thieves fined over pound 70,000
(from ZDNet at 12-6-2011)
Two former T-Mobile employees have been fined over 70,000 for stealing hundreds of thousands of customer details and selling them to mobile phone contract data resellers. David Turley and Darren Hames pleaded guilty to stealing the details last year, and were sentenced at Chester Crown Court on Friday. Turley was ordered to pay 45,000 within six months, or serve an 18 month prison sentence. Hames was ordered to pay 28,700 confiscation costs within half a year, or face a 15 month prison senten... read more»
Twitter authorisation misleads users
(from The H Security at 12-6-2011)
Twitter has been updating its OAuth system to allow for finer grained control of the permissions users give to third party applications regarding the actions the apps can take with their Twitter account. But Simon Colijn discovered that the implementation of this new system is somewhat incomplete and will mislead users. He created an application which demonstrates the problem.... read more»
Codemasters pulls website after hackers pwn customer database
(from The Register at 12-6-2011)
Games developer Codemasters has taken its website offline and advised users to change their passwords in the aftermath of a hack attack last week. Unknown attackers made off with a treasure trove of personal information following an attack on Codemaster' website last Friday (3 June). Hackers got access to the Codemasters CodeM database, EStore, and code redemption pages.... read more»
EU will take a year to set up full cybersecurity agency
(from NetworkWorld at 12-6-2011)
Security experts have criticized the European Commission's plans to set up a team to look at how to combat cyberattacks as too little, too late, saying that more coordination between member states is needed. The so-called "pre-configuration" Computer Emergency Response Team (CERT) of IT security experts will spend the next 12 months assessing how a full-scale CERT should be set up for European Union institutions. But experts have warned that the threat of cyberattacks is current and real.... read more»
Spanish police arrest 3 in Sony network attack
(from Boston at 12-6-2011)
The Spanish police said yesterday that they had apprehended three men suspected of computer hacking in connection with recent cyber attacks on Sonys PlayStation Network as well as corporate and government websites around the world. The National Police identified the three as the local leadership of the shadowy international network of computer hackers known as Anonymous, which has claimed responsibility for a wide variety of attacks.... read more»
IMF Computers Lose E-Mails in State-Based Attack
(from Bloomberg at 12-6-2011)
The International Monetary Funds computer system was attacked by hackers believed to be connected to a foreign government, resulting in the loss of e-mails and other documents, according to a person familiar with the incident. Data was taken in the attack, according to the person, a security expert who couldnt be identified because he wasnt authorized to speak on the subject. He didnt say which government is thought to be behind the incident, which he said occurred before former Managing Dire... read more»
Team Cymru Internet Security News Feed
(from E-Secure-IT at 12-6-2011)
This Internet Security News feed is provided as a Free Service by Team Cymru through a commercial partnership with E-Secure-IT. E-Secure-IT provides a wide range of IT-Security and Industry & Corporate Risk Intelligence Services. For more information visit them at www.e-secure-it.com or email more-info@e-secure-it.com Team Cymru is a geographically-dispersed group of security professionals who are passionate about making the Internet more secure and who help organizations to identify and era... read more»
100 victims suspected in credit fraud
(from EastBayRI at 11-6-2011)
Westport police have received information that about 100 people are victims of thieves who used identification information from Lafrance Hospitality Corporation to create fraudulent copies of patrons credit and debit cards. It is believed that Lafrance Hospitalitys credit and debit system was breached electronically beginning in February, police said. Lafrance Hospitality includes many businesses, including Whites of Westport and Bittersweet Farm. Anyone who has been a patron of either res... read more»
Vietnam websites hacked amid China row
(from Yahoo at 11-6-2011)
More than 200 Vietnamese websites have been attacked and some defaced with Chinese flags, an Internet security firm said Friday as a maritime dispute raises tensions between the countries. The ministries of agriculture and foreign affairs are among those targeted since the beginning of June, said Nguyen Minh Duc, director of the state-linked Bach Khoa Internetwork Security Centre (BKIS). Hackers sometimes left "information in Chinese and Chinese flags," he told AFP. "We don't yet know if ... read more»
Arrests in Spain don't mean Sony's troubles are over
(from CNet at 11-6-2011)
The Spanish police say they've taken down three of the people allegedly behind the massive PlayStation Network security breach in April. But while it's probably comforting for Sony to have someone to blame, this doesn't mean the company has any reason to rest easy when it comes to security threats. For the record, Sony doesn't have anything to say about the arrests. "We don't comment on pending investigations," said company spokesman Patrick Seybold in a statement. But whether or not Sony wa... read more»
Turkey Braces for Anonymous Cyberattacks; Hacker Group Warns, 'Expect Us'
(from techzone360 at 11-6-2011)
Turkey is reportedly preparing for potential cyberattacks on the countrys official websites, to be executed by Anonymous, a hacker group that has led a series of high-profile attacks. With the countrys election just three days away, Turkish officials said they were preparing for attacks on official websites by the Internet vigilante group in a protest against what it says is government Internet censorship, a Reuters report said.... read more»
Anonymous withdraws Indian hack under pressure
(from Computer World at 11-6-2011)
The fledgling Indian operation of hacker group Anonymous attacked the website of the Indian army on Friday, but reversed its decision after it ran into criticism from Indian supporters who were annoyed that the Indian army was targeted. Later on Friday, the hacker group said in a Twitter message that the Indian army site was now working fine. The new consensus appears to be not to target government websites, but only those of corrupt politicians.... read more»
EU creates group to manage security, justice IT systems
(from ZDNet at 11-6-2011)
The European Union on Friday formed a council designed to oversee large-scale information technology systems that run throughout member countries. With a decisive political agreement, the EUs 27 member states decided that a new IT agency would begin in the summer of 2012. The agency will operate out of Tallin, Estonia with development and management based in Strasbourg, France. A backup site will be built in Sankt Johann im Pongau, Austria.... read more»
Lulz Security takes down the bad guys
(from Ubergizmo at 11-6-2011)
Instead of taking down the good guys this time around, Lulz Security has focused their efforts on taking down an Islamist extremism website, AlJahad.com. Lulz Security mentioned on its Twitter feed that it has successfully managed to bring down the website (it is still down at this time of writing). It seems to be a response to another hacker, The Jester, who has been taking down other extremist websites on his own time as well.... read more»
Phishers LAMP web hosts
(from The Register at 11-6-2011)
Phishers compromise LAMP-based websites for days at a time and hit the same victims over and over again, according to an Anti-Phishing Working Group survey. Sites built on Linux, Apache, MySQL and PHP are the favoured targets of phishing attackers, the APWG report found, with between 76 and 82 per cent of respondents using one or more components of the LAMP architecture.... read more»
Council promises better data protection after vulnerable adult data loss
(from Out-law at 11-6-2011)
A local authority has signed an undertaking to improve the security of the personal data it holds after information about six vulnerable home support clients was stolen from a worker, the Information Commissioner's Office (ICO) has said. North Lanarkshire Council's guidance on how workers should use, transport and dispose of sensitive documents was "inadequate", the ICO, the UK's data protection watchdog, said.... read more»
Lulz warns NHS of sick security
(from The Register at 11-6-2011)
LulzSec, the security collective which claimed credit for hacking Sony, has taken to Twitter to warn the NHS that it stumbled across several admin passwords. The Department of Health claimed the breach was nothing more serious than "a very small number of website administrators". It said no national systems were hit - given the slow progress of creating such national systems this might not be a surprise.... read more»
Reg hack cast adrift as Illuminati Online goes off-line
(from The Register at 11-6-2011)
For nearly 20 years I've paid, monthly, for an email account, but next month the domain shuts down and while I feel I should care it seems email isn't as important as it used to be. Steve Jackson Games was the company I selected for the email account I set up in the early nineties, and since then I've routed every message though the Austin Texas home of Illuminati Online. Back then I wasn't convinced that this "internet" thing would ever take off, so rather than get an account with some do... read more»
Cabinet Office talks to Facebook & co about new ID system
(from The Register at 11-6-2011)
Facebook and other social networks could be used by British citizens to sign into public services online, The Register has learned. A Cabinet Office spokeswoman confirmed to us this morning that the department was speaking to "a range of industry" about its ID assurance scheme, a prototype for which is expected in October this year. Cabinet Office minister Francis Maude said in the House of Commons last month that "people will be able to use the service of their choice to prove identity wh... read more»
Team Cymru Internet Security News Feed
(from E-Secure-IT at 11-6-2011)
This Internet Security News feed is provided as a Free Service by Team Cymru through a commercial partnership with E-Secure-IT. E-Secure-IT provides a wide range of IT-Security and Industry & Corporate Risk Intelligence Services. For more information visit them at www.e-secure-it.com or email more-info@e-secure-it.com Team Cymru is a geographically-dispersed group of security professionals who are passionate about making the Internet more secure and who help organizations to identify and erad... read more»
The Third IEEE International Conference on Social Computing (SocialCom2011)
(from iisocialcom at 11-6-2011)
Social Computing can be broadly defined as computational facilitation of social studies and human social dynamics as well as design and use of information and communication technologies that consider social context. Social computing has recently become one of the central themes across a number of information and communication technology fields and attracted significant interest from not only researchers in computing and social sciences, but also software and online game vendors, web entrepreneur... read more»
ISSA LA Features Twenty Two Internet Security Experts Speaking on Cyber Crime at Information Summit
(from prlog at 11-6-2011)
Twenty-two of the countrys leading experts on Internet security will speak at the Los Angeles Chapter of the Information Systems Security Association (ISSA-LA) third annual Information Security Summit. The theme of this years Summit is The Growing Cyber Threat: Protect Your Business. The Summit will be held Wednesday, June 15, 2011, at 7:30 AM on the UCLA Campus at Covel Commons, Grand Horizon Ballroom and will be hosted by UCLA Extension. This is open season for hackers. There has been... read more»
EU report looks into Irish IT security readiness
(from Silicon Republic at 10-6-2011)
Irish businesses are more likely to have a formally defined ICT security policy compared with their European peers but use of antivirus and security software among consumers is below the European average. The European Network and Information Security Agency (ENISA) has issued country reports on the state of security throughout the EU and EEA and has found that no major new risks to network security or resilience were identified in Ireland since the beginning of 2010.... read more»
NSA Declassifies 200 Year Old Report
(from FAS at 10-6-2011)
The National Security Agency announced yesterday that it has declassified a report that is over two hundred years old. The newly declassified report, entitled Cryptology: Instruction Book on the Art of Secret Writing, dates from 1809. It is part of a collection of 50,000 pages of historic records that have just been declassified by NSA and transferred to the National Archives. The NSA said the new release demonstrated its commitment to meeting the requirements of President Obamas January ... read more»
Akamai President Urges U.S. Companies to Increase Security
(from Bloomberg at 10-6-2011)
President David Kenny said U.S. companies need to be more vigilant with network security. Such businesses should be investing more time and money into security measures to keep pace with the growth of the Internet and the explosion of cloud technology, he said in an interview at Bloombergs New York headquarters. Security is a very fast-growing part of Akamai, and most cyber attacks on the U.S. are coming from outside the country, he said. Its not sexy, Kenny said. Its like buying insurance... read more»
Cybercriminals offer lucrative cash-for-bugs bounty schemes to the elite of the coding world
(from SecurityPark at 10-6-2011)
With malware coding now being allied with spear phishing and other advanced credential-stealing attack vectors, there is a danger that the cream of the coding industry may be attracted by 'job adverts' offering big money. A blog posting by renowned security researcher Brian Krebs - warning that the elite of the coding world are being lured by carefully-worded job advert - has been confirmed by Idappcom, which has been tracking this worrying trend for more than six months.... read more»
Ghana at unenviable position on internet fraud table
(from myjoyonline at 10-6-2011)
Ghana Telecom University College, quoting the Internet Crime Complaints Centre (IC3) Report for 2010, on Wednesday said Ghana ranked among the top 10 countries of global internet fraud. Ghana is at the eighth position and the college said the report was indicative of the extent and nature of internet fraud in the country. The top 10 countries, according to the report, are United States of America, the United Kingdom, Nigeria, China, Canada, Malaysia, Spain, Ghana, Cameroon and Australia.... read more»
Spain nabs 3 suspected of global cyber attacks
(from orovillemr at 10-6-2011)
Spanish police have arrested three suspected computer hackers who allegedly belonged to a loose-knit international activist group that attacked corporate and government websites around the world, authorities said Friday. National Police identified the three as leaders of the Spanish section of a group that calls itself "Anonymous." All three are Spaniards aged 30 to 32, said Manuel Vazquez, chief of the police's high-tech crime unit. A computer server in one of their homes was used to take... read more»
Murdoch media group faces new hacking allegations
(from CNN at 10-6-2011)
A powerful British media group is fighting new accusations that it illegally got information on members of the royal family and top politicians, after a lawmaker accused it of hacking. Police have information that "strongly suggests" that a private investigator targeted royals, lawmakers and high-level terrorist informers on behalf of Rupert Murdoch's News International, Labour lawmaker Tom Watson said in Parliament Wednesday. British media said the targets included former Prime Minister Ton... read more»
Webcam hacker uses "hot steam" ploy to get nude pics
(from TGDaily at 10-6-2011)
This Apple repair tech wanted a little more than just the ability to remotely tap into women's webcams. He wanted to increase his chance of seeing them naked. 20-year-old Trevor Harwell allegedly installed malware on the computers he was supposed to be fixing, which would cause them to randomly display the following bogus error message: "You should fix your internal sensor soon. If unsure what to do, try putting your laptop near hot steam for several minutes to clean the sensor."... read more»
FBI Announces Identity of Transitional Federal Government Checkpoint Suicide Bomber
(from FBI at 10-6-2011)
Beledi, 27 years old, was indicted by a Federal Grand Jury in Minneapolis in July 2010. He is one of thirteen men from the Twin Cities who have been charged with terrorism offenses for traveling to Somalia and joining the designated terrorist organization al-Shabaab. Beledi was charged with, among other things, conspiring to and providing material support to al-Shabaab, and conspiring to kill, kidnap, maim and injure persons abroad. He is believed to have left Minnesota in October 2009 for S... read more»
Fake antivirus software wears convincing Microsoft Update mask
(from InfoWorld at 10-6-2011)
Windows users running Firefox are being targeted by scareware groomed to look convincingly like Microsoft Update, according to a security adviser at Sophos. The news once again demonstrates that cyber criminals are becoming increasingly skilled at crafting malware to dupe even the moderately tech-savvy user, exploiting info in users' Web browser user strings and appropriating reputable companies' product names, logos, and designs.... read more»
Cyber-Attacks Keep Coming -- Are We Really Prepared?
(from FOXNews at 10-6-2011)
The news Thursday from the Associated Press that "hackers accessed the credit card information of North American customers, in an online security breach affecting about 200,000 accounts," comes on the heels of hacks into Lockheed Martin, RSA and the U.S. State Department. These cyberattacks pose severe and worrisome questions about our governments security and our online defenses. Lockheed Martin, a major U.S. government defense contractor and RSA, the security division of EMC (a data st... read more»
Elusive cyber-attackers to face five years' jail
(from EurActiv at 10-6-2011)
As the EU comes close to an agreement on punishing cyber criminals, with a minimum sentence of up to five years, security experts argue that trying to convict criminals who cannot be caught in the first place is a waste of time. The EU's justice ministers will this morning (10 June) agree to draft rules which define cyber crimes and minimum sentences for the worst offenders.... read more»
Need for cyber-retaliation exaggerated, say experts
(from TechWorld at 10-6-2011)
Cyberattacks on US networks by other nations may not always demand the same level of retaliation, and only attacks that cause major damage or loss of life should prompt similar responses, a group of national security experts said on Wednesday. Cyberattacks on private companies and even on the US Department of Defense's network are commonplace and part of a long history of international espionage that the US and other countries have engaged in for years, said some panellists speaking at a cybe... read more»
LulzSec recieve donations to carry on war with Sony: Will continued hacks damage PlayStation Vita sales?
(from International Business Times at 10-6-2011)
With LulzSec having just issued a statement promising to continue its ongoing cyber-war against tech giant Sony, many analysts have begun to speculate just how damaging the groups continued assault could be on Sony's forthcoming PlayStation Vita console. LulzSec, the hacker groups responsible for two post-PSN related attacks, has according to its Twitter page received several sizable donations from unnamed sources to help it continue its campaign against Sony.... read more»
Airline ticket online scam costs student 10,000 yuan
(from ShanghaiDaily at 10-6-2011)
A STUDENT who went online to book a 763 yuan (US$118) airplane ticket ended up being conned out of almost 10,000 yuan, police said yesterday. Officers are advising locals to be wary of low prices offered by some small websites as more and more fraudsters are targeting the booming online ticket booking service.... read more»
Are We Prepared for Modern Cyberwarfare?
(from theepochtimes at 10-6-2011)
President of Sony Network Entertainment International, Tim Schaaf, testified to the House of Representatives on June 2nd that Sony Network Entertainment and Sony Online Entertainment have always made concerted and substantial efforts to maintain and improve their data security systems. While recovery from that attack has been well underway and improving significantly, other recent breaches in the face of assurances from Sony such as the LulzSec attack and leak of Sonys Developer Network Sour... read more»
China and the US: Sizing up for cyber war?
(from Aljazeera at 10-6-2011)
As senior US officials warn that cyber attacks on vital systems would be considered "acts of war" eliciting a real world military response, one professor at the National Defence University surmises that battles of the future might be fought by guys hunched over keyboards in dark basements, rather than strapping lads toting M-16s. "We operate in five domains: air, land, sea, outer space and cyberspace," says Dan Kuehl, a professor of information operations at the National Defence University in... read more»
Mass arrests across Asia over phone scam network
(from Google at 10-6-2011)
Hundreds of Chinese and Taiwanese nationals have been arrested across Asia in an international operation targeting telephone scam artists, officials in several countries said Friday. Most of the arrests were in Indonesia and Cambodia where 177 and 166 people respectively were held in a cross-border crackdown on criminals using Internet phone services to trick thousands of victims across the region out of money.... read more»
Bugless software key to security, expert tells NATO
(from Yahoo at 10-6-2011)
Bugless software is key to cyber security and global vendors should pay hackers who have detected program bugs and so helped pre-empt attacks, a top IT expert told a NATO cyber security meeting here Thursday. "Software vulnerabilities enable breaches. If we want to make cyber space safer, we need to find a way to force vendors to produce more secure software," Charlie Miller told some of the world's top IT security experts attending NATO's third annual cyber defence conference.... read more»
NSA Whistleblower to Plead Guilty to Misdemeanor
(from Wired at 10-6-2011)
Days before he was set to go on trial on charges that he illegally retained classified documents, NSA whistleblower Thomas Drake has agreed to plead guilty to a lesser misdemeanor count of exceeding authorized access to a computer. Drake had been charged under the Espionage Act after he allegedly provided information about waste and mismanagement at the NSA to a Baltimore Sun reporter in 2006 and 2007. The former NSA linguist, who was set to go to trial next Monday, rejected two pleas offe... read more»
FBI director says to boost efforts on cyber threats
(from Vancouver Sun at 10-6-2011)
The FBI plans to sharpen its focus on the increased threat of cyber attacks over the next two years, FBI Director Robert Mueller said Wednesday, in the wake of a recent attack on Google's email system. "We will increasingly put emphasis on addressing cyber threats in all of the variations," Mueller told the Senate Judiciary Committee, which was considering an extension of his 10-year term by two years. He coupled the cyber threat with focusing on terrorism as the top issues he planned to a... read more»
City IT contractor rates bounce back
(from Finextra at 10-6-2011)
Pay scales for IT contractors in the City have begun to bounce back after the recession, as a Europe-wide shortage of skills for Solvency II and Basel III compliance coupled with renewed financial services investment drives up rates. According to year-on-year research by specialist recruitment agency, Clarity Resourcing, business-change and programme management contractors working in the financial services sector could be earning, on average, 11% more per day than their current rates.... read more»
Fukushima meltdown could be template for nuclear terrorism, study says
(from CSMonitor at 10-6-2011)
The Fukushima disaster's dramatic demonstration of how nuclear plants are vulnerable to cooling-system failure could "awaken terrorist interest" in attacking such plants, says a new joint study by US and Russian experts on the threat of nuclear terrorism. After 9/11, Al Qaeda operatives were reported to have to have conducted light reconnaissance of US nuclear reactor facilities. But beefed up defenses apparently led the terror group's leadership to conclude "it would be too difficult either ... read more»
US senators voice fears over Bitcoin link to online drugs market
(from Finextra at 10-6-2011)
Launched in 2009, Bitcoin has received a rash of publicity in recent months for its increasingly popular virtual currency which bypasses banks and clearing houses. The coins can be generated online by people running an application called a Bitcoin Miner and are then stored in the user's digital wallet and exchanged anonymously, using an electronic signature. Last week, the currency hit the headlines after the Gawker blog network posted a story claiming it was the only way users can buy drugs ... read more»
Analysis: In "borderless" cyberspace, nation states struggle
(from Reuters at 10-6-2011)
Increasingly worried about criminal hacking and state-on-state electronic warfare, governments are rushing to come up with cyber security strategies. But with the Internet crossing borders and empowering non-state groups from criminals to activists, nation states appear to be inherently stuck behind the curve.... read more»
Home Office sets out plan to block websites
(from ZDNet at 10-6-2011)
The measure is designed to restrict access to websites that contain unlawful material, as part of the government's counter-terrorism strategy, home secretary Theresa May said on Tuesday. "Intelligence indicates that the UK faces a serious and sustained threat from terrorism," May told the House of Commons. "To tackle that threat... we must not only arrest and prosecute those who breach the law, but we must stop people being drawn into terrorist-related activity in the first place."... read more»
Some Top Apps Put Data at Risk
(from The Wall Street Journal at 10-6-2011)
Youd think the spate of Internet security breaches this spring would have companies on their toes. But when it comes to wireless apps, some are still making rookie mistakes. Computer security firm viaForensics has found the applications for top Internet companies LinkedIn Corp., Netflix, Inc., Foursquare and Square, Inc. stored various forms of users personal data in plain text on a mobile device, putting sensitive information at risk to computer criminals.... read more»
Royal bank accounts allegedly hacked by private detectives
(from Finextra at 10-6-2011)
According to the Telegraph, private detective Jonathan Rees was allegedly behind the hacking of Middleton's bank account in 2005, when she was the girlfriend of Prince William. Meanwhile, an associate of Rees has told the Guardian that he employed "blaggers" to phone up companies, including banks, and trick them into handing over personal information.... read more»
LulzSec hackers warn NHS over online security
(from belfasttelegraph at 10-6-2011)
The group of hackers claiming to have breached online security measures at Sony last month have warned the NHS that its computer services are at risk of attack. In a Twitter posting, Lulz Security said it had emailed the NHS to inform it "of those admin passwords we took months ago". The NHS said no patient information was compromised and only "a very small number of website administrators" were affected.... read more»
Privacy watchdog probes Facebook facial recognition
(from ZDNet at 10-6-2011)
The UK data protection authority is talking to the social-networking company about its facial recognition technology, which scans photos uploaded to its site, attempts to match them to Facebook friends and then suggests usernames with which to tag the images. Facebook enables this feature by default, meaning that people must change their account settings if they do not want to be identified. "As with any new technology, we would expect Facebook to be upfront about how people's personal inform... read more»
Business Is Booming -- for Cybercrooks, That Is
(from FOXNews at 10-6-2011)
The latest get rich quick scheme to hit the net? Hacking -- and it actually pays. While the global economy continues to sputter, the burgeoning cybercrime industry is flourishing -- so much that these vast criminal organizations have begun posting job listings online to meet the growing demand for malware coders.... read more»
FCC report: Net has helped suffocate local news
(from CNet at 10-6-2011)
Thanks to digital technologies, we have more media sources than ever to get our news from, but when it comes to covering town halls, school boards, courts, and other local news, they mostly suck. That's the takeaway message (though definitely not in those words) in a behemoth of a report released Thursday by the Federal Communications Commission. The 460-plus page report, titled "The Information Needs of Communities: The Changing Media Landscape in a Broadband Age," is two years in the mak... read more»
Experts recommend an international code of conduct for cyberwar
(from nextgov at 10-6-2011)
The United States and foreign countries should broker a code of conduct for offensive cyber actions that bans knocking out banking, power and other critical infrastructure networks except when nations are engaged in war, some former U.S. defense and intelligence officials said. Their recommendation follows the White House's release of an international cybersecurity doctrine that states the country "will respond to hostile acts in cyberspace as we would to any other threat to our country" and ... read more»
Mac 'fixer' busted in spyware sting
(from ITNews at 10-6-2011)
A computer service technician has been accused of installing spyware on customers' Apple computers that allowed him to take photos of women as they undressed or showered. The 20-year-old from Fullerton, California, worked for Rezitech, a company that serviced computers in people's homes, according to a police statement. The man allegedly installed spyware that allowed him to activate the webcam on the laptop remotely.... read more»
Worries over cyber sabotage on poll day persist despite denial by hackers
(from Sundays Zaman at 10-6-2011)
Anonymous, an online international group of self-described anarchist hackers, has said stories in the Turkish media claiming that the group plans to sabotage the Turkish elections on Sunday are untrue. However, those behind the initial claims say they are not convinced. Anonymous has threatened to attack Turkish government websites nearly two weeks before a new filtering system the Turkish government unveiled in May is expected to go into force in August.... read more»
U.S. Attorney General visits to talk cyber security
(from Wndu at 10-6-2011)
The country's top cop visited Northwest Indiana Thursday and said cyber security is a "top priority" for the justice department. Holder stopped by the U.S. courthouse in Hammond, where people from all over the country met for a first-of-its-kind cyber security conference. The scope of the issue is broad, Holder said.... read more»
Task force backs US security breach disclosure laws
(from IT News at 10-6-2011)
A US task force has backed calls for the introduction of national laws that would require firms to notify the public of cyber security breaches. The task force, operating under the US Department of Commerce, noted that while state laws had been successful in getting private sector organisations focused on security, the differences among these state laws present undue costs to American businesses. A legislated and comprehensive national approach to commercial data breach will provide clarit... read more»
Peeping Tom tricked women into taking hacked webcams into shower, claim police
(from Sophos at 10-6-2011)
The problem of perverts and cyberstalkers using malware to grab control over female victims' webcams is one that has been around for quite some time. Hackers can secretly spy upon people in their bedrooms, and even exploit technology to blackmail young women into posing naked, threatening that they will send other compromising photos to their online friends. It's pretty unsavoury stuff, and has probably made some women cautious of handing over their computers to that ever-so-friendly repai... read more»
How search engine poisoning works
(from Help Net Security at 10-6-2011)
Imperva disclosed the intricate workings of a Search Engine Poisoning (SEP) campaign. The attack was extremely successful and continued to run for at least 15 months without any apparent counter-measures employed by search engines. This acutely illustrates how websites - often unbeknownst to their administrator - and Web search engines become the conduit for these types of attack and demonstrates that more needs to be done to stop malware being spread in this fashion.... read more»
Police investigate Facebook sxx ratings
(from Sydney Morning Herald at 10-6-2011)
Queensland police are investigating 'root rater' Facebook pages that publicly rate the sxxual abilities of school students after the state government moved to have them shut down today. Browns Plains State High School students in Brisbane became the latest cohort to be targeted on Facebook pages calling on their peers and strangers to rate their sxxual performance.... read more»
Apple iOS hacker says he shared method to help company
(from Sydney Morning Herald at 10-6-2011)
The teenager who hacked into Apple's latest mobile operating system said he is sharing how he did it in order to get Apple's attention and show the company the problem in its software. Mert Erdir, a 17-year-old student in Turkey, found a way to unlock iOS 5 on his device the day after Apple announced the new mobile operating system. Apple said iOS 5 will be available to the public later this year, but it was available to developers on Monday in the US.... read more»
Best Buy customer database corrupted, says service rep
(from MSNBC at 10-6-2011)
Attention Best Buy online shoppers: Your shipping info may be tainted. When I went to check-out on bestbuy.com Thursday, I discovered the "ship to" address information was changed. No longer were orders to be sent to my address, but instead to some guy in Houston. The corresponding phone number had a 713 area code, also Houston. What was going on? Was I hacked? Was this guy stealing my identity? Or at least my ability to buy electronics? If I had completed the order without catching the al... read more»
Cybercrime figures 'as true as sxxual-conquest scores'
(from The Register at 10-6-2011)
Microsoft researchers have rubbished figures from cyber-crime surveys, deeming them subject to the types of distortions that have long bedevilled sxx surveys. It's well enough established that men claim to have more female sxxual partners in sxx surveys than women claim male partners, a discrepancy that can't be explained by sampling error alone. All it takes is for a few self-styled Don Juans to hopelessly distort the figures.... read more»
Hackers Fight Rivals, FBI to Control Hijacked-Computer Networks
(from Businessweek at 10-6-2011)
Just after 3 a.m. on May 26, Karim Hijazi, the chief executive of Unveillance, a cyber-security firm, received an e-mail from hackers calling themselves LulzSec. They demanded he help them take over some networks of hijacked computers that other criminals were operating. Unveillance had information on the so-called botnets because it was tracking them for potential corporate targets, Hijazi said in an interview. LulzSec had leverage to make Hijazi comply because it had hacked his Wilmington, ... read more»
Cyber Security Summit in Huntsville
(from waaytv at 10-6-2011)
For The third year in a row, cyber experts gathered in Huntsville to share ideas and learn more about cyber security. Keynote speaker, Antonio Scurlock says, Though folks think they can do without it, I think if they truly understood the interconnectivity, they would change their minds. Spurlock works for the Department of Homeland security and was invited to speak by the North Alabama chapter of the Information Systems Security Association, who hosted the event. Event organizer, Jeff Wright ... read more»
U.S. Attorney General speaks at Hammond cyber crime conference
(from Post-Tribune at 10-6-2011)
U.S. Attorney General Eric Holder praised Northwest Indianas efforts to fight cyber crime, saying the government needs to continue to work with the private sector to do so. Holder, who gave the keynote speech Thursday at the Northwest Indiana Cyber Security Summit in Hammond, said protecting the countrys digital domains must be a top priority. He cited a local partnership the U.S. Attorneys office in Northern Indiana began just after Sept. 11, 2001, to begin meeting quarterly with local in... read more»
Webinar - Anti-Malware: How to Protect Your Credit Union
(from cuinfosecurity at 10-6-2011)
This webinar will explore the topics below: The evolution of malware in 2011; Beyond transactional security: protecting your endpoints where data resides; Tools and technologies to achieve layered security. Presented By: Carlos Santamaria, Product Manager, Faronics Byron Hynes, Infrastructure & Security Specialist... read more»
Beware of social network predators: Police
(from Computer World at 10-6-2011)
A senior detective has warned parents to teach their children about the dangers lurking in social networks. He was commenting on the case of a man charged with using a social network site to groom a 14-year-old girl for sxx. The 20-year-old man was arrested at St Clair in western Sydney on Wednesday afternoon.... read more»
Fraud-busting tech saves government pound 12m
(from Computing at 10-6-2011)
The government is claiming to have saved more than 12m in the past six months thanks in part to the increased use of data analysis technology to spot benefits cheats. The Cabinet Office Counter Fraud Taskforce made the claim in its interim report into efforts to eliminate public sector fraud. Fraud is theft of taxpayers money. The National Fraud Authority estimates that fraud costs the public sector 21bn a year. This is totally unacceptable, which is why Im really pleased to see our zero-t... read more»
Partners Skeptical Of RSA Plan To Replace SecureID Tokens
(from CRN at 10-6-2011)
RSAs decision to re-issue SecureID tokens following a wave of cyber attacks targeting the two-factor authentication solution is a necessary, if tardy gesture, but fails to fully re-establish trust in the effectiveness of the products, several partners said Wednesday. In response to a recent spate of high-profile attacks targeting Lockheed Martin, Northrop Grumman and L3 Communications, Art Coviello executive chairman of RSA, the Security Division of EMC, announced Tuesday that RSA planned to ... read more»
An open letter to the network security industry
(from SC Magazine at 10-6-2011)
There are two types of executives in corporate America: those who rest peacefully at night, and those who are up worrying. Where do CISOs fit in? Given the current state of network threats, they should be tossing and turning. It has never been clearer that the bad guys have the advantage these days. Take the last 12 months, for example. Aurora. Stuxnet. WikiLeaks. RSA. Epsilon. Sony.... read more»
MP claims NotW sleuths targeted royals, politicians, Blair
(from The Register at 10-6-2011)
Private detectives working for the News of the World targeted Tony Blair, the royal family and senior politicians, including a former Home Secretary, an MP claimed in the House of Commons Wednesday. Meanwhile, quoting "close associates" of Jonathan Rees, a private investigator who worked for the tabloid around 2005, the Guardian newspaper claimed that several specific royals had had their banks accounts hacked into, as had Kate Middleton while she was Prince William's girlfriend.... read more»
ICO slaps Surrey County Council with pound 120,000 fine
(from itpro at 10-6-2011)
The Information Commissioners Office (ICO) today hit Surrey County Council with a 120,000 fine for breaching the Data Protection Act. It is the biggest penalty handed out by the ICO to a single organisation since the watchdog was granted the ability to fine up to 500,000 in April 2010.... read more»
Facebook May have Privacy Battle on Two Fronts
(from CSOonline at 10-6-2011)
Facebook said it's working with European Union regulators to resolve criticism about its new facial recognition feature, but trouble may also be brewing for the social network here in the U.S. On Wednesday, Facebook's move to enable facial recognition across its entire social networking site raised complaints from privacy advocates and some users over the feature's privacy implications. The EU's data protection regulators were quick to jump on the issue, telling the Bloomberg news service ... read more»
LulzSec hackers--just having a laugh?
(from CNet at 10-6-2011)
At first glance it appeared that the Web site of the LulzSec hacker group had been seized by the feds. But it turned out to be just another prank, the latest in a series of "lulz" that hackers do when they are not taunting Sony, FBI partners, and others. Despite the official looking Justice and Homeland Security department symbols and notice saying "this domain name has been seized by ICE (Immigrations and Customs Enforcement) - Homeland Security Investigations," the page was a hoax. A search o... read more»
Fears over patient data as NHS computers are hacked into by 'pirate ninjas'
(from Daily Mail at 10-6-2011)
Computer hackers have penetrated NHS systems, triggering fears that the security of highly sensitive patient records is at risk. The hackers are part of the same online gang that recently hacked into electronics giant Sony, accessing the images of a million users. The self-styled 'pirate ninjas', known as Lulz Security, sent a warning to the NHS that its computer networks were vulnerable to cyber attack.... read more»
Sony Portugal latest to fall to hackers
(from Sophos at 10-6-2011)
The same Lebanese hacker who targeted Sony Europe on Friday has now dumped a database from Sony Portugal. The hacker claims to be a grey hat, not a black hat, according to his post to pastebin.com. "I am not a black hat to dump all the database I am Grey hat" Instead of dumping the entire database like many previous Sony attackers, idahc only dumped the email addresses from one table in Sony's database.... read more»
Don't Even Think About It, Anonymous Warns NATO
(from maximumpc at 10-6-2011)
Anybody who thinks that Anonymous is just a bunch of harmless script kiddies playing around on their mom's computer hasn't been following the news recently. The US recently said it would put a hurting on hackers that threatened the nation, and earlier this week, NATO published a special report on cybersecurity. A big chunk of it was spent describing the threat of everyone's favorite hacker collective. The longer Anonymous continues its hijinks, the more likely they'd be "infiltrated and perp... read more»
Syrians Hack MK Aryeh Eldad's Website
(from Israel National News at 10-6-2011)
Syrian hackers disabled Member of Knesset Aryeh Eldad's internet site on Thursday. They also wrote, "The hills of the Golan, Sheba Farms [known in Israel as Har Dov, on the northern side of Mt. Hermon -ed.] and all the Palestinian territory is Syrian territory which was taken from us by force and will be returned and liberated soon." Professor Eldad responded, "Contrary to [the picture] the Western media is trying to paint regarding the massacre that [Syrian president Bashar] Assad is perpetr... read more»
18-year-old star hacker arrested in Greece
(from ManilaTimes at 10-6-2011)
Police in Greece have arrested an 18-year-old star hacker suspected of breaking into the website of crimefighting agency Interpol and a number of US state agencies, a senior officer said on Wednesday. The unidentified teen, who reportedly lives with his mother in the working-class Athens district of Agios Dimitrios, had originally broken into the Interpol site when he was just 15 years old. He has carried out such strikes all over the world from his home, the head of Greeces cybercrime squ... read more»
Team Cymru Internet Security News Feed
(from E-Secure-IT at 10-6-2011)
This Internet Security News feed is provided as a Free Service by Team Cymru through a commercial partnership with E-Secure-IT. E-Secure-IT provides a wide range of IT-Security and Industry & Corporate Risk Intelligence Services. For more information visit them at www.e-secure-it.com or email more-info@e-secure-it.com Team Cymru is a geographically-dispersed group of security professionals who are passionate about making the Internet more secure and who help organizations to identify and erad... read more»
So many IT awards, so little time
(from NetworkWorld at 10-6-2011)
I knew when I set out a few weeks back to put together a package on the IT and telecom industry's top awards and honors for innovators that I'd inevitably and unintentionally leave a few out. A couple that I should have included are the IEEE Computer Society and IEEE Communications Society Awards (I did include the overall IEEE Medal of Honor and Alexander Graham Bell Medal, but neglected the individual society awards). These are the two biggest of the IEEE's 38 societies, with the Computer ... read more»
Web crime grows as tech improves
(from PurdueExponent at 10-6-2011)
Well, it would appear that even mighty Google was impervious to the work of skillful hackers. Earlier this week, Google Chinas security was compromised by another group of resourceful hackers who recovered passwords to many personal accounts of top U.S. operatives and yet again, the officials are stymied. As time goes on, crime adapts right along with it. During the Spanish Inquisition, claiming the sun was the center of the universe would likely get you burned at the stake. When Prohibit... read more»
Sourcefire to Present at the William Blair 31st Annual Growth Stock Conference
(from SOURCEfire at 10-6-2011)
COLUMBIA, Md., Jun 07, 2011 (BUSINESS WIRE) -- Sourcefire, Inc. (Nasdaq:FIRE), the creator of Snort and a leader in intelligent cybersecurity solutions , today announced its Chief Executive Officer, John Burris, and Chief Financial Officer, Todd Headley, will present at the William Blair 31st Annual Growth Stock Conference, being held at the Four Seasons Hotel in Chicago. Sourcefire's presentation is scheduled for Tuesday, June 14, 2011 at 4:10 p.m. Central Time. A live web cast will be avail... read more»
Free tool for healthcare to handle privacy breach investigations
(from Net-Security at 10-6-2011)
The U.S Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has been cracking down on its enforcement of the HIPAA/HITECH Privacy, Security and Data Breach Notification Rules, by investigating entities that have reported data breach and other privacy incidents. The message to healthcare organizations and providers is clear: OCR is aggressively enforcing rules and violations, resulting in hefty fines and causing reputational damage. To assist healthcare organizations... read more»
Ex-NSA official Thomas Drake to plead guilty to misdemeanor
(from Washington Post at 10-6-2011)
Former National Security Agency official Thomas A. Drake has agreed to plead guilty to a misdemeanor count of exceeding authorized use of a computer, according to papers filed in federal court. The plea brings an end to a troubled prosecution that was one of the Obama administrations most prominent efforts to punish accused leakers of classified information.... read more»
Knowing Whos Messing with Your Medical Records
(from Bnet at 9-6-2011)
Thanks to the US Department of Health and Human Services, you may be able to deter people or businesses from rummaging around in your medical information. If a new rule is adopted, you would have the right to obtain a list of all those who accessed your electronic medical records and what they did with the data. The access report would be kind of like the credit report that you can get free each year. Under HIPAA (the Health Insurance Portability and Accountability Act), which went into eff... read more»
Microsoft Security Bulletin Advance Notification for June 2011
(from Microsoft at 9-6-2011)
Executive Summaries: This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. Affected Software: Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Wi... read more»
Pay-Per-Install a Major Source of Badness
(from KrebsonSecurity at 9-6-2011)
New research suggests that the majority of personal computers infected with malicious software may have arrived at that state thanks to a bustling underground market that matches criminal gangs who pay for malware installs with enterprising hackers looking to sell access to compromised PCs. Pay-per-install (PPI) services are advertised on shadowy underground Web forums. Clients submit their malwarea spambot, fake antivirus software, or password-stealing Trojanto the PPI service, which in turn... read more»
FISMA compliance falls short of adequate security
(from Gcn at 9-6-2011)
Security professionals will tell you that compared with 10 years ago, government IT security practices are vastly improved. Back then, security was very much an ad hoc approach that varied greatly among agencies and for which erecting a firewall was considered state of the art, if security was considered at all. Now, driven by regulations such as the 2002 Federal Information Security Management Act (FISMA) and the Department of Defense Information Assurance Certification and Accreditation Pro... read more»
Government outlines IT strategy to tackle 21bn of fraud
(from ComputerWeekly at 9-6-2011)
The government has outlined an IT strategy to tackle 21bn of annual fraud in the public sector. Collaboration was highlighted as a key part of its strategy to break down silos of information. All parts of public sector must work together to share intelligence on fraudsters; develop cross-cutting capabilities; and join projects using data analytics and procurement, it said. Pilots involving the use of data analytics to screen application for tax credits have helped delivered savings of 12m ... read more»
Summarizing ZDNet's Zero Day Posts for May
(from Dancho Danchev at 9-6-2011)
The following is a brief summary of all of my posts at ZDNet's Zero Day for May. You can subscribe to my personal RSS feed, Zero Day's main feed, or follow me on Twitter.... read more»
UK MoD Under Heavy Cyber Attack
(from IT Proportal at 9-6-2011)
Another high profile UK politician has raised the alarm by saying the number of cyber attacks targeted at the country has increased significantly. According to Liam Fox, the defence secretary in the UK government, his ministry had alone come under over 1000 potentially serious cyber-attacks during 2010. The defence secretary reportedly revealed this information at the London Chamber of Commerce and Industry conference held on Tuesday evening.... read more»
Hackers now a top security menace: McClelland
(from CanberraTimes at 9-6-2011)
Australians will be warned today of a serious risk to national security as foreign hackers intensify their efforts to bring down computer networks operated by the Government, banks and phone companies. Federal Attorney-General Robert McClelland will paint the sombre scenario when he presents a threat analysis developed by Australia's most secret spy organisations.... read more»
NATO plans force to respond to cyber attacks
(from Google at 9-6-2011)
NATO wants to beef up its cyber defence capabilities with the creation of a special task force to detect and respond to Internet attacks, an alliance expert said Wednesday at a conference on cyber security here. "NATO is planning to establish the Cyber Red Team (...) that would provide a significant contribution to the improvement of NATO's cyber defence capability," Luc Dandurand and expert with NATO's C3 Agency told delegates to the alliance's third annual cyber defence conference.... read more»
Intel''s Arizona Chip Factory Explodes Injuring Seven People
(from IT Proportal at 9-6-2011)
A chip fabrication plant owned and operated by Intel was the scene of an explosion yesterday which injured seven people. Several fire crews were called to the building outside Pheonix at 2pm as the the facility was evacuated. It's not clear how the seven victims were injured and an investigation is currently ongoing. several of them had shrapnel wounds and concussion and at least one is reported to be in a serious condition.... read more»
How Estonians became pioneering cyberdefenders
(from CSMonitor at 9-6-2011)
Ahead of spring elections, Agu Kivimgi was tasked with trying to ensure that online voting in Estonia wasn't vulnerable to attack. Its pioneering system of casting national ballots via the Internet would be a hacker's prize target. After the ballots were counted, returning Estonia's center-right government to power, e-voting escaped assault - or any technical difficulties, for that matter.... read more»
Business continuity: You need more than just a plan
(from Net-Security at 9-6-2011)
Stop for a moment and take a look around you IT isnt just the computer on your desk, the lap top in your bag or the mobile in your pocket. The truth is its controlling who is and isnt entering your building- virtually and physically, how and where your customers are being dealt with, its driving your production line and it even has a part to play in how your coffee is produced. IT is no longer confined to a small back office, possibly in the basement, staffed with geeks all speaking their own l... read more»
School-Webcam Spy Scandal Resurfaces
(from Wired at 9-6-2011)
A suburban Philadelphia school district embroiled in a webcam spy scandal was hit Tuesday with new allegations that a student-issued laptop secretly recorded more than 8,000 images. The latest accusations, which were said to occur during a six-month period ending September 2008, has left the high school student shocked, humiliated and severely emotionally distressed, (.pdf) according to a federal invasion-of-privacy lawsuit, which seeks unspecified monetary damages.... read more»
LulzSec strikes again: US cybersecurity website hacked
(from Computer World at 9-6-2011)
Hacker group, LulzSec, have made headlines again after responding to a hacking competition by US cybersecurity company, Black & Berg Cybersecurity Consulting. The group, who claimed responsibility for the attacks on both Sony Pictures and Nintendo servers, answered to Black & Berg's challenge of changing an image on their website's homepage, with the first successful person to be rewarded $US10,000 and a position with the company's senior cybersecurity advisor Joseph Black.... read more»
Fraudster jailed - had previously pleaded guilty
(from met.police at 9-6-2011)
Jurgen Whitehouse, 37, of Exeter Road, Welling, Kent was yesterday Tuesday 7 June sentenced to two years and six months imprisonment at Southwark Crown Court for fraud. Whitehouse had previously pleaded guilty at Southwark Crown Court on 10 May to one count of fraud where he admitted to abusing his senior position in IT to defraud his employer, the communications regulator, OFCOM of 522,123 between July 2008 and April 2009. Whitehouse has subsequently restituted a large percentage of this amo... read more»
Epic Games Database Hacked by Contra
(from The Hacker News at 9-6-2011)
Epic Games ( https://www.epicgames.com/ ) Database Hacked by Contra (Hacker) , He hack whole database and Leak all database structure online at http://pastebin.com/X455ZARH .... read more»
Federal Government embracing Gov 2.0
(from Computer World at 9-6-2011)
Federal Government agencies have widely embraced social media and Web 2.0 tools in the wake of the Government 2.0 Taskforce report, documents released by the Australian Government Information Management Office (AGIMO) show. According to the documents, released as part of an effort to better communicate the work being done in Government 2.0, Twitter, Facebook, blogging and RSS feeds (Really Simple Syndication) were now in widespread use by federal agencies.... read more»
U.S., Chinese, EU firms push cloud standards
(from mis-asia at 9-6-2011)
A group of U.S. and overseas companies, including some major Chinese firms, are betting that they can encourage cloud providers to adopt common standards for managing security, operating routine processes and describing their services. Whether cloud vendors adopt the Open Data Center Alliance standards released Tuesday remains to be seen.... read more»
Police force damaged by computer errors
(from The Age at 9-6-2011)
CONTINUING mistakes from a new $54.5 million courts computer system created problems that went to ''the very core of policing in NSW'', senior police warned nearly a year after the system began operating. In a frank email, endorsed by the head of the Police Prosecutions branch, Tony Trichter, a police officer attached to the project outlined problems dealing with AVOs, bail breaches, warrants and criminal records.... read more»
Social media specialist sacked over tweet
(from The Age at 9-6-2011)
A US economic development agency has let one of its employees go over a Twitter post that suggested her colleagues knock off work early to play golf. Social media specialist Vanessa Williams lost her job with the Lehigh Valley Economic Development Corporation after she used the agency's official Twitter account on Friday to tweet: "We start summer hours today.... read more»
IT security - what you must know in the mobile era
(from Sophos at 9-6-2011)
Worried about the cloud? Data breaches? Mobile devices? Identity theft? Earlier this week I participated in a very well-attended webinar run by Business Spectator magazine in which we discussed these topical and important issues. Join presenter James Kirby and experts Stephen Wilson, Charis Palmer and (ahem) me as we talk on the subject of IT security - what you must know in the mobile era.... read more»
US bill would make concealing data breaches a crime
(from The Register at 9-6-2011)
US-based companies would be required to report data breaches that threaten consumer privacy and could face stiff penalties for concealing them under federal legislation that was introduced in the Senate on Tuesday. The Personal Data Privacy and Security Act aims to set national standards for protecting the growing amount of personally identifiable information being stored online. Its approval by the Senate Judiciary Committee represents the fourth year the bill has been introduced, said its s... read more»
Sony hack reveals password security is even worse than feared
(from The Register at 9-6-2011)
An analysis of password re-use from data spilled via the Sony and Gawker hack reveals that consumer password security is even more lax than we might have feared. A million Sony users' password/username IDs and 250,000 Gawker login credentials, each stored in plain text, were exposed via separate hacks. In each case hackers posted a subset of these passwords as a torrent.... read more»
Pixmania users report scam-spam bombardment
(from The Register at 9-6-2011)
Several Reg readers have complained to us about receiving spam emails directed at addresses they had exclusively supplied to Pixmania, the online consumer electronics retailer Pixmania. Internet users, in general, are more sensitive to the leak of personal email addresses in the wake of high-profile breaches involving Sony and marketing outfit Epsilon over recent weeks. Epsilon handled the mail shots for dozen of well-known brands, so the breach of its systems potentially exposed millions of ... read more»
Greek police arrest suspected FBI hacker
(from PacketStormsecurity at 9-6-2011)
Greek police arrested an 18-year-old suspected of having hacked into the electronic systems of the FBI and Interpol, they announced Wednesday. He reportedly also took over the computers of unsuspecting users, accessed their data and used it to obtain new credit cards in their names. A raid on his home turned up over 120 credit cards and thousands of euros in cash, police said.... read more»
DoC calls for security standards, co-operation
(from The Register at 9-6-2011)
The US Department of Commerce is broadening its attention beyond the critical infrastructure sector, proposing security codes of conduct for the rest of the Internet economy. Its new report, Cybersecurity, Innovation and the Internet Economy, has a wide scope, from the small business with a Website through to social networks and cloud services. It defines the Internet and Information Innovation Sector as covering information services, transactional services, storage and hosting, and user acce... read more»
Team Cymru Internet Security News Feed
(from E-Secure-IT at 9-6-2011)
This Internet Security News feed is provided as a Free Service by Team Cymru through a commercial partnership with E-Secure-IT. E-Secure-IT provides a wide range of IT-Security and Industry & Corporate Risk Intelligence Services. For more information visit them at www.e-secure-it.com or email more-info@e-secure-it.com Team Cymru is a geographically-dispersed group of security professionals who are passionate about making the Internet more secure and who help organizations to identify and erad... read more»
Facebook 'Face Recognition' Feature Draws Privacy Scrutiny
(from New York Times at 9-6-2011)
European Union data protection regulators said on Wednesday that they would investigate Facebook over a feature that uses face-recognition software to suggest peoples names to tag in pictures without their permission, and a privacy group in the United States said that it planned to file a complaint with the Federal Trade Commission over the feature. A group of privacy watchdogs drawn from the European blocs 27 nations will study the measure for possible rule violations, said Grard Lommel, a L... read more»
Warning over cyber attacks 'battle'
(from Yahoo at 9-6-2011)
Defence Secretary Liam Fox has warned that the Government is fighting a "continuous battle" against cyber attackers - with the number of incidents doubling over the past year. The Ministry of Defence is a "prime target" for would-be infiltrators, and has dealt with more than 1,000 attempts to breach security in 12 months, according to Dr Fox. Ministers announced last autumn that they were spending 650 million to bolster cyber resilience, with the investment focused on protecting key national... read more»
Sony says info of 37,500 users stolen
(from Computer World at 9-6-2011)
Sony Pictures Entertainment claims about 37,500 users had personally identifiable information stolen in an attack last week on its website. The Culver City, California-based company said it notified users of the breach on Wednesday and warned them to change passwords. Parent company Sony Corp has been hammered by personal data loss problems, including separate hacks that compromised the personal information of more than 100 million users earlier this year.... read more»
Cybersecurity, innovation and the Internet economy
(from Help Net Security at 9-6-2011)
The U.S. Department of Commerce today released a report that proposes voluntary codes of conduct to strengthen the cybersecurity of companies that increasingly rely on the Internet to do business, but are not part of the critical infrastructure sector. The report, "Cybersecurity, Innovation and the Internet Economy", focuses on the Internet and Information Innovation Sector (I3S) these are businesses that range from small and medium enterprises and bricks-and-mortar firms with online service... read more»
European nations fail to develop anti-cyber attack strategies
(from Computing at 9-6-2011)
European countries risk becoming the victims of crippling cyber attacks because of the glacial pace at which internet security strategies are being developed, according to a new report from EU security mandarins. The European Network and Information Security Agency (Enisa) has updated its benchmarking analysis of countries internet security strategies, highlighting the vastly different approaches being taken across the continent.... read more»
News of the World apologises to Sienna Miller
(from BBC at 9-6-2011)
The News of the World's owner has formally apologised in court to the actress Sienna Miller for hacking into several of her mobile phones. News Group newspapers said sorry for what it called the "harassment and distress" it had caused. The 29-year-old actress, who was not at London's High Court, formally settled for 100,000 damages and costs. Four alleged victims of phone hacking have already reached out-of-court settlements with the newspaper.... read more»
World Takes IPv6 for a Test Drive: Is your Organization Prepared for the Risks?
(from Security Week at 8-6-2011)
Today, IPv6 World Day, is the widely-anticipated 24 hour period that many large organizations including Google, Facebook, Yahoo!, Akamai, Verizon and hundreds of other organizations, will use to distribute content over IPv6 for a 24-hour test flight to prepare their services for IPv6. IPv6 was designed mainly to solve the IP address exhaustion problem, increasing the number of IP address available to Internet-connected devices. IPv4 addresses, represented by a 32-bit number, enabled 4,294,967... read more»
Facebook raring to give IPv6 a test flight
(from Computer World at 8-6-2011)
After helping to hatch the plan for World IPv6 Day set for Wednesday, a senior network engineer at Facebook is raring to test the site's reworked network. Facebook's Donn Lee has been getting the social network ready for this first worldwide test flight of IPv6 since last fall when plans for the June 8 event were put in place. Wednesday is the day that the giants of the Internet - Google , Yahoo , Microsoft , Verizon and Facebook - will give IPv6 a whirl and see how it works. Lee , who cam... read more»
Collaboration in the Post PC Era - Any Device, Anywhere
(from On24 at 8-6-2011)
Date: Thursday, June 30, 2011, 2:00 PM EDT The explosive growth of powerful smartphones and tablet devices is leading to a dramatic shift in the workplace. Companies are adopting mobile technology with the hope that transitioning to an anytime, anywhere, always-on computing and communications model will improve operations and increase productivity. Find out how collaboration solutions like Cisco Jabber support both existing and new generations of platforms and devices - Windows, Mac, iPho... read more»
Happy World IPv6 Day From the Nmap Project!
(from Fyodor at 8-6-2011)
You probably know that we run the machine scanme.nmap.org as a system people are allowed to use as a target for test scans and the like. That system now has native IPv6 support. So if you have never performed an IPv6 port scan, you can do so with a command like: nmap -6 -v scanme.nmap.org We also added a DNS record for scanmev6.nmap.org, which only has an IPv6 address (no IPv4). This can help for tools which might otherwise use Scanme's IPv4 address by default rather than IPv6. For... read more»
State of Government Information Security Today: 2011 Survey Results
(from Government Information Security at 8-6-2011)
President Obama declared cybersecurity a national security priority in May 2009, in effect making the IT experts at all levels of government the frontline troops defending local, state and federal information assets. To fully appreciate the environment in which government IT security practitioners work, GovInfoSecurity conducted the State of Government Information Security 2011 survey in early 2011. The survey results: * Gauge the attitudes of government IT security practitioners on th... read more»
Hacking Group LulzSec Denies Arrest Report
(from Information Week at 8-6-2011)
The hacking group, also known as the Lulz Boat, claims credit for releasing Sony's developer network source code on Monday, recently exposing one million Sony passwords, hacking PBS with fake news, and also releasing passwords for members of the FBI partner organization InfraGard's Atlanta branch. The latter was in response to government plans to classify some types of cyber attacks as acts of war. But according to an anonymous post, submitted via a Hushmail account, to the Full Disclosure ma... read more»
Don't panic, but the internet might break today. Just a little bit, and we're sure they'll fix it...
(from couriermail at 8-6-2011)
Today is World IPv6 Day, when more than 100 companies around the world will test a new way of assigning addresses to devices on the internet. Narelle Clark of the Internet Society of Australia said the switch was important because the current system, IPv4, was unable to cope with the growing number of gadgets going online. "In the past, when we were running out of telephone numbers, we added a single digit," Ms Clark told news.com.au. "We can't take that same approach for the internet, ... read more»
From the Field: Sprinting Through An 'APT' Casefile - Part I
(from toolbox at 8-6-2011)
Over the last year, I have been up to my eyeballs in "APT" cases. I barely finish the case I'm on before the next one comes my way. I've turned away more work in the last 3 months than in the last 3 years (I'm sure the partners that I've referred the work to don't mind). The information security industry amuses me with their talent for creating acronyms, and APT ("Advanced Persistent Threat") has been no different.... read more»
HIPAA & HITECH - Why You Should CareStill!Again!
(from toolbox at 8-6-2011)
Yesterday's NY Times, Milt Freudenheim joined a long line of journalists jumping on the HIPAA HITECH bandwagon in his article entitled "Breaches Lead to Push to Protect Medical Data". I was, of course, tickled to read the opening two sentences "Federal health officials call it the Wall of Shame. Its a government Web page that lists nearly 300 hospitals, doctors and insurance companies that have reported significant breaches of medical privacy in the last couple of years." In our March 2... read more»
Is RSA officially dead? Would you trust them again?
(from jadedsecurity at 8-6-2011)
Is RSA finally dead? Security professionals have been asking themselves this question since the first breach. The security community has always been under the assumption that the attackers were able to pull the seeds, and the recent attacks have somewhat proven this. The piece that was missing however, was the pin# and that required a little bit of social engineering which spear phishing has been able to accomplish. So, do we still trust RSA to provide the peace of mind that two factor authen... read more»
Nations recognize dangers posed by cyber-attacks
(from Dw-World at 8-6-2011)
The International Conference on Cyber Conflict kicked off in the Estonian capital, Tallinn, on Wednesday. The Baltic state sustained a cyber-attack in May 2007, which Estonian government officials pin on having come with at least implicit support from the Russian government - a charge Russian officials deny. Kenneth Geers, an American computer security expert with the Naval Criminal Investigative Service, tells Deutsche Welle about current state of cyberconflicts. He has been the American re... read more»
FBI / Interpol hacker suspect arrested by Greek authorities
(from nakedsecurity at 8-6-2011)
Authorities in Greece have arrested an 18-year old man today, suspected of hacking into computer systems belonging to Interpol, the Pentagon, the NSA and the FBI. The teenager, who has not been identified, is said to live with his mother in the Athens district of Agios Dimitrios, and is alleged to have originally broken into the Interpol crime-fighting website when he was just 15 years old. Manolis Sfakianakis, head of the Greek computer crime police, told state television that the young m... read more»
World IPv6 Day Kicks Off
(from enterprisenetworkingplanet at 8-6-2011)
At 5 PM PT/ 8 PM ET on June 7th, World IPv6 Day will start. It's an event that will put hundreds of mainstream websites on IPv6 for the first time, as the world prepares for the transition to IPv6. World IPv6 Day was first announced in January by the Internet Society. At the time, a handful of major websites including Google and Facebook publicly indicated that they would participate in the event. Over the last six months, the need for IPv6 has accelerated and so too has the public commitment... read more»
Microsoft: Rustock still dead but hunt on for culprits
(from CNet at 8-6-2011)
Though Rustock remains down for the count, according to Microsoft, the hunt goes on for the creators of the infamous botnet. Rustock was taken down this past March by Microsoft and law enforcement officials who used a combination of legal maneuvers and raids to seize control of the servers that ran the notorious spamming network. Since then, Rustock has remained "dead and decaying," said Richard Boscovich, senior attorney for Microsoft Digital Crimes Unit, in a blog published yesterday.... read more»
Deterrence won't stop cyber-attacks
(from Guardian at 8-6-2011)
Sometimes nations, like individuals, say things in public that are better said in private. So it is with the announcement last week by the Pentagon that the US might treat cyber-attacks as armed attacks. The announcement would seem to make sense. "Armed attack" in cyberspace is now a reality. Last year, the Stuxnet computer worm physically destroyed the operations of an Iranian nuclear facility. And Stuxnet is hardly the first disruptive cyber attack.... read more»
Man From York Faces Extradition For Attempting To Hack Facebook
(from IT Proportal at 8-6-2011)
Law enforcement officials have arrested a man from York for allegedly trying to hack into Facebook. The US Federal Bureau of Investigation was investigating a hacking attempt on the social networking giant. Their investigation led them to a 26-year-old in York, who was arrested by the Metropolitan Polices e-crime unit . The man from York is the first person to be arrested in the UK in an investigation that was looking into a large scale hacking attempt on Facebook. In addition to arresting... read more»
Battleground Cyberspace: Hackers vs. White Hats
(from Forbes at 8-6-2011)
Spend a few a minutes with a security researcher, someone who works at one of the hundred plus anti-malware companies, and you begin to realize that there is an ongoing battle between the good guys and the bad. Malware researchers are on the front lines. They capture samples via honey pots and customer reports, un-package them, reverse engineer the executables so they can see the source code, and try to figure out what the malware is doing.... read more»
DroidKungFu Malware Targets Android Users In China
(from IT Proportal at 8-6-2011)
A new malware campaign designed to victimize Android users has been discovered by two US based researchers, and according to them this new malware is capable of manoeuvring around traditional anti-virus utilities. The researchers, named Yajin Zhou and Xuxian Jiang from the North Carolina State University found at least a few applications infected by the DroidKungFu malware in their research. They also revealed that a minimum of eight third-party app stores and forums in China were offering in... read more»
Ministry of Defence foiled 1,000 cyber attacks says Fox
(from BBC at 8-6-2011)
Liam Fox has said the Ministry of Defence is a "prime target" for cyber attacks after disclosing that it has dealt with more than 1,000 "potentially serious" incidents over the past year. A "continuous battle" was being waged in cyberspace against UK interests by criminals and foreign intelligence services, the defence secretary warned.... read more»

Disqus for ePayment News