Financial Services
From the Web
Royal Bank glitch allowed Visa customers to view others’ transactions
October 03, 2009 from: Office of Inadequate Security
The Royal Bank says it has fixed a computer security glitch that allowed some of its West Coast Visa customers to view transactions made by other cardholders.
Comments (0)
From the Web
Commerce Bank replaces cards compromised in Heartland breach
September 18, 2009 from: Office of Inadequate Security
Dan Margolies reports that Commerce Bank in Kansas City is first replacing credit cards after a recent small wave of fraudulent activity was reported. The compromised cards were involved in the Heartland Payment Systems breach disclosed in January 2009.
Comments (0)
From the Web
ID theft ringleader back in custody after 4 years on the lam
September 17, 2009 from: Office of Inadequate Security
The mastermind of an identify theft ring who fled after being sentenced for his role in the scheme to steal personal and confidential credit report profiles of thousands of customers of Weichert Financial Services, Inc. pleaded guilty today to failure to surrender to federal prison.
Comments (0)
From the Web
Man sentenced for micro-deposit scam
September 17, 2009 from: Office of Inadequate Security
A 22-year old man was sentenced to 15 months in prison and restitution of $200,073.44 for fraud and related activity in connection with computers. After release from prison, Michael Largent will also face three years of strict restrictions on his use of computers and the Internet.
Comments (0)
From the Web
Website exposes sensitive details on military personnel
September 08, 2009 from: Office of Inadequate Security
Programming errors on a website that helps commuters carpool to work are exposing sensitive information of workers for hundreds of employers in Southern California, including at least one military installation.
Comments (1)
From the Web
Email Obfuscation and Spam Robots
September 08, 2009 from: Rsnake's blog at ha.ckers.org
I’ve long been interested in spam and robots that scrape for email addresses. I’ve done tons of work in the space, although I’ve never published any of it. Call it more of a side hobby than anything I really want to go public with - as it is with a lot of my research
Comments (0)
From the Web
Digital Direct reports breach
September 05, 2009 from: Office of Inadequate Security
Chris Cooper of Bloomberg.com reports that Digital Direct, Inc., a unit of Mitsubishi Corp., had a breach of their e-commerce web site that resulted in the compromise of 52,000 customers’ credit card numbers.
Comments (0)
From the Web
Helping users keep plugins updated
September 04, 2009 from: Mozilla Security Blog
Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old versions of plugins can cause crashes and other stability problems, and can also be a significant security risk.
Comments (0)
From the Web
Best of Application Security (Friday, Sep. 4)
September 04, 2009 from: Jeremiah Grossman's Blog
Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!
Comments (0)
From the Web
Announcement Regarding The October 2009 Critical Patch Update
September 03, 2009 from: The Oracle Global Product Security Blog
Because many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld on October 11-15, 2009; the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.
Comments (0)
From the Web
Lifelock loses another round in court
September 03, 2009 from: Office of Inadequate Security
Experian has issued a press release indicating that a federal court in California has denied LifeLock’s request to reconsider a ruling which found that LifeLock’s practice of setting 90-day fraud alerts on Experian and other credit bureaus was unlawful:
Comments (0)
From the Web
5 men named in racket that netted $4m in stolen card data
September 02, 2009 from: Office of Inadequate Security
Prosecutors in Manhattan have named five additional men from Eastern Europe in an alleged scheme that pilfered $4m using more than 95,000 stolen credit cards.
Comments (0)
From the Web
Biggest Breaches of 2009
August 28, 2009 from: Office of Inadequate Security
Linda McGlasson of BankInfoSecurity.com provides an analysis and commentary, based on ITRC’s statistics for this year.
Comments (0)
From the Web
Gonzalez pleads guilty, sentenced to 15-25 years
August 28, 2009 from: Office of Inadequate Security
Under a plea agreement with federal prosecutors filed in Boston on Friday, Albert Gonzalez would serve a sentence of 15 to 25 years after pleading guilty to a 19-count indictment. He would also forfeit some $2.8 million in cash, a Miami condo, a car and expensive frakelry.
Comments (0)
From the Web
Finance company identifies 294 recipients of non-payment legal threat
August 18, 2009 from: Office of Inadequate Security
A finance company has disclosed the email addresses of 294 customers that it says are behind in their repayments to the firm. The company emailed the customers but did not hide the addresses of everyone it contacted.
Comments (0)
From the Web
Three indicted for hacking Heartland, 7-Eleven, and Hannaford; Over 130 million credit and debit card numbers stolen
August 17, 2009 from: Office of Inadequate Security
An indictment [pdf] was returned today against three individuals who are charged with being responsible for five corporate data breaches, including the single largest reported data breach in U.S. history, announced Acting U.S. Attorney Ralph J. Marra, Jr., along with Assistant Attorney General of the Criminal ...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)