A recent phishing campaign targeting customers of several major U.S. banks was powered by text messages directing recipients to call hacked phone lines at Holiday Inn locations in the south
Banks: Card Thieves Hit White Lodging Again
For the second time in a year, multiple financial institutions are complaining of fraud on customer credit and debit cards that were all recently used at a string of Marriott properties run by hotel franchise firm White Lodging Services Corporation. White Lodging says it is investigating, but that so far it has found no signs of a new breach. In January 31, 2014, this author first reported evidence of a breach at some White Lodging locations
Target Hackers Hit Third Parking Service
Book2Park.com , an online parking reservation service for airports across the United States, appears to be the latest victim of the hacker gang that stole more than a 100 million credit and debit cards from Target and Home Depot . Book2park.com is the third online parking service since December 2014 to fall victim to this cybercriminal group. Last week, a new batch of credit card numbers [dubbed “ Denarius “] went up for sale on Rescator[dot]cm , the cybercrime bazaar that earned infamy by selling tens of millions of cards stolen from Target and Home Depot.
The Internet of Dangerous Things
Distributed denial-of-service (DDoS) attacks designed to silence end users and sideline Web sites grew with alarming frequency and size last year, according to new data released this week. Those findings dovetail quite closely with the attack patterns seen against this Web site over the past year
FBI: Businesses Lost $215M to Email Scams
It’s time once again to update my Value of a Hacked Email Account graphic: According to a recent alert from the FBI, cyber thieves stole nearly $215 million from businesses in the last 14 months using a scam that starts when business executives or employees have their email accounts hijacked.
Yet Another Emergency Flash Player Patch
For the second time in a week, Adobe has issued an emergency update to fix a critical security flaw that crooks are actively exploiting in its Flash Player software. Updates are available for Flash Player on Windows and Mac OS X .
Spreading the Disease and Selling the Cure
When Karim Rattani isn’t manning the till at the local Subway franchise in his adopted hometown of Cartersville, Ga., he’s usually tinkering with code. The 21-year-old Pakistani native is the lead programmer for two very different yet complementary online services: One lets people launch powerful attacks that can knock Web sites, businesses and other targets offline for hours at a time; the other is a Web hosting service designed to help companies weather such assaults. Grimbooter Rattani helps run two different “booter” or “stresser” services – grimbooter[dot]com , and restricted-stresser[dot]info .
Flash Patch Targets Zero-Day Exploit
Adobe today released an important security update for its Flash Player software that fixes a vulnerability which is already being exploited in active attacks.
Password Re-use Fuels Starwood Fraud Spike
Two different readers have written in this past week to complain about having their Starwood Preferred Guest loyalty accounts hijacked by scammers. The spike in fraud appears to be tied to a combination of password re-use and the release of tool that automates the checking of account credentials at the Web site for the popular travel rewards program. The mass compromise of Starwood accounts began in earnest less than a week ago
Java Patch Plugs 19 Security Holes
Oracle this week released its quarterly patch update for Java , a widely-installed program that for most casual users has probably introduced more vulnerability than utility. If you have Java installed and require it for some application or Web site, it’s time to update it. If you’re not sure you have Java on your computer or are unsure why you still have it, read on for advice that could save you some security headaches down the road