Intuit , the makers of TurboTax , recently introduced several changes to beef up the security of customer accounts following a spike in tax refund fraud at the state and federal level. Unfortunately, those changes don’t go far enough.
FBI: $3M Bounty for ZeuS Trojan Author
The FBI this week announced it is offering a USD $3 million bounty for information leading to the arrest and/or conviction of one Evgeniy Mikhailovich Bogachev , a Russian man the government believes is responsible for building and distributing the ZeuS banking Trojan . Bogachev is thought to be a core architect of ZeuS, a malware strain that has been used to steal hundreds of millions of dollars from bank accounts — mainly from small- to mid-sized businesses based in the United States and Europe.
The Blog is Back!
Happy much belated New Year readers, and welcome back! Regular readers probably noticed that the blog has been down for quite awhile. Early January, we unexpectedly had to take the blog server offline during some expected web site maintenance and re-architecture
Serious NTPd vulnerabilities Patched; XTM Not Affected
Today, CERT and NTP.org warned the world about some serious vulnerabilities in a very popular network time server called ntpd. If you use Linux systems, or any number of network appliances, chances are you’re using ntpd somewhere in your organization, and should apply the 4.2.8 update (tarball) as soon as possible. Network Time Protocol (NTP) is a standard for updating and synchronizing your computer’s clock over a network.
ICANN Breach & More Sony – WSWiR Episode 133
Wow! This week’s been such a busy news week that the information security (InfoSec) stories kept pouring in, long after I finished this week’s video. The latest? CERT just warned about some critical vulnerabilities in NTPd, a popular network time protocol (NTP) service that many network devices and software uses
The Disturbing Reality of Guest Network Security
The Disturbing Reality of Guest Network Security New WatchGuard functionality enhances security and convenience to better protect guest network users across hotel, restaurant and other hospitality organizations Life on the road no longer means losing touch. Today’s global travelers rely on Internet access for both work and pleasure, whether it’s responding to business email, planning vacation activities or staying connected with loved ones still at home.
SpamHaus, CloudFlare Attacker Pleads Guilty
A 17-year-old male from London, England pleaded guilty this week to carrying out a massive denial-of-service attack last year against anti-spam outfit SpamHaus and content delivery network CloudFlare , KrebsOnSecurity has learned.
The Pirate Bay Raided; Watch Out for Torrent Scams
I’m fascinated with how well criminal hackers consistently take advantage of pop culture events or breaking news to further their malicious campaigns. Yesterday, news broke that the Swedish authorities raided the company that hosted The Pirate Bay, a popular torrent tracking site that is known primarily for spreading illegal copies of software and other media
Microsoft’s Last Patch Day Until 2015; Three Critical Patches
It’s that time of the month again; Microsoft Patch Day. Yesterday, Microsoft posted their regular batch of security updates, so it’s time you patch your Windows systems.
More on Wiretapping ATM Skimmers
Last month, this blog featured a story about an innovation in ATM skimming known as wiretapping, which I said involves a “tiny” hole cut in the ATM’s front through which thieves insert devices capable of eavesdropping on and recording the ATM user’s card data.