US man confesses to part in $1.3M bank and payroll phishing scam

May 8th, 2012

Posted May 8, 2012

A 31-year-old US man from Atlanta, Georgia, admitted last week that he and his gang stole more than $1.3 million USD by phishing confidential account information from e-commerce sites. Be careful, particularly if you do your banking at a large online bank, because those are now scammers’ favored phishing grounds. The Anti-Phishing Working Group’s latest survey shows that PayPal, after years of being phishers’ fav, is no longer No. 1 It’s ecommerce sites (and BANKS!) they’re after, since there’s more coinage to be had. Read it. 

Intruder compromises user database for Star Trek Online and other MMORPGs

May 8th, 2012

Posted April 30, 2012

The studio behind Star Trek Online, City of Heroes, City of Villains, and Champions Online suffered a user account database breach 16 months ago… and is only warning users about it now. Read it. 

Mobile phone carriers oppose law requiring warrants for location data

May 8th, 2012

Posted April 27, 2012

The proposed US bill doesn’t stop the carriers from handing over location data, but it does require that police get a warrant first. So what is CTIA’s problem with it? Read it and weep.

Mobile phone carriers oppose law requiring warrants for location data

April 27th, 2012

Posted on April 27, 2012

The proposed US bill doesn’t stop the carriers from handing over location data, but it does require that police get a warrant first. So what is CTIA’s problem with it? Read the article. 

Facebook logins aren’t being properly protected on iPhones, iPads and Android devices

April 27th, 2012

Posted April 5, 2012

Facebook login credentials could be lifted from smartphones because the site is not encrypting the sensitive data on iOS and Android devices. Read the story on Naked Security.

Pastebin, its mission of freedom, and the tribulations of hacker escapades

April 3rd, 2012

Posted April 3, 2012

Pastebin gives its users “total freedom of speech”, which means it’s a prime spot for hackers to publicize their exploits and for stolen information to be posted. Makes it a bit difficult to run the site, says Pastebin’s owner Jeroen Vader. Read the story on Naked Security. 

US health insurer fined $1.5m over 2009 data breach

March 15th, 2012

Posted  March 15, 2012

I know doctors who roll their eyes at the idea of HIPAA. They resent the way the legislation slows down the delivery of care to their patients. I can sympathize, but this $1.5m fine, the first ever to be carried out under HIPAA/HITECH, should make it clear: The onus is on healthcare providers and insurers to train staff and secure personal information. The full story is on Naked Security.

Secure Paper Storage: Managing Business Documents

March 8th, 2012

Posted 03-02-12

They spill out of milk cartons in unlocked storage rooms! They molder in storage facilities secured only by Yale locks! They get horizontally stripped into packing material that helpfully displays your customers’ names, SSNs, and dates of birth! It’s 2:34 a.m. Do you know where your business’s paper documents are?! Here we have horror stories and tips on how to secure all that carbon-based matter until it returns to the pulp from which it crawled forth. Read it on HP I/O. We also made a nifty infographic to show how blasé we are following policies about these matters. Check out the infographic!