Cybercrime

Facebook’s Search and Destroy

An article came out yesterday from Clement Genzmer who is a security engineer at Facebook.  His tagline is "searching and destroying malicious links".  Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to

Osama bin Laden is alive and well… on Facebook

The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth.  As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates

Global malware thrives on the demise of a global terrorist

[NOTE:  As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook.  Click here to view their article in Spanish. We will follow up on this shortly.  AG] The malware phenomenon started by the announcement of Osama Bin Laden’s death continues

Cyberthieves just love a good wedding, or a funeral…

Not using Twitter or Facebook is, in these times, akin to not owning or using a mobile ‘phone. Last night’s events – the reported death of Osama Bin Laden – proved that we are well and truly in the Twitter era (Twitter reported that over 4000 tweets per second were made immediately preceding the President’s

Another VB Cybercrime Seminar

One that will be of most interest to our readers in the UK, I guess. Our friends at Virus Bulletin are holding another "Securing Your Organization in the Age of Cybercrime" seminar, this time on the Open University Campus at Milton Keynes on the 24th May. The full agenda is already available on that page, and

Natl Research Council Says: Show Us The MONEY

Surprised to find annual cybercrime damage spread somewhere between 300 million and 54 BILLION? So is the Director of National Intelligence. Today Brian Krebs of the Washington Post and Krebsonsecurity.com detailed a strong push for mandatory disclosure of cyber intrusion to include account hijacking and online identity theft.

Multi‑level Cybercrime

I just blogged about a potential new Facebook worm. It may turn out that it is not a worm, but another type of attack that involves multiple levels of criminal organizations, which to some degree are being aided by the privacy laws in the Holland. To begin with there are stolen credential attacks. The two

Anti‑Skimming Tips at Debit‑only Pumps

Today as I filled up, I noticed that they changed my BP / Arco pump kiosk’s payment instructions, probably as a result of the Hotea Arco skimming case a few years back. With the recent commentary on skimming David Harley provided, I thought a picture of anti-skimming advice might speak a thousand words – or

Will Free Wi‑Fi at Starbucks and McDonalds Spread Malware?

Reports that Starbucks (NASD: SBUX) will be offering free 802.11 wireless access at all US locations starting July 1st raised some speculative eyebrows with this Threat Blogger wondering about whether proliferation of open access points on a brand-name and nationwide basis will spread malware or increase the theft of identity rich account login information often

Please Rob Me: Blippy

Blippy recently had a small data breach which merely underscored the risks of a growing segment of social networks which showcases your toys… How a burglar or other thief sees Blippy: Securing Our eCity Contributing Writer

Carr’s Four Cyber Trends That Must Be Reversed Now

I’m not always in alignment with Jeffrey Carr’s point of view but in this he is spot on. Succinct and to the point, Jeffrey Carr addresses cybercrime, cyberwarfare rules of engagement and forecasts the United States’ rapid decline: Should these trends continue unabated, we will have no one to blame but ourselves as the economical

Cyber‑crimefighters pwn Carders.cc

Brian Krebs, source of a lot of key research on the banking trojan focus on small to medium sized business, has reported that cyber-vigilantes have rattled the cage of a major carder site by posting their member’s passwords: Ironically, the anonymous authors of the e-zine said they were able to compromise the criminal forum because

Debate Heating Up: Cybersecurity Act of 2010 S. 773

Forbes contributor Richard Stennion doesn’t like the Cybersecurity Act of 2010 very much. We know it around here as S. 773 and have been tracking it for some time. Mr. Stennion and I disagree on some key points. He says that S. 773: “…contains some pretty drastic measures that are going to be very disruptive,

Cybercrime: Illegal Seizure Applicable or Not?

During a recent illness I was doing some research into rendition and the Fourth Amendment evidentiary issues which may come up more often with an increased focus on prosecution of offshore cybercriminals. The challenge: how to recover both digital evidence for Stateside trial and the actual [foreign] cybercriminal with a less than cooperative home country.

Continued Malware Hijinks with Mass Webserver Compromises

While the jury’s still out about whether the intent of the past month’s mass webserver breaches are fully criminal, Dancho reports new developments which also link Koobface activity into this command and control structure: Yet another mass sites compromise is currently taking place, this time targeting DreamHost customers, courtesy of the same gang behind the U.S Treasury/GoDaddy/NetworkSolutions mass compromise campaigns.

Malware Injection Campaign: A Retaliation?

This week there have been several major malware injection campaigns against WordPress blogs and other php-based content management systems. This malware injection battle began last week with Network Solutions and GoDaddy. Recently researcher Dancho Danchev has found evidence linking two US Treasury sites into the malware injection campaign: What's particularly interesting about this campaign is

FBI Cyber Division Warns About Social Networking

In response to questions I heard this weekend from friends of mine about the ‘big picture’ relevance of the 1.5 million Facebook accounts compromised, I referred back to last month’s FBI speech from Dep. Asst. Dir. Chabinsky: “Don't be surprised if a criminal compromises your or one of your colleague's personal social networking accounts to