Bank Of America Employee Charged for Plotting to Deploy ATM Code for Theft

April 7, 2010 by

Bank Of America Employee Charged for Plotting to Deploy ATM Code for Theft: “An AP newswire article by Mike Baker, via The Sun News, reports:

A Bank of America Corp. employee plotted to deploy malicious computer code within the company’s systems so that ATM machines would dispense cash without any record of a transaction, federal prosecutors allege in court documents.

Rodney Reed Caverly was tasked with maintaining and designing computer systems at the bank, including computers that conducted ATM transactions. Prosecutors in the western district of North Carolina said he sought to use computer code within the company’s protected computers so that the ATMs would make fraudulent disbursements.

Caverly was able to obtain more than $5,000 during a seven-month period in 2009, prosecutors allege.

The details of Caverly’s case were filed on Thursday in a ‘bill of information’ document, which typically signals that a plea deal is forthcoming. An attorney for Caverly, Christopher Fialko, declined to comment. Federal prosecutors didn’t return a phone call.

More here.

(Via Fergie’s Tech Blog.)

Windows 7 Less Vulnerable Without Admin Rights

April 1, 2010 by

Windows 7 Less Vulnerable Without Admin Rights: “Most Windows 7 vulnerabilities can be mitigated by administrative rights limitations, report from BeyondTrust finds”

(Via DarkReading – All Stories.)

‘Fog of War’ Led To Operation Aurora Malware Mistake

April 1, 2010 by

‘Fog of War’ Led To Operation Aurora Malware Mistake: “‘Fog of War’ Led To Operation Aurora Malware Mistake”

(Via DarkReading – All Stories.)

Open Source Keykeriki Captures Wireless Keyboard Traffic

April 1, 2010 by

Open Source Keykeriki Captures Wireless Keyboard Traffic: “Another interesting attack, rather than going after the PC/Server this one goes after the data sent by wireless devices such as the wireless keyboards sold by Microsoft. The neat thing is by using a replay attack you could also send rogue inputs to the device.
But then it serves Microsoft right for using XOR encryption for […]

Read the full post at darknet.org.uk

(Via Darknet – The Darkside.)

Gulf Times – Qatar’s top-selling English daily newspaper – Qatar

April 1, 2010 by

Gulf Times – Qatar’s top-selling English daily newspaper – Qatar: ”
Daily Newspaper published by Gulf Publishing & Printing Co. Doha, Qatar

Homepage \Qatar: Latest Update: Monday22/3/2010March, 2010, 01:08 AM Doha Time

Criminals are devising new threat paths, says IT expert
By Sarmad Qazi

Dr K Rama Subramaniam
Sophisticated cyber criminals are successfully finding new threat paths that are going undetected, a cyber criminologist said yesterday.
Dr K Rama Subramaniam, director at Valiant Technologies, India, and Baker Tilly MKM, Abu Dhabi, who is a visiting professor of Cyber Criminology at the University of Madras, further said that cyber crime was no longer about fun.
‘The players now include terrorists, white collar crimin”

(Via .)

China’s Great Firewall Spreads Overseas | HostExploit News

March 27, 2010 by

China’s Great Firewall Spreads Overseas | HostExploit News: “”

(Via .)

Malware delivered by Yahoo, Fox, Google ads | InSecurity Complex – CNET News

March 23, 2010 by

Malware delivered by Yahoo, Fox, Google ads | InSecurity Complex – CNET News: ”

Home News InSecurity Complex
InSecurity Complex
March 22, 2010 12:57 PM PDT
Malware delivered by Yahoo, Fox, Google ads
by Elinor Mills
Font size
Print
E-mail
Share
36 comments

Share
168

These charts show incidences of malware distributed by a number of ad delivery platforms over a six-day period last month that were detected by Avast. Yahoo and Fox have the highest counts.
(Credit: Avast)
Malware that exploits holes in popular applications is being delivered by big ad delivery platforms including those run by Yahoo, Fox, and Google, according to Prague-based antivirus firm Avast.
Viruses and other malware were found to be lurking in ads last year on high-profile sites like The New York Times and conservative news aggregator Drudge Report.com, and this year on Drudge, TechCrunch and WhitePage”

(Via .)

PNC: Former National City Bank Accounts Hacked

March 23, 2010 by

PNC: Former National City Bank Accounts Hacked: “

Some presents just aren’t the kind you want. You buy a new product get it home only to find it’s busted. PNC Financial Services Group Inc. found that out the hard way recently after they purchased National City Bank. Turns out that prior to the acquisition there was a data breach affecting customers. Much like herpes, it was an unpleasant surprise.

From Cincinnati.com:

Bank officials were made aware of the data breach earlier this week, but Solomon would not say how many customers’ accounts have been compromised or how much money was stolen.

PNC Financial, which is based in Pittsburgh, said some customer debit cards were compromised shortly before the company acquired Cleveland-based National City Corp. in December 2008.

This naturally begs the question, why did it take so long to discover? I’d be interested to read more on this story as the details emerge.

Article Link

(Image used under CC from elycefeliz)

UPDATE: Here is more on this story from Channel 9 WCPO

Some Charged More than $1,000

Other customers were hit harder.

* Cynthia Suchoski e-mailed to say ‘there was a charge made yesterday at Macy’s in Costa Mesa, California for $1,300″ on her old National City debit card. She was not in California.
* Jonathan Vasiladis told me his old debit card was hit for $4,000 in bogus charges, many of them happening in England.
* And another, who asked that we not use his name, e-mailed to say his PNC account ‘is more than one $1,000 overdrawn,’ again, after unauthorized charges in California.
* A fourth viewer reports another series of unauthorized charges, supposedly from March of Dimes.


(Via Liquidmatrix Security Digest.)

Police Find Skimming Devices Inside Pumps at 180 Gas Stations in Utah

March 23, 2010 by

Police Find Skimming Devices Inside Pumps at 180 Gas Stations in Utah: “This is news regardless of where you live. Why? The use of skimming devices by identity criminals is not limited to Utah. ABC 4 television news reported: ‘Utah police investigators said crooks have installed electronic ‘skimming’ devices at 180 gas stations from Salt Lake to Provo in an attempt to…

(Via I’ve Been Mugged.)

Online finance flaw: Ameriprise III – please make it stop

March 23, 2010 by

Online finance flaw: Ameriprise III – please make it stop: “NOTE: This issue was disclosed responsibly and repaired accordingly.

‘Now what?’, you’re probably saying. Ameriprise again? Yep.
I really wasn’t trying this time. Really.
There I was, just sitting in the man cave, happily writing an article on version control and regression testing.
As the Ameriprise cross-site scripting (XSS) vulnerabilities from August 2009 and January 2010 were in scope for the article topic, due diligence required me to go back and make sure the issue hadn’t re-resurfaced. 😉
I accidentally submitted the JavaScript test payload to the wrong parameter.
What do you think happened next?
Nothing good.
I reduced the test string down to a single tic to validate the simplicity of the shortcoming; same result.

At the least, this is ridiculous information disclosure, if not leaning heavily towards a SQL injection vulnerability.
As we learned the last two times we discussed Ameriprise, the only way to report security vulnerabilities is via their PR department, specifically to Benjamin Pratt, VP of Public Communications.
Alrighty then, issue reported and quickly fixed this time (same day)…until some developer rolls back to an old code branch or turns on debugging again.

We all know the ColdFusion is insanely verbose, particularly when in left in debugging mode, but come now…really?
I really didn’t want to know the exact SQL query and trigonometry required to locate an Ameriprise advisor.
Although, after all this, I can comfortably say I won’t be seeking an Ameriprise advisor anyway.

Please Mr. Pratt, tell your web application developers to make it stop.

Cheers.

del.icio.us | digg | Submit to Slashdot

Please support the Open Security Foundation (OSVDB)

(Via HolisticInfoSec.org.)