identity theft and scams
Welcome to
Your best source for presentations, workshops, consultation, news, videos, and information about identity theft, scams, data breaches, and other information security threats. For more information about our services, please click HERE.
 
Resources and Expertise to Combat Identity Theft, Scams, and Social Engineering
identitytheft.info
spacer
spacer
There Have Been 
 
 Identity Theft Victims Year-To-Date
CATEGORIES
Latest Identity Theft News
5 Ways Data Classification Can Prevent an Education Data Breach
Thursday, December 01, 2016
csoonline.com
The explosion of data in the education sector can help institutions streamline and improve access to student and user records, as well as creating new efficiencies that reduce administrative tasks, while reaching more students with better and more targeted curriculum. But despite the multitude of benefits, this groundswell of information can also have negative impact if mismanaged.
Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware
Thursday, December 01, 2016
thehackernews.com
If you own an Android smartphone, Beware! A new Android malware that has already breached more than 1 Million Google accounts is infecting around 13,000 devices every day. Dubbed Gooligan, the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them. With this information in hands, the attackers are able to hijack your Google account and access your sensitive information from Google apps including Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.
xHamster Hackers Have ‘Exposed 380,000 Porn-Lovers’
Thursday, December 01, 2016
thesun.co.uk
A shadowy group of cybercrooks leaked a database which reportedly contain hundreds of thousands of usernames and email address. If the information is correct, it could potentially expose the identities of men and women who used the site to get their kicks. This could allow digi-crims to blackmail people by threatening to expose the secret shame of their porn habit.
Android 'Gooligan' Hackers Just Scored the Biggest Ever Theft of Google Accounts
Thursday, December 01, 2016
forbes.com
A new variant of Android malware is responsible for what’s believed to be the biggest single theft of Google accounts on record. The so-called Gooligan strain has infected as many as 1.3 million Android phones since August, completely prising the devices open and stealing the tokens users are given to verify they are authorized to access accounts. Its main aim, though, is not to pilfer all that juicy data in Gmail or Docs, but to force users into downloading apps as part of a huge advertising fraud scheme, making as much as $320,000 a month.
New Mirai Worm Knocks 900K Germans Offline
Thursday, December 01, 2016
krebsonsecurity.com
More than 900,000 customers of German ISP Deutsche Telekom (DT) were knocked offline this week after their Internet routers got infected by a new variant of a computer worm known as Mirai. The malware wriggled inside the routers via a newly discovered vulnerability in a feature that allows ISPs to remotely upgrade the firmware on the devices. But the new Mirai malware turns that feature off once it infests a device, complicating DT’s cleanup and restoration efforts.
Law Enforcement’s Secret “Super Search Engine” Amasses Trillions of Phone Records for Decades
Thursday, December 01, 2016
eff.org
Hemisphere, which AT&T operates on behalf of federal, state, and local law enforcement, contains trillions of domestic and international phone call records dating back to 1987. AT&T adds roughly four billion phone records to Hemisphere each day, including calls from non-AT&T customers that pass through the company’s switches.
San Francisco Latest Victim of Ransomware
Thursday, December 01, 2016
gcn.com
The San Francisco transit system is the latest public-sector victim of ransomware after attackers shut down ticketing machines and demanded payment. The attack occurred on Friday, Nov. 25, with a message appearing on station workers’ computer screens: "You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681, Enter." By Sunday, the city’s Municipal Transit Agency said it had the situation “contained” and was restoring “systems to be fully operational.”
HHS Announces HIPAA Settlement With UMass
Thursday, December 01, 2016
huntonprivacyblog.com
On June 18, 2013, UMass reported to HHS’ Office for Civil Rights (“OCR”) that one of its computer systems at its Center for Language, Speech, and Hearing (the “Center”) had been infected by a malware program, resulting in the unauthorized disclosure of electronic protected health information (“ePHI”) of 1,670 individuals, including names, addresses, Social Security numbers, dates of birth, health insurance information, diagnoses and procedure codes.
18-Year-Old "Computer Genius" Charged With Launching DDoS Attacks
Tuesday, November 29, 2016
bleepingcomputer.com
U.S. authorities charged Michaela Gabriella King, 18, of Murrysville, Pennsylvania with launching multiple DDoS attacks against Franklin Regional High School, the school she was attending. According to investigators, King used the BetaBooter DDoS stressor to launch DDoS attacks on her school's network, from her home computer, her mobile phone, but most of the time from computers at school.
How to Dodge Black Friday and Cyber Monday Shopping Hackers
Tuesday, November 29, 2016
csoonline.com
Hackers are writing apps, setting up phony Wi-Fi networks and unleashing malware in attempts to turn legitimate Black Friday 2016 and Cyber Monday retailing into profits for themselves, according to security experts.
Hacking and the 2016 Presidential Election
Friday, November 25, 2016
schneier.com
Was the 2016 presidential election hacked? It's hard to tell. There were no obvious hacks on Election Day, but new reports have raised the question of whether voting machines were tampered with in three states that Donald Trump won this month: Wisconsin, Michigan and Pennsylvania.
Bruce Schneier: 'The Internet Era of Fun and Games Is Over'
Friday, November 25, 2016
dailydot.com
Internet pioneer Bruce Schneier issued a dire proclamation in front of the House of Representatives’ Energy & Commerce Committee Wednesday: “It might be that the internet era of fun and games is over, because the internet is now dangerous.” The meeting, which focused on the security vulnerabilities created by smart devices, came in the wake of the Oct. 21 cyberattack on Dyn that knocked Amazon, Netflix, Spotify, and other major web services offline.
Why Online Shopping Fraud Is Expected to Jump 43% This Holiday Season and How to Protect Yourself
Tuesday, November 29, 2016
forbes.com
The holiday shopping season isn’t all wish lists, massive sales and beautifully wrapped gifts. Unfortunately, along with millions of transactions comes a high incidence of fraud — and the nature of that fraud is changing this year due to the shift over the last year or so to EMV, or chip, cards. A survey of 125 retailers representing 13% of online sales projects that online fraud attempts will rise 43% this year over last.
Report: European Banks Struck by ATM Jackpotting Attacks
Tuesday, November 29, 2016
databreachtoday.com
Hackers have been draining ATMs of cash across Europe after compromising the networks of banks and planting malicious software on the machines, the security company Group-IB says. But the Russian company's report is being cautiously reviewed by some in the financial services industry.
Madison Square Garden, Radio City Music Hall Breached
Tuesday, November 29, 2016
healthcareinfosecurity.com
Cybercriminals broke into the payment card processing system used by the Madison Square Garden Co., owner of Radio City Music Hall and other iconic entertainment venues, harvesting payment card details for nearly a year.
MailChimp Accounts Hacked to Spam out Malicious Emails
Friday, November 25, 2016
welivesecurity.com
The emails bore the disguise of a QuickBooks invoice, and were sent to various mailing lists.
The New Cybersecurity War Takes Shape
Friday, November 25, 2016
itproportal.com
The stakes could not be higher. With financial data, medical records, intellectual property, and even military information in constant motion around the globe, our entire way of life depends on the security of our data. The expanding internet of things opens a new realm of vulnerable systems, and raises for the first time the prospect that hackers and spies can inflict immediate physical damage on their targets.
Almost 600,000 at Risk of Identity Theft After US Department of Housing and Urban Development Data Breach
Monday, November 21, 2016
valleynewslive.com
A Fargo woman received a letter from public housing saying she was at risk of identity theft. It was a result of a US Department of Housing and Urban Development data breach and now she's worried for her safety. "The government's supposed to protect you and your information. You have to sign all these forms to release your information to them and all this privacy statement and then something like this happens," says the mother of four.
Email Scam Targets People Buying a Home
Monday, November 21, 2016
ktvb.com
The way this scam works is a hacker accesses an email account that belongs to a buyer, realtor, tile representative or mortgage lender. The hacker monitors the communications and learns information about the purchase and then makes their move. "Right before it goes to close an email kind of pops up to the buyer saying 'Hey, actually wiring instructions have changed. Here's the new link or here's the new account number,’ and it's tied to a fraudulent account," said Breanna Vanstrom, Boise Regional Realtors chief executive officer. She said then the buyer assumes they’re talking to the agent or lender, they wire the money to the scammer’s account and the money is gone.
Officials Warn About Secret Sister Gift Exchange Scam
Monday, November 21, 2016
wnep.com
Now that the holiday season is here again, so is a familiar holiday scam. Police are warning people about the "secret sister gift exchange" currently making the rounds on social media, including Facebook. The secret sister gift exchange promises that if you buy one $10 gift for someone and add your name to a list, you'll get between six and 36 gifts in the mail. Authorities say it's too good to be true and illegal.
The Package Delivery Scam Is Back
Monday, November 21, 2016
clark.com
Here's how it works: scammers send fake emails with subject lines containing the text (or similar to): "USPS Delivery Failure Notification." The emails claim to be from the U.S. Postal Service and contain fraudulent information about an attempted package delivery. The emails then instruct the person to click on a link for more information regarding how and when to get their package delivered.
Can Government Agencies Ever Unmask the Insider Threat?
Monday, November 21, 2016
gcn.com
The recent arrest of Harold Martin, another National Security Agency contractor charged with allegedly stealing top secret computer code, is a reminder that the greatest cyber threats facing an organization often don’t come from a rogue nation -- they come from within. Despite significant increases in cybersecurity awareness, including the Presidential Executive Order 13587 -- which provides structural reforms to improve the security of classified networks and the responsible sharing of classified information -- there is no level of profiling that can predict insider threats with 100 percent effectiveness.
AdultFriendFinder Network Finally Comes Clean to Members About Hack
Monday, November 21, 2016
zdnet.com
The company behind AdultFriendFinder.com has only just begun directly informing its users that their data has been stolen, a week after it publicly admitted that its networks had been compromised. Friend Finder Networks, which owns several adult dating and entertainment sites including AdultFriendFinder.com and Cams.com, alerted users of a "security incident" in a message on Sunday, a little over a week after we first reported of the scale of the breach, which affected over 400 million accounts.
How to Keep Your Secrets Safe on Amazon, Netflix, Other Sites
Monday, November 21, 2016
usatoday.com
Your device says a lot about you: Your pastimes, your taste in music, your curiosities and the things you shop for. So how do you maintain your privacy online, even with the people who are closest to you? Here are a few simple tricks to help you keep your secrets under wraps.
Five Ways to Maintain Your Privacy on Your Smartphone, No Downloads Required
Monday, November 21, 2016
techrepublic.com
You can download apps to audit your privacy, but who's to say those apps aren't a security risk themselves? Here are five tips for maintaining your privacy in the always-connected world.
Adobe Fined $1M in Multistate Suit Over 2013 Breach; No Jail for Spamhaus Attacker
Friday, November 18, 2016
krebsonsecurity.com
Adobe will pay just $1 million to settle a lawsuit filed by 15 state attorneys general over its huge 2013 data breach that exposed payment records on approximately 38 million people. In other news, the 39-year-old Dutchman responsible for coordinating an epic, weeks-long distributed denial-of-service attack against anti-spam provider Spamhaus in 2013 will avoid any jail time for his crimes thanks to a court ruling in Amsterdam this week.
NIST Releases Cybersecurity Guidance for Internet of Things
Friday, November 18, 2016
insideprivacy.com
As more and more of our appliances, cars, devices, and other “things” are connected to the Internet and to each other, participants in the IoT manufacturing ecosystem, consumers, and the government are focusing on how best to harness the power of this rapid technological advancement, while understanding and mitigating new cyber threats. According to NIST, the purpose of the Guidance is to address “fundamental weaknesses in system architecture and design” that “can only be addressed with a holistic approach based on sound systems security engineering techniques and security design principles.”
New Airline Scam Promises Free Emirates Flight Tickets
Friday, November 18, 2016
welivesecurity.com
Year-end celebrations are close and many people are looking to book their plane tickets to visit relatives and friends. As expected, cybercriminals are looking to exploit users over the festive period – social engineering techniques are frequent over the holidays, as demonstrated by a scam that is promising people free flight tickets.
Consumers' Poor Cyber Hygiene Costs Them Billions
Friday, November 18, 2016
scmagazine.com
The fact that cybercrime impacts hundreds of millions of people, has cost its victims more than $100 billion and most people know of the danger has done little to limit the general complacency and unsafe behavior still prevalent among internet users.
3 Mobile UK Hacked – 6 Million Customers' Private Data at Risk
Friday, November 18, 2016
thehackernews.com
Three, one of UK's biggest mobile operators, has become the latest victim of a massive data breach that reportedly left the personal information and contact details of 6 Million of its customers exposed.
Adult Website Data Breaches Pose Risk of Blackmail to Those Exposed
Friday, November 18, 2016
nextadvisor.com
When the database of a website is privy to some of the darker secrets its users would rather not share with most of the world, such as an adult-oriented website, is hacked, the risks go beyond identity theft and financial woes.
Chicago Public Schools Notifies Families of Student Data Breach
Friday, November 18, 2016
chicagotribune.com
Chicago Public Schools has notified the families of about 30,000 students that a district employee improperly distributed confidential student information to a charter school operator for use in a mail advertising campaign...information included students' names, addresses, grade levels and their current elementary schools.
The 7 Most Significant Government Data Breaches
Friday, November 18, 2016
darkreading.com
Mega compromises at federal and state agencies over the past three years has compromised everything from personal data on millions to national security secrets.
IRS Aims to Improve Tax Preparer Security to Combat ID Theft
Friday, November 18, 2016
accountingtoday.com
The Internal Revenue Service has launched the second year of its public awareness campaign aimed at improving taxpayer security in partnership with tax software companies, tax preparation chains and state tax authorities. The campaign from the IRS and its partners in its Security Summit program includes a series of security awareness tax tips, a set of suggestions on the Taxes. Security. Together. web page and the single-page Publication 4524, Security Awareness for Taxpayers.
Measure Strengthening Identity Theft Protections for Seniors Passes in Washington
Friday, November 18, 2016
seattletimes.com
I-1501, which earned 71 percent of the vote in Tuesday returns, sought to increase penalties against perpetrators and change the state’s Public Records Act to bar disclosure of personal information about in-home care-givers and their clients...Opponents claim the union-backed measure only included language about protecting seniors and others as a smokescreen to get the records-act changes.
“Freeze Identity Thieves” Initiative to Remind Hoosiers About ID Theft
Friday, November 18, 2016
tribstar.com
Every two seconds someone in America has their identity stolen. According to a Javelin Strategy & Research study, about $15 billion was stolen from 13.1 million U.S. consumers in 2015. To combat this growing criminal industry that destroys the good names and credit ratings of innocent people, Indiana Attorney General Greg Zoeller launched the “Freeze Identity Thieves” statewide public awareness effort again this year aimed at arming Hoosiers with a simple, effective ID theft prevention tool: the credit freeze. Zoeller is urging Hoosiers to sign up for a credit freeze to guard against fraud this holiday shopping season, when cybercrime is common.
Retired Priest Pleads Guilty in Dating Site Scam Targeting Women
Friday, November 18, 2016
telegram.com
A retired Catholic priest pleaded guilty in federal court Wednesday to a money laundering charge stemming from his involvement in an overseas scheme that allegedly defrauded women seeking companionship online.
Beware Utility Scams -- Your Power Will Not Be Shut Off Immediately
Friday, November 18, 2016
forbes.com
Today is the inaugural Utilities United Against Scams Day, a day supported by members of the water, gas and electric industries to form a unified front against scammers. This day is a part of a week-long advocacy and awareness campaign focused on exposing the tactics scammers use to steal money from utility customers and on educating customers about how to protect themselves.
Dominion Customers Report Being Spoofed
Friday, November 18, 2016
witn.com
Officials say more than 500 Dominion Power customers have been contacted by scammers who threaten to disconnect their service unless they immediately pay through a prepaid debit card. The scammers use caller I.D. spoofing software so a customer thinks they are actually receiving a call from Dominion, but Dominion officials said in a statement that the company never threatens their customers nor demands a specific form of payment.
iPhones Secretly Send Call History to Apple, Security Firm Says
Thursday, November 17, 2016
theintercept.com
Apple emerged as a guardian of user privacy this year after fighting FBI demands to help crack into San Bernardino shooter Syed Rizwan Farook’s iPhone. The company has gone to great lengths to secure customer data in recent years, by implementing better encryption for all phones and refusing to undermine that encryption. But private information still escapes from Apple products under some circumstances. The latest involves the company’s online syncing service iCloud.
Manhattan District Attorney’s Office Now Houses State-Of-The-Art Cybercrime Lab
Thursday, November 17, 2016
newyork.cbslocal.com
The new 17,000 square foot facility includes a 2,000 square foot crime lab and space for 75 full-time staffers from the DA’s office and the NYPD, along with cyber intelligence analysts, forensic analysts and cell site analysts, according to a release by the DA’s office. “Having the tools located in the center really makes a difference to criminals who have found that the click of a mouse is much larger than the shot of a gun when you are committing a robbery,” NYPD Deputy Commissioner of Intelligence and Counter terrorism John Miller said.
Protecting Your Digital Life in 7 Easy Steps
Thursday, November 17, 2016
nytimes.com
There are more reasons than ever to understand how to protect your personal information. Major hacks seem ever more frequent. Investigators believe that a set of top-secret National Security Agency hacking tools were offered to online bidders this summer. And many of those worried about expanded government surveillance by the N.S.A. and other agencies have taken steps to secure their communications. In a recent Medium post, Quincy Larson, the founder of Free Code Camp, an open-source community for learning to code, detailed the reasons it might be useful for people to make their personal data more difficult for attackers to access.
Detective Spreads Fraud Awareness in His Community
Thursday, November 17, 2016
acfeinsights.squarespace.com
For Rick Belik, CFE, Omaha Police Department Detective and part-time Task Force Officer for the FBI's White Collar Crime Task Force, fraud is often very personal. Belik, who was awarded the ACFE Outstanding Achievement in Community Service Award in 2015, has dealt with numerous cases of elder fraud.
Is Critical Infrastructure the Next DDoS Target?
Thursday, November 17, 2016
csoonline.com
A massive Distributed Denial of Service attack shut down a portion of the internet recently. Experts say it is unlikely a similar attack could take down the grid or other critical infrastructure but acknowledge that security remains weak in the industry.
Lawmakers Grapple With Security of Internet Devices
Thursday, November 17, 2016
thehill.com
Lawmakers on Wednesday grappled with improving the security of internet-connected devices amid growing concerns over their vulnerability to hackers.
This Ransomware Uses Your Social Media Profiles to Personalise Its Demands
Thursday, November 17, 2016
zdnet.com
Brazen desktop locker campaign uses social media info to make its threat more compelling to victims.
Feds Release Guidelines for Security of Internet-Connected Devices
Tuesday, November 15, 2016
thehill.com
The National Institute of Standards and Technology (NIST) formally unveiled their guidelines for increasing the security of internet-connected devices at a conference on Tuesday, a month ahead of schedule. The guidelines come amid new concerns about the security of the many devices that connect to the internet.
Broward Health Data Breach Released Patient Information to Tax Fraud Ring
Wednesday, November 16, 2016
floridabulldog.org
The stolen information were hospital Facesheets that contain a patient’s full name, date of birth, address, phone numbers, Social Security number, primary insurance provider, insurance guarantor, reason for visit, emergency contact/next of kin information.
Horizon Says Privacy Breach Could Affect up to 170K N.J. Customers
Tuesday, November 15, 2016
nj.com
"While no social security numbers, financial information, addresses or dates of birth were included on the statements, (the letters) may include member name, member ID number, claim number, date of service, limited description of services, service codes or provider/facility name," according to the announcement.
Adult FriendFinder Hit With One of the Biggest Data Breaches Ever, Report Says
Tuesday, November 15, 2016
washingtonpost.com
A hack against popular adult dating and entertainment company FriendFinder Networks exposed data related to more than 412 million user accounts, according to a report from breach notification site LeakedSource. If the report is correct, that would make the breach one of the largest on record in terms of the number of accounts affected. It also would mark the second such incident at the company in two years.
Secret Backdoor in Some U.S. Phones Sent Data to China, Analysts Say
Wednesday, November 16, 2016
nytimes.com
Security contractors recently discovered preinstalled software in some Android phones that monitors where users go, whom they talk to and what they write in text messages. The American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence.
TSA Precheck on Hold Over Cybersecurity Issues
Wednesday, November 16, 2016
consumerist.com
The Los Angeles Times reports that the TSA sent a letter to potential vendors, explaining that it had paused expansion of PreCheck because of “increased and evolving cybersecurity risks over the past year."
How to Protect Yourself From Medical Identity Theft
Wednesday, November 16, 2016
cnbc.com
Scammers aren't just after your money. These days, they also want your health insurance card. A recent study found the number of cases of medical identity theft jumped more than 21 percent in just one year, costing the average victim $13,500 to fix.
New Identity Theft Scheme Targets Members of the Military
Wednesday, November 16, 2016
nbcwashington.com
A new identity theft scheme targets members of the military. U.S. Army Cyber Command issued an alert about a phishing attempt to lure victims into revealing private information.
County Pays Ransom to Computer Hackers
Monday, November 14, 2016
heraldbulletin.com
Informed county sources, that didn’t want to be named, indicated the ransom paid by Madison County was $28,000, which was paid on the advice of the county’s insurance carrier, Travelers Insurance. Captain Dave Bursten with the Indiana State Police said the investigation is ongoing. “Investigations of this nature are complicated, are rarely solved and typically involve criminal actors from foreign countries,” he said.
AdultFriendFinder Network Hack Exposes 412 Million Accounts
Monday, November 14, 2016
zdnet.com
A massive data breach targeting adult dating and entertainment company Friend Finder Network has exposed more than 412 million accounts. The hack includes 339 million accounts from AdultFriendFinder.com, which the company describes as the "world's largest sex and swinger community." That also includes over 15 million "deleted" accounts that wasn't purged from the databases.
Adobe Settles Multistate Data Breach Enforcement Action
Monday, November 14, 2016
huntonprivacyblog.com
The AVC stems from a 2013 breach of one of Adobe’s public-facing servers that allowed an attacker to steal data from Adobe’s network. The stolen data included names, addresses, telephone numbers, usernames, email addresses, encrypted and unencrypted passwords, plain text password hints and encrypted payment card numbers and expiration dates. Adobe notified more than 3.1 million customers whose credit or debit card information was stolen, and nearly 33 million active users whose passwords were stolen.
Dark Web Hackers Boast of Tesco Bank Thefts
Monday, November 14, 2016
bbc.com
The bank has repeatedly declined to give details of the crime. It says it is unable to do so while a criminal investigation is being carried out. Elsewhere, the Sunday Times suggested that the raid had involved the use of contactless payments triggered by smartphones. And a second cybersecurity company said it had warned Tesco of problems with several of its mobile apps four months ago, but had been ignored.
A 10-Digit Key Code to Your Private Life: Your Cellphone Number
Monday, November 14, 2016
nytimes.com
The cellphone number is more than just a bunch of digits. It is increasingly used as a link to private information maintained by all sorts of companies, including money lenders and social networks. It can be used to monitor and predict what you buy, look for online or even watch on television.
ID Theft Ringleader Gets Prison Sentence of 16+ Years
Monday, November 14, 2016
darkreading.com
Tampa resident and his gang had cheated more than 1,000 people and 35 financial institutions causing loss of $700,000.
Bamboozled: Beware of These 4 Post-Election Scams
Monday, November 14, 2016
nj.com
The most successful scams have a measure of truth to them. And they often take advantage of a potential victim's economic troubles or worries about their future. The election of Donald Trump, who stoked fears in many during the campaign, may be a boon to scammers who want to take advantage of those fears. (And yes, had Hillary Clinton won, the scammers would have tried to capitalize on that.)
These Were the Biggest Hacks, Leaks and Data Breaches of 2016
Monday, November 14, 2016
zdnet.com
Over two billion records were stolen in 2016 alone -- and the year isn't over yet.
Bangladesh Bank to Retrieve $15 Million of $81 Million Cyber Heist
Friday, November 11, 2016
thehill.com
The Bangladesh Bank theft is the largest known pilfering in which criminals used the Society for Worldwide Interbank Financial Telecommunication (SWIFT) bank transactions network. Hackers used the network to request that the New York Fed transfer money from the Bangladeshi bank, where it is believed to have been laundered through Philippines casinos.
Study Finds Malware Lurking in Amazon, Google and Groupon Cloud Services
Friday, November 11, 2016
scmagazine.com
A recent study detected more than 600 cloud repositories hosting malware and other malicious activities on major cloud platforms including Amazon, Google, Groupon and thousands of other sites.
FTC Offers Advice on How to Avoid and Respond to Ransomware Attacks
Thursday, November 10, 2016
ftc.gov
Following its September workshop on Ransomware – malicious software that denies access to computer files until the victim pays a ransom – the Federal Trade Commission is offering tips on how consumers and businesses can protect devices and respond to ransomware.
Data Breaches Top 800 to Date in 2016
Thursday, November 10, 2016
247wallst.com
The latest data breach count from the Identity Theft Resource Center (ITRC) reports that there have been 809 data breaches recorded this year through October 25, 2016, and that nearly 30 million records have been exposed since the beginning of the year. The total number of reported breaches increased by 26 since ITRC’s last report on October 19.
Tesco Bank Freezes All Online Transactions After Money Stolen From 20,000 Accounts
Thursday, November 10, 2016
zdnet.com
Tesco Bank has frozen the online transactions of all of its 136,000 current account holders following "online criminal activity", resulting in the theft of funds from at least 20,000 customers.
Russian ‘Dukes’ of Hackers Pounce on Trump Win
Thursday, November 10, 2016
krebsonsecurity.com
Less than six hours after Donald Trump became the president-elect of the United States, a Russian hacker gang perhaps best known for breaking into computer networks at the Democratic National Committee launched a volley of targeted phishing campaigns against American political think-tanks and non-government organizations (NGOs).
Locky Ransomware Disguises Itself as Account Suspensions and Suspicious Movements
Thursday, November 10, 2016
hotforsecurity.com
One of the golden rules of computer security for the last twenty-or-so years has been to be extremely cautious of unsolicited emails. It’s one of the favourite methods used by cybercriminals to trick unsuspecting computer users into opening dangerous attachments or clicking on a link to a malicious webpage.
Why Senior Managers Are the Most Dangerous Negligent Insiders
Thursday, November 10, 2016
csoonline.com
43 percent of C-level executives say negligent insiders are the greatest risk to sensitive data in their organizations...Yet, senior managers are twice as likely workers overall to take files with them after leaving a job. And 58 percent of senior managers (compared to 25 percent of all workers) have accidentally sent sensitive information to the wrong person.
FinCEN Issues Advisory on SAR Reporting Obligations Involving Cyber Crime
Thursday, November 10, 2016
huntonprivacyblog.com
The Advisory indicates that SAR reporting is mandatory for cyber events where the financial institution “knows, suspects or has reason to suspect a cyber-event was intended, in whole or in part, to conduct, facilitate, or affect a transaction or a series of transactions….” Implementing this new guidance will require increased collaboration between AML and cybersecurity or IT departments in large institutions, and may create challenges for smaller banks that are more likely to outsource their cybersecurity functions.
VA: Employee Emailed Veterans' Personal Data to Himself
Thursday, November 10, 2016
foxnews.com
The Department of Veterans Affairs has warned more than 2,100 veterans in Eastern Colorado and parts of Kansas that their personal information may have been compromised when an employee emailed documents to himself.
Infomercial Sleeper ‘My Pillow’ Gets $1 Million Wake-Up Call Over False Medical Claims
Thursday, November 03, 2016
washingtonpost.com
A recent lawsuit successfully argued My Pillow overstated its claims, deflating the pillow company’s meteoric rise. Last Wednesday, 10 district attorneys from California sued My Pillow in Alameda County Superior Court, in Oakland, alleging the company had engaged in deceptive and false advertisements.
10 Cybersecurity Lessons From 10 Years’ Experience at IBM
Thursday, November 03, 2016
securityintelligence.com
Skapinetz: In 10 years at IBM, I’ve been fortunate to have a bird’s eye view of big changes across the security industry. I have helped massive enterprises and small organizations build out their defenses against all sorts of changing threats. Here are 10 simple cybersecurity lessons I’ve learned in the past decade.
Computer Virus Cripples UK Hospital System
Wednesday, November 02, 2016
krebsonsecurity.com
Citing a computer virus outbreak, a hospital system in the United Kingdom has canceled all planned operations and diverted major trauma cases to neighboring facilities. The incident came as U.K. leaders detailed a national cyber security strategy that promises billions in cybersecurity spending, new special police units to pursue organized online gangs, and the possibility of retaliation for major attacks.
Hacker Who Helped Blackmailers Access 10 Billion Photobucket Images Sentenced to Prison
Wednesday, November 02, 2016
denverpost.com
A Colorado hacker who sold computer code that allowed people, including blackmailers, to scan Photobucket’s cache of 10 billion customer photographs and videos for nude and pornographic images and steal them was sentenced Tuesday to 29 months in prison.
Parents Need to Respect Their Children's Privacy Online, Experts Say
Wednesday, November 02, 2016
consumeraffairs.com
Excited parents begin posting anything and everything about their children, often starting with those grainy in-utero scans. While online sharing can be good for parents, providing them support from friends and family, it can also have some very real consequences for children later in life, according to researchers who presented their findings at the American Academy of Pediatrics conference in San Francisco.
Phishing Fraudsters Pose as UK Bank Social Media Types
Tuesday, November 01, 2016
theregister.co.uk
Cybercrooks are posing as customer support staff from UK banks in a ruse designed to hoodwink gullible customers out of their credentials.
What Awareness Is Supposed to Be
Tuesday, November 01, 2016
csoonline.com
Recent W-2 and accounts payable thefts show governance should be the cornerstone of awareness.
NSA Hackers Leak More Files, Revealing Apparent Targets of US Cyber Espionage
Monday, October 31, 2016
thehill.com
The hacker or hackers that stole National Security Agency-built hacking tools have dumped new files in what appears to be yet another change of plans in monetizing the heist. The new files provide some insight into the targets of the NSA affiliated hacking team called The Equation Group. Those targets include government servers in China and Universities in Pakistan and Saudi Arabia.
Bank Regulator Reveals 'Major' Security Breach
Monday, October 31, 2016
thehill.com
A federal bank regulator announced Friday that a former employee had illegally downloaded more than 10,000 records containing personal information.
How Podesta's Gmail Account Was Breached
Monday, October 31, 2016
thesmokinggun.com
On March 19, a Saturday, Podesta received an e-mail--purportedly from Google--warning him that, “Someone has your password.” The alert (seen above) informed Podesta that a sign-in attempt from an IP address in Ukraine was thwarted and that, “You should change your password immediately.”
Study: Healthcare Staff Lacking in Basic Security Awareness, Putting Medical Infrastructure at Risk
Monday, October 31, 2016
healthcareitnews.com
Security is only as strong as the weakest link, and employees are often it when it comes to phishing, spear-phishing and other social engineering attacks, SecurityScorecard finds.
This Chart Shows the Anatomy of the IRS Phone Scam
Monday, October 31, 2016
vox.com
The indictment also shows us who does what, and how the money travels. Here is a diagram that shows how this scam works, based on what’s in the indictment.
She Thought Her Husband Was Dead - Police Told Her He Was Living With His New Family in Florida
Monday, October 31, 2016
washingtonpost.com
After abandoning his family in 1993, Hoagland moved to Florida, where he constructed an entirely new existence from scratch. Police say he started by stealing the death certificate and adopting the identity of a man named Terry Jude Symansky — a fisherman who died in 1991.
Ransomware Attacks Are Soaring, Says Beazley in Data Breach Report
Monday, October 31, 2016
insurancejournal.com
Ransomware attacks against businesses will be four times higher in 2016 than last year, with a growing number of ransom-seeking hackers demanding bitcoin rather than money, according to a report by specialty insurer Beazley.
FTC Issues Guidance for Responding to Data Breaches
Monday, October 31, 2016
insideprivacy.com
The FTC issued new guidance for businesses on responding to data breaches, along with an accompanying blog post and video. The data breach response guidance follows the issuance of the FTC’s “Start with Security” data security guidance last year and builds upon recent FTC education and outreach initiatives on data security and cybersecurity issues. The FTC’s data breach response guidance focuses on three main steps: securing systems and data from further harm, addressing the vulnerabilities that led to the breach, and notifying the appropriate parties.
Cybercrime: On an Upward Trend
Friday, October 28, 2016
scmagazine.com
Cybercrime is a fast-growing area of crime. Europol's 2016 Internet Organised Crime Threat Assessment identifies an expanding cyber-criminal economy exploiting our increasingly Internet-enabled lives.
Big Tech-Media Mergers Raise Fresh Privacy Concerns
Friday, October 28, 2016
phys.org
"Twenty-first century media is all about the ability to gather information on a single individual regardless of where they are—whether they are using mobile phone or watching TV or in a grocery store," said Jeffrey Chester of the Center for Digital Democracy, a privacy rights group.
A Police Raid in India Dramatically Reduced the Number of IRS Scam Reports
Friday, October 28, 2016
washingtonpost.com
It took a big raid in India to slow down an IRS impostor scam that resulted in thousands of people, many of them retirees, being bilked out of millions of dollars.
AT&T Is Spying on Americans for Profit, New Documents Reveal
Tuesday, October 25, 2016
thedailybeast.com
Hemisphere is a secretive program run by AT&T that searches trillions of call records and analyzes cellular data to determine where a target is located, with whom he speaks, and potentially why.
IoT Device Maker Vows Product Recall, Legal Action Against Western Accusers
Tuesday, October 25, 2016
krebsonsecurity.com
A Chinese electronics firm pegged by experts as responsible for making many of the components leveraged in last week’s massive attack that disrupted Twitter and dozens of popular Web sites has vowed to recall some of its vulnerable products, even as it threatened legal action against this publication and others for allegedly tarnishing the company’s brand.
Hackers Took Down a High School Literacy Test Because Punk’s Not Dead
Friday, October 28, 2016
motherboard.vice.com
A dry run for a high school literacy test in Ontario was cancelled last week after being sabotaged with a cyber attack, affecting thousands of grade 10 students, the organization that oversees the test announced on Monday.
Sorting Out HIPAA vs. FTC Act Requirements
Tuesday, October 25, 2016
healthcareinfosecurity.com
The new guidance from the FTC and Department of Health and Human Services' Office for Civil Rights comes in the wake of several enforcement actions that the FTC has taken against healthcare sector organizations in recent years for alleged privacy and security incidents that violate the FTC's unfair or deceptive business practices regulations, including its ongoing case against LabMD.
Dyn DDoS Attack Highlights 'Dark Side' of Tech-Dependent Society
Friday, October 28, 2016
govtech.com
James Ramsay is the coordinator of the new Homeland Security program at the University of New Hampshire and a professor of security studies. He said these kinds of attacks reflect the "dark side" of our technology-dependent society. "This is the 'advanced persistent threat' that we refer to in the world of cyber security," he said. "This is a vulnerabilty that a society has that has become addicted to, and absolutely dependent on, digital communications, digital assets, digital identities."
Inside the OPM Hack, the Cyberattack That Shocked the Us Government
Tuesday, October 25, 2016
wired.com
To figure out why the hackers had trained their sights on OPM, investigators would have to determine what, if anything, had been stolen from the agency’s network over the preceding year. But first they had to hunt down and eliminate the malware on its network, an archaic monstrosity that consisted of as many as 15,000 individual machines.
In Cybersecurity Contest, Hackers Target Critical Infrastructure
Tuesday, October 25, 2016
csmonitor.com
At the inaugural Passcode Cup capture the flag challenge, competitors raced through hacking challenges that ranged from password-cracking to compromising a mock water treatment facility.
Massive Weebly Data Breach Exposes Over 43 Million Users' Info
Tuesday, October 25, 2016
esecurityplanet.com
The drag-and-drop website builder Weebly is notifying most of its more than 40 million users that hackers had accessed their email addresses and/or user names, IP addresses and encrypted (bcrypt hashed) passwords.
St. Joseph Health to Pay OCR $2.14 Million to Settle HIPAA Case
Tuesday, October 25, 2016
hipaajournal.com
The Department of Health and Human Services’ Office for Civil Rights has announced it has agreed to settle potential violations of the HIPAA Privacy and Security Rules with St. Joseph Health (SJH). SJH is required to pay $2.140,500 to OCR and adopt a corrective action plan (CAP) to bring policies and procedures up to the standard demanded by HIPAA.
Media Fails to Tell Consumers About Device Flaws in Friday’s Internet Outage
Tuesday, October 25, 2016
networkworld.com
When reporting on Friday’s DDoS attack, the national media should have warned consumers not to install internet-connected devices that have a 4-year-old flaw.
How Security Flaws in Voting Machines Could Discredit Election Results
Tuesday, October 25, 2016
zdnet.com
Security experts say voting machines are easy to tamper with, and in several key battleground states ballots will be nearly impossible to verify.
HIPAA Audit Update: Here's What's Next
Tuesday, October 25, 2016
healthcareinfosecurity.com
Federal regulators will start remote HIPAA compliance "desk audits" for business associates in November. And more comprehensive onsite audits of covered entities and BAs are slated for the first quarter of next year.
Identity Theft Hits Low- to Moderate-Income Victims Hardest
Tuesday, October 25, 2016
darkreading.com
In addition to government assistance, ID theft victims frequently seek financial support from friends, family, and faith-based organizations, according to a study by the Identity Theft Resource Center.
As Artificial Intelligence Evolves, So Does Its Criminal Potential
Monday, October 24, 2016
nytimes.com
Imagine receiving a phone call from your aging mother seeking your help because she has forgotten her banking password. Except it’s not your mother. The voice on the other end of the phone call just sounds deceptively like her. It is actually a computer-synthesized voice, a tour-de-force of artificial intelligence technology that has been crafted to make it possible for someone to masquerade via the telephone. Such a situation is still science fiction — but just barely. It is also the future of crime.
Website-Blocking Attack Used Open Source Software
Monday, October 24, 2016
thehill.com
Investigators say the free tool that briefly blocked access to major websites on Friday was the same one that was used in a record-breaking attack on a cybersecurity journalist.
Microsoft: Beware This Fake Windows BSOD From Tech Support Scammers' Malware
Monday, October 24, 2016
zdnet.com
Microsoft is warning Windows users over a fake Microsoft security product that locks an infected computer and tries to trick victims into calling a support hotline.
U.S. Courts: Electronic Surveillance up 500 Percent in D.C.-Area Since 2011, Almost All Sealed Cases
Monday, October 24, 2016
washingtonpost.com
Secret law enforcement requests to conduct electronic surveillance in domestic criminal cases have surged in federal courts for Northern Virginia and the District, but only one in a thousand of the applications ever becomes public, newly released data show.
Hacker Lexicon: What Are DoS and DDoS Attacks?
Monday, October 24, 2016
wired.com
There are other types of DoS attacks that use different tactics, but they all have the same effect: preventing legitimate users from accessing a system or site.
Pennsylvania Driver's License Will No Longer Count as Federal ID
Monday, October 24, 2016
post-gazette.com
Kentucky, Maine, Oklahoma and South Carolina also at risk.
How Your DVR Was Hijacked to Help Epic Cyberattack
Monday, October 24, 2016
usatoday.com
Technology experts warned for years that the millions of Internet-connected "smart" devices we use every day are weak, easily hijacked and could be turned against us. The massive siege on Dyn, a New Hampshire-based company that monitors and routes Internet traffic, shows those ominous predictions are now a reality.
Second Hack Feared After Massive Cyberattack Knocks Major Websites Offline
Monday, October 24, 2016
nbcnews.com
It remains unclear who is behind the attacks — but the interruptions sent the internet into a tizzy.
Is Disclosure of Podesta’s Emails a Step Too Far? a Conversation With Naomi Klein
Saturday, October 22, 2016
theintercept.com
The author and activist Naomi Klein believes there are serious threats to personal privacy and other critical political values posed by hacks of this sort, particularly when accompanied by the indiscriminate publication of someone’s personal emails.
Google Has Quietly Dropped Ban on Personally Identifiable Web Tracking
Saturday, October 22, 2016
propublica.org
Google is the latest tech company to drop the longstanding wall between anonymous online ad tracking and user’s names.
Federal Regulators Propose New Cybersecurity Rule for Big Banks
Friday, October 21, 2016
huntonprivacyblog.com
The Proposed Standards address five categories of cybersecurity: cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience and situational awareness.
Government Alleges Former NSA Contractor Stole ‘Astonishing Quantity’ of Classified Data Over 20 Years
Friday, October 21, 2016
washingtonpost.com
Federal prosecutors in Baltimore on Thursday said they will charge a former National Security Agency contractor with violating the Espionage Act, alleging that he made off with “an astonishing quantity” of classified digital and other data over 20 years in what is thought to be the largest theft of classified government material ever.
Self-Checkout Skimmers Go Bluetooth
Friday, October 21, 2016
krebsonsecurity.com
Here’s a look at one overlay skimmer equipped with Bluetooth technology that allows thieves to snarf swiped card data and PINs wirelessly using nothing more than a mobile phone.
Massive DDoS Attack Against Dyn DNS Causes Major Outages to Popular Sites
Friday, October 21, 2016
thehackernews.com
A sudden outage of popular sites and services, including Twitter, SoundCloud, Spotify, and Shopify, for many users, is causing uproar online. It's because of a DDoS attack against the popular Domain Name System (DNS) service provider Dyn, according to a post on Hacker News.
Hackers Steal Research and User Data From Japanese Nuclear Research Lab
Thursday, October 20, 2016
softpedia.com
Officials said the attacker managed to steal files on multiple occasions, taking both research data and the personal details of nuclear scientists. According to University officials, the attackers sent spear-phishing emails to several researchers working at its nuclear research laboratory.
Online Prescription Drug Scam
Thursday, October 20, 2016
idtheftcenter.org
Individuals are being threatened with warrants for their arrest by scammers posing as agents from the Drug Enforcement Administration.
Fight Fraud: Scams, Identity Theft, Ransomware Attacks
Thursday, October 20, 2016
helpnetsecurity.com
In an increasingly technology-oriented world, cybercrime has become all too common for both consumers and businesses. Internet crime takes many forms and includes everything from large-scale data breaches to consumer issues like identity theft and cyberstalking to widespread scams and ransomware.
Virtual Kidnapping
Thursday, October 20, 2016
schneier.com
This is a harrowing story of a scam artist that convinced a mother that her daughter had been kidnapped. More stories are here. It's unclear if these virtual kidnappers use data about their victims, or just call people at random and hope to get lucky. Still, it's a new criminal use of smartphones and ubiquitous information.
Hackers Hit U.S. Senate GOP Committee
Monday, October 17, 2016
krebsonsecurity.com
The national news media has been consumed of late with reports of Russian hackers breaking into networks of the Democratic National Committee. Lest the Republicans feel left out of all the excitement, a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC).
Ascesso Malware Spreading via Student Loan Forgiveness Spam
Tuesday, October 18, 2016
scmagazine.com
The bad actors behind a new malware contagion are exploiting the desperation of American college graduates looking for relief from their student debt, according to a Symantec report.
Giant Cyber Wargame With 'Dark Scenario' of Power Cuts, Ransomware and Drones Reaches Its Climax
Tuesday, October 18, 2016
zdnet.com
More than 700 security experts from government agencies, banks, cloud companies, battle fictional cyber-foes.
G-7 Endorses Best Practices for Bank Cybersecurity
Monday, October 17, 2016
huntonprivacyblog.com
On October 11, 2016, Group of Seven (“G-7”) financial leaders endorsed the Fundamental Elements of Cybersecurity for the Financial Sector (“Best Practices”), a set of non-binding best practices for banks and financial institutions to address cybersecurity threats. The endorsement was motivated by recent large hacks on international banks, including the February 2016 theft of $81 million from the central bank of Bangladesh’s account at the New York Federal Reserve.
Report: Using More Social Networks Raises Your Risk of ID Theft
Monday, October 17, 2016
bobsullivan.net
ID Analytics, a fraud-fighting firm, has produced numerous studies through the years examining millions of fraud reports and credit applications in data it collects from lenders. It had never studied the direct relationship between sharing information online and the odds that someone would become a fraud victim, however. Until now.
Darkweb Marketplaces Can Get You More Than Just Spam and Phish
Tuesday, October 18, 2016
csoonline.com
Underground markets offer a great variety of services for cyber criminals to profit from. These forums offer items ranging from physical world items like drugs and weapons to digital world items such as spam/phishing delivery, exploit kit services, "Crypters", "Binders", custom malware development, zero-day exploits, and bulletproof hosting.
IoT Devices as Proxies for Cybercrime
Tuesday, October 18, 2016
krebsonsecurity.com
This post looks at how crooks are using hacked IoT devices as proxies to hide their true location online as they engage in a variety of other types of cybercriminal activity — from frequenting underground forums to credit card and tax refund fraud.
Facebook, Twitter Block Surveillance Tool
Tuesday, October 18, 2016
thehill.com
Facebook and Twitter are cutting off Geofeedia's access to their data after an ACLU report that the company created tools to help law enforcement with surveillance.
This Is How Far Phishers Will Go to Make You Click on a Bogus Link
Friday, October 14, 2016
zdnet.com
The anatomy of a phishing attack: how cybercriminals are targeting hospitals to steal data.
Dozens Arrested at India Call Center Linked to IRS Scam Calls
Friday, October 14, 2016
abc27.com
Indian police have arrested 70 people and are questioning hundreds more after uncovering a massive scam to cheat thousands of Americans out of millions of dollars by posing as U.S. tax authorities and demanding unpaid taxes.
Feds Charge Two in Lizard Squad Investigation
Wednesday, October 12, 2016
krebsonsecurity.com
The U.S. Justice Department has charged two 19-year-old men alleged to be core members of the hacking groups Lizard Squad and PoodleCorp. The pair are charged with credit card theft and operating so-called “booter”or “stresser” services that allowed paying customers to launch powerful attacks designed to knock Web sites offline.
NSA Contractor Thought to Have Taken Classified Material the Old-Fashioned Way
Wednesday, October 12, 2016
washingtonpost.com
Harold T. Martin III is accused of stealing mounds of classified information from the government for at least a decade, and investigators also believe some of the information was taken the old-fashioned way — by walking out of the workplace with printed-out papers he had hidden, according to U.S. officials.
Youndoo Creates New Chrome Profile
Wednesday, October 12, 2016
blog.malwarebytes.com
We have found members of the Elex family to create an extra Firefox profile and wrote about it on our blog in a post called GsearchFinder hijackers add extra Firefox profile. Now they took on the task of doing the same for Chrome (and succeeded). They copy some settings from your current profile to create the new profile and give it a natural “feel”.
Microsoft: No More Pick-and-Choose Patching
Wednesday, October 12, 2016
krebsonsecurity.com
Starting this month, home and business Windows users will no longer be able to pick and choose which updates to install and which to leave for another time.
DoD Finalizes Rule on Policies for Cyber Incident Reporting
Wednesday, October 12, 2016
insidegovernmentcontracts.com
On October 4th, the Department of Defense (DoD) issued a Final Rule implementing mandatory cyber incident reporting requirements for DoD contractors and subcontractors who have “agreements” with DoD. The Final Rule also highlights DoD’s desire to encourage greater participation in the voluntary Defense Industrial Base (DIB) cybersecurity information sharing program. This Rule is effective on November 3, 2016.
FTC Enforcement Possible for Failing to Guard Against Ransomware
Wednesday, October 12, 2016
dataprotectionreport.com
Recent comments by FTC Chairwoman Edith Ramirez suggest that a company’s failure to take preventative measures to address ransomware could result in an enforcement action by the FTC, even if a company is never actually subject to a ransomware attack. The Chairwoman’s comments reflect a growing concern among US government agencies regarding ransomware and may foreshadow additional FTC action, building upon a developing trend of US regulators engaging in pre-breach enforcement action.
Court Rules Consumer Bureau's Structure Unconstitutional, Allows It to Operate
Tuesday, October 11, 2016
thehill.com
In its 2-1 ruling, the U.S. Court of Appeals for the D.C. Circuit said the independent agency's structure is unconstitutional because it’s headed by a single director instead of a multi-member board. The court, however, allowed the CFPB to continue to function by giving the president the power to remove and supervise the director.
New Malware Hitting Banks Aids in Thefts Using Swift Transactions Network
Tuesday, October 11, 2016
thehill.com
The Odinaff malware is spread through a variety of techniques, but primarily through Microsoft Word files using the program’s automation offerings called Macros. Users can turn Word Macros off in settings to thwart this mode of attack.
66 Ways to Protect Your Privacy Right Now
Tuesday, October 11, 2016
consumerreports.org
The tips here, compiled with input from dozens of security experts, will help you take control. We also have pulled out a shorter list of just seven, super-fast steps you can take right now, in less than 10 minutes.
Yahoo Secretly Scanned Customer Emails for U.S. Intelligence - Sources
Friday, October 07, 2016
reuters.com
Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter. The company complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said three former employees and a fourth person apprised of the events.
Grandmother Scammed out of $6,000
Friday, October 07, 2016
channel3000.com
The 82-year-old woman told police she got a call Wednesday from a man claiming he was her grandson and that he was drunk when he was involved in a crash that injured another motorist. He told her the reason he sounded a bit nasally was because his nose had been broken in the collision.
How to Encrypt Your Facebook Messages
Friday, October 07, 2016
techcrunch.com
All 1 billion Facebook Messenger users can now encrypt their messages so that governments, hackers, and even Facebook itself can’t read them. Facebook announced its “Secret” messages feature back in July. Now it’s fully rolled out, but still a bit tricky to use. Messenger threads aren’t secret by default, so here’s a step-by-step guide for how to turn on encryption.
‘We Have Your Daughter’: A Virtual Kidnapping and a Mother’s Five Hours of Hell
Wednesday, October 05, 2016
washingtonpost.com
Wendy Mueller was standing at the copper sink in her gorgeous, historic Leesburg, Va., home last Wednesday afternoon when the knife she was holding slipped and cut her thumb. Then the phone rang. It wasn’t a number she recognized, but distracted by the bleeding thumb, she answered it. Mom always answers the phone.
Who Makes the IoT Things Under Attack?
Wednesday, October 05, 2016
krebsonsecurity.com
The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default usernames and passwords. Many readers have asked for more information about which devices and hardware makers were being targeted. As it happens, this is fairly easy to tell just from looking at the list of usernames and passwords included in the Mirai source code.
Recognize the Warning Signs of Mail Scams
Wednesday, October 05, 2016
connect.usa.gov
You, or someone you know, may have fallen victim to a mass mailing fraud campaign that is targeting individuals all over the world. U.S. consumers have lost millions of dollars in recent years and the elderly are targeted most.
Marketers of Joint Pain Supplement Agree to Settle FTC Charges of Deceptive Advertising, Endorsements
Friday, October 07, 2016
ftc.gov
The sellers of Supple, a glucosamine and chondroitin liquid supplement, have agreed to settle Federal Trade Commission charges that they falsely advertised that their product provided complete relief from chronic and severe joint pain caused by arthritis and fibromyalgia and was scientifically proven to eliminate joint pain.
Maintaining Security and Stability in the Internet Ecosystem
Friday, October 07, 2016
circleid.com
DDoS attacks, phishing scams and malware. We battle these dark forces every day — and every day they get more sophisticated. But what worries me isn't just keeping up with them, it is keeping up with the sheer volume of devices and data that these forces can enlist in an attack.
Hackers Target Election Systems in 20 States
Friday, September 30, 2016
nbcnews.com
There have been hacking attempts on election systems in more than 20 states — far more than had been previously acknowledged — a senior Department of Homeland Security official told NBC News on Thursday. The "attempted intrusions" targeted online systems like registration databases, and not the actual voting or tabulation machines that will be used on Election Day and are not tied to the Internet.
U.S. Set to Hand Over Internet Address Book
Friday, September 30, 2016
usatoday.com
The United States doesn’t own the Internet, but it’s held the oversight contract for the organization that runs its address book for many years. That’s set to change Friday. The U.S. contract with the non-profit organization in charge of all Internet domain names expires then, and the non-profit running the database will become autonomous and be accountable to international stakeholders in the Internet community.
New Virus Disables Computers by Encrypting Hard Drives
Friday, September 30, 2016
healthdatamanagement.com
A new strain of ransomware, called Mamba, is circulating through multiple industries, including healthcare, and crippling computers by encrypting entire hard drives. So far, there really isn’t much that can be done except pay the ransom to gain a key to decrypt the hard drive, experts say.
‘Money Mule’ Gangs Turn to Bitcoin ATMs
Monday, October 03, 2016
krebsonsecurity.com
Fraudsters who hack corporate bank accounts typically launder stolen funds by making deposits from the hacked company into accounts owned by “money mules,” willing or unwitting dupes recruited through work-at-home job scams. The mules usually are then asked to withdraw the funds in cash and wire the money to the scammers. Increasingly, however, the mules are being instructed to remit the stolen money via Bitcoin ATMs.
What the FBI Files Reveal About Hillary Clinton’s Email Server
Monday, October 03, 2016
politico.com
New documents tell the full, strange story of a technophobic VIP, a sloppy State Department, and the jerry-rigged computer that held it all together.
House, Senate Leaders Urge States to Bolster Election Cybersecurity
Monday, October 03, 2016
thehill.com
The top four leaders in Congress on Thursday issued a joint letter urging state election officials to shore up defenses against hackers who could interfere with the election. The letter highlights the worries across the country that hackers might seek to influence the U.S. election.
Feds Charge Ten Virgin Islands Women With Tax Fraud, Identity Theft
Monday, October 03, 2016
viconsortium.com
The ten women are accused of using sham IDs to file federal tax returns, and in the process receiving over $300,000 in refunds...The alleged plot involved acquiring personal information for multiple persons, including some who knew of the scheme and others who did not. The illegal plan also entailed the acquiring of bank and debit card numbers for the deposit of the illegally obtained tax refunds; the illegal withdrawing thereof, and filing multiple tax returns.
Verizon Technician Sold Calling, Location Data to Private Investigator
Thursday, September 29, 2016
arstechnica.com
An Alabama man who worked as a Verizon Wireless technician has agreed to plead guilty to a federal hacking charge in connection to his illegal use of the company's computers to acquire customer calling and location data. The man, Daniel Eugene Traeger, faces a maximum five years in prison next month. He admitted Thursday that he sold customer data—from 2009 to 2014—to a private investigator whom the authorities have not named.
FBI Reports More Attempts to Hack Voter Registration System
Thursday, September 29, 2016
networkworld.com
"There have been a variety of scanning activities, which is a preamble for potential intrusion activities, as well as some attempted intrusions at voter registration databases beyond those we knew about in July and August," FBI Director James Comey told the House Judiciary Committee on Wednesday.
Prize Lies: How to Spot a Sweepstakes Scam
Thursday, September 29, 2016
aarp.org
True, you can’t win if you don’t play. But here’s how you certainly lose by entering a scam sweepstakes or lottery.
Inside Arizona’s Pump Skimmer Scourge
Wednesday, September 28, 2016
krebsonsecurity.com
Crooks who deploy skimming devices made to steal payment card details from fuel station pumps don’t just target filling stations at random: They tend to focus on those that neglect to deploy various tools designed to minimize such scams, including security cameras, non-standard pump locks and tamper-proof security tape.
Defending Against Hackers Took a Back Seat at Yahoo, Insiders Say
Wednesday, September 28, 2016
nytimes.com
When Marissa Mayer took over as chief executive of the flailing company in mid-2012, security was one of many problems she inherited. With so many competing priorities, she emphasized creating a cleaner look for services like Yahoo Mail and developing new products over making security improvements, the Yahoo employees said. The “Paranoids,” the internal name for Yahoo’s security team, often clashed with other parts of the business over security costs. And their requests were often overridden because of concerns that the inconvenience of added protection would make people stop using the company’s products.
Six Senators Demand More Details About the Yahoo Data Breach
Wednesday, September 28, 2016
csoonline.com
Six U.S. senators have called Yahoo's massive data breach "unacceptable," and they're demanding that the company provide more details about the incident. In a letter addressed to Yahoo's CEO, the lawmakers said they were particularly "disturbed" that the breach occurred in 2014, but that Yahoo only publicized it last week. "That means millions of Americans' data may have been compromised for two years," the letter said. "This is unacceptable."
Google Just Saved the Journalist Who Was Hit By a 'Record' Cyberattack
Thursday, September 29, 2016
businessinsider.com
Last week, Krebs' site, Krebs On Security, was hit by a massive distributed denial-of-service (DDoS) attack that took it offline, the likes of which was a "record" that was nearly double the traffic his host Akamai had previously seen in cyberattacks.
The New Way You'll Get Hacked: Through That Banking App on Your Phone
Thursday, September 29, 2016
nbcnews.com
You've changed your computer passwords and you stay away from dodgy Wi-Fi hotspots. But hackers have found a new way to access your online banking accounts — and it's on the rise across America.
Hackers Are Trying to Hold a Los Angeles Investment Bank to Ransom
Thursday, September 29, 2016
motherboard.vice.com
Hackers have stolen apparent internal documents from a Californian investment bank and published them online, likely in an effort to extort money from the victim company. The hacker or hackers, who call themselves The Dark Overlord, recently tried to extort a series of health care organisations into paying hefty ransoms. This most recent target, however, is WestPark Capital, based in Los Angeles.
Cyber Is Everything
Thursday, September 29, 2016
forbes.com
The great rewrite in cybersecurity is that protection efforts must be taken just as seriously as revenue goals. If not, company reputations, customer relationships and even public safety can suffer.
The Democratization of Censorship
Monday, September 26, 2016
krebsonsecurity.com
Krebs: "Events of the past week have convinced me that one of the fastest-growing censorship threats on the Internet today comes not from nation-states, but from super-empowered individuals who have been quietly building extremely potent cyber weapons with transnational reach."
Appalachian Regional Back Online Three Weeks After Cyberattack
Monday, September 26, 2016
healthcareitnews.com
After an almost three-week shutdown of computer systems due to a crippling cyberattack that the system first revealed in late August, Appalachian Regional Healthcare system is back online, officials said.
FTC Releases Data Breach Recovery and Prevention Video
Monday, September 26, 2016
us-cert.gov
The Federal Trade Commission (FTC) has released a step-by-step video to users whose personal information may have been exposed in a data breach. This video provides instruction on how to report an incident and develop a personal recovery plan after a data breach has occurred.
Police Warn of Shady USB Drives Appearing in Mailboxes
Monday, September 26, 2016
cnet.com
A person or a group of people have been dropping malicious USB sticks in mailboxes around Victoria, Australia. The State Police on Wednesday issued a warning, saying these USB drives are "believed to be extremely harmful," urging the public not to use them.
Five Social Engineering Scams Employees Still Fall For
Monday, September 26, 2016
csoonline.com
You’ve trained them. You’ve deployed simulated phishing tests. You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams. Still, they keep falling for the same ploys they’ve been warned about for years. It’s enough to drive security teams to madness.
Yahoo's Mega Breach: Security Takeaways
Monday, September 26, 2016
databreachtoday.com
Security expert Sean Sullivan says he's not surprised that the 2014 breach of Yahoo, which exposed at least 500 million account details, only recently came to light.
Who's Stalking: What to Know About Mobile Spyware
Monday, September 26, 2016
consumer.ftc.gov
Do you think an abusive partner or ex is monitoring you through your phone? They might be using stalking apps (spyware) that secretly track your devices. Here’s information about what stalking apps are, how to tell if they’re on your device, and what to do if they are.
Another Way to Violate Privacy: PHI in Court Documents
Monday, September 26, 2016
healthcareinfosecurity.com
A recent court ruling illustrates yet another way patient privacy can be compromised. A federal court slapped WakeMed Health and Hospitals, a North Carolina healthcare system, with financial penalties for exposing patient information in filings it made for cases.
Police: Kennesaw State Student Hacks System, Changes Grades, Steals Data
Friday, September 23, 2016
fox5atlanta.com
Police have arrested a Kennesaw State University student accused of hacking into the school’s system to change grades and steal personal data.
Anonymous Hacks Four Italian Healthcare Organizations
Friday, September 23, 2016
softpedia.com
Anonymous Italia and AntiSec-Italia, two hacktivist groups associated with the Anonymous hacker collective, have hacked and defaced four Italian healthcare organizations and leaked data from two.
After Heists, Bank Transaction Service Adds New Security Feature
Tuesday, September 20, 2016
thehill.com
SWIFT, the banking transactions messaging service that hackers used to steal more than $80 million from the central bank of Bangladesh, is adding a new fraud protection system.
Keeping Your Files Safe in the Sky
Tuesday, September 20, 2016
nytimes.com
Online storage services like Dropbox and iCloud use encryption to help keep your data secure, but you should be vigilant about password management.
U.S. Gives ‘No Free Pass’ to Russia, Other Nations on Cyberespionage, Justice Official Warns
Tuesday, September 20, 2016
washingtonpost.com
A senior Justice Department official this week issued a thinly-veiled warning to Russia that significant acts of cyberespionage will not be ignored.
FBI to Ransomware Victims: Please Come Forward
Friday, September 23, 2016
bankinfosecurity.com
Have you been the target or victim of ransomware-wielding attackers? If so, your government needs you to come forward.
ONC's New Leader Lays Out Security, Privacy Goals
Friday, September 23, 2016
healthcareinfosecurity.com
B. Vindell Washington, M.D., the new leader of the Office of the National Coordinator for Health IT, pledges to continue the agency's push toward standards-based interoperable, secure health data exchange as a way of improving healthcare.
States Ask Feds for Cybersecurity Scans Following Election Hacking Threats
Friday, September 23, 2016
govtech.com
A spate of hacking attacks has put U.S. states on edge ahead of November’s presidential vote as election officials rush to plug cybersecurity gaps with help from the federal government.
Scam Alert: Online Dating Fraud
Monday, September 19, 2016
forbes.com
Online dating is more popular than ever. The ability to pull up a profile of a prospective date and make a “swipe” decision is a powerful tool. Despite the convenient marriage between technology and possible romance, some online dating set-ups can be frauds. You have to be careful.
Swindled by a Phone Scam? You're Not Alone, Police Say
Monday, September 19, 2016
wwnytv.com
Several phone scams have swindled northern New York residents out of their money. That warning comes from state police who gave several examples of the types of scams hitting the area and some advice about how to avoid them.
Former Wells Fargo Employee Recounts Unauthorized Accounts Scam
Monday, September 19, 2016
thv11.com
Early in September, Wells Fargo Bank was hit with a $185 million fine for illegally opening millions of deposit and credit card accounts. Officials said this was done to boost sales figures by secretly transferring money from people's authorized accounts without permission.
MCSO Warns Public of Death Threat Email Scam
Monday, September 19, 2016
greenepublishing.com
The sender of this email identifies themselves as “DEATH” and the email is sent to “Recipients.” The body of the email states “Someone paid me to kill you…get spared, 48hrs to pay $5,000.” The email also makes reference to 'Death Coming' if the recipient contacts the police or anyone else.
Edward Snowden Says Disclosures Bolstered Individual Privacy
Monday, September 19, 2016
nytimes.com
Edward J. Snowden, the former American intelligence contractor who leaked documents about surveillance programs, said on Friday that his disclosures had improved privacy for individuals in the United States, and he declared that “being patriotic doesn’t mean simply agreeing with your government.”
Investment Fund Loses $6 Million in BEC Scam, Suspends Operations
Monday, September 19, 2016
csoonline.com
A lawsuit filed on Friday by Tillage Commodities Fund alleges that SS&C Technology showed an egregious lack of diligence and care, when they fell for an email scam that ultimately led to hackers in China looting $5.9 million.
Suit Challenging Data Breach Caused by Hacking May Proceed
Monday, September 19, 2016
dataprotectionreport.com
The U.S. Court of Appeals for the Sixth Circuit concluded that certain allegations of harm after a data breach caused by hacking are sufficiently concrete to confer Article III standing. This case may make it more difficult for companies defending data breach suits to quickly obtain dismissal of plaintiffs’ claims.
New York Proposes Cybersecurity Regulation for Financial Services Institutions
Monday, September 19, 2016
insideprivacy.com
On September 13, 2016, New York Governor Andrew Cuomo announced a proposed regulation that would require financial service institutions to develop and implement cybersecurity programs to prevent and mitigate cyber-attacks. The proposed regulation will be subject to a 45-day comment period once it is published in the New York State Register.
New Jersey Moves Forward With Shopper Privacy Bill
Monday, September 19, 2016
huntonprivacyblog.com
On September 15, 2016, the New Jersey Senate unanimously approved a bill that seeks to limit retailers’ ability to collect and use personal data contained on consumers’ driver and non-driver identification cards. The bill, known as the Personal Information and Privacy Protection Act, must now be approved by the New Jersey Assembly.
NIST Unveils a Cybersecurity Self-Assessment Tool
Monday, September 19, 2016
databreachtoday.com
The National Institute of Standards and Technology has issued a draft of a self-assessment tool that's designed to help enterprises gauge the impact and effectiveness of their cybersecurity risk management initiatives.
OCR: Business Associate HIPAA Audits Coming Soon
Monday, September 19, 2016
healthcareinfosecurity.com
The Department of Health and Human Services is gearing up to kick off in October its first-ever round of HIPAA compliance audits of business associates. And the agency is also developing a variety of new guidance aimed at helping healthcare organizations deal with a surge in cyber threats.
Firefox Browser Vulnerable to Man-In-The-Middle Attack
Monday, September 19, 2016
thehackernews.com
A critical vulnerability resides in the fully-patched version of the Mozilla's Firefox browser that could allow well-resourced attackers to launch man-in-the-middle (MITM) impersonation attacks and also affects the Tor anonymity network.
Helping Police Solve Cybercrimes
Monday, September 19, 2016
bankinfosecurity.com
How qualified is law enforcement to investigate today's cybercrimes? While many big-city police departments have all the necessary skills, those in smaller markets often do not, according to a panel of experts.
FBI Trying to Build Legal Cases Against Russian Hackers
Friday, September 16, 2016
reuters.com
The Federal Bureau of Investigation is intensifying efforts to find enough evidence to enable the Justice Department to indict some of the Russians that U.S. intelligence agencies have concluded are hacking into American political parties and figures, U.S. law enforcement and intelligence officials said on Thursday.
Alleged British Hacker to Be Extradited to US
Friday, September 16, 2016
thehill.com
A U.K. court on Friday ruled that computer activist and hacker Lauri Love would be extradited to the U.S. for hacking government and military computer systems. Love faces a 99-year prison sentence in the U.S. for allegedly hacking NASA, the FBI, Federal Reserve and other institutions.
Russian Hackers Get Bolder in Anti-Doping Agency Attack
Friday, September 16, 2016
wired.com
On Tuesday, a group identifying itself as Russian hackers announced that it had breached the World Anti-Doping Agency and leaked the records of American athletes, including gymnast Simone Biles and tennis stars Venus and Serena Williams...The actions seemed designed to tie the hack to the Russian group Fancy Bear, one of two teams of hackers with links to Russian intelligence agencies that the Democratic National Committee says it found digging through its files earlier this summer. Some cyberespionage experts view it all as a sign of an evolving Russian hacker mentality that’s traded stealth for flashy public dumps of adversaries’ data.
Ransomware Getting More Targeted, Expensive
Friday, September 16, 2016
krebsonsecurity.com
What we can expect is not only more targeted and destructive attacks, but also ransom demands that vary based on the attacker’s estimation of the value of the data being held hostage and/or the ability of the victim to pay some approximation of what it might be worth.
Securing Voter Registration Data
Friday, September 16, 2016
us-cert.gov
Voter registration databases (VRDB) and election systems are rich targets and may continue to experience frequent attempted intrusions. This problem is not unique to individual states—it is shared across the nation. The keys to good cybersecurity are awareness and constant vigilance.
Awareness Training: How Much Is Too Much?
Friday, September 16, 2016
csoonline.com
Security awareness training is one of the most effective ways to strengthen what is generally known as “the weakest link in the security chain.” The key is to make employees skeptical without paralyzing them with paranoia.
Houston Man Heads to Prison for Credit Card Fraud
Friday, September 16, 2016
justice.gov
Menard admitted he purchased approximately 1,000 stolen credit card numbers over the Internet from websites outside the United States. He then created fraudulent credit cards by encoding stolen credit card numbers onto magnetic stripes on the back of gift and debit cards. He then used those fraudulent cards to purchase legitimate gift cards from Kroger and HEB grocery stores in Conroe and others during 2014 and 2015.
Mass Phishing Campaign Contains Malicious Attachments
Friday, September 16, 2016
actionfraud.police.uk
Fraudsters are sending out a mass of constantly evolving phishing emails to personal and business email addresses that contain ransomware and banking Trojans.
Ransomware Victims Urged to Report Infections to Federal Law Enforcement
Thursday, September 15, 2016
ic3.gov
The FBI urges victims to report ransomware incidents to federal law enforcement to help us gain a more comprehensive view of the current threat and its impact on U.S. victims.
Someone Is Learning How to Take Down the Internet
Thursday, September 15, 2016
lawfareblog.com
Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large a large nation state.
Secret Service Warns of ‘Periscope’ Skimmers
Thursday, September 15, 2016
krebsonsecurity.com
The U.S. Secret Service is warning banks and ATM owners about a new technological advance in cash machine skimming known as “periscope skimming,” which involves a specialized skimming probe that connects directly to the ATM’s internal circuit board to steal card data.
Noodles & Company Sued Over Data Breach at Hundreds of Locations Nationwide
Thursday, September 15, 2016
denverpost.com
An Oregon credit union has sued Noodles & Company over a data breach earlier this year that compromised the security of debit and credit cards at hundreds of Noodles locations nationwide.
Jewelry Manager Pleads Guilty to Identity Theft Charges
Thursday, September 15, 2016
nbcsandiego.com
A San Diego jewelry manager pleaded guilty to identity theft charges associated with a fraud case targeting the military.
FBI Monitoring for Foreign Meddling in Elections
Friday, September 09, 2016
thehill.com
U.S. security experts have suggested Russia was behind recent cyberattacks on the Democratic National Committee and other Democratic organizations, including Hillary Clinton’s campaign. Reports emerged last month hackers may have penetrated voter databases in Arizona and Illinois, prompting the FBI to investigate the possible breach.
Data Hoarders Are Shining a Spotlight on Past Breaches
Friday, September 09, 2016
networkworld.com
Vigilante.pw is among numerous data breach monitoring sites started by anonymous internet users that routinely post details on newly uncovered stolen data. They're a big part of the reason why, week after week, the full scale of past hacks is gradually beginning to surface. Recent news on a 2012 Dropbox breach, for example, was initially sourced from a separate service known as Leakbase. That site obtained a copy of the stolen accounts and found email addresses and hashed passwords belonging to 68 million users.
The Cost of Ransomware Attacks: $1 Billion This Year
Friday, September 09, 2016
zdnet.com
And it's only the beginning, with file locking malware only set to grow and take larger role in cybercrime, warn researchers.
FBI Searches for Man Wanted in $50M Scam
Thursday, September 08, 2016
wbaltv.com
“They would send out fraudulent bills for supplies like light bulbs and cleaning supplies,” FBI Special Agent in Charge Scott Hinkley said. “These invoices would then be greatly increased as to what they would normally cost and then these people would reply by paying these invoices.”
2 Psychologists Plead Guilty in $25 Million Medicare Scam
Thursday, September 08, 2016
abcnews.go.com
Psychologists from Louisiana and Mississippi admitted participating in a $25 million Medicare scam by billing for unnecessary or nonexistent tests on nursing home patients across the Southeast, federal authorities said Wednesday.
PayPal Scam Hits the Twitter Universe, What to Watch Out For
Monday, September 12, 2016
itechpost.com
Here's how they the bad guys do it on Twitter: First, they create a Twitter account with a username related to PayPal (ex. PayPalTech or AskPayPal). Then, they look for users tweeting the real PayPal Twitter account for customer related concerns. After which, the scammers will contact these users and pretend to be legit representatives of PayPal.
IRS Impersonator Scam Still Going Strong
Monday, September 12, 2016
ksdk.com
It's a pervasive shake-down taking place across the country and the IRS warns the IRS impersonator scam is as strong as ever.
The Feds Pore Over Your Mail to Flag Scams
Monday, September 12, 2016
winknews.com
Stacks of scams are piled in every corner of Curtis’ home, whose last name we withheld to protect him from more scammers. As the phone ringed non-stop, he told us the scammers are “constantly calling, constantly asking for money.”
Carnegie Mellon University Helps You Control Your Privacy
Monday, September 12, 2016
cio.com
Managing your personal data in the digital age has become almost impossible. But Carnegie Mellon University has found that a combination of natural language processing, privacy preference modeling, machine lanuguage, crowdsourcing and privacy interface design may make the impossible possible.
Cybersecurity Expert Says 'Almost Everything Can Be Hacked' and Endpoint Protection Is Not Enough
Thursday, September 08, 2016
healthcareitnews.com
Digital records of healthcare information have become quite valuable to cybercriminals, and healthcare is widely considered to be behind other industries in figuring out and implementing the best tactics and technologies to protect its data. What’s more, healthcare has some fairly unique security problems, including unusual variables in personnel access control, the challenges of mobile health, and dated, hackable equipment such as drug pumps.
Hacked Dropbox Data of 68 Million Users Is Now for Sale on the Dark Web
Thursday, September 08, 2016
washingtonpost.com
Email and password data for more than 68 million Dropbox users is for sale in the darknet marketplace.
Mobile Device Infections Surged by 96 Percent in First Half of 2016
Thursday, September 08, 2016
esecurityplanet.com
According to the Nokia Threat Intelligence Report - H1 2016, smartphone infections rose by 96 percent between January and July 2016 compared to the latter half of 2015, with smartphones accounting for 78 percent of all mobile network infections.
How One of the Biggest Data Thefts in US History Could Have Been Stopped by Basic Security
Thursday, September 08, 2016
zdnet.com
Sophisticated attack on the OPM gave hackers access to 'most intimate and embarrassing details' of the lives of millions of government workers and their fingerprints in attack.
The Limits of SMS for 2-Factor Authentication
Thursday, September 08, 2016
krebsonsecurity.com
Text messaging codes to users isn’t the safest way to do two-factor authentication, even if some entities — like the U.S. Social Security Administration and Sony’s Playstation network — are just getting around to offering two-factor via SMS.
US Law Enforcement Throw Online Scam Artists Behind Bars
Thursday, September 08, 2016
zdnet.com
US law enforcement has sentenced seven criminals who were part of an online fraud ring which duped victims out of their cash through romance, shopping and job opportunity scams.
4 Ways You Can Report Identity Theft
Thursday, September 08, 2016
time.com
The following steps cover how to report identity theft and what measures to take to ensure the compromised accounts are secured or closed.
Hutton Hotel Guests Credit Card Info Exposed During Three-Year Long Breach
Thursday, September 08, 2016
scmagazine.com
The Nashville hotel said in a statement that its payment processing company notified the hotel of a security incident and a follow-up investigation by an outside security firm determined that malware had been placed on the Hutton Hotel payment processing system capable of capturing the cardholder name, payment card account number, card expiration date, and verification code. The system was vulnerable from September 19, 2012 to April 16, 2015, or for those who made purchases at the onsite food and beverage outlets from September 19, 2012 to January 15, 2015, and from August 12, 2015 to June 10, 2016.
Advisory to Financial Institutions on E-Mail Compromise Fraud Schemes [PDF]
Wednesday, September 07, 2016
fincen.gov
The Financial Crimes Enforcement Network (FinCEN) today issued an advisory to help financial institutions guard against a growing number of e-mail fraud schemes in which criminals misappropriate funds by deceiving financial institutions and their customers into conducting wire transfers.
Trio Stole $1M in Identity Theft, Mortgage Fraud Scheme, AG Says
Wednesday, September 07, 2016
nj.com
Hunter, Phillip and Jones allegedly used stolen or fake identities not only for the borrowers, but for others, too, to create all of the hallmarks of a legitimate transaction. They used stolen and fake identities for "all of the required roles," including seller, attorneys, settlement agent, title agent, homeowner's insurance company, notary and others...
Congressional Report Slams OPM on Data Breach
Wednesday, September 07, 2016
krebsonsecurity.com
The massive data breach at the U.S. Office of Personnel Management (OPM) that exposed background investigations and fingerprint data on millions of Americans was the result of a cascading series of cybersecurity blunders from the agency’s senior leadership on down to the outdated technology used to secure the sensitive data, according to a lengthy report released today by a key government oversight panel.
ACLU Questions How Tor Email Users Got FBI-Deployed Malware
Wednesday, September 07, 2016
thehill.com
The ACLU filed a motion in Maryland court for information on why the FBI seemingly indiscriminately infected users of a free email service with malware. Lawyers from the civil liberties group are seeking to unseal the docket sheets connected with a warrant to use the malware on users of TorMail, a service that was only accessible on the Tor anonymous web browsing network.
Clapper: Russians Hack U.S. 'All the Time'
Wednesday, September 07, 2016
politico.com
Russian hackers are trying to infiltrate U.S. networks “all the time,” Director of National Intelligence James Clapper said on Wednesday, skirting the issue of whether Moscow is tied to the recent hacks of the Democratic National Committee and other Democratic institutions.
Dridex Banking Trojan Will Soon Target Crypto-Currency Wallets
Wednesday, September 07, 2016
softpedia.com
Future versions of the infamous and highly dangerous Dridex banking trojan will soon be able to steal credentials for several crypto-currency wallets, according to clues found in recent Dridex samples.
People, Please Don’t Store Private Data in Your Address Book
Wednesday, September 07, 2016
wired.com
People should not be using contact lists to store sensitive data. Ever.
The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations
Wednesday, September 07, 2016
us-cert.gov
The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems.
Location Privacy: The Purview of the Rich and Indigent
Tuesday, September 06, 2016
krebsonsecurity.com
Increasingly, location privacy is the exclusive purview of two groups of Americans: Those who are indigent and/or homeless and those who are wealthy. Only the well-off can afford the substantial costs and many petty inconveniences associated with separating one’s name from their address, vehicle, phone records and other modern niceties that make one easy to track and find.
Police Warn of Online Rental Scams
Tuesday, September 06, 2016
baltimoresun.com
Nationally, rental and real estate scams rose 11 percent over the past two years, to 11,562 victims in 2015 from 10,384 victims in 2013, according to the FBI's annual Internet Crime Report, which is based on data collected through the Internet Crime Complaint Center. The category also includes real estate investment fraud; scams involving home mortgages, refinancing, short sales and foreclosures; and property involved in money laundering, such as a grow house.
Internet Tracking Has Moved Beyond Cookies
Tuesday, September 06, 2016
fivethirtyeight.com
A new survey from a group of Princeton researchers of one million websites sheds some light on the cutting-edge tricks being used to follow your digital trail. Rather than placing a tracker on your browser, many sites are now “fingerprinting” — using information about your computer such as battery status or browser window size to identify your presence.
FTC Seeks Input on GLB Safeguards Rule
Tuesday, September 06, 2016
huntonprivacyblog.com
On August 29, 2016, the Federal Trade Commission announced that it is seeking public comment on the Gramm-Leach-Bliley Act (“GLB”) Safeguards Rule. The GLB Safeguards Rule, which became effective in 2003, requires financial institutions to develop, implement and maintain a comprehensive information security program to safeguard customer information.
An Email Scam Cost One of Europe's Biggest Companies $40 Million
Friday, September 02, 2016
gizmodo.com
Earlier this month, Leoni AG, one of the world’s largest manufacturers of wires and electrical cables, informed investors that the German company lost almost 40 million euros (or about $44.6 million) to online scammers. Today, we finally know how: According to investigators, the thieves simply spoofed emails to look like official payment requests, a tactic known as “CEO fraud.”
FTC Releases Alert on Securing Personal Information When Using Rental Vehicles
Thursday, September 01, 2016
us-cert.gov
The Federal Trade Commission (FTC) has released recommendations for consumers to protect their personal data when using rental vehicles. Rental vehicles may contain infotainment systems that can connect with personal devices to stream music, allow hands-free calls and texts, or guide navigation. However, using connected vehicles can increase the risks of having personal data compromised. By taking precautions, users can protect themselves and their personal information.
Crooks Are Selling a Skimmer That Works on All Chip Card Readers
Thursday, September 01, 2016
csoonline.com
Think that your new EMV-compliant chip-reading point of sale terminal will keep crooks from stealing your customer credit card info? Think again.
Kimpton Hotels Acknowledges Data Breach
Friday, September 02, 2016
krebsonsecurity.com
Kimpton Hotels on Wednesday formally acknowledged that malware found on payment terminals in many of its hotels and restaurants may have compromised credit/debit cards of guests who patronized the properties in the first half of this year.
SWIFT Sees New Hack Attacks Against Banks
Friday, September 02, 2016
bankinfosecurity.com
Attackers have been continuing to compromise banks' local security controls to send fraudulent messages via SWIFT's interbank messaging network.
Implementing a Behavioral-Based Approach to Security
Friday, September 02, 2016
healthcareinfosecurity.com
Just as seasonal flu viruses change from year to year, so too malware threats quickly evolve, necessitating a behavioral-based approach to security, says John Woods, CISO of pharmacy software vendor PDX Inc.
Cybercrime as a Tax on the Internet Economy
Friday, September 02, 2016
schneier.com
If our estimates are right, cybercrime extracts between 15% and 20% of the value created by the Internet, a heavy tax on the potential for economic growth and job creation and a share of revenue that is significantly larger than any other transnational criminal activity.
Watchdog: IRS Found Nearly 1.1M Employment-Related ID Theft Victims
Wednesday, August 31, 2016
thehill.com
The Internal Revenue Service identified close to 1.1 million taxpayers who were victims of employment-related identity theft from 2011 through 2015, but almost all of the victims were not informed, a Treasury Department watchdog found in a report made public this week...Employment-related identity theft is when people use others' Social Security numbers (SSNs) to get a job. The IRS identifies cases of employment-related ID theft when electronic tax returns are filed with an individual taxpayer identification number (ITINs) but are associated with income documents with an SSN that don't match.
Woman Pleads Guilty for Part in ID Theft Scheme That Ensnared ‘Smallville’ Actress
Wednesday, August 31, 2016
washingtonpost.com
Starting in 2012, Green-Morris would file fake invoices for work never performed by companies owned by Amit Chaudhry, an Ashburn resident accused of masterminding the criminal group’s U.S. operations. In exchange, she was paid several thousand dollars per invoice. She made several million dollars over four years from her involvement, according to prosecutors, which her plea agreement requires her to repay. She has agreed to give up claims to her home and car as part of that effort. She will also have to pay back taxes on undeclared income.
High-Income Investors Very Concerned About Identity Theft
Wednesday, August 31, 2016
lowcards.com
Data breaches are always in the news, and high net worth (HNW) investors are as worried about them as the rest of us. According to Morgan Stanley’s Investor Pulse Poll, 72% of high net worth investors are worried about identity theft, ranking it higher on their list of concerns than terrorism (65%) or a major illness in their household (56%).
FBI Warns State Election Offices to Be Wary of Hackers
Wednesday, August 31, 2016
npr.org
FBI Director James Comey says the United States takes seriously any effort to influence U.S. elections through a cyberattack. He said this after hackers tried to get into at least two state voter databases.
Dropbox Hack Leaks 2012 Info From 60 Million Accounts
Wednesday, August 31, 2016
thehill.com
Account information dated in 2012 for 68 million current and former Dropbox users leaked to a variety of media websites Tuesday evening. The list was shared with Motherboard, who confirmed it with a “senior Dropbox employee” as well as breach protection websites like Have I Been Pwned.
Inside the Grandparent Scam: Con Artist Reveals All [video]
Wednesday, August 31, 2016
AARP
A con artist, victim, and law enforcement official give the details of one of the most popular scams.
Baltimore County Police Warn of Online Rental Scams
Wednesday, August 31, 2016
baltimoresun.com
In March, researchers in the New York University Tandon School of Engineering published a study that found Craigslist had failed to identify more than half of scam rental listings. The study also found postings that were reported as suspicious would remain on the website for as long as 20 hours before they were removed.
U.S. Fines Big Nebraska Bank Over Credit Card, ID Theft Marketing
Wednesday, August 31, 2016
reuters.com
First National Bank of Omaha will pay $35.25 million of fines and refunds to settle charges by two U.S. regulators that it duped hundreds of thousands of customers into buying credit card and identity theft services they did not want, understand or receive.
Consumers, Security Pros Troubled by IoT Issues
Monday, August 29, 2016
mediapost.com
IoT security continues to be an area of concern for both businesses and consumers, and a new study shows that fear also includes potential weaponization of IoT devices.
POS Malware Hits Two Hotel Chains
Monday, August 29, 2016
databreachtoday.com
Two hotel chains are warning that they've suffered point-of-sale malware infections that compromised customers' payment card data. Both say they were alerted to related card fraud by the U.S. Secret Service and that they're now assisting law enforcement agencies' investigations.
Report on Cardiac Device Cyber Vulnerabilities Fuels Debate
Monday, August 29, 2016
healthcareinfosecurity.com
Medical device cybersecurity is an important area of focus that needs a brighter spotlight. But a new report questioning the security of certain cardiac devices from St. Jude Medical Inc. raises some serious ethical issues about the whistleblowers.
Considering Privacy in the Age of the Camera
Tuesday, August 30, 2016
govtech.com
Surveillance cameras offer a powerful tool for law enforcement, but there are implications to consider for privacy, footage retention and public safety.
Hacker Reveals How He Could Have Hacked Multiple Facebook Accounts
Tuesday, August 30, 2016
thehackernews.com
Gurkirat Singh from California recently discovered a loophole in Facebook's password reset mechanism that could have given hackers complete access to the victim's Facebook account, allowing them to view message conversations and payment card details, post anything and do whatever the real account holder can.
Dropbox Recommending Some Users Update Account Credentials
Tuesday, August 30, 2016
scmagazine.com
Dropbox is recommending to some users update the log in credentials for their account because a group of member emails and passwords may have been compromised.
1.3 Million Kids Have Identity Stolen Annually, 50% Under 6-Years-Old
Tuesday, August 30, 2016
freep.com
At least one study showed child credit and Social Security numbers abused at a rate 51 times greater than the adult population.
Man, Woman Arrested on Suspicion of Child Abuse, ID Theft
Tuesday, August 30, 2016
sbsun.com
A child abuse investigation by a San Bernardino County sheriff’s deputy turned up evidence of identity theft as well, leading to the arrest of a San Bernardino man and woman, authorities said Saturday.
Car Hacking Is the Future – and Sooner or Later You'll Be Hit
Monday, August 29, 2016
theguardian.com
It’s hard to find unanimity among hackers on anything. People who use “herding cats” as the apotheosis of a tricky organizational challenge have never had to herd information security experts. But the group of people united by the motivation to push computer security to its absolute limit seem to agree on one thing, at least: car hacking is here to stay, and sooner or later, you’ll be hit too.
5 Security Practices Hackers Say Make Their Lives Harder
Monday, August 29, 2016
networkworld.com
Hackers believe no password is safe from a determined attacker, but they agree that five key security measures can make it a lot harder to penetrate enterprise networks.
Enhanced DMV Facial Recognition Technology Helps NY Nab 100 ID Thieves
Monday, August 29, 2016
arstechnica.com
In January, the New York State DMV enhanced its facial recognition technology by doubling the number of measurement points on a driver's photograph, a move the state's governor says has led to the arrest of 100 suspected identity thieves and opened 900 unsolved cases. In all, since New York implemented facial recognition technology in 2010, more than 14,000 people have been hampered trying to get multiple licenses.
Lewis-Palmer Security Breach Debated Despite Evidence; District Tries to Charge Whistleblower
Monday, August 29, 2016
completecolorado.com
Nearly a year after a parent in the Lewis-Palmer School District 38 brought student data security concerns to district staff and the subsequent finding that a vulnerability existed, the district continues to deny there was ever an issue and launched a criminal investigation into the whistle blower.
America's Schools Have a Big Cybersecurity Problem
Monday, August 29, 2016
huffingtonpost.com
With the 2016-2017 school year already underway, it’s time to draw attention
to an ongoing and very serious problem facing the US education system: our
schools are ill-equipped to face the mounting threats posed by hackers.
Opera Warns Sync Users of Possible Data Breach
Monday, August 29, 2016
csoonline.com
On Friday, Opera, the Norwegian company responsible for the popular browser, warned users that the Opera Sync service might have been compromised. In response, the company issued a forced password reset for all Sync users.
Report: U.S. Retailers Aren't Investing in Cybersecurity Even as Breaches Persist
Monday, August 29, 2016
fedscoop.com
"Consumers are clearly demanding that their information be protected and they're going to let their wallets do the talking," one expert said.
The Rise of Medical Identity Theft
Friday, August 26, 2016
consumerreports.org
When thieves take your personal data to get prescription drugs, doctor care, or surgery, it can endanger your health and trash your finances.
Son of Russian Parliament Member Convicted in Massive Hacking, ID Theft Scheme
Friday, August 26, 2016
seattletimes.com
A Seattle jury has convicted the son of a prominent Russian lawmaker of hacking into U.S. businesses, including restaurants in Washington, to steal millions of credit-card numbers that were resold on the black market.
Do Your Kids Know Good Password Hygiene? Here Are Some Rules
Friday, August 26, 2016
welivesecurity.com
Growing up before the age of the internet and social networks has left many older users unprepared for risks looming in the virtual world. From that perspective, today’s kids are lucky, as the best cybersecurity practices, such as good password hygiene, are at hand. So, if you are not exactly the most security savvy of parents, try our password essentials.
Lost Devices Leading Cause of Data Breaches, Report
Friday, August 26, 2016
scmagazine.com
Phishing scams and ransomware attacks may grab the headlines, but for the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade.
US Secret Service Notifies Two Major Hotel Chains About Possible Data Breaches
Friday, August 26, 2016
softpedia.com
Millennium Hotels & Resorts and Noble House Hotels and Resorts have both announced investigations into suspected data breaches at their properties following notifications received from the US Secret Service.
FBI Looking Into Sarasota, Fla., City Ransomware Attack
Friday, August 26, 2016
govtech.com
Ransomware attacks are not new, but they are among the fastest growing forms of malware, and they increasingly target government and hospital networks.
FTC to Hold Public Workshop on What to Do About the Growing Ransomware Blight
Friday, August 26, 2016
networkworld.com
The Federal Trade Commission said it will hold a public workshop about all things ransomware on Sept. 7.
How Can We Improve Awareness Training?
Thursday, August 25, 2016
csoonline.com
As more companies face the realities of cybercrime, malware and data breaches, many of them are turning to security awareness training programs to keep their employees from becoming the next victim of an attack. But a lot of these programs are ineffective, giving employees a “read this email, watch this video” program, and the CSO a “box to check off”.
ATM in Thailand Hacked; 12 Million Baht Stolen; 10,000 ATMs Prone to Hackers
Thursday, August 25, 2016
thehackernews.com
An Eastern European gang of criminals has stolen over 12 Million Baht (approximately US$350,000) from a total of 21 ATMs in Bangkok and other five provinces by hacking a Thai bank's ATM network; police said Wednesday. The Central Bank of Thailand (BoT) has issued a warning to all commercial banks about security flaws in roughly 10,000 ATMs that were exploited to steal cash from the machines.
Are Cybersecurity Fears Warranted?
Thursday, August 25, 2016
govtech.com
If cybersecurity is not fortified, experts say, aggression and hostility could steadily overtake the web. The “internet of things” may morph, as one recent study forecasts, into the “weaponization of everything.” Imagine elevators going haywire, or pacemakers under the control of extortionists.
Ransomware Extortion: A Question of Time
Thursday, August 25, 2016
healthcareinfosecurity.com
Ransomware attackers increasingly target organizations that might be able to recover from crypto-locking malware infections, but which might not be able to do so in a timely manner, says attorney Mark Rasch, security evangelist at Verizon Enterprise Solutions, in this video interview.
Ransomware: The Evolution of Cybercrime, a Roundtable
Thursday, August 25, 2016
scmagazine.com
The threat from ransomware continues to grow and the situation will only get darker before mitigation efforts prove reliable and the miscreants move on to another attack vector.
Hackers Publish Nude Pictures on Leslie Jones’s Website
Thursday, August 25, 2016
nytimes.com
Leslie Jones, a co-star of this year’s “Ghostbusters” movie who has been besieged in the past month by online abusers who have targeted her appearance and her race, was victimized again on Wednesday when her personal website appeared to have been hacked.
Hackers Nab 25M Accounts in Another Mail.ru Breach
Thursday, August 25, 2016
cnet.com
Two hackers were able to steal email addresses and easily crackable passwords from three separate forums in this latest hack.
Advocates Want FCC to Address Car Hacking Threat
Thursday, August 25, 2016
morningconsult.com
Hackers could exploit vehicles’ use of airwaves to steal personal information or even take control of driving functions. Those worries have prompted advocacy groups and some Senate Democrats to call on the Federal Communications Commission to issue rules requiring automakers to bolster cybersecurity and privacy protections for consumers.
Turns Out You Can’t Trust Russian Hackers Anymore
Thursday, August 25, 2016
foreignpolicy.com
Moscow-linked cyberthieves aren’t just stealing and releasing emails anymore — they’re altering them to smear one of Putin's most vocal opponents.
Personal Information of Pulse Victims, Survivors Breached
Thursday, August 25, 2016
wftv.com
Orlando Health employees said at least one of its employees broke the rules and went through the personal information of Pulse survivors...the hospital said in an email that more than one worker did it, saying, “Team members giving in to their personal curiosities violated our policies and steps have been taken internally to discipline those involved.”
USAA Members Hit With Multiple Phishing Attacks
Thursday, August 25, 2016
scmagazine.com
Multiple phishing campaign that play off consumers' fear of having their financial information being hacked are hitting customers of United Services Automobile Association (USAA).
How Bitcoin Helped Fuel an Explosion in Ransomware Attacks
Thursday, August 25, 2016
zdnet.com
Secure payment system Bitcoin has many legitimate uses, but like other technologies, it's also been beneficial to cybercriminals seeking new ways to extort money.
The Details Behind HHS Breach Investigation Ramp-Up
Thursday, August 25, 2016
healthcareinfosecurity.com
The Department of Health and Human Services' Office for Civil Rights is ramping up and standardizing how smaller health data breaches are investigated by its regional offices, adding staff to support the effort, says Iliana Peters, OCR's senior adviser for HIPAA compliance and enforcement.
United Airlines Sets Minimum Bar on Security
Thursday, August 25, 2016
krebsonsecurity.com
United Airlines has rolled out a series of updates to its Web site that the company claims will help beef up the security of customer accounts. But at first glance, the core changes — moving from a 4-digit PINs to password and requiring customers to pick five different security questions and answers — may seem like a security playbook copied from Yahoo.com, circa 2009. Here’s a closer look at what’s changed in how United authenticates customers, and hopefully a bit of insight into what the nation’s fourth-largest airline is trying to accomplish with its new system.
Submarine Builder Declares ‘Economic Warfare’ as Plans for Ship Said to Be Hacked; Now What?
Thursday, August 25, 2016
bobsullivan.net
Get used to another term in world of computer hacking: “economic warfare.” A French firm building multi-billion-dollar submarines for Australia and several other nations says it was the victim of economic warfare after some of its schematics for similar subs being built for India were released online, allegedly by hackers. The data was published by Australian media.
DHS: Don't Fall for Louisiana Flood Charity Scams
Thursday, August 25, 2016
nextgov.com
Donors must be extra vigilant when donating to charities claiming to aid victims of Louisiana's devastating floods because they could be fraudulent entities, a federal alert said.
A Life or Death Case of Identity Theft?
Wednesday, August 24, 2016
krebsonsecurity.com
Identity thieves have perfected a scam in which they impersonate existing customers at retail mobile phone stores, pay a small cash deposit on pricey new phones, and then charge the rest to the victim’s account. In most cases, switching on the new phones causes the victim account owner’s phone(s) to go dead. This is the story of a Pennsylvania man who allegedly died of a heart attack because his wife’s phone was switched off by ID thieves and she was temporarily unable to call for help.
Turkish Journalist Jailed for Terrorism Was Framed, Forensics Report Shows
Wednesday, August 24, 2016
motherboard.vice.com
Turkish investigative journalist Baris Pehlivan spent 19 months in jail, accused of terrorism based on documents found on his work computer. But when digital forensics experts examined his PC, they discovered that those files were put there by someone who removed the hard drive from the case, copied the documents, and then reinstalled the hard drive.
States Should Prep for Ransomware Attacks
Wednesday, August 24, 2016
gcn.com
Although the number of malware attacks against state governments have trended downward over the past few months, ransomware has made up a larger portion of those overall attacks, according to data from the Multi-State Information Sharing and Analysis Center.
Scammers Hijack Customer Support Requests on Twitter
Wednesday, August 24, 2016
softpedia.com
Crooks are using look-alike Twitter accounts to insert themselves into legitimate customer support Twitter conversations and lead customers back to phishing sites to collect their login credentials and account details.
Twitter Security Tips: How to Improve Your Security and Privacy in 10 Easy Steps
Wednesday, August 24, 2016
heimdalsecurity.com
It would be reckless for someone to consider its Twitter account bulletproof from online dangers – nothing is 100% safe, no matter what anyone will say to you to try to convince you otherwise. However, there are a few things that you can do to increase your security and privacy.
New York Times Denies Hack of Moscow Bureau
Wednesday, August 24, 2016
thehill.com
The New York Times on Tuesday night refuted reports that Russian hackers successfully breached its systems. The Times’ Moscow bureau was targeted by hackers believed to Russian, earlier this month — but there are no signs that the attempt was successful, according to a spokeswoman, who was quoted in the paper.
Prevent Healthcare Phishing by Strengthening Employee Training
Wednesday, August 24, 2016
healthitsecurity.com
Healthcare phishing attacks have increased in frequency, but there are several ways organizations can take control and improve their data security measures.
Corporate Directors Focusing on Cybersecurity
Wednesday, August 24, 2016
sandiegouniontribune.com
As high profile data breaches continue to grab headlines, corporate boards need to make sure they’re deeply involved in the cybersafeguards at their companies.
How to Digitally Erase All Your Stuff When You Quit Your Job
Wednesday, August 24, 2016
wired.com
It's your last day at your job. There will be tears! Between the cheesy sendoff at the morning meeting and the after-work happy hour, you have to do something very important: back up all your stuff and securely clear your computer. Be smart about it with these steps.
NEED AN EXPERT?
Rob Douglas identity theft expert

Does your organization need a consultant who can deliver information security awareness training that contains the truth about what works and what doesn’t in the fight against the fastest growing crimes in the world? 

Does your conference need an experienced speaker who will captivate the audience with dramatic real life cases of identity theft, cybercrime and scams ranging from stolen personal information, to theft of corporate trade secrets, to stalking and murder? 

Are you a member of the media seeking a comment about ID theft, scams, data breaches, cybercrime, information security, or fraud? 

If so, we invite you to learn more about identity theft and scam expert Rob Douglas.