Tag: newsletters

Comcast acquires full ownership of NBCUniversal ahead of schedule

Comcast, the nation’s largest cable provider, will consolidate its control over NBCUniversal by buying out the 49 percent of the media company that it doesn’t already own. Comcast will pay General Electric $16.7 billion for the shares and shell out $1.4 billion for related real estate, including the iconic 30 Rockefeller Plaza. Under a deal announced in 2009, General Electric spun NBC, Universal Studios, and various other media properties off into a new joint venture and sold 51 percent of the shares, and effective control, to Comcast. The merger was intensely controversial. Critics charged that the acquisition would further cement Comcast’s already dominant position in the cable market, making it impossible for competitors such as Netflix to compete on a level playing field. But regulators decided not to challenge the merger, settling for a long list of regulatory concessions. Read 4 remaining paragraphs | Comments

View original post here:
Comcast acquires full ownership of NBCUniversal ahead of schedule

How alleged crooks used ATM skimmers to compromise thousands of accounts

Federal authorities have charged two men suspected of running an international operation that used electronic devices planted at automatic teller machine locations to compromise more than 6,000 bank accounts. The operation—which targeted Capital One, J. P. Morgan Chase, and other banks—netted, or attempted to net, about $3 million according to an indictment filed in Manhattan federal court. It allegedly worked by obtaining payment card readers from Hungary and other countries and installing them on top of card readers already located on ATMs and doors to ATM vestibules. The fraudulent readers were equipped with hardware that recorded the information encoded onto a card’s magnetic stripe each time it was inserted. A hidden pinhole camera with a view of the ATM keypad then captured the corresponding personal identification number. Antonio Gabor and Simion Tudor Pintillie allegedly led a gang of at least nine other people who regularly planted the skimming devices in the Manhattan, Chicago, and Milwaukee metropolitan areas, prosecutors said. They would later revisit the ATM to retrieve the information stored on the skimming devices and cameras. Gang members would then encode the stolen data onto blank payment cards and use the corresponding PINs to make fraudulent purchases or withdrawals. Read 3 remaining paragraphs | Comments

Taken from:
How alleged crooks used ATM skimmers to compromise thousands of accounts

Cause of Super Bowl blackout was installed to prevent Super Bowl blackout

Entergy New Orleans, the utility that provides power to the Mercedes SuperDome in New Orleans, announced today that its technicians had determined the cause of the partial blackout during the Super Bowl last Sunday: an electrical relay the company had installed to prevent blackouts. The relay was supposed to trip switches to redirect power in the event of a line fault over one of the cables connecting Entergy’s switching gear to the stadium. In a statement , the company said that “the relay functioned without issue during a number of high-profile events—including the New Orleans Bowl, the New Orleans Saints-Carolina Panthers game, and the Sugar Bowl.” But on Super Bowl Sunday, the device instead triggered when there was no fault, signaling a switch to open shortly after the second half began. The relay has now been pulled, and Entergy is evaluating other equipment. “While some further analysis remains,” said Entergy New Orleans President and CEO Charles Rice in the prepared statement, “we believe we have identified and remedied the cause of the power outage and regret the interruption that occurred during what was a showcase event for the city and state.” Read 1 remaining paragraphs | Comments

See the original article here:
Cause of Super Bowl blackout was installed to prevent Super Bowl blackout

Data siphoned in Fed reserve hack a “bonanza” for spear phishers

Sensitive details on thousands of banking executives lifted from a hacking involving the Federal Reserve represent a potential “bonanza” for spear phishers looking to snare high-value targets in personalized scam e-mails, a security researcher said. The list is no longer readily available online, but according to Chris Wysopal, CTO of security firm Veracode, it contained details from a Federal Reserve-related database that Anonymous-affiliated hackers claimed to breach on Sunday. It included 31 fields, including home addresses, e-mail addresses, login IDs, and cryptographically hashed passwords. “As you can see, this is a spearphishing bonanza and even a password reuse bonanza for whoever can crack the password hashes,” he wrote in a blog post published on Wednesday. “It doesn’t look like any of these are internal Federal Reserve System accounts as those would have FRS AD UIDs associated with each account. Still, this is about the most valuable account dump by quality I have seen in a while.” Read 2 remaining paragraphs | Comments

View article:
Data siphoned in Fed reserve hack a “bonanza” for spear phishers

We’re going to blow up your boiler: Critical bug threatens hospital systems

A picture of a Tridium device running the Niagara AX framework. Tridium More than 21,000 Internet-connected devices sold by Honeywell are vulnerable to a hack that allows attackers to remotely seize control of building heating systems, elevators, and other industrial equipment and in some cases, causes them to malfunction. The hijacking vulnerability in Niagara AX-branded hardware and software sold by Honeywell’s Tridium division was demonstrated at this week’s Kaspersky Security Analyst Summit in San Juan, Puerto Rico. Billy Rios and Terry McCorkle, two security experts with a firm called Cylance , allowed an audience to watch as they executed a custom script that took about 25 seconds to take control of a default configuration of the industrial control software. When they were done they had unfettered control over the device, which is used to centralize control over alarm systems, garage doors, heating ventilation and cooling systems, and other equipment in large buildings. Taking advantage of the flaw would give attackers half a world away the same control on-site engineers have over connected systems. Extortionists, disgruntled or unstable employees, or even terrorists could potentially exploit vulnerabilities that allow them to bring about catastrophic effects, such as causing a large heating system to explode or catch fire or sabotaging large chillers used by hospitals and other facilities. Attackers could also exploit the bug to gain a toehold into networks, which could then be further penetrated using additional vulnerabilities that may be present. Read 12 remaining paragraphs | Comments

View the original here:
We’re going to blow up your boiler: Critical bug threatens hospital systems

Securing your website: A tough job, but someone’s got to do it

In 2006, members of a notorious crime gang cased the online storefronts belonging to 7-Eleven, Hannaford Brothers, and other retailers. Their objective: to find an opening that would allow their payment card fraud ring to gather enough data to pull off a major haul. In the waning days of that year they hit the mother lode, thanks to Russian hackers identified by federal investigators as Hacker 1 and Hacker 2. Located in the Netherlands and California, the hackers identified a garden-variety flaw on the website of Heartland Payment Systems, a payment card processor that handled some 100 million transactions per month for about 250,000 merchants. By exploiting the so-called SQL injection vulnerability, they were able to gain a toe-hold in the processor’s network , paving the way for a breach that cost Heartland more than $12.6 million. The hack was masterminded by the now-convicted Albert Gonzalez and it’s among the most graphic examples of the damage that can result from vulnerabilities that riddle just about any computer that serves up a webpage . Web application security experts have long cautioned such bugs can cost businesses dearly, yet those warnings largely fall on deaf ears. But in the wake of the Heartland breach there was no denying the damage they can cause. In addition to the millions of dollars the SQL injection flaw cost Heartland, the company also paid with its loss of reputation among customers and investors. Read 23 remaining paragraphs | Comments

See the original article here:
Securing your website: A tough job, but someone’s got to do it

How Yahoo allowed hackers to hijack my neighbor’s e-mail account

Reflected XSS vulnerabilities in action Aspect Security When my neighbor called early Wednesday morning, she sounded close to tears. Her Yahoo Mail account had been hijacked and used to send spam to addresses in her contact list. Restrictions had then been placed on her account that prevented her from e-mailing her friends to let them know what happened. In a  blog post  published hours before my neighbor’s call, researchers from security firm Bitdefender said that the hacking campaign that targeted my neighbor’s account had been active for about a month. Even more remarkable, the researchers said the underlying hack worked because Yahoo’s developer blog runs on a version of the WordPress content management system that contained a vulnerability developers addressed more than eight months ago . My neighbor’s only mistake, it seems, was clicking on a link while logged in to her Yahoo account. As someone who received one of the spam e-mails from her compromised account, I know how easy it is to click such links. The subject line of my neighbor’s e-mail mentioned me by name, even though my name isn’t in my address. Over the past few months, she and I regularly sent messages to each other that contained nothing more than a Web address, so I thought nothing of opening the link contained in Wednesday’s e-mail. The page that opened looked harmless enough. It appeared to be an advertorial post on MSNBC.com about working from home, which is something I do all the time. But behind the scenes, according to Bitdefender, something much more nefarious was at work. Read 9 remaining paragraphs | Comments

Read More:
How Yahoo allowed hackers to hijack my neighbor’s e-mail account

“PlayStation 4K” and “Xbox Durango” will be key to Ultra HD adoption

Joseph Dumary Next-gen TV—with a 4K “Ultra HD” picture resolution—was this year’s hot topic at CES . But its success may be in the hands of console gamers. With leaked details of octal-core processor banks paired with 8GB of RAM, the PlayStation 4 “Orbis” is sounding powerful (just for comparison of RAM alone, the 8GB of system memory is roughly 32 times more than the current model). But to see where 4K comes in, it’s worth taking a trip back seven years. In 2005, very few people had an HDTV. According to one study , there were “as many” as 10 million homes with high-definition screens—globally. The problem, according to many commentators, was the lack of HD content: nobody wanted to buy an HDTV because there was little HD content; very little HD content was made because there were very few people to sell it to. Classic catch-22. Read 11 remaining paragraphs | Comments

Read this article:
“PlayStation 4K” and “Xbox Durango” will be key to Ultra HD adoption

Yes, that PC cleanup app you saw on TV at 3 a.m. is a waste

Step one: incite panic. MyCleanPC.com Maybe you’ve seen the ads on the Internet or on TV in the wee hours of the morning. They make lofty promises: get rid of blue screens and error messages! Increase your speed! Clean up your system! But even when these PC cleanup apps aren’t just malware in disguise, the things they’re doing for your PC are often dubious. Many either replicate tasks that can be handled by built-in utilities or do things that could cause more problems than they solve. To highlight just why you and your loved ones should never let these applications anywhere near your PC, we picked one that we’d recently seen ads for: MyCleanPC. It’s the archetypal Windows cleanup app—and you probably shouldn’t install it. Intimidation tactics The standard ad for a PC cleanup app follows the same basic format as this ad from MyCleanPC.com . These ads for PC cleanup products often follow the same basic formula: appeal to people with slow or buggy PCs, throw in a few shots of an operating system that looks kind of like Windows, tack on some “customer testimonials,” and offer a free diagnosis that will make all the problems go away. Read 14 remaining paragraphs | Comments

See more here:
Yes, that PC cleanup app you saw on TV at 3 a.m. is a waste