Tag: reprints

Sexy scammers entice men into stripping on webcam, then blackmail them

Police in Singapore have issued an alert citing a dramatic rise in the number of “cyber blackmail” cases being reported. But unlike many cases that target women or teenagers , this latest rash of crimes targets men through social media sites. The Singapore Police Force reports that there have been more than 50 reported cases in the last year where “foreign” women have lured men through invitations on social networks, such as Facebook and Tagged.com, into video sex sessions that are recorded for blackmail purposes. The women “initiate cybersex” with the men over video chat, stripping for them and then encouraging them to do the same. The men are told to perform sex acts on camera for the women, and the video feeds are recorded. The men are then contacted later and told that the videos will be posted in public if the victims don’t wire money to the scammers. Read 4 remaining paragraphs | Comments

More:
Sexy scammers entice men into stripping on webcam, then blackmail them

Skype calls now equivalent to one-third of global phone traffic

TeleGeography New research (PDF) from TeleGeography, a telecom market analysis firm, shows that worldwide Skype usage is now equivalent to over one-third of all international phone traffic—a record level. The firm’s new data, released Wednesday , shows that “international telephone traffic grew 5 percent in 2012, to 490 billion minutes.” At the same time, “cross-border Skype-to-Skype voice and video traffic grew 44 percent in 2012, to 167 billion minutes. This increase of nearly 51 billion minutes is more than twice that achieved by all international carriers in the world, combined.” While that doesn’t mean that telcos are going to go out of business anytime soon, it does mean that they are certainly continuing to feel the heat. Read 3 remaining paragraphs | Comments

Read the original:
Skype calls now equivalent to one-third of global phone traffic

Spanish police bust alleged “ransomware” ring that took in $1.34M annually

Spanish authorities announced Wednesday that they had arrested 10 people who were allegedly involved in a massive “ransomware” ring. The European Cybercrime Centre estimated that the criminal operation “affected tens of thousands of computers worldwide, bringing in profits in excess of €1 million euros ($1.34 million) per year.” The Spanish Ministry of the Interior described (Google Translate) the lead suspect as a “a 27-year-old citizen of Russian origin who was arrested in December in the United Arab Emirates,” and now awaits extradition to Spain. The newly arrested 10 were  linked to the financial cell of the ransomware operation, and include six Russians, two Ukrainians, and two Georgians. The Ministry added that the operation remains “open,” suggesting that more arrests could be forthcoming. (Spanish authorities posted a video (RAR) of the new arrests and raid.) Madrid dubbed  the ransomware used by the ring a “police virus” because it throws up a notice that appears to come from law enforcement. The malware requires the user to pay €100 ($134) as a “fine” from a false accusation of accessing child pornography or file-sharing websites. When the victims submit their payment details, European authorities added , the “criminals then go on to steal data and information from the victim’s computer.” Read 7 remaining paragraphs | Comments

Read the original:
Spanish police bust alleged “ransomware” ring that took in $1.34M annually

Zero-day attack exploits latest version of Adobe Reader

FireEye A previously undocumented flaw in the latest version of Adobe Systems’ ubiquitous Reader application is being exploited in online hacks that allow attackers to surreptitiously install malware on end-user computers, a security firm said. The attacks, according to researchers from security firm FireEye, work against Reader 11.0.1 and earlier versions and are actively being exploited in the wild. If true, the attacks are notable because they pierce security defenses Adobe engineers designed to make malware attacks harder to carry out. Adobe officials said they’re investigating the report . “Upon successful exploitation, it will drop two DLLs,” FireEye researchers Yichong Lin, Thoufique Haq, and James Bennett wrote of the online attacks they witnessed. “The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the callback component, which talks to a remote domain.” DLL is the researchers’ shorthand for a file that works with the Microsoft Windows dynamic link library. Read 5 remaining paragraphs | Comments

Taken from:
Zero-day attack exploits latest version of Adobe Reader

Comcast acquires full ownership of NBCUniversal ahead of schedule

Comcast, the nation’s largest cable provider, will consolidate its control over NBCUniversal by buying out the 49 percent of the media company that it doesn’t already own. Comcast will pay General Electric $16.7 billion for the shares and shell out $1.4 billion for related real estate, including the iconic 30 Rockefeller Plaza. Under a deal announced in 2009, General Electric spun NBC, Universal Studios, and various other media properties off into a new joint venture and sold 51 percent of the shares, and effective control, to Comcast. The merger was intensely controversial. Critics charged that the acquisition would further cement Comcast’s already dominant position in the cable market, making it impossible for competitors such as Netflix to compete on a level playing field. But regulators decided not to challenge the merger, settling for a long list of regulatory concessions. Read 4 remaining paragraphs | Comments

View original post here:
Comcast acquires full ownership of NBCUniversal ahead of schedule

Obama administration defends $222,000 file-sharing verdict

Credit: U.S. Embassy, Jakarta The Obama Administration has stepped into a long-running file-sharing lawsuit in Minnesota, urging the United States Supreme Court not to get involved in a six-figure verdict against a young mother from Northern Minnesota. The feds don’t buy the woman’s argument that the massive size of the award makes it unconstitutional. Jammie Thomas-Rasset has been fighting a recording industry lawsuit accusing her of sharing music using the now-defunct peer-to-peer network Kazaa for the better part of a decade. In 2007, a jury found Thomas-Rasset liable to the tune of $222,000 for sharing 24 songs. She appealed the verdict, resulting in two more trials that each produced even larger jury awards. These higher figures were thrown out by the courts, but last year, the Eighth Circuit Court of Appeals upheld the $222,000 award. Thomas-Rasset is now seeking review by the Supreme Court. In a December brief , her lawyer drew an analogy to a line of Supreme Court decisions regarding excessive punitive damages. In those cases, juries had awarded punitive damages that were more than 100 times larger than the actual damages suffered by the plaintiffs. The Supreme Court held that such disproportionate punitive damages violate the due process clause of the Constitution. Read 6 remaining paragraphs | Comments

More:
Obama administration defends $222,000 file-sharing verdict

Apple releases iOS 6.1.1 for iPhone 4S users with 3G issues (Updated)

Update : Apple has now released the iOS 6.1.1 update mentioned in our original writeup. The update is specifically for the iPhone 4S and “fixes an issue that could impact cellular performance and reliability for iPhone 4S.” This is most likely to address the 3G issues experienced by some users, though it doesn’t sound like iOS 6.1.1 does anything to improve battery life as of yet. Original story : iOS 6.1.1 may be making its way into consumers’ hands sooner than we expected. The first beta of iOS 6.1.1 was only released to Apple’s developer network last week, but the update is reportedly being “rushed” out to customers in order to address 3G performance bugs, according to German iPhone site iFun . It is also said to address other problems like reduced battery life. The software is said to have undergone some carrier testing, though it’s still unclear exactly when Apple plans to publish the update. Read 4 remaining paragraphs | Comments

Original post:
Apple releases iOS 6.1.1 for iPhone 4S users with 3G issues (Updated)

Data siphoned in Fed reserve hack a “bonanza” for spear phishers

Sensitive details on thousands of banking executives lifted from a hacking involving the Federal Reserve represent a potential “bonanza” for spear phishers looking to snare high-value targets in personalized scam e-mails, a security researcher said. The list is no longer readily available online, but according to Chris Wysopal, CTO of security firm Veracode, it contained details from a Federal Reserve-related database that Anonymous-affiliated hackers claimed to breach on Sunday. It included 31 fields, including home addresses, e-mail addresses, login IDs, and cryptographically hashed passwords. “As you can see, this is a spearphishing bonanza and even a password reuse bonanza for whoever can crack the password hashes,” he wrote in a blog post published on Wednesday. “It doesn’t look like any of these are internal Federal Reserve System accounts as those would have FRS AD UIDs associated with each account. Still, this is about the most valuable account dump by quality I have seen in a while.” Read 2 remaining paragraphs | Comments

View article:
Data siphoned in Fed reserve hack a “bonanza” for spear phishers

We’re going to blow up your boiler: Critical bug threatens hospital systems

A picture of a Tridium device running the Niagara AX framework. Tridium More than 21,000 Internet-connected devices sold by Honeywell are vulnerable to a hack that allows attackers to remotely seize control of building heating systems, elevators, and other industrial equipment and in some cases, causes them to malfunction. The hijacking vulnerability in Niagara AX-branded hardware and software sold by Honeywell’s Tridium division was demonstrated at this week’s Kaspersky Security Analyst Summit in San Juan, Puerto Rico. Billy Rios and Terry McCorkle, two security experts with a firm called Cylance , allowed an audience to watch as they executed a custom script that took about 25 seconds to take control of a default configuration of the industrial control software. When they were done they had unfettered control over the device, which is used to centralize control over alarm systems, garage doors, heating ventilation and cooling systems, and other equipment in large buildings. Taking advantage of the flaw would give attackers half a world away the same control on-site engineers have over connected systems. Extortionists, disgruntled or unstable employees, or even terrorists could potentially exploit vulnerabilities that allow them to bring about catastrophic effects, such as causing a large heating system to explode or catch fire or sabotaging large chillers used by hospitals and other facilities. Attackers could also exploit the bug to gain a toehold into networks, which could then be further penetrated using additional vulnerabilities that may be present. Read 12 remaining paragraphs | Comments

View the original here:
We’re going to blow up your boiler: Critical bug threatens hospital systems

To prevent hacking, disable Universal Plug and Play now

Security experts are advising that a networking feature known as Universal Plug and Play be disabled on routers, printers, and cameras, after finding it makes tens of millions of Internet-connected devices vulnerable to serious attack. UPnP, as the feature is often abbreviated, is designed to make it easy for computers to connect to Internet gear by providing code that helps devices automatically discover each other over a local network. That often eliminates the hassle of figuring out how to configure devices the first time they’re connected. But UPnP can also make life easier for attackers half a world away who want to compromise a home computer or breach a business network, according to a white paper published Tuesday by researchers from security firm Rapid7. Over a five-and-a-half-month period last year, the researchers scanned every routable IPv4 address about once a week. They identified 81 million unique addresses that responded to standard UPnP discovery requests, even though the standard isn’t supposed to communicate with devices that are outside a local network. Further scans revealed 17 million addresses exposed UPnP services built on the open standard known as SOAP, short for simple object access protocol. By broadcasting the service to the Internet at large, the devices can make it possible for attackers to bypass firewall protections. Read 5 remaining paragraphs | Comments

Read More:
To prevent hacking, disable Universal Plug and Play now