Wednesday, August 19, 2009

Not all Identity Theft is large scale.

http://www.databreaches.net/?p=6738

7-Eleven statement regarding 2007 credit card fraud

August 18, 2009 by admin Filed under Breach Incidents, Business Sector, Hack, Malware, U.S.

7-Eleven, Inc. has learned that federal authorities in New Jersey have indicted individuals for the theft of credit and debit card numbers in a computer hacking scheme targeting multiple retailers in a number of separate incidents over the last several years.

The company became aware in late 2007 that a security breach had occurred. The affected transactions were limited to customers’ use of certain ATMs, owned and operated by a third party, located in 7-Eleven stores over a 12-day period from October 28, 2007, through November 8, 2007. Steps were immediately taken to contain the security breach and prevent any recurrence.

Upon being notified of the breach, the card companies in accordance with their standard fraud response procedures then alerted the issuing financial institutions regarding the security breach. Each financial institution made its own decision about what appropriate actions to take, including the issuance of new cards or putting card numbers on alert for fraud. These remedial measures were taken in late 2007 and early 2008.

7-Eleven would like to thank the federal authorities for their diligence in pursuing the perpetrators of this crime. Because this matter is pending, we are not providing further details.



Is it naive to assume that those with the tools to read email traveling in both directions would limit themselves to incoming mail only?

http://www.pogowasright.org/?p=2935

UK Govt Mail Services operations manager on allegedly illegal mail screening

August 19, 2009 by Dissent Filed under Featured Headlines, Govt, Non-U.S., Surveillance

Which is exactly what the GMS have been doing.

Just a little bit of background information. GMS is the Government Mail Service which are a department within government who protect government employees from terrorist attacks such as mail bombs, razor blades and probably anthrax – but they are only supposed to screen incoming mail to government departments – and therein lies the rub.

According to the Investigatory Powers Tribunal, GMS do not have “RIPA powers” which means if they open outgoing mail from a government agency/department they are actually breaking the law (just the same as Phorm’s WebWise does) as it would be classed as interception.

So imagine the shock for one of our members when he got a reply today from the Crown Prosecution Service which was delayed by an entire week due to being “Screened” [What takes a full week? Bob] by the GMS. Yes you read that correctly – it now seems that GMS are screening outgoing mail from the CPS.

[...]

In order to try and figure out what was going on, I attempted to phone GMS Screening Office only to never have the call answered – so I then phoned the Operations Manager for GMS using the number on their web site. An audio recording of the conversation can be found by clicking on the link below:

Recording of Conversation with GMS Operations Manager (mp3)

Read more on NoDPI.

Related: Wikileaks.org has mirrored the mp3 file.



Question: What's worse than failing to change the default password?

http://it.slashdot.org/story/09/08/18/2119254/Australian-Police-Database-Lacked-Root-Password?from=rss

Australian Police Database Lacked Root Password

Posted by kdawson on Tuesday August 18, @10:02PM from the kick-me dept.

Concerned Citizen writes

"The Australian Federal Police database has been hacked, although 'hacked' might be too strong a word for what happens when someone gains access to a MySQL database with no root password. Can you be charged with breaking and entering a house that has the door left wide open? Maybe digital trespassing is a better term for this situation. ' These dipshits are using an automatic digital forensics and incident response tool,' the hacker wrote. 'All of this [hacking] had been done within 30-40 minutes. Could of [sic] been faster if I didn't stop to laugh so much.'"



Total deniability. (Also allows Russia to hold back their cyberwar technology.) “Hey Guidoski, Want to help I screw with Georgia or would you rather become the number one priority of the Police Department?”

http://news.cnet.com/8301-13639_3-10312708-42.html?part=rss&subj=news&tag=2547-1_3-0-20

Report: Russian mob aided cyber attacks on Georgia

by Mark Rutherford August 18, 2009 8:53 PM PDT

Civilians recruited by Russian language social networking sites and using Russian Mafia-associated botnets perpetrated many of the cyber attacks on Georgian government websites during the five-day Russian-Georgian war in 2008, according to a recent report.

However, while the cyber attackers appear to have had advance notice of the invasion and the benefit of some close cooperation from a state organ, there were no fingerprints directly linking the attacks to the Russian government or military, according to the U.S. Cyber Consequences Unit (US-CCU), an independent nonprofit research institute that produced the report.


(Related) Perhaps they should contact Tony Soprano?

http://www.wired.com/dangerroom/2009/08/air-force-establishes-new-reduced-cyber-war-command/

Air Force Establishes ‘Reduced’ Cyber-War Command

By David Axe Email Author August 18, 2009 4:36 pm

A year ago, the Air Force suspended its plans to set up a new “cyber command” for network defense and online warfare. The suspension came at a tumultuous time for the air service. Its two top officials had just been canned, botched airplane buys were under close scrutiny and Air Force nuke handlers were reeling from several potentially catastrophic gaffes. “It makes sense for new leadership to want to pause and evaluate,” cyber-security specialist Richard Bejtlich said.

Things are calmer now. The Air Force has new leaders, new and more modest acquisition plans and tighter nuke controls. Amid the calm, and without much fanfare, the Air Force on Tuesday established a new, “greatly reduced” cyber-warfare organization, to borrow Gannett’s description.



What to do with your 52 inch flat screen between SuperBowls...

http://www.bespacific.com/mt/archives/022103.html

August 18, 2009

London: New National Gallery Website

News release: "The re-launched www.nationalgallery.org.uk is the first major gallery website to offer a full-screen zoom facility for its entire collection. Users can now examine every National Gallery masterpiece in outstanding detail, effortlessly sweep across digital canvases and zoom into minute details of their choosing. Also for the first time, users can now check the up-to-date locations of their favorite works of art prior to visiting. Using the Gallery’s own collection database, the new website updates the layout of the collection twice daily. Users can explore the paintings room-by-room using an interactive floorplan, allowing them to follow the narrative of the hang, as well as access new research material for specific works of art... For the best visual experience, the site has been designed to take advantage of the new generation of larger computer screens. Visitors can now access over 12,000 images, 18 hours of audio and at least 200 videos. The site has also been optimised to enable visitors to find specific content with greater ease through search engines like Google, including every painting in the collection."



Tools & Techniques Backgrounder for hackers.

http://www.makeuseof.com/tag/technology-explained-how-does-an-email-server-work/

Technology Explained: How Does An Email Server Work?

Aug. 18th, 2009 By Saikat Basu



Tools & Techniques This is the technical side. Anyone want to write up the legal issues?

http://www.makeuseof.com/tag/winx-dvd-ripper-helps-copy-your-dvds-for-free-windows/

How to Copy DVDs That Are Copyright Protected With WinX DVD Ripper (Windows)

Aug. 19th, 2009 By Karl L. Gechlik

I have been looking for a good free easy to use DVD ripper for a little while now that I can use to copy DVDs that are copyright protected (for backups). I came across this gem called WinX DVD Ripper which is a 6.5 MB download and which will have you ripping DVD’s with ease.



Tools & Techniques

http://news.cnet.com/8301-19882_3-10312631-250.html?part=rss&subj=news&tag=2547-1_3-0-20

Easiest screencasts ever: Screenr

by Rafe Needleman August 18, 2009 5:31 PM PDT

The just-launched Screenr product isn't the only easy Web-friendly screencast tool out there, but among the competing products I've tried, including ScreenJelly and Jing, it is the best option for creating screencasts fast and getting them posted immediately. All you do is let the Java-powered recording app load from the Screenr Web page and hit a button to record a screencast of up to five minutes.

Screenr's special power is its slick Twitter integration. As with TwitPic and TwitVid, once the service collects your media, it posts it on a page for you and can send a description and a link out directly from your Twitter account. The screencasts can also be embedded on any Web page.

There's no editing option or other fancy features like picture-in-picture recording. If you want to go that route, look at apps like Camtasia for Windows, or ScreenFlow on the Mac. However, you can set the size of your image-recording window before you start recording, to make sure you don't include distracting interface elements in your presentation.



Tools & Techniques (Not just for Math teachers...)

http://teachingcollegemath.com/?p=1197

2009 MCC Math and Technology Workshop

… In this week, “Technology Bootcamp” participants learned how to use:

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)