Monday, May 19, 2008

The bribes may explain why no one seems to detect the skimmers...

http://www.pogowasright.org/article.php?story=20080519062429708

Ie: 1 million euro stolen in bank card fraud

Monday, May 19 2008 @ 06:24 AM EDT Contributed by: PrivacyNews News Section: Breaches

Around one million euro has been stolen from 300 bank accounts in one of the largest incidents of bank card fraud ever in Ireland.

It is understood bank cards were cloned at points of sale in shops and restaurants around Dublin in the last few weeks.

Source - Independent.ie Thanks to Brian Honan for the link.

[From the article:

It is understood that criminal's paid shop and restaurant workers up to ten thousand euro to skim laser cards and find out their pin numbers by looking over their shoulder - a practice called "shoulder surfing".

... Most of the withdrawals took place at the end of April and in early May, and many of the customers contacted their bank themselves to notify them of the irregularities because the banks fraud detection systems failed to pick up on the activity. [Shouldn't that scare hell out of the banks? Bob]



...because Phishing takes too long?

http://www.pogowasright.org/article.php?story=20080518094324689

Chinese Red Cross Website Hacked to Steal Earthquake Relief Donations

Sunday, May 18 2008 @ 09:43 AM EDT Contributed by: PrivacyNews News Section: Breaches

Verified by the Ministry of Public Security, a section of the official Red Cross website has been illegally hacked. According to the report, criminal elements gained access to the section of the website that held the special accounts for earthquake disaster relief donations. [...and changed the site to point to their accout numbers. Bob]

An individual named Li Bujiu, had opened four fraudulent bank accounts to steal the funding.

Source - The Dark Visitor hat-tip, Fergie's Tech Blog


Related?

http://www.infoworld.com/article/08/05/19/Mass-SQL-injection-attack-targets-Chinese-Web-sites_1.html?source=rss&url=http://www.infoworld.com/article/08/05/19/Mass-SQL-injection-attack-targets-Chinese-Web-sites_1.html

Mass SQL injection attack targets Chinese Web sites

Attack has implanted malware in thousands of Web sites in China and Taiwan

By Sumner Lemon, IDG News Service May 19, 2008

Web sites across China and Taiwan are being hit by a mass SQL injection attack that has implanted malware in thousands of Web sites, according to a security company in Taiwan.

First detected on May 13, the attack is coming from a server farm inside China, which has made no effort to hide its IP (Internet Protocol) addresses, said Wayne Huang, chief executive officer of Armorize Technologies, in Taipei.

"The attack is ongoing, ... even if they can't successfully insert malware, they're killing lots of Web sites right now, because they're just brute-forcing every attack surface with SQL injection, and hence causing lots of permanent changes to the victim Web sites," Huang said.



...because..

http://www.pogowasright.org/article.php?story=20080519061401232

Data “Dysprotection:” breaches reported last week

Monday, May 19 2008 @ 06:20 AM EDT Contributed by: PrivacyNews News Section: Breaches

A recap of incidents or privacy breaches reported last week for those who enjoy shaking their head and muttering to themselves with their morning coffee.

Source - Chronicles of Dissent



Did anyone thing they were invulnerable?

http://www.news.com/8301-10784_3-9946716-7.html?part=rss&subj=news&tag=2547-1_3-0-5

Security hole found in software used by power plants

Posted by Elinor Mills 3 comments May 18, 2008 10:01 AM PDT

We can all live with outages at Yahoo Mail, Twitter, and CNN.com. But what about when there's an outage that affects our electrical power, heating systems, and gas supplies?

Boston-based security firm Core Security has discovered a serious hole in the Suitelink software that is used to automate operations at power stations, oil refineries and production lines, according to a report in New Scientist.



Sure to be a feature of the Olympics?

http://yro.slashdot.org/article.pl?sid=08/05/18/1630208&from=rss

China's All-Seeing Eye

Posted by Soulskill on Sunday May 18, @01:22PM from the who-watches-the-watchers dept.

Greg Walton brings us a lengthy story from Rolling Stone which describes China's comprehensive surveillance project, dubbed Golden Shield. The 'Great Firewall of China,' which we've discussed in the past, is but one aspect of Golden Shield. It also includes national ID cards, CCTV networks, and face-recognition software. This investigation showcases just how massive an undertaking it truly is. When finished, it will dwarf London's surveillance system. Quoting:

"Over the past two years, some 200,000 surveillance cameras have been installed throughout the city. Many are in public spaces, disguised as lampposts. The closed-circuit TV cameras will soon be connected to a single, nationwide network, an all-seeing system that will be capable of tracking and identifying anyone who comes within its range -- a project driven in part by U.S. technology and investment. Over the next three years, Chinese security executives predict they will install as many as 2 million CCTVs in Shenzhen, which would make it the most watched city in the world. (Security-crazy London boasts only half a million surveillance cameras.) ... This is the most important element of all: linking all these tools together in a massive, searchable database of names, photos, residency information, work history and biometric data. When Golden Shield is finished, there will be a photo in those databases for every person in China: 1.3 billion faces."



Lawyer Losey make a couple of points I've been pushing for years. 1) You don't need to write a book in one sitting. Small 'compositions' on a regular basis add up quickly. 2) Collecting data makes you a resource. If you can apply some expertise, perhaps a valuable resource.

http://ralphlosey.wordpress.com/2008/05/17/online-reference-and-thirty-one-more-e-discovery-cases/

Online Reference and Thirty One More e-Discovery Cases

... I was surprised to notice that I have somehow written and posted over 100 essays in the past year and a half. They cover most of the important e-discovery cases and trends since I started this blog in the Fall of 2006.

... So I got to thinking what I might do to make this blog a more useful research tool for everyone? The answer was to post my collection of favorite e-discovery cases, most of which have not been previously included in the blog because they preceded it in time. So my blog for this week is my list of favorite cases, along with a brief summary of each case. I include this case digest in my CLE handouts anyway, so I thought it might be helpful to make them available in electronic, searchable form.



For the students in my Inter-Stellar Navigation class...

http://www.bespacific.com/mt/archives/018372.html

May 18, 2008

WorldWide Telescope Web 2.0 Visualization Software

"The WorldWide Telescope (WWT) is a Web 2.0 visualization software environment that enables your computer to function as a virtual telescope—bringing together imagery from the best ground and space-based telescopes in the world for a seamless exploration of the universe.

Choose from a growing number of guided tours of the sky by astronomers and educators from some of the most famous observatories and planetariums in the country. Feel free at any time to pause the tour, explore on your own (with multiple information sources for objects at your fingertips), and rejoin the tour where you left off. Join Harvard Astronomer Alyssa Goodman on a journey showing how dust in the Milky Way Galaxy condenses into stars and planets. Take a tour with University of Chicago Cosmologist Mike Gladders two billion years into the past to see a gravitational lens bending the light from galaxies allowing you to see billions more years into the past." [Microsoft Research]

No comments: