“This is the American Express Fraud Department” – Two Dozen Carders Arrested on 4 Continents June 26, 2012
Posted by Chris Mark in cybersecurity, Industry News.Tags: Amex, BOA, Carders, data theft, DSS, Fatal System Error, fbi, mark consulting group, PCI, Sting, visa
1 comment so far
Lnight my wife received an email about a suspcious transaction on our Amex card. Turns out it was a fraudulent transaction and my wife’s card had been stolen. I was writing a blog post on this very subject when a Google alert informs me of this article on Foxnews. “Two Dozen Arrested in Online Financial Fraud Sting”. According to the article: “Two dozen people on four continents have been arrested in an elaborate sting targeting a black market for online financial fraud, federal officials in New York said Tuesday.
U.S. officials called the crackdown in United States, Europe, Asia and Australia the largest enforcement effort ever against hackers who steal credit card, bank and other information on the Internet — a practice known as “carding.” The officials claimed the two-year FBI sting protected more than 400,000 potential victims and prevented losses of around $205 million.”
On that note, I recommend that you take a look at the book “Fatal System Error”…gives very good insight into the underworld of Carding.
“Pinky and the Brain” – Chris & Heather Mark’s Articles in Transaction World Magazine June 21, 2012
Posted by Chris Mark in cybersecurity, Industry News, InfoSec & Privacy.Tags: compliance, credit card, cybersecurity, data breach, information security, PCI DSS, privacy, transaction world
add a comment
I heard yesterday from the EIC of Transaction World Magazine that they will be publishing one of my articles in their August 2012 issue. Stay tuned! I have written for TW numerous times over the past 7 years or so and Heather has written for them consistently since about 2005. You can read her current article here and see archives of Heather’s articles at this link. If you are not in the payments industry and want to know about the exciting world of credit card issues, check out TransactionWorld. It has great articles covering everything from compliance, to security, interchange, and more. Here are two links to a couple of my previous TW articles..1) Why Regulation Cannot Prevent CyberCrime and 2) Lessons from the Heartland Breach…clearly in this relationship Heather is the Brain and I am Pinky 😉
“The Rise of CyberEspionage” – Chris Mark Published in Homeland Security Network June 18, 2012
Posted by Chris Mark in cyberespionage, cybersecurity.Tags: anonymous, china, cybercrime, cyberespionage, cybersecurity, data breach, data security, homeland security network, L3, mark consulting group, RSA, security
add a comment
An article I wrote on the Rise of Cyber Espionage was picked up by the Homeland Security Network. I must admit that the article title is not what was submitted but the article is one I wrote. If you are interested, spin on over to the Homeland Security Network and read the article. Any feedback would be appreciated..here is an excerpt:
“On April 15, 2011, the US Congressional Subcommittee on Oversight and Investigations conducted a hearing on Chinese cyber-espionage. The hearing revealed the US government’s awareness of Chinese cyberattacks. In describing the situation in her opening remarks, sub-committee chairperson Dana Rohrbacher astutely stated:
“[The]United States is under attack.”12 “The Communist Chinese Government has defined us as the enemy. It is buying, building and stealing whatever it takes to contain and destroy us. Again, the Chinese Government has defined us as the enemy.”
Oh My!! More than 6 Million LinkedIn Passwords Stolen! June 6, 2012
Posted by Chris Mark in cybersecurity, Data Breach, Industry News.Tags: Chris Mark, cybercrime, cybersecurity, InfoSec, LinkedIn, privacy, security, Stolen Passwords
add a comment
Change your LinkedIn password now! According to an article on CNN, over 6 million LinkedIn passwords were stolen by Russian hackers. LinkedIn also confirmed in their own blog post that some of the posted passwords did match LinkedIn accounts. According to the story: “The 6.5 million leaked passwords were posted Monday on a Russian online forum, camouflaged with a common cryptographic code called SHA-1 hash. It’s a format that’s considered weak if added precautions aren’t taken. Roughly half of the “hashed” passwords have already been decoded and posted online in human-readable text.” You can read more about how Hashes are cracked using Rainbow tables in the awesome post here.
“Flame On!”- New CyberWeapon Discovered in Middle East May 28, 2012
Posted by Chris Mark in cyberespionage, cybersecurity, InfoSec & Privacy, News, terrorism.Tags: Chris Mark, cybercrime, cyberespionage, cybersecurity, data theft, Duqu, Flame, hack, InfoSec, Kapersky, security, Stuxnet
1 comment so far
Complementing the post CyberEspionage, researchers have discovered a new cyberweapon. First there was Stuxnet, then there was Duqu..now there is Flame. Called by a researcher: “…the most complex piece of malicious software discovered to date…” the recently discovered virus is designed to capture data but can also change computer setting and turn on integrated microphones to record what is being said in the room. Kapersky labs discovered the virus, dubbed “Flame”, which has been lurking undetected inside of thousands of computers in the Middle East for as long as 5 years. According to Kapersky, the countries with the most infections include Iran with the most infections followed by Israel/Palestine area, Syria, and Sudan. According to Kapersky senior researcher Roel Schouwenberg: “The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information”. (more…)
Global Security, Privacy, & Risk Management 