Lessons from the capture of SpyEye’s mastermind
February 5, 2014
SEATTLE — The cyberunderground paused last week to note that Aleksandr Andreevich Panin, aka “Gribodemon,” had pleaded guilty to charges pegging him as the mastermind of SpyEye.
SpyEye is the tool of choice for hackers who routinely pilfer from online bank accounts. It arose in 2009 as a cheaper imitation of the pioneering banking Trojan, ZeuS, which was the creation of a brilliant, young Russian programmer who goes by the aliases Slavik, A-Z, Umbro and Monstr.
ZeuS’ creator remains on the loose.
The tale of how SpyEye overtook ZeuS could fit in any textbook on entrepreneurship. What’s more, it demonstrates how business-like and resilient the world of criminal hacking has become.
Let’s pick up the story circa 2009, with the help of Don Jackson, director of threat intelligence at security start-up PhishLabs, and Loucif Kharouni, researcher at anti-malware firm Trend Micro.
ZeuS is selling for as much as $8,000 to crime gangs expert at hijacking online bank accounts. ZeuS hacks require customized tuning of the attack code, and crews of hackers working in concert to pull off Ocean’s Eleven-like heists. …More
Concerns rise as hotel chains disclose data breach
February 5, 2014
SEATTLE — The disclosure of consumer data breaches at certain Marriott, Hilton, Sheraton and other major hotel chains managed by White Lodging Hotels comes as Congress is getting briefed about how cybercriminals are taking advantage of flaws in systems that collect and store sensitive data.
Senators Al Franken, Dick Durbin, and Diane Fienstein yesterday got …More
Yahoo hack stirs passwords debate
January 31, 2014
SEATTLE – The age of convenient logons may be nearing an end.
That’s the upshot of the continuing wave of reports of hackers stealing consumer data from marquee retailers and tech companies, security experts say.
Yahoo is the latest example, admitting Thursday that data thieves “gained unauthorized access” to an undisclosed number of Yahoo mail users’ account credentials.
Company spokeswoman DJ Anderson emphasized the …More
Trust in the Internet is crumbling
January 28, 2014
SEATTLE — Today we commemorate Data Privacy Day here in the U.S., while Europe acknowledges Data Protection Day.
It couldn’t be more timely. Trust …More
Payment card data theft jumps five-fold
January 23, 2014
SEATTLE – Well north of 740 million records were exposed in 2013, making it the worst year in terms of data breaches recorded.
That’s a very conservative number derived by analyzing approximately 500 breaches listed on the Privacy Rights Clearinghouse Chronology Data Base, according to the Online Trust Alliance.
That list is comprised of publicly disclosed data breaches and includes the 40 million records Target disclosed …More
Can Shape Security revolutionize Web defense?
January 21, 2014
Spying reforms seek to balance privacy, security
January 17, 2014
SEATTLE – President Obama this morning left all the major stakeholders tracking the debate over government spying slightly dissatisfied.
Given the complexity of the issues, some observers credited Obama for doing a commendable job of attempting to delicately balance privacy and national security.
“The public needs to understand that it’s a moving target given the rapid pace at which technology is developing,” says Stephen …More« go back — keep looking »