Sunday, May 31, 2015

Biz Email Fraud Could Hit $1 Billion

Wire fraud perpetrated via business email compromises has quickly become a top concern for banking institutions. David Pollino, bank fraud prevention officer at Bank of the West, now predicts wire fraud losses in the U.S. linked to such "masquerading" schemes could exceed $1 billion this year.

In fact, the losses from these emerging schemes could be higher than any wire and ACH losses linked to account takeovers, he says.

"Traditionally, whether it was phishing or malware, you saw the criminals getting the username and password and then executing the transaction or takeover of the victim's computer to wage the attack," Pollino says. "With these new attacks, we see the actual compromise of the business. The victims are fooled into the legitimacy of the wire transfer." 

Cyber-Security Is a Top Priority in Corporate Boardrooms

A new survey from NYSE Governance Services and Veracode on current IT security attitudes and trends finds that boards are taking cyber-security very seriously.

Security vendor Veracode and NYSE (New York Stock Exchange) Governance Services released a study today that examines the role of cyber-security in the boardroom. Over the course of the last year, cyber-security has increasingly become top of mind for many, including corporate boardroom executives.

"We got some interesting results," Chris Wysopal, co-founder and CTO at Veracode, said about the survey, which included responses from 184 directors of public companies, including those in financial services, technology and health care. "One finding that was surprising is how seriously boards are taking security," he told eWEEK.

Read more:

Thursday, May 28, 2015

Yahoo must face email spying class action: U.S. judge

A U.S. judge ordered Yahoo Inc to face a nationwide class-action lawsuit accusing it of illegally intercepting the content of emails sent to Yahoo Mail subscribers from non-Yahoo Mail accounts, and using the information to boost advertising revenue.
In a decision late Tuesday night, U.S. District Judge Lucy Koh in San Jose, California said people who sent emails to or received emails from Yahoo Mail subscribers since Oct. 2, 2011 may sue as a group under the federal Stored Communications Act for alleged privacy violations.
She also said a class of non-Yahoo Mail subscribers in California since Oct. 2, 2012 may sue as a group under that state's Invasion of Privacy Act.

Image courtesy of Stuart Miles at 

Kaspersky Lab: New cyber-spy attacking SMBs under guise of Microsoft Word

Kaspersky Lab reported today that Grabit, a new cyber-spying campaign, has stolen approximately 10,000 files from SMBs in primarily the U.S., India and Thailand by pretending to be a Microsoft Word document.
According to Kaspersky, Grabit is targeting the agriculture, chemicals, construction, education, media and nanotechnology sectors amongst others.
Ido Noar, senior security researcher of the Global Research and Analysis Team at Kaspersky Lab, said that Grabit proves that cybercriminals are not just after large organizations. 
"We see a lot of spying campaigns focused on enterprises, government organizations and other high-profile entities, with SMBs rarely seen in the lists of targets, but Grabit shows that it's not just a ‘big fish' game," Noar said in a statement. "In the cyber world, every single organization, whether it possesses money, information or political influence, could be of potential interest to one or other malicious actor."
Image courtesy of chanpipat at

Wednesday, May 27, 2015

This Single String of Text Can Crash Your iPhone’s Messages App

If you’ve got an iPhone, and a particularly obnoxious group of friends, you might want to avoid checking your text messages today.

That’s because a new exploit has been found that lets someone send you a specific line of text that can crash your iPhone’s Messages app, and in some cases crash the phone entirely.

We’re going to show the string of text as an image here, so that you and your nasty friends can’t just copy it down and freeze each other’s phones. If you really want to see the code, you can just find it on Reddit, or Twitter with a quick search. Click through to see the text: 

Average cost of computer breach for US Based Company is $6.5 Million

The average cost of a computer breach at large companies globally was $3.79 million, a survey released Wednesday found. For U.S.-based companies, the average cost was much higher, $6.5 million.

The survey was conducted by the Ponemon Institute, a security research center, in conjunction with IBM. It surveyed 350 companies in 11 countries that had experienced a data breach, mostly in 2014. In the United States, 62 companies participated in the survey.

"The cost of a data breach, both the total organization cost as well as the cost per compromised record, increased substantially," said Larry Ponemon, chair of the institute. Read more: 

ComSec LLC provides cellular and mobile device malware and spyware detection. Get info here:

Tuesday, May 19, 2015

Enterprise employees choose adult content, app downloads over security

Business employees are regularly ignoring IT policies in order to surf adult content and download both suspicious attachments and unauthorized apps, a new report claims.

According to a new survey conducted by Blue Coat and Vanson Bourne, the rising number of cyberattacks levied against businesses is on the rise -- but employees are yet to tailor their behavior at work accordingly.

The majority of 1580 survey respondents worldwide said they understood the cybersecurity risks linked to downloading email attachments from unknown senders, viewing adult content, using social media and downloading unapproved applications, but this has not curbed their risk-taking when using corporate systems and mobile gadgets. 

Feds Charge Chinese Professors With Economic Espionage

Image courtesy of 
Idea go
Three Chinese professors are among six people charged with economic espionage and stealing trade secrets involving technology that helps filter unwanted signals on mobile devices. The alleged spying was done to benefit universities and companies on behalf of the Chinese government, the U.S. Department of Justice said on Tuesday.

The Chinese professors were affiliated with Tianjin University, the department said.

The 32-count indictment said the trade secrets alleged to have been stolen came from Avago Technologies and Skyworks Solutions. Read more: 

Wednesday, May 13, 2015

Absolute Survey Shows Millennials Represent Greatest Risk to Corporate Data

Absolute® Software Corporation (TSX: ABT), the industry standard for persistent endpoint security and management solutions for computers, laptops, tablets and smartphones, today announced the results of a U.S. mobile security study*, conducted earlier this year. The survey confirmed that Millennials prove to be a greater risk to data security as compared to other user categories.

The report provides insight into employee attitudes toward IT security and their behaviors on corporate-owned mobile devices. Based on usage preferences and content accessed, the results offer an eye-opening perspective on the security risks associated with employee mobile device usage, depending on company size, employee age, their role, and the number of devices they use.

The report demonstrates clear differences in generational behavior and associated risks related to data security. Read more:

Tuesday, May 12, 2015

Ex-DOE worker charged with trying to steal, sell nuclear data

Image courtesy of 

A former employee of the Nuclear Regulatory Commission (NRC) is facing up to 50 years in prison for allegedly attempting to use a spear-phishing campaign to harvest sensitive nuclear weapons information from government computers.

Charles Harvey Eccleston, 62, planned to sell the information to an undisclosed foreign government, according to charges unsealed Friday by the Justice Department.

His plans were thwarted by an FBI sting operation, and he now faces four felony charges, authorities say, including wire fraud.

“Combating cyber-based threats to our national assets is one of our highest priorities,” Assistant Attorney General for National Security John P. Carlin said in a statement.

Read More:

Monday, May 11, 2015

The Spy Among Us

Jack Barsky held a job at some of the top corporations in the U.S. and lived a seemingly normal life -- all while spying for the Soviet Union

The following is a script from "The Spy Among Us" which aired on May 10, 2015. Steve Kroft is the correspondent. Draggan Mihailovich, producer.

Tonight, we're going to tell you a story you've probably never heard before because only a few people outside the FBI know anything about it. It's a spy story unlike any other and if you think your life is complicated, wait till you hear about Jack Barsky's, who led three of them simultaneously. One as a husband and father, two as a computer programmer and administrator at some top American corporations and three as a KGB agent spying on America during the last decade of the Cold War.
Read more: 

Image courtesy of
Idea go

Thursday, May 7, 2015

N.S.A. Phone Data Collection Is Illegal, Appeals Court Rules

Photo by "Salvatore Vuono" via

A federal appeals court in New York on Thursday ruled that the once-secret National Security Agency program that is systematically collecting Americans’ phone records in bulk is illegal. The decision comes as a fight in Congress is intensifying over whether to end and replace the program, or to extend it without changes.

In a 97-page ruling, a three-judge panel for the United States Court of Appeals for the Second Circuit held that a provision of the USA Patriot Act known as Section 215 cannot be legitimately interpreted to allow the bulk collection of domestic calling records.

The ruling was certain to increase the tension that has been building in Congress as the provision of the act that has been cited to justify the bulk data collection program nears expiration. It will expire in June unless lawmakers pass a bill to extend it. 

Wednesday, May 6, 2015

Woman accused of selling DuPont trade secrets to China pleads guilty to related charge

OAKLAND, Calif. (AP) — A woman accused along with her husband and former DuPont engineers of stealing trade secrets and selling them to China has pleaded guilty to a related charge.
Court records show Christina Liew entered the plea Wednesday in federal court in Oakland to conspiracy to tamper with evidence.
Authorities say Liew and her husband, Walter Liew, paid retired DuPont engineers thousands of dollars for sensitive company documents about how to make a white pigment known as titanium dioxide. It's used to whiten products from cars to the middle of Oreo cookies. 

Now it's Germany accused of spying on allies

By Tobias Koch (OTRS) [CC BY-SA 3.0 de
(], via Wikimedia Commons
BERLIN — About 18 months ago, Chancellor Angela Merkel was the wronged American ally whose cellphone number was among data sucked up by American intelligence as it kept watch on Europeans. 

“Spying among friends — that is simply not done,” she said after the discovery in autumn 2013, to a sympathetic domestic audience. 

Within the past two weeks, the tide has turned. Merkel is back in the spotlight over spying. This time it is Germany’s foreign intelligence service, known here as the BND, that is being accused of monitoring European companies and perhaps individuals. Further, the reports said it was done at the behest of the National Security Agency, the U.S. intelligence organization. 
Read more:

Monday, May 4, 2015

US Ambassador to Turkey Rejects Espionage Allegations

Baku-APA. U.S. Ambassador to Turkey John Bass has rejected allegations that an American consulate member in the Turkish southern province of Adana is involved in espionage in the country, APA reports quoting Anadolu Agency.

Bass clarified the U.S. position on the serious allegation in comments to the media in Ankara Monday.

Turkish dailies had reported recently that a security manager Sinan Seyfettinoglu, who works at the American Consulate in Adana, was allegedly involved in spying in Turkey. According to the papers, Seyfettinoglu regularly paid money to a local media person, who had close relations with Turkish security officials.

Read More:

Michael Lyon Faces New Eavesdropping Charges

Disgraced Sacramento real estate mogul Michael Lyon was back in court Monday wearing a suit and tie, having shed his orange jumpsuit after being released from jail last month.
While Lyon looked more like the prominent businessman he once was – instead of the disheveled figure seen in jail booking photos – his legal ordeal is far from over. His hearing was postponed to May 18 in Sacramento Superior Court on 16 felony counts of electronic eavesdropping that expose him to potentially more time behind bars.
When he was released April 1, Lyon, 59, the former chief executive officer of Lyon Real Estate, had served six months for violating the terms of a plea agreement his lawyer worked out with the District Attorney’s Office in 2011. During that arrest last year, prosecutors allege, investigators discovered methamphetamine and other drugs in his home and seized electronic equipment that they analyzed in preparing the latest eavesdropping charges.

Read more here:
Read More: