Tag: crime

Home Depot Acknowledges Breach of Payment Systems

Almost a week after public reports named Home Depot as a possible victim of a sophisticated cyber attack, the home improvement giant has acknowledged that it was hacked.   In a statement on Monday, Home Depot said that an internal investigation confirmed a “breach of our payment data systems” took place. The breach affects the company’s U.S. and Canadian stores, though not its Mexican locations or online transactions, the company said. The incident also appears to have been long-lived. Home Depot estimates that the breach dates to April, 2014. The company did not say when it was finally shut down – though that date could be as late as July. Home Depot has been investigating the incident since it was first disclosed by Brian Krebs at the blog Krebsonsecurity. Krebs was alerted to the incident after large quantities of stolen credit cards began appearing on cyber criminal forums. Sources at […]

Continue Reading

Report: Deep Links Connect Home Depot, Target Hacks

Security reporter Brian Krebs has an intriguing post from Sunday that suggests a link between the massive breach at Target Stores in late 2013 and the recently alleged compromise of systems at home improvement giant Home Depot. Home Depot has yet to acknowledge any theft of customer data from its computer systems. However, according to Krebs, an unnamed “source close to the Home Depot investigation” told him that an analysis of compromised computers at Home Depot revealed that some of the store’s registers were infected with a new variant of BlackPOS, a malicious software program designed to run on Windows-based point of sale (or POS) systems and steal card data when cards are swiped. BlackPOS was found on point-of-sale systems at Target last year.  In March, the security firm Arbor Networks issued a report that cited BlackPOS as one of a number of point of sale system malware families that cyber criminal groups were using heavily: generating new […]

Continue Reading

Hack Tool Authors Deny Link To Celeb Photo Leaks

With some of Hollywood’s biggest stars issuing statements on Monday condemning the leak of personal photographs online, attention has turned to identifying the source of the leaks. But more than 24 hours after the photos appeared, there are more questions than answers about its source. Early attention has focused on an automated tool that exploited an apparent vulnerability in Apple’s FindMyiPhone feature. But by Monday, there were denials from the makers of that tool that it played any role in the massive privacy breach that saw photos of A-list celebrities like Jennifer Lawrence, Kate Upton and others leaked online. Within hours of the photos’ appearance on the image sharing site 4chan, attention shifted to the cause of the leak and the coincidence of the leaked photos with the publication of iBrute, a simple tool available on GitHub in recent days. According to this published report by Owen Williams over at TheNextWeb,  the […]

Continue Reading

Report: AdWords Fraudbot Helps E-Commerce Firms Compete

One of the more interesting stories to come out this week is from Brian Krebs over at Krebsonsecurity.com. Writing on Friday, Krebs used his prodigious knowledge of the cyber underground to profile “GoodGoogle,”  one of a growing number of specialized online fraud services that helps e-commerce firms target competitors by gaming Google’s AdWords feature. As you probably know, AdWords are one of Google’s biggest sources of revenue. They allow companies with products or services to sell to “bid” on words or phrases (like “Internet of Things”). Users who search on those terms will see hyperlinked ads to the right of their search results that link to a site of the advertiser’s choosing. Advertisers pay a premium to own popular (and lucrative) keywords – more than $40 per click for keywords like “loan,” “insurance,” “mortgage” or “attorney” depending on the word and time of day. Typically, advertisers set a certain daily budget […]

Continue Reading

Report: Thieves Can Hack and Disable Your Home Alarm System | WIRED

Wired’s Kim Zetter reports on (independent) reports by two researchers that show how home alarm setups can be hacked remotely, from as far away as 250 yards. The vulnerabilities could allow a malicious actor to suppress alarms or create multiple, false alarms that would render the system unreliable (and really annoying). Zetter profiles the work of Logan Lamb, a security researcher at Oak Hill Ridge National Lab who conducted independent research on  three top brands of home alarm systems made by ADT, Vivint and a third company that asked to remain anonymous. She also cites work by Silvio Cesare, who works for Qualys who studied common home alarm systems sold in Australia, including devices manufactured by Swann, an Australian firm that also sells its systems in the U.S. Both discovered a litany of similar problems, Zetter reports: The systems use radio signals to report when monitored doors and windows are opened, but fail to encrypt or authenticate the signals being […]

Continue Reading
1 16 17 18 19 20 24