data theft

(get it in RSS or Atom)

Home Depot credit card breach: company to "investigate"

Home Depot

Home Depot has responded to reports yesterday that it suffered a credit card breach.

Stolen phone snaps selfie of mystery man who entered wrong PIN

Selfie

Could be the thief, could be an innocent guy who just happened to pick up a stray mobile phone - hard to say! That's why police in Essex, UK, are keen to have a chat with him.

Loyaltybuild attack: 500,000 people may have had credit card details stolen

Loyaltybuild attack: 500,000 potential victims of credit card detail theft

Thousands of people across Europe and, more specifically, in Ireland have had their credit card and personal details stolen after a company which runs reward schemes was hacked.

Contactless payments - researcher intercepts card data from a metre away

Researcher intercepts contactless payment data from a metre away

A University of Surrey researcher created a cheap receiver from off-the-shelf electronics and was able to eavesdrop on contactless card payments at distances of 20-90 centimetres - collecting credit card numbers, expiry dates, and cardholder names. This despite the fact that one of the main security features of contactless cards is a requirement not to transfer payment data in excess of 10cm from a reader.

Monday review - the hot 17 stories of the week

Monday review

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

But did she STEAL the iPhone? App takes photo of woman trying to unlock it

Stolen iPhone snaps photo of woman who tries to unlock it

A woman who tried to unlock a stolen iPhone unwittingly took her own photo. An application on the phone then automatically sent the photo to the owner, who called the police.

It's a good reminder that there are tools out there, either free or darn close to it, that can track your stolen or lost smartphone.

Hard-coded password found in Samsung printers, security fix planned

Samsung printers come with hard-coded password

Companies using Samsung and Dell-branded printers are being warned that a hard coded administrative account could allow remote attackers to take control of their device, according to an alert from the US Computer Emergency Readiness Team (CERT).

Monday review: the hot 20 stories of the week

Monday review: the hot 20 stories of the week

It's weekly roundup time - here's everything we published in the last seven days.

Mobile phone theft on the rise - here's how to protect your data for free

Mobile phone theft on the rise - here's how to protect your data for free

Research released today has revealed that the theft of mobile phones is on the rise.

This isn't just about losing an expensive phone - there's also the threat of losing your data and money.

Learn how to better protect your phone.

Trojan horse designed to steal your photos

Trojan horse designed to steal your photos

A new Trojan is on the scene designed to steal your images and memory dumps. Are the thieves digging for dirt or stealing state secrets?

IP theft attacks can hide on networks for years, unspotted by corporate victims, report claims

IP theft attacks can hide on networks for years, without the knowledge of corporate victims, report claims

Organizations in the financial services and public administration sectors are the primary targets of sophisticated attacks aimed at stealing intellectual property, with attacks involving both external and internal agents and lasting for months or years, according to a new report from Verizon.

Proof of concept Android malware creates 3D maps of your home

phone in pocket_thumb

Researchers have created a malicious mobile phone application that uses phone and other sensors to create 3D visual maps of the owner’s home and other spaces.

Anonymous didn't steal from the FBI after all - new conspiracy theories needed!

Anonymous didn't steal from the FBI after all - new conspiracy theories needed!

A techie named David Schuetz has done something so obvious, so simple, and so tellingly useful, that I'm going to go all out and call it a stroke of genius.

He found the source of the "Anonymous FBI leak", and forced us all to find a whole new raft of conspiracy theories to go along with it...

Phishing without a webpage - researcher reveals how a link *itself* can be malicious

Phish without a web page? Yes you can!

Can you phish without a phishing page? Research by a student at the University of Oslo in Norway finds that, with the help of a trusty URI, ‘Yes, you can.’

Serco reports 123,000 US government employees' personal information stolen

Serco reports 123,000 US government employees' personal information stolen

Serco, a large international government services provider, disclosed a compromise of its systems that may have led to 123,000 people's Social Security Numbers and other sensitive details to be in the hands of criminals. A rather unusual way to celebrate Memorial Day for our dedicated government workers, postal workers and military.

Targeted attacks steal credit cards from hospitality and educational institutions

Detail of a four stars hotel with reflection

SophosLabs has been tracking an increase in targeted attacks focused on hospitality and education organizations. The malware steals credit card data directly from memory for later retrieval by the criminals involved.

Juicejacking - an emergency phone charge can be a security risk

prohibition-square

You've heard of hijacking. And carjacking, truckjacking and shipjacking. You've probably also heard of sidejacking, sheepjacking and clickjacking.

That's nothing. Here comes juicejacking!

SSCC 59 - bin Laden, Sony, LastPass, Patch Tuesday and Mac malware

Sophos Security Chet Chat 41

This week's Chet Chat guest is Richard Wang. Richard and Chester spoke about Sony, bin Laden scams, LastPass, the upcoming Patch Tuesday and the recent rise in Apple Mac malware.

Sony admits breach larger than originally thought, 24.5 million SOE users also affected

DataTheft245

Sony disclosed today that the breach two weeks ago affects an additional 24.5 million users of its Sony Online Entertainment division. They have shut down the service until further notice and continue to investigate the thefts.