Nov 29 2014

Black Friday, Cyber Monday for Crooks, Too!

Underground cybercrime shops that sell credit and debit card accounts stolen from retailers are slashing prices and promoting their own Black Friday and Cyber Monday sales as fraudsters gear up for the busy holiday shopping season.

Card data stolen from main street retailers, a.k.a. “dumps,” is sold to crooks who encode the numbers onto new plastic and go shopping for high-priced electronics and gift cards at big box stores. Other shops sell mainly stolen card numbers, expiration dates and card security codes that can only be used to shop at online retailers.

Have a look at the slide show below, which features multiple advertisements pushed out by some of the most bustling crime shops competing for buyers with discounts and promotions. You might have to scroll down a bit to see the slideshow. Advance the slides by hovering over the right edge of the image and clicking the arrow that appears.

It’s nearly impossible for consumers to tell how secure a main street or online merchant is, so it’s best just to shop as if they’re all compromised. That is, if you have the choice between using a credit or debit card, shop with your credit card.

Sure, the card associations and your bank will be quick to point out that you’re not liable for fraudulent charges that you report in a timely manner, but this assurance rings hollow for many who find their checking accounts emptied by card thieves after shopping at a breached merchant with a debit card. Who pays for the fees levied against you by different merchants when your checks bounce? You do. Does the bank reimburse you when your credit score takes a ding because your mortgage or car payment was late? Don’t hold your breath.

Also, if you’re shopping online this holiday season, be wary of phantom stores. If you don’t know much about the seller that has the item you want to buy, take a few minutes to investigate its online reputation. It’s not uncommon for bargain basement, phantom Web sites to materialize during the holiday season and vanish forever not long afterward. If you’re buying merchandise from an online store that is brand new, the risk that you will get scammed increases significantly. But how do you know the lifespan of a site selling that must-have gadget at the lowest price? One easy way to get a quick idea is to run a basic WHOIS search on the site’s domain name. The more recent the site’s “creation date,” the more likely it is a phantom store.

Be careful what you agree to: Check to make sure you know how long the item will take to be shipped, and that you understand the store’s return policies. Also, keep an eye out for hidden surcharges, and be wary of blithely clicking “ok” during the checkout process.

Nov 28 2014

isowall – Completely Isolate A Device From The Local Network

Isowall is a mini-firewall that allows you to completely isolate a device from the local network. This is for allowing infected machines Internet access, but without endangering the local network. Building This project depends upon libpcap, and of course a C compiler. On Debian, the following should work: [crayon-5478cd87c8802324409098/] This will...

Read the full post at darknet.org.uk
Nov 27 2014

Bitcoin Not That Anonymous Afterall

One of the big advantages touted by Bitcoin (and other cryptocurrencies) was always the anonymity of the transactions, yes you can track a wallet address and see the transaction history. But there’s no real way to link that wallet address to a real person (so we thought). I mean other than any leaky fiat exchange [...] The post Bitcoin Not...

Read the full post at darknet.org.uk
Nov 26 2014

Sony Pictures hackers release list of stolen corporate files

On Monday, employees at Sony Pictures Entertainment—the television and movie subsidiary of Sony Corp.—discovered that their internal corporate network had been hijacked. A message from an individual or group claiming responsibility appeared on corporate systems, pledging to release sensitive corporate data taken from the network by 11pm GMT on Monday.

Twitter accounts associated with promoting several movies, including Starship Troopers, were briefly hijacked by the attackers. The attackers posted to at least three Twitter feeds, leaving the same message: “You, the criminals including [Sony Pictures CEO] Michael Lynton will surely go to hell. Nobody can help you.” The image posted with the message shows a digitally edited image of Lynton’s head in a dark, hellish landscape.

As of this morning, the network at many Sony offices still appears to be down. Based on information reportedly shared by employees, it could be down for weeks before being restored. The Twitter accounts appear to be back under Sony Pictures’ control.

Read 5 remaining paragraphs | Comments