Amtrak employee sold customer data to DEA for two decades

A former Amtrak employee has been giving passenger information to the Drug Enforcement Administration in exchange for money for nearly two decades, according to reports from the Whittier Daily News. A total of over $854,460 changed hands over the last 20 years, despite the fact that information relevant to the DEA's work could have been obtained from Amtrak for free.

The employee, described as a "secretary to a train and engine crew" in a summary obtained by the AP, was selling the customer data with Amtrak's approval. Amtrak and other transportation companies collect information from their customers including credit card numbers, travel itineraries, emergency contact info, passport numbers, and dates of birth. When booking tickets online in recent years, Amtrak has also collected phone numbers and e-mail addresses.

The Whittier Daily News points out that Amtrak's corporate privacy policy allows the company to share this information with "certain trustworthy business partners," however, the secretary's actions didn't happen under this sanction.

Read 2 remaining paragraphs | Comments

Espionage programs linked to spying on former Soviet targets

A one-two combination of malware programs has infiltrated the embassies and government systems of a number of former Eastern Bloc nations as well as European targets, according to a technical analysis by security researchers.

Using exploits and malicious downloads delivered through phishing attacks or on compromised websites, attackers first infect a system with a program, known as Wipbot, according to an analysis posted by security firm Symantec on Friday. The program conducts initial reconnaissance, collecting system information and only compromising systems that correspond with a specific Internet address. After the target is verified, a second program—alternatively known as Turla, Uroburos, and Snake—is downloaded to further compromise the system, steal data, and exfiltrate information camouflaged as browser requests.

The one-two combination has all the hallmarks of a nation-state intelligence gathering operation targeting the embassies of former Eastern Bloc countries in Europe, China, and Jordan, according to Symantec.

Read 8 remaining paragraphs | Comments

XML Quadratic Blowup Attack Blows Up WordPress & Drupal

This was a pretty interesting piece of news for me last week as I was actually affected by it (I think?). It’s an XML Quadratic Blowup Attack that affects both WordPress and Drupal and is quite serious as rather than just crashing the software, it can take down the whole server. It didn’t completely take [...] The post XML Quadratic...

Read the full post at darknet.org.uk