Saturday, October 17, 2009

SNL At 35 -- Sold Out

SNL has sold out -- and they should be ashamed.

I won't be watching SNL any more.

Another great American Institution destroyed.

- ferg

PayChoice Suffers Another Data Breach

Brian Krebs writes on Security Fix:

Payroll services provider PayChoice took its Web-based service offline for the second time in a month on Wednesday in response to yet another data breach caused by hackers.

Moorestown, N.J. based PayChoice, provides direct payroll processing services and licenses its online employee payroll management product to at least 240 other payroll processing firms, serving 125,000 organizations. On Thursday morning, the company sent a notice to its customers saying it had once again closed onlineemployer.com - the portal for PayChoice's online payroll service -- this time after some clients began noticing bogus employees being added to their payroll.

"After investigation, we determined that valid user credentials for an Online Employer user were used in an unauthorized manner to add these fictitious employees in an attempt to have payments made to fraudulent bank accounts," the company said in an e-mail alert to their clients sent Thursday.

More here.

ZeuS Turns Smash & Grab Into Grab & Smash

Brian Krebs writes on Security Fix:

Imagine being in charge of your organization's finances, and learning from your bank one morning that thieves had stolen tens of thousands of dollars from company coffers overnight using your online banking credentials. Now imagine your frustration when you go to log in to your PC to assess the damage, only to find that the computer you typically use to access the account has been kneecapped by the bad guys.

This is precisely what happened to Kathy Dake, office manager for St. Isidore Catholic Church in Danville, Calif. Dake had infected her PC with the Zeus Trojan after opening a malicious e-mail disguised as notice from the IRS about "unreported income".

The thieves used Zeus to steal the credentials Dake uses to administer the church's bank account, and a week ago Friday she came in to work to find her computer would not boot up; Windows complained that key files had been corrupted. That same day, she also found out from her bank that in the wee hours of the morning someone had tried to transfer $87,000 out of St. Isidore's account. The attackers had instructed the bank to send the funds to more than a half dozen money mules, willing or unwitting accomplices across the country hired through work-at-home job scams.

More here.

North Korea Hacks South Korean Military Networks

Via Stuff.co.nz.

A North Korea cyber warfare unit hacked into a South Korean military command earlier this year and stole some 2,000 national secrets, including information on toxic chemical makers, a news report said.

The North Korean unit hacked the army command in March and obtained its password for a database on how to respond to chemical accidents, Chosun Ilbo newspaper reported.

The report said the National Institute of Environmental Research, which set up the database, cut off its internet link to the army command a day after the attack after being tipped off by South Korea's spy agency.

The state-run research agency said some 2,000 secrets, including information on about 700 local toxic chemical manufacturers, appeared to have been leaked, according to the newspaper.

The newspaper cited the November edition of its sister company's magazine, Monthly Chosun, noting the magazine obtained the information from the prime minister's office.

South Korea's spy agency, the National Intelligence Service, declined to comment, citing national security reasons. Calls to the prime minister's office, the Defense Ministry and the National Institute of Environmental Research seeking comment went unanswered Saturday.

More here.

Monday, October 12, 2009

Programming Note: Seattle-Redmond

Seattle Skyline

I'll be in Seattle (actually at Microsoft in Redmond) all week attending the Digital Crimes Consortium (DCC 2009) meeting, so posts to the blog will be few-to-non-existent all week. Apologies.

Blog posts should get back to normal by this weekend hopefully.

Cheers!

- ferg