Police: ATM heist syndicate used computer virus to steal money

http://m.themalaymailonline.com/malaysia/article/police-atm-heist-syndicate-used-computer-virus-to-steal-money

Excerpt:

“In a related development, Petaling Jaya police chief, ACP Azmi Abu Kassim said five police reports had been lodged on such hacking of ATMs around Petaling Jaya. The ATMs were located at Jalan Yong Shook Lin, Petaling Jaya (Affin Bank, losses of RM303,000); Dataran Sunway (Al-Rajhi Bank, RM285,700); Seksyen 14, Petaling Jaya (Bank Islam, RM395,850); Kota Damansara (Bank Islam, RM221,160) and Kelana Jaya (Al-Rajhi) where the full amount lost has yet to be ascertained.”

 


Another 3 ATMs hacked in KL and Malacca, brings total to 17

 

Nicholas Cheng

http://www.thestar.com.my/News/Nation/2014/09/30/ATM-hack-3-more-KL-malacca/

Excerpt:

“The automated teller machine (ATM) hacking blitz continues with three more banks reporting losses to Latin American gangs on Tuesday evening. In the capital, the latest casualty was the United Overseas Bank (UOB) branch in Jalan Imbi, which reported a loss of RM92,900.”

 


No Affin Bank customer accounts compromised by ATM hacks, says ABM

 

Nicholas Cheng

http://www.thestar.com.my/News/Nation/2014/09/30/Customer-accounts-not-compromised-ATM-ABM/

Excerpt:

“No customer account balances were compromised during the spate of automated teller machine (ATM) hacks in Affin Bank over the weekend, said the Association of Banks Malaysia (ABM).”

 


ATM hackers hit six Affin Bank outlets for RM1.3m

 

http://www.themalaymailonline.com/malaysia/article/atm-hackers-hit-six-affin-bank-outlets-for-rm1.3m

Excerpt:

“A total of RM1.271 million has been stolen from six automated teller machines (ATMs) belonging to Affin Bank Berhad and Affin Islamic Bank Berhad in Johor, Melaka and Selangor, Affin Bank said in a statement today.”

 

 


15 ATMs hacked in three days

 

M. Kumar, Nicholas Cheng, Nadirah H. Rodzi, And Natasha Joibi

http://www.thestar.com.my/News/Nation/2014/09/29/hackers-target-seven-klang-valley-atms-on-monday/

Excerpt:

“Five district police chiefs were kept busy on Monday as the hotlines rang off the hook with calls from bank managers over the hacking of automated teller machines.”

 


ATM hacking: Banks urged to take immediate action to secure ATMs

 

http://www.nst.com.my/node/38391

Excerpt:

“All banks nationwide have been urged to immediately inspect and secure automated teller machines (ATM) to curb hacking of such machines.”

 


FBI opens Malware Investigator portal to industry

 

Darren Pauli

http://www.theregister.co.uk/2014/09/30/fbi_opens_malware_investigator_portal_to_industry/

Excerpt:

“The Federal Bureau of Investigations has released a formerly in-house malware-analysing portal to help speed up incident responses and help industry and law enforcement with investigations.”

 


US Banks Get Serious on Security Information Sharing

 

Phil Muncaster

http://www.infosecurity-magazine.com/news/us-banks-serious-security/

Excerpt:

“The US financial services industry is finally getting tough on cybercrime, with the announcement of a new body to be tasked with developing threat intelligence products.”

 


Laos Joins Southeast Asian Neighbors in Imposing Stricter Internet Controls

 

Mong Palatino

https://advocacy.globalvoicesonline.org/2014/09/28/laos-joins-southeast-asian-neighbors-in-imposing-stricter-internet-controls/

Excerpt:

“Laos Prime Minister Thongsing Thammavong has signed a new decree imposing stricter Internet control in the country. Signed last September 16, 2014, the new regulation promotes responsible and “constructive” use of the Internet among Lao netizens.”

 


Malvertising attack techniques dissected

 

http://www.net-security.org/malware_news.php?id=2871

Excerpt:

“At Virus Bulletin 2014, Bromium presented a research report that highlights the severe risk of malicious ad networks infecting end users. This research provides a real-world study of malvertising captured on YouTube, Yahoo and several top Alexa sites to demonstrate how obfuscated JavaScript delivers malicious code through Flash ads.”

 


UK employees targeted with fake policy violation emails

 

http://www.net-security.org/malware_news.php?id=2870

Excerpt:

“A new cyber-crime attack has been tricking SMB employees in the UK into downloading Trojans by accusing them of violating company policy.”

 


FBI warns of malicious insider threats increase

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17412

Excerpt:

“The FBI and DHS have issued a warning to businesses about the increase in security incidents involving malicious insiders (current or former employees, contractors, or other business partners).”

 


The Internet Braces for the Crazy Shellshock Worm

 

Robert McMillan

http://www.wired.com/2014/09/internet-braces-crazy-shellshock-worm/

Excerpt:

“A nasty bug in many of the world’s Linux and Unix operating systems could allow malicious hackers to create a computer worm that wreaks havoc on machines across the globe, security experts say.”

 


Tinba Trojan targets major US banks

 

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2868

Excerpt:

“Tinba, the tiny (20 KB) banking malware with man-in-the-browser and network traffic sniffing capabilities, is back.”

 


Hacker publishes tech support phone scammer slammer

 

Darren Pauli

http://www.theregister.co.uk/2014/09/12/phone_scammer_slammer/

Excerpt:

“Security pro Matthew Weeks has released a Metasploit module that can take over computers running the Ammyy Admin remote control software popular among "Hi this is Microsoft, there's a problem with your computer" tech support scammers.”

 


U.K. man, who obtained bank details of 28K, pleads guilty to blackmail

 

Danielle Walker

http://www.scmagazine.com/uk-man-who-obtained-bank-details-of-28k-pleads-guilty-to-blackmail/article/370856/

Excerpt:

“A U.K. man, Lewys Martin, pleaded guilty in London last week to blackmail, possession of articles for use in fraud and possession of indecent images of children, a report from a Bitcoin news site CoinTelegraph.com revealed.”

 


How to Keep Fraud Threats From Ruining Your Mobile Banking

 

Brian O'Connell

http://www.thestreet.com/story/12862081/1/how-to-keep-fraud-threats-from-ruining-your-mobile-banking.html

Excerpt:

“With 28% of U.S. adults using their smartphones and tablets to conduct banking transactions and 60% calling access to mobile banking either "important" or "very important" in choosing banks, according to AlixPartners, there's a growing risk of consumer financial fraud.”

 


16-31 August 2014 Cyber Attacks Timeline

 

Paolo Passeri

http://hackmageddon.com/2014/09/01/16-31-august-2014-cyber-attacks-timeline/

Excerpt:

“August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month”

 


160,000 new malware samples appear each day

 

http://www.net-security.org/malware_news.php?id=2855

Excerpt:

“Malware is still being created at the record levels reached in the previous quarter: 15 million new samples were generated, at an average rate of 160,000 every day, according to Panda Security.”

 


Hundreds of Android Applications Risk Eavesdropping Due to Lapse in Validating X.509 SSL Certificates

 

Lucian Ciolacu

http://www.hotforsecurity.com/blog/hundreds-of-android-applications-risk-eavesdropping-due-to-lapse-in-validating-x-509-ssl-certificates-10085.html

Excerpt:

“Hundreds of Android applications are vulnerable to man-in-the-middle (MitM) attacks due to their failure to properly validate X.509 SSL certificates, according to the Carnegie Mellon University CERT.”

 


Malicious and risky apps on Android and iOS

 

Mirko Zorz

http://www.net-security.org/article.php?id=2119

Excerpt:

“Knowingly or unknowingly to the user, some apps can collect GPS data, grab your contact information, your phone ID, email address, etc. In this podcast recorded at Black Hat USA 2014, Mike Raggo, Security Evangelist at MobileIron, talks about the risky behavior of certain apps downloaded from Google Play or the App Store.”

 


Home Depot breached, carders selling stolen payment card info

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17323

Excerpt:

“The Home Depot, a popular American home improvement and construction retailer that boasts of 2,200 stores in the US and 287 abroad, has apparently suffered a data breach that compromised customer credit cards.”

 


Semalt botnet hijacked nearly 300k computers

 

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2857

Excerpt:

“The “Semalt" botnet is quickly spreading across the Internet, Incapsula researchers warn. The botnet is named after a Ukrainian startup that poses as a legitimate online SEO service, and it currently numbers around 290,000 malware infected machines that continually spam millions of websites in a large-scale, referrer spam campaign.”

 


Namecheap accounts brute-forced by CyberVor gang?

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17318

Excerpt:

“California-based domain registrar and web hosting firm Namecheap has been targeted by hackers, the company's VP of hosting Matt Russell warned on Monday, and said that the attackers are using username and password data gathered from third party sites to brute-force their way into their customers' accounts.”