USB Thief Infects ‘Air-gapped’ Computers And Leaves No Trace

Posted on March 27, 2016 by Gareth Andrews

Malware (short for malicious software) is a type of program that is intended to cause harm to a system, be it in the form of ransomware, like that which has hit several hospitals in the US, or just you generic popup creating malware. A new malware named USB Thief, looks to break the chain of common threats by hiding itself and infecting systems even when they aren’t connected to the internet.

The internet is a wonderful thing but the problem with everyone being able to share and talk to one another is that sending something nasty is as easy as clicking a button (or in some cases, the software even does this for you). USB Thief avoids this by working on USB sticks, the very same ones you use to send information to and from your computer to your parents or even your friends.

The software hides by only executing under a certain set of rules, that is using a key created from the original USB drive it was created for. Even when it does spread it uses a unique key created using the ID of the USB stick and the time, meaning that traditional attempts to copy and discover the malware fail when suddenly it has unknown hardware in the mix.

Not only does it mean it won’t always execute, breaking the common rule of repeated behaviour is traceable behaviour, but it doesn’t leave any evidence on the infected computer, meaning your data could be stolen and you wouldn’t even know it. USB Thief lives up to the second part of its name, with it at the moment only working to steal data, but Tomáš Gardoň, a malware analyst with antivirus provider Ese says that “it would not be difficult to redesign the malware to change from a data-stealing payload to any other malicious payload”.

By avoiding the internet and focusing on the more traditional method of using USB drives, the virus is able to infect systems similar to how Stuxnet worked, enabling it to infect ‘air-gapped’ system (those which aren’t connected to the internet). With the USB lock in place, only the original USB created by its designers can infect systems, meaning if you didn’t create the original you won’t be able to use it.

If that wasn’t enough the USB Thief’s developer seems to have done its homework as it only runs as part of a command from portable versions of legitimate applications like Notepad++ and Firefox. If you’re running Kaspersky Lab or G Data though you should be okay as the malware won’t install itself on your system, a feature that was no doubt down to results from some initial testing.

IRS Hacked By The Same Issue They Were Protecting People From

Posted on March 4, 2016 by Gareth Andrews

Last year the US Internal Revenue System revealed that they had been hacked. At first they said that up to 100,000 people were affected by the hack, only to then bump that up to 334, 000 in August. The latest figures put that closer to 724,000 and set to only get worse as it seems they have been hacked yet again.

When filing a tax return you are now required to provide the “Identity protection PIN” that you are given by the IRS. These are specific codes given to people to place on tax returns, failure to do so invalidates the tax return and the IRS will reject it. Sounds like a good idea doesn’t it? So what happens when the IRS’s record of these secret PIN’s are hacked?

Becky Wittrock, an accountant in South Dakota, went to file her tax return this year only to find that the pin had already been used to file a “large refund request” more than three weeks prior. How did the hackers get access to the PIN? Seems that if you lose your PIN you can retrieve it by logging into the IRS website. Seems this is where the problem lies, as the technology used to secure this login process is the same technology that was breached last year.

That’s right, in order to protect people from a hack the IRS used the same technology that was breached by that hack. In order to retrieve your PIN you were asked questions (known as KBA or knowledge-based authentication) such as “on which of the following streets have you lived?” and other multiple choice questions, a system that allowed a hacker to answer the questions correctly.

Seems like a big mistake for the IRS to make, costing both the government and hard working people time, money and stress because they didn’t check that their fix didn’t use the very thing that got them into trouble in the first place.

Bohemia Interactive Confirms DayZ Forum Hacked

Posted on February 5, 2016 by Gareth Andrews

DayZ see’s players fight off and survive in a harsh apocalyptic world where zombies are the second most dangerous thing, only after the other players that want all your stuff. Seems someone took that one step further and have taken people’s login details for the DayZ forums.

With reports that it was hacked as early as last week, Bohemia Interactive (the creators of the standalone game, based on the popular mod) have sent an email round to their forum members stating the extent of the hack and the details that were obtained during the hack.

Greetings,

A security incident occurred on forums.dayzgame.com recently. According to our investigation all usernames, emails and passwords from forums.dayzgame.com were accessed and downloaded by hackers.

While the passwords were not stored in plain text, but in a more secure form, it is highly recommended that if you have used the same password elsewhere you change it immediately on all applicable websites and services.

We would like to apologize for the inconvenience caused, and share with you one of the major changes planned in order to mitigate similar risks in the future. We will be replacing the IPBoards login system with Bohemia Account within the next two weeks. As Bohemia Account is a separate custom-built service currently used by Bohemia Interactive Forums and Store, it offers much better security and its use should prevent similar incidents going forward.

We ask for your patience over the next few days and weeks as we implement this and other security overhauls, as there are likely to be service interruptions and forum unavailability from time to time. In particular, the forums will be down until migration to the Bohemia Account is complete. We will keep you up to date on vital info and scheduled down-time on the site itself and via our Twitter.

Yours sincerely,

Bohemia Interactive

While everything from usernames and emails was taken, the passwords were luckily encrypted in some way. We highly recommend that you change your password for the DayZ forum and any other sites or services that you use that password for (recommended that everything has a unique password in future, helps prevent breaches like this affecting other accounts).

While hacks are becoming more and more common, sites like these need to respond quicker and alert their users as soon as they detect the hack, a whole week is a lot of time to have access to people’s emails and social media accounts (all of which could be done using your email and potentially your password).

77,000 Steam Accounts “Hijacked” Each Month

Posted on December 10, 2015 by John Williamson

The rise of Steam’s digital distribution store is almost indescribable and way beyond Valve’s most optimistic expectations. Some users have even argued Valve saved PC gaming from the depths of despair and made it a popular platform. However, I’m not entirely convinced by this argument and believe the PC would have a strong foothold in the market with or without Valve’s assistance. On the other hand, Valve have done wonders for the PC gaming market and while Steam is far from perfect, it’s a wonderful invention which keeps your entirely game library in one client. A byproduct of this success, is the amount of cyber criminals targeting user accounts. More specifically, Valve’s introduction of the community market with tradable items makes Steam accounts a valuable proposition.

In a blog post, Valve addressed the security concerns and outlined their plans to tackle stolen community items:

“Account theft has been around since Steam began, but with the introduction of Steam Trading, the problem has increased twenty-fold as the number one complaint from our users. Having your account stolen, and your items traded away, is a terrible experience, and we hated that it was becoming more common for our customers.”

“Once an account was compromised, the items would be quickly cleaned out. They’d then be traded again and again, eventually being sold to an innocent user. Looking at their account activity, it wasn’t too hard to figure out what happened, but undoing it was harder because we don’t want to take things away from innocent users. We decided to err on the side of protecting them: we left the stolen goods, and we created duplicates on the original compromised account to replace them. We were fully aware of the tradeoff here. Duplicating the stolen items devalues all the other equivalent items in the economy. This might be fairly minor for common items, but for rare items this had the potential to significantly increase the number in existence.”

“First, enough money now moves around the system that stealing virtual Steam goods has become a real business for skilled hackers. Second, practically every active Steam account is now involved in the economy, via items or trading cards, with enough value to be worth a hacker’s time. Essentially all Steam accounts are now targets.”

“What used to be a handful of hackers is now a highly effective, organized network, in the business of stealing and selling items. It would be easier for them to go after the users who don’t understand how to stay secure online, but the prevalence of items make it worthwhile to target everyone. We see around 77,000 accounts hijacked and pillaged each month. These are not new or naïve users; these are professional CS:GO players, reddit contributors, item traders, etc.”

This is clearly becoming a massive problem for Valve, and it’s quite difficult to trace the individuals in question. The emergence of two-factor authentication should help matters but this relies on the end-user setting up enhanced security. Perhaps in time, Valve will enforce this measure and make it mandatory. Although, some users might feel this is a little too heavy-handed.

Fallout 4 Pirate Learns Expensive Lesson as Bitcoins Go Missing

Posted on December 7, 2015 by Bohs Hansen

You should never pirate games or software in general, that is something that we all know. There are those who can’t resist that temptation now and the, but it can end very badly and end up costing you a lot more than just purchasing the game straight away. That was a lesson that was learned by Redditor arkanoah as he discovered that 4.88 BitCoin went missing from his wallet.

He took his problem to Reddit in order to try to figure out where his missing BitCoin were and how they got missing. Other Redditors were quick to notice the time of disappearance, November 11th, which coincides with the time that Fallout 4 was released. Asking the question if he had pirated that or another game was answered with yes and that’s most likely the way his BitCoin were stolen.

Cracked software is risky to download as it often contains malware in one form or another and it is the most likely scenario that this is the way that the 4.88 BitCoin went missing. The user originally scanned his download with antivirus software and later the system with Malwarebytes and GMER which both returned zero infections. So whether the attacker cleaned his tracks after downloading and cracking arkanoah’s BitCoin wallet or the mechanism used is so sophisticated that it isn’t being detected is up to everyone’s own guess, we most likely won’t find out. It is however most likely that the perpetrator cleaned his tracks before leaving the victim’s computer.

At the time, the 4.88 BitCoin were worth $1773, quite a bit more than the game would have cost him on Steam or other platforms. Lesson learned, I hope.

Vodafone Customer Bank Details Accessed in Hack

Posted on November 1, 2015 by John Williamson

Just over a week ago, TalkTalk’s website fell victim to a cyber-attack and revelations have emerged regarding the company’s poor security infrastructure. It seems these attacks are becoming more prevalent as today, Vodafone admitted a data breach involving 1827 customers’ personal information. This include their bank details and telephone number. A spokesperson from Vodaphone confirmed the attack, and reaffirmed that it wasn’t due to their security measures:

“This incident was driven by criminals using email addresses and passwords acquired from an unknown source external to Vodafone. Vodafone’s systems were not compromised or breached in any way.”

“Whilst our security protocols were fundamentally effective, we know that 1,827 customers have had their accounts accessed, potentially giving the criminals involved the customer’s name, their mobile telephone number, their bank sort code, the last four digits of their bank account,”

“Our investigation and mitigating actions have meant that only a handful of customers have been subject to any attempts to use this data for fraudulent activity on their Vodafone accounts.”

A number of sources on Twitter have suggested the attack came from The Dark Web:

Vodafone says seen attempts to access 1,827 customers accounts after data theft – but says data came from dark web, no breach of its systems

— Rory Cellan-Jones (@ruskin147) October 31, 2015

The spokesperson went on to discuss the data loss’ ramifications and said:

“However, this information does leave these 1,827 customers open to fraud and might also leave them open to phishing attempts,”

“These customers’ accounts have been blocked and affected customers are being contacted directly to assist them with changing their account details.”

I do find Vodafone’s excuse to be fairly laughable and they have to take responsibility for the data loss. Professionals aren’t going to hack a major network without some form of protection and will make it difficult to trace. The information gathered is more than enough to cause chaos in terms of a person’s bank balance and can be used to help find other details like an email address.

Arrested And Robbed All In One Night – All Streamed On Twitch

Posted on October 8, 2015 by Gareth Andrews

Live streaming is a big thing these days, with anybody being able to put on a camera, share their screen and show the world everything from their video games to board game parties. Sadly the opportunity to watch others from anywhere in the world has led to some rather nasty situations, one of these is the action known as ‘Swatting’. Swatting involves someone watching a live stream, and through various technological means, finding out the address of the streamer. With the address, they ring the police and often fabricate a situation where someone’s life is in danger and so the police act on the information they have and dispatch SWAT (special weapons and tactics) to the scene to help solve the situation. Normally they are still live streaming when the police burst through their doors, causing distress to everyone bar the caller.

Recently though this was not the case as during a live stream by Mr_13ig who was asked by a policeman to keep the volume down and for his details. After refusing to provide his details, he noticed one of his neighbours walk past and informed the officer that he was feeling harassed because his neighbour was taking photos of him. As the video continues the policemen arrests him for the noise complaint and his behaviour, only to then have two minutes later another crime happen in the apartment.

The neighbour who had walked past earlier, while being filmed by the live stream not only entered the apartment and took several items from the room, but then returned to take even more stuff, all the while seemingly oblivious to the fact that he was being recorded all the time.

You can watch the video here, and you’ll be glad to know that the neighbour who stole from the apartment has been charged with burglary thanks to the viewers ringing and informing the police about the crime.

Image courtesy of Twitch.

US Cop Creates Gadget to Snoop out Stolen Gadgets

Posted on September 11, 2015 by Bohs Hansen

When we hear the phrase “US cop”, most of us probably think of a big guy hanging out in his police cruiser while stuffing his face with donuts and reading a boulevard magazine; we can thank Hollywood for that image. It is probably true that there are some of those too, but there are also some really bright people in the force.

An Iowa City police officer named David Schwindt has now invented a little USB gadget that can detect stolen gadgets by their Wi-Fi signals MAC address. The whole thing is rather simple and that is probably the beauty here. By using basic methods of publicly available data and comparing it with a database of stolen items, he’s able to not only detect that they are in range, but also in what direction they are located.

Officer Schwindt rigged a USB thumb drive with an antenna and cooked up his own software for it. Once connected to his squad car’s laptop, it is able to sniff out media access control addresses (MAC) within range and compare them to a database of stolen items.

MAC addresses are often called a burned-in address (BIA), an ethernet hardware address (EHA), or simply a “physical” address, because they are literally assigned (by the IEEE) and stamped into your network card by the company that manufactured your hardware.

Now, we all know that MAC addresses can be spoofed and often are for legitimate purposes as well as illegal. However, most people don’t think of that on their mobile gadgets as much as they do on PCs, and the L8NT gadget, as the author dubbed it, will most likely be highly effective.

The device has a range of 300 feet and a directional antenna can be attached to pinpoint specific devices located. The tool won’t be used to find the occasional stolen iPod or laptop and it won’t give the police access to personal or private information such as many other surveillance tools. It is more designed to find devices from larger series of break-ins and more bring down organized criminals that work in this field.

There will no doubt be cases where the officer’s L8NT system won’t work, but David Schwindt still has big plans for his device. It was developed as a proof of concept and he already got a provisional patent on the device and he is planning to apply for a full patent shortly.

Thank You Naked Security for providing us with this information

Hackers Post 10GB Stolen Data as Ashley Madison Stays Online

Posted on August 19, 2015 by Bohs Hansen

It has been a while since hackers attacked the online cheating site Ashley Madison where the hackers claimed that they had downloaded pretty much all relevant information about the users from the site. For those who don’t know it, Ashley Madison is an online dating site specifically designed and advertised to married people who want to cheat on their partner. A pure disgrace in my book that a site like that is allowed to stay online, but that is beside the point right now.

The hackers wanted the site to shut down and threatened to release the user data if that didn’t happen. The site didn’t give in to the blackmail as it looks to be a very lucrative operation, even though they’ve exposed for having 90-95% male profiles and most female profiles being faked by the company. I don’t think that women cheat less than men, perhaps they’re smarter about it.

Now the hackers have made good on their promise and released 10GB stolen data that includes not only usernames and emails, but also appears to contain credit card information to pay for the membership as well as many other personal information. While the site doesn’t verify the profiles in any way and it is possible to create fake profiles with any email you wish, it’s still scary how many government email addresses were found in the database.

Avid Life Media, the company behind Ashley Madison, condemned the release of the data with a statement: “This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world.”

All the information has been posted to the “Dark Web” that only can be accessed through the Tor browser. It will be interesting to see what new dirt will show up as experts dig through the data and decrypt the parts that were secured.

Thank You Wired for providing us with this information

Can’t Find Your Android Phone? Just Search for It in Your Browser!

Posted on April 17, 2015 by Gabriel Roşu

The ‘Find My Phone’ features nowadays are a great way to find you phone if you’ve lost it or had it stolen. You can just go to the manufacturer’s website, log into your account and start snooping around for your phone on a map. You can also lock it or even erase data if you think sensitive information might leak into the wrong hands.

However, the whole process still takes a bit of time. First of all, you need to go to the actual website, find where their ‘Find My Phone’ feature actually is on the website (provided you haven’t used it before) and after all of that you can start searching for it.

Google appears to have simplified the process for Android users according to a Google+ post, having its security feature integrated in its search engine. What this means is that Android users can simply type “Find My Phone” in Google and have it automatically displayed on a map in an instant.

“We’ve all been there — you’ve searched under your car seat, tossed around the sofa cushions and you still can’t find your phone. If you know where your computer is, you can now ask Google to find your Android phone from your desktop. If the pesky phone is hiding nearby, Google can ring it for you — or you can see it on the map if you, say, forgot it at the bar. Just make sure you’ve got the latest version of the Google app!”

Google also had its Android Device Manager available to track your phone, but the same process as other companies described above was implied. So is it better to have it linked to the search engine? Will people actually use Google Search to find their phone?

Whether the feature is a godsend or a nice way to violate your privacy by having other people track you through Google by forgetting to log out of your account on a PC, it remains to be seen.

Image courtesy of Google

Thousands of Uber Accounts Are Said to Be Selling on the Dark Web

Posted on March 29, 2015 by Gabriel Roşu

At least two vendors on the dark web marketplace named AlphaBay are allegedly selling Uber accounts. The accounts are said to let buyers order trips using whatever payment method attached to the accounts, while also providing them with the full trip history, email addresses, phone numbers and even location information of people’s home and work address stored on the accounts.

The price for such an account is said to be as low as $1, but it could get to $5, a price that won’t even get you around the block with a taxi. One of the sellers is said to have sold over 100 accounts to other buyers, but a lot more accounts are estimated to have been sold by now.

“We investigated and found no evidence of a breach,” a Uber spokesperson told The Verge. “Attempting to fraudulently access or sell accounts is illegal and we notified the authorities about this report. This is a good opportunity to remind people to use strong and unique usernames and passwords and to avoid reusing the same credentials across multiple sites and services.”

The method used to acquire the accounts is not yet clear, but this comes after Uber disclosed the information about 50,000 of its drivers had been accessed by a third-party in May. The latter might indicate that a security breach might have been found in the company’s system and exploited to get access to user’s account credentials.

However, Uber stated that the breach did not affect user names and suggested that the information leaked to the third-party is unrelated to the stolen user credentials currently selling on the dark web.

Thank you The Verge for providing us with this information

Keep Your Camera Safe – Where is it Likely to be Stolen?

Posted on November 20, 2014 by Chris Smith

There’s an application called Lenstag, it allows for users to register their stolen photographic equipment in aid of the recovery of said items. According to their latest report, the top three places to have your prized possessions stolen include: your car, burglary of your home or theft on public transport.

Lenstag is designed to help people share their stories of stolen equipment around the globe, allowing people to look out for photographic sales on websites like eBay and report their whereabouts. They’ve been recording all of their data since their inception earlier this year and have produced the following pie chart explaining what they’ve discovered. Alongside this information, they’ve also discovered that throughout their 2013 data, the most likely to be stolen items are your Nikon D700, Canon EOS 60D or Canon EOS 7D. The above graph shows that the three main methods of stealing make up for around 60% of the total market – warning users to keep their cameras and accessories out of sight and ouch of reach of prying thieves.

They’ve listed their findings on exactly what country your items are likely to be stolen in and what models have been reported missing throughout each major brand – alongside some alternative accessories like action cameras and laptops used to editing.

So given this information, if you own a Nikon D700 and an Apple MacBook 15.4″, transporting them around constantly it your old automobile without much security, it may be time to invest in a pet German Shepard dog. As you can see above, Lenstag can be downloaded for free across Android and iOS devices – it provides you with a somewhat higher chance of getting your items back, but we urge that you make them as safe as possible in the first place.

Images courtesy of Chiphell and Lifehacker

Driver Of Stolen Model S Becomes First Person To Die In A Tesla

Posted on July 11, 2014 by Chris Hadley

Since its launch in June 2012, the Tesla Model S has been one of Tesla’s top selling cars and with a price tag starting at around $70,000 (or £50,000 here in the UK), it is highly sought after, especially by thieves who want to get their hands on the all-electric car in ways which baffle the mind.

One such person who decided they wanted in on the technical marvel was 26-year-old Joshua Slot who broke into a Tesla service centre in Los Angeles and made off with the high-performance motor. Police were soon on the chase after spotting the vehicle soon after it was taken and gave chase, however their pursuit was short-lived after they themselves were involved in a collision taking them out of the chase. Due to lack of resources at the local police department, the chase was called off as they could not keep up with the vehicle which was reported to be travelling at speeds of nearly 100mph through the L.A. streets.

Slots getaway with his unlawful possession was also short-lived as he eventually collided with three other vehicles, injuring five people in the process of whom fortunately have all walked away from the incident alive and were discharged from hospital on Monday. Not so fortunate was Slot who, after colliding with two poles and splitting the car in half, died on the way to hospital.

As for the car, the front half came to rest in the road, catching fire soon after, whilst the rear section became airborne and crashed into the side of a nearby Jewish community centre. The force was so great that the car ended up wedged in a doorway to the building.

In a statement to Park Labrea News of Beverly Hills, Congregation Kol Ami’s Executive Director Sadie Rose Stern said:

“We were incredibly lucky. Thankfully, we had a large metal gate that took the brunt of the energy. The car wedged itself in. There was a lot of debris, but thankfully, we did not have a car in our sanctuary. There is some exterior damage, and we are in the process of getting quotes [for repairs].”

LAPD are investigating the theft as we speak and no further reports on the incident have been made at this moment in time. With Slot being the first person to be killed in a Tesla, there may be questions made about the cars safety, but let’s be honest, this incident is no fault of Tesla or the Model S, whatever way you look at it. It was simply down to a thief and his horrendous driving.

Source: Park Labrea News of Beverly Hills

Image courtesy: Associated Press

Steam Remove Over 7000 Sniper Elite 3 Keys From User Libraries

Posted on July 1, 2014 by Chris Hadley

Valve have announced that they are revoking the serial keys from some 7000 copies of Sniper Elite 3 after it was discovered that they had been stolen from authorised outlets and resold to unsuspecting Steam users.

Users who have purchased the game through the unauthorised outlets will find that their games will no longer run and they will have to seek a refund for their purchase, but not from Steam themselves. Rebellion have made a list of retailers that are unaffected by the key recall, with users who have had their keys revoked having to purchase another copy of the game either through Steam directly or through an unaffected retailer.

The announcement came after a retailer discovered that a number of their game keys had been stolen, with the money from the illegal sales not going to Valve or the retail distributor.

“To clarify, one of our PC retail distributors informed us that some of their allotted Steam keys were stolen,” the developer writes. “We believe these keys were then resold to multiple companies, with no payments going to either Valve or the retail distributor.”

As a goodwill measure, Steam are offering those users who have been affected a free copy of the “Target Hitler” DLC, with proof of purchase and their key needing to be provided in order to validate their claim, however the whole situation has already resulted in a large number of users venting their anger for something which genuinely was not their fault and understandably so if I might add.

It is not known at this moment in time who stole the keys and Rebellion are not making any statement as to the retail outlets that area affected, but we can probably guess that Steam may look into their security and key validation methods to prevent situations like this happening again.

Source: Joystiq

Yahoo! Mail Suffers Unknown Number Of Stolen Email Accounts And Passwords

Posted on January 31, 2014 by Gabriel Roşu

Since the massive Yahoo! ad-malware problem was not enough, apparently Yahoo! Mail got hit ‘big time’ recently, leading to an unknown number of Yahoo mail user account names and passwords stolen.

Yahoo mail users seem to be the most recent victim of mass data theft. Yahoo, in a security update posted today, claims to have “identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts.” This really does not come as a surprise, but a question to Yahoo!’s credibility. First malware attacks, now this? Yahoo! might be standing in the same boat as Google with all their late ‘misfortunes’.

The company took action on behalf of its users, prompting them to reset passwords on the breached accounts. So far, Yahoo’s investigation the list of usernames and passwords uses in the attack were harvested from a third-party with access to Yahoo credentials. The company believes that “the information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”

Up until now, Yahoo! has not released any comments or an estimated number of affected accounts implicated in the attack. Federal law enforcement has been notified of the attack, and Yahoo has “implemented additional measures to block attacks against Yahoo’s systems.”

Thank you Electronista for providing us with this information

Truck Carrying 22,500 LG G2 Smartphones Stolen

Posted on October 27, 2013 by Peter Donnell

The brand new, soon to be released G2 is set to be the new flagship handset for LG, but 22,500 have just gone missing in a robbery that saw a truck load of them stolen in Louisville, Kentucky.

According a recent report on CNET the handsets were being distributed to Sprint stores in time for the handsets launch some time next month, although it is expected this latest turn of events may delay the launch a little.

The driver left his truck for a bathroom break and upon returning noticed that his truck was gone, and the $14 million worth of smartphones that were in the back had gone with it.

Chances are the phones are a long way from Kentucky by now, just be cautious of anyone trying to sell the handsets.

Thank you CNET for providing us with this information.

Image courtesy of Geeky-Gadgets.

2.9 Million Customers’ Account Data Stole From Adobe’s Database

Posted on October 4, 2013 by Gabriel Roşu

Chief Security Officer for Adobe, Brad Arkin, has revealed that hackers have stolen data relating to 2.9 million customers, including IDs, names, encrypted passwords and credit card data and more. They also stole Adobe product source code. The security team at Adobe discovered what they are calling a “sophisticated attack on their network”, which involved not only the customer data but also access to the source code for numerous Adobe products.

Adobe officials have responded with the following statements:

“Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.”

“We are also investigating the illegal access to source code of numerous Adobe products. Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident.”

They have also mentioned that a full reset of all passwords for the affected customers will be made, along with sending out e-mail notifications to them. They are also contacting customers whose credit or debit card information has been compromised. They are additionally notifying the banks that process customer payments for Adobe, and have contacted federal law enforcement and will be assisting in the investigation.

Thank you NextPowerUp for providing us with this information.

Image Courtesy of Adobe Ltd.

NYPD Police Officer Steals Pornographic Images From Arrestee

Posted on July 23, 2013 by Shane Blume

The New York Daily News recently reported on a case about a woman who possibly had her privacy invaded by an officer of the New York Police Department.

We are living in a digital age. An age where we are able to have and use many different electronics to communicate with others, as well as keep track of our day to day life, many of these electronics are all-in-one units. Pamela Held a 27 year old woman, is set to sue the New York Police Department because an officer, Sean Christian, allegedly forwarded explicit images and videos of Held, to himself. The digital content was stored on Held’s cellular phone. Held is claiming that the officer invaded her privacy by forwarding the content. Her lawyer, Richard J. Soleymanzadeh, has said that the phone the content was sent to is the officer’s personal cell phone.

On 6 February 2013, Held and her friend were pulled over by a police van because there was not an inspection sticker on the vehicle. When held was pulled over the police found prescription drugs and marijuana in the vehicle, then arrested Held and her friend for possession. At the station-house the police questioned Held about where she had been that night, she explained that she was visiting a friend and that she could prove it by providing them with text messages. Held gave an officer the passcode for her cell phone and pointed out the messages. The officer left the room with her phone while she was processed for the drug charges.

Three hours later Held’s phone was returned to her as well as a desk appearance ticket, which is an order to appear in Criminal Court for arraignment. Later that evening was looking over her phone and noticed that a text message was sent with photos and videos of her attached to it. There were a total of 20 explicit photographs, and five videos of her that were forwarded from her cell phone. Held contacted her lawyer, who had his private investigator trace the number, which lead to Christian’s phone.

Christian has been an officer for 10 years, and has denied forwarding the photos and videos, he also claims that he has never met held or worked at the 104th Precinct. Police sources have confirmed that Christian is assigned to the 104 Precinct in Ridgewood, Queens, and that he is currently being investigated by Internal Affairs because of the complaint by Held. Internal Affairs detectives worked with Held to secretly record a call to Christian in which he chatted with Held, even flirting with her for 50 minutes.

The case about the drugs against Held and her friend have been adjourned with the contemplation of dismissal.

Image from Axeman627’s PhotoBucket

eTeknix

Delivering the very best technology content for the US, and the world!

Tag Archives: Stolen