PoS Malware Steals Credit Card Numbers via DNS RequestsCatalin Cimpanu, SoftpediaThe NewPoSThings malware appeared many years ago, and for a long time it didn't stand out in the crowd of other PoS malware families. ....Kamis, 26 May 2016
Panda Banker: New Banking Trojan Hits the MarketAxel F, Threat Insight blog (ProofPoint)The Zeus banking Trojan has made the rounds in various incarnations since 2007, allowing threat actors to steal hundreds of millions of dollars and install a variety of additional malware on vulnerable PCs. ....Kamis, 26 May 2016
Target="_blank" - the most underestimated vulnerability everJitBit Founders BlogPeople using target='_blank' links usually have no idea about this curious fact: ....Selasa, 24 May 2016
Australian Craig Wright Says He Created BitcoinAFP via Security WeekAustralian entrepreneur Craig Wright on Monday identified himself as the creator of Bitcoin following years of speculation about who invented the pioneering digital currency.Selasa, 24 May 2016
All About Fraud: How Crooks Get the CVVBrian Krebs, KrebsOnSecurityA longtime reader recently asked: “How do online fraudsters get the 3-digit card verification value (CVV or CVV2) code printed on the back of customer cards if merchants are forbidden from storing this information? The answer: If not via phishing, probably by installing a Web-based keylogger at an online merchant so that all data that customers submit to the site is copied and sent to the attacker’s server.Selasa, 24 May 2016
After Tax Fraud Spike, Payroll Firm Greenshades Ditches SSN/DOB LoginsBrian Krebs, Krebs On SecurityUntil very recently, the company allowed corporate payroll administrators to access employee payroll data online using nothing more than an employee’s date of birth and Social Security number. That is, until criminals discovered this and began mass-filing fraudulent tax refund requests with the IRS on large swaths of employees at firms that use the company’s servicesSelasa, 24 May 2016
0day alert: Be ready to update Adobe Flash Player tomorrowZeljka Zorz, HelpNetSecurityOn Tuesday, Adobe has pushed out security updates for Cold Fusion and Adobe Acrobat and Reader, but has also announced an update for Flash Player that should be released on Thursday and will fix a zero-day flaw (CVE-2016-4117) that’s being actively exploited in attacks in the wild.Selasa, 24 May 2016
Phineas Fisher's Account of How He Broke Into Hacking Team ServersCatalin Cimpanu, SoftpediaAlmost a year after carrying out his attacks, the hacker behind the Hacking Team data breach has published a step-by-step explainer on how he breached the company's servers and stole all their data. ...Senin, 23 May 2016
Philippine central bank says foiled attempts to hack its websiteKaren Lema, ReutersThe Philippine central bank has foiled attempts to hack its website, its governor said on Thursday amid a warning from global financial network SWIFT about recent multiple cyber fraud incidents targeting its system. ...Senin, 23 May 2016
New application level attack bodes ill for hybrid DDoS protectionZeljka Zorz, HelpNetSecurityImperva has recently witnessed a new type of DDoS attack they believe might become a go-to for cyber criminals looking to take sites and services down.Senin, 23 May 2016
Disclaimer | Copyright © 2013 - Id-SIRTII/CC
Id-SIRTII/CC - Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center
Menara Ravindo Lt. 17, Jl. Kebon Sirih No. 75 Jakarta Pusat, 10340, Indonesia
Member of: